aboutsummaryrefslogtreecommitdiff
path: root/modules/authmodule-eIDAS-v2/src/test
diff options
context:
space:
mode:
Diffstat (limited to 'modules/authmodule-eIDAS-v2/src/test')
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java131
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java284
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ErnpRestClientProductionTest.java486
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ErnpRestClientTest.java1085
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/SzrClientProductionTest.java140
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/SzrClientTest.java (renamed from modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java)253
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ZmrAddressSearchClientProductionTest.java169
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ZmrClientProductionTest.java478
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ZmrClientTest.java1242
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/config/EidasConnectorMessageSourceTest.java43
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummyAuthConfigMap.java144
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummyOA.java304
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummyPendingRequest.java8
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/IAhSpConfiguration.java152
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/handler/DeSpecificDetailSearchProcessorTest.java105
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/handler/ItSpecificDetailSearchProcessorTes.java84
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaAuthSignalControllerTest.java197
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaClientAuthHealthCheckTest.java130
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaClientAuthMetadataControllerTest.java136
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaClientAuthMetadataProviderFirstTest.java239
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaClientAuthMetadataProviderSecondTest.java66
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaClientCredentialProviderTest.java414
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/AlternativeSearchTaskWithRegisterTest.java1042
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java429
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java350
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateNewErnpEntryTaskTest.java198
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAustrianResidenceGuiTaskTest.java172
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateMobilePhoneSignatureRequestTaskTest.java282
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateOtherLoginMethodGuiTaskTest.java293
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskTest.java939
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskWithRegistersTest.java683
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAustrianResidenceGuiResponseTaskRegisterTest.java339
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAustrianResidenceGuiResponseTaskTest.java320
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAuthnResponseTaskTest.java254
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java69
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveMobilePhoneSignatureResponseTaskTest.java502
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveOtherLoginMethodGuiResponseTaskTest.java154
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/utils/JoseUtilsTest.java55
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasAttributePostProcessingTest.java47
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java7
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java2
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java221
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_lazy.xml24
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml3
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_ccSearchProcessor_test.xml17
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_tasks_test.xml37
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1.properties57
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1_springboot.properties143
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_2.properties7
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_3.properties7
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_4.properties7
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_de_attributes.properties7
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/config/keys/junit_test.jksbin0 -> 8410 bytes
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/config/keys/teststore.jksbin0 -> 2028 bytes
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/Response_with_EID.xml52
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/Response_with_EID_deprecated_bpk_encoding.xml52
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/Response_with_wrong_destination_endpoint.xml56
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/Response_without_sig_classpath_entityid.xml50
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/Response_without_sig_with_error.xml46
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/Response_without_sig_with_error_empty_subcode.xml46
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/Response_without_sig_with_error_userstop.xml46
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/Response_without_sig_with_error_without_subcode.xml45
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_add_req.json30
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_add_resp.json60
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_kitt_search_latest_req.json19
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_kitt_search_latest_resp.json62
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_kitt_update_req.json17
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_kitt_update_resp.json60
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_search_with_personalId_req.json20
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_search_with_personalId_resp.json62
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/2_add_req.json30
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/2_add_resp.json60
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/2_kitt_search_latest_req.json19
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/2_kitt_search_latest_resp.json62
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/2_kitt_update_req.json14
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/2_kitt_update_resp.json69
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/2_search_with_cc_specific_req.json30
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/2_search_with_cc_specific_resp.json62
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/3_search_with_mds_req.json18
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/3_search_with_mds_resp.json44
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/4_search_with_mds_multi_resp.json84
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/4_search_with_mds_req.json18
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/ernp_empty_resp.json1
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/ernp_handbook_example.json85
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/error_resp.json12
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/idp_metadata_classpath_entity.xml146
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/idp_metadata_no_sig.xml46
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/idp_metadata_no_sig2.xml46
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/idp_metadata_sig_notvalid.xml84
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/idp_metadata_sig_valid_wrong_alg.xml74
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/pvp_postbinding_template.html3
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/sp_metadata_junit.xml66
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/empty_zmr_result.xml39
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/no_bpk_zp.xml290
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/search_with_personalId_only_resp.xml290
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/search_with_personalId_only_resp_historicIncluded.xml389
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/search_with_personalId_only_resp_moreThanOne.xml488
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/search_with_personalId_only_resp_moreThanOne_2.xml465
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_1-2_search_with_mds_resp.xml181
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_1-4_kitt_get_latest_version_resp.xml185
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_1-6_kitt_update_resp.xml146
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_1-8_search_with_personalId_only_resp.xml336
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_1-8_search_with_personalId_only_resp_no_additional_attributes.xml221
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_3-10_kitt_update_resp.xml123
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_3-4_kitt_get_latest_version_resp.xml208
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_3-6_kitt_update_resp.xml123
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_3-8_kitt_get_latest_version_resp.xml300
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/keystore/junit_test.jksbin0 -> 8410 bytes
-rw-r--r--modules/authmodule-eIDAS-v2/src/test/resources/keystore/pvp.p12bin0 -> 5494 bytes
109 files changed, 17457 insertions, 1080 deletions
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java
index 0d9d4fb8..4d4ac47d 100644
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java
@@ -14,7 +14,6 @@ import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
-import org.powermock.core.classloader.annotations.PrepareForTest;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
@@ -47,12 +46,10 @@ import eu.eidas.auth.commons.tx.BinaryLightToken;
import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
@RunWith(SpringJUnit4ClassRunner.class)
-@PrepareForTest(CreateIdentityLinkTask.class)
@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)
@ContextConfiguration(locations = {
"/SpringTest-context_tasks_test.xml",
"/SpringTest-context_basic_mapConfig.xml"})
-@EnableWebMvc
public class EidasSignalServletTest {
@Autowired private MsConnectorDummyConfigMap basicConfig;
@@ -61,14 +58,14 @@ public class EidasSignalServletTest {
@Autowired private ITransactionStorage transStore;
@Autowired private DummyProtocolAuthService protAuthService;
@Autowired private DummySpecificCommunicationService connector;
-
-
+
+
private MockHttpServletRequest httpReq;
private MockHttpServletResponse httpResp;
private TestRequestImpl pendingReq;
private MsConnectorDummySpConfiguration oaParam;
-
-
+
+
/**
* jUnit test set-up.
*/
@@ -78,7 +75,7 @@ public class EidasSignalServletTest {
httpResp = new MockHttpServletResponse();
RequestContextHolder.resetRequestAttributes();
RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
-
+
final Map<String, String> spConfig = new HashMap<>();
spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
@@ -92,51 +89,51 @@ public class EidasSignalServletTest {
pendingReq.setAuthUrl("http://test.com/");
pendingReq.setTransactionId("avaasbav");
pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10));
-
+
connector.setiLightResponse(null);
-
-
+
+
}
-
+
@Test
public void noResponsToken() throws IOException, EaafException {
//set-up
-
+
//execute test
controller.restoreEidasAuthProcess(httpReq, httpResp);
-
+
//validate state
Assert.assertNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE));
Assert.assertNotNull("missing error", protAuthService.getException());
- Assert.assertEquals("Wrong errorId", "auth.26",
+ Assert.assertEquals("Wrong errorId", "auth.26",
((EaafException) protAuthService.getException()).getErrorId());
-
+
}
-
+
@Test
public void unknownResponseToken() throws IOException, EaafException {
//set-up
- httpReq.setParameter(EidasParameterKeys.TOKEN.toString(),
+ httpReq.setParameter(EidasParameterKeys.TOKEN.toString(),
RandomStringUtils.randomAlphanumeric(10));
-
+
//execute test
controller.restoreEidasAuthProcess(httpReq, httpResp);
-
+
//validate state
Assert.assertNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE));
Assert.assertNotNull("missing error", protAuthService.getException());
- Assert.assertEquals("Wrong errorId", "auth.26",
+ Assert.assertEquals("Wrong errorId", "auth.26",
((EaafException) protAuthService.getException()).getErrorId());
-
+
}
-
+
@Test
public void withRelayState() throws IOException, EaafException, SpecificCommunicationException {
- //set-up
- String relayState = RandomStringUtils.randomAlphanumeric(10);
+ //set-up
+ String relayState = RandomStringUtils.randomAlphanumeric(10);
pendingReq.setPendingReqId(relayState);
storage.storePendingRequest(pendingReq);
-
+
Builder iLightResponse = new AuthenticationResponse.Builder();
iLightResponse.id("_".concat(Random.nextHexRandom16()))
.issuer(RandomStringUtils.randomAlphabetic(10))
@@ -145,37 +142,37 @@ public class EidasSignalServletTest {
.inResponseTo("_".concat(Random.nextHexRandom16()))
.subjectNameIdFormat("afaf")
.relayState(relayState);
-
+
AuthenticationResponse eidasResp = iLightResponse.build();
- BinaryLightToken token = connector.putResponse(eidasResp);
- httpReq.setParameter(EidasParameterKeys.TOKEN.toString(),
+ BinaryLightToken token = connector.putResponse(eidasResp);
+ httpReq.setParameter(EidasParameterKeys.TOKEN.toString(),
Base64.getEncoder().encodeToString(token.getTokenBytes()));
-
+
//execute test
controller.restoreEidasAuthProcess(httpReq, httpResp);
-
-
+
+
//validate state
Assert.assertNotNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE));
- Assert.assertEquals("wrong eIDAS response", eidasResp,
+ Assert.assertEquals("wrong eIDAS response", eidasResp,
httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE));
-
- Assert.assertNotNull("missing error", protAuthService.getException());
- Assert.assertEquals("Wrong errorId", "PendingRequest object is not of type 'RequestImpl.class'",
+
+ Assert.assertNotNull("missing error", protAuthService.getException());
+ Assert.assertEquals("Wrong errorId", "PendingRequest object is not of type 'RequestImpl.class'",
((EaafException) protAuthService.getException()).getErrorId());
-
+
}
-
+
@Test
public void withOutRelayStateMissingPendingReq() throws IOException, EaafException, SpecificCommunicationException {
- //set-up
- String pendingReqId = RandomStringUtils.randomAlphanumeric(10);
+ //set-up
+ String pendingReqId = RandomStringUtils.randomAlphanumeric(10);
pendingReq.setPendingReqId(pendingReqId);
storage.storePendingRequest(pendingReq);
-
+
String inResponseTo = "_".concat(Random.nextHexRandom16());
-
+
Builder iLightResponse = new AuthenticationResponse.Builder();
iLightResponse.id("_".concat(Random.nextHexRandom16()))
.issuer(RandomStringUtils.randomAlphabetic(10))
@@ -183,35 +180,35 @@ public class EidasSignalServletTest {
.statusCode(Constants.SUCCESS_URI)
.inResponseTo(inResponseTo)
.subjectNameIdFormat("afaf");
-
+
AuthenticationResponse eidasResp = iLightResponse.build();
- BinaryLightToken token = connector.putResponse(eidasResp);
- httpReq.setParameter(EidasParameterKeys.TOKEN.toString(),
+ BinaryLightToken token = connector.putResponse(eidasResp);
+ httpReq.setParameter(EidasParameterKeys.TOKEN.toString(),
Base64.getEncoder().encodeToString(token.getTokenBytes()));
-
+
//execute test
controller.restoreEidasAuthProcess(httpReq, httpResp);
-
-
+
+
//validate state
Assert.assertNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE));
Assert.assertNotNull("missing error", protAuthService.getException());
- Assert.assertEquals("Wrong errorId", "auth.26",
+ Assert.assertEquals("Wrong errorId", "auth.26",
((EaafException) protAuthService.getException()).getErrorId());
-
+
}
-
+
@Test
public void withInResponseToElement() throws IOException, EaafException, SpecificCommunicationException {
- //set-up
- String pendingReqId = RandomStringUtils.randomAlphanumeric(10);
+ //set-up
+ String pendingReqId = RandomStringUtils.randomAlphanumeric(10);
pendingReq.setPendingReqId(pendingReqId);
storage.storePendingRequest(pendingReq);
-
+
String inResponseTo = "_".concat(Random.nextHexRandom16());
transStore.put(inResponseTo, pendingReqId, -1);
-
+
Builder iLightResponse = new AuthenticationResponse.Builder();
iLightResponse.id("_".concat(Random.nextHexRandom16()))
.issuer(RandomStringUtils.randomAlphabetic(10))
@@ -219,26 +216,26 @@ public class EidasSignalServletTest {
.statusCode(Constants.SUCCESS_URI)
.inResponseTo(inResponseTo)
.subjectNameIdFormat("afaf");
-
+
AuthenticationResponse eidasResp = iLightResponse.build();
- BinaryLightToken token = connector.putResponse(eidasResp);
- httpReq.setParameter(EidasParameterKeys.TOKEN.toString(),
+ BinaryLightToken token = connector.putResponse(eidasResp);
+ httpReq.setParameter(EidasParameterKeys.TOKEN.toString(),
Base64.getEncoder().encodeToString(token.getTokenBytes()));
-
+
//execute test
controller.restoreEidasAuthProcess(httpReq, httpResp);
-
-
+
+
//validate state
Assert.assertNotNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE));
- Assert.assertEquals("wrong eIDAS response", eidasResp,
+ Assert.assertEquals("wrong eIDAS response", eidasResp,
httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE));
-
- Assert.assertNotNull("missing error", protAuthService.getException());
- Assert.assertEquals("Wrong errorId", "PendingRequest object is not of type 'RequestImpl.class'",
+
+ Assert.assertNotNull("missing error", protAuthService.getException());
+ Assert.assertEquals("Wrong errorId", "PendingRequest object is not of type 'RequestImpl.class'",
((EaafException) protAuthService.getException()).getErrorId());
-
+
}
-
+
}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java
deleted file mode 100644
index 5b8bd8fd..00000000
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java
+++ /dev/null
@@ -1,284 +0,0 @@
-/*
- * Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
-*/
-
-package at.asitplus.eidas.specific.modules.auth.eidas.v2.test;
-
-import java.io.IOException;
-import java.security.InvalidKeyException;
-import java.security.MessageDigest;
-import java.security.NoSuchProviderException;
-import java.util.List;
-
-import org.apache.commons.lang3.RandomStringUtils;
-import org.apache.commons.lang3.StringUtils;
-import org.bouncycastle.util.encoders.Base64;
-import org.joda.time.DateTime;
-import org.junit.Assert;
-import org.junit.Ignore;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.test.annotation.IfProfileValue;
-import org.springframework.test.context.ContextConfiguration;
-import org.springframework.test.context.TestPropertySource;
-import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
-import org.springframework.util.Base64Utils;
-import org.w3c.dom.Element;
-
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.szr.SzrClient;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils;
-import at.gv.e_government.reference.namespace.persondata._20020228.IdentificationType;
-import at.gv.e_government.reference.namespace.persondata._20020228.PersonNameType;
-import at.gv.e_government.reference.namespace.persondata._20020228.PhysicalPersonType;
-import at.gv.egiz.eaaf.core.api.data.EaafConstants;
-import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
-import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
-import at.gv.egiz.eaaf.core.exceptions.EaafBuilderException;
-import at.gv.egiz.eaaf.core.exceptions.EaafParserException;
-import at.gv.egiz.eaaf.core.impl.builder.BpkBuilder;
-import at.gv.egiz.eaaf.core.impl.data.Pair;
-import at.gv.egiz.eaaf.core.impl.data.Triple;
-import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser;
-import szrservices.IdentityLinkType;
-import szrservices.PersonInfoType;
-import szrservices.SZRException_Exception;
-import szrservices.TravelDocumentType;
-
-
-@IfProfileValue(name = "spring.profiles.active", value = "devEnvironment")
-@RunWith(SpringJUnit4ClassRunner.class)
-@ContextConfiguration(locations = {
- "/SpringTest-context_tasks_test.xml",
- "/SpringTest-context_basic_realConfig.xml"})
-@TestPropertySource(locations = {
- //"classpath:/application.properties",
- "file:/home/tlenz/Projekte/config/ms_connector/default_config.properties",
- })
-public class SzrClientTestProduction {
- private static final Logger log = LoggerFactory.getLogger(SzrClientTestProduction.class);
-
- @Autowired
- SzrClient szrClient;
- @Autowired
- IConfiguration basicConfig;
-
- private static final String givenName = "Franz";
- private static final String familyName = "Mustermann";
- // private static final String dateOfBirth = "1989-05-05";
- private static final String dateOfBirth = "1989-05-04";
- private static final String eIDASeID = "IS/AT/1234ffgsdfg56789ABCDEF";
-
- private static final String DUMMY_TARGET = EaafConstants.URN_PREFIX_CDID + "ZP";
-
- @Test
- public void dummyTest() {
-
- }
-
- @Test
- public void getVsz() throws SzrCommunicationException, EidasSAuthenticationException {
- String vsz = szrClient.getEncryptedStammzahl(getPersonInfo());
- Assert.assertNotNull("vsz", vsz);
-
- }
-
- @Test
- public void getVszRandom() throws SzrCommunicationException, EidasSAuthenticationException, EaafBuilderException {
-
- final String givenName = "Franz";
- final String familyName = RandomStringUtils.randomAlphabetic(10);
- final String dateOfBirth = "1989-05-04";
- final String eIDASeID = "IS/AT/" + RandomStringUtils.randomAlphanumeric(20);
-
- IdentityLinkType idl = szrClient.getIdentityLinkInRawMode(getPersonInfo(familyName, givenName, dateOfBirth, eIDASeID));
-
- PersonInfoType vszPerson = getPersonInfo(
- idl.getPersonInfo().getPerson().getName().getFamilyName(),
- idl.getPersonInfo().getPerson().getName().getGivenName(),
- idl.getPersonInfo().getPerson().getDateOfBirth(),
- null);
-
- final Pair<String, String> bpkCalc =
- BpkBuilder.generateAreaSpecificPersonIdentifier(
- idl.getPersonInfo().getPerson().getIdentification().getValue(),
- idl.getPersonInfo().getPerson().getIdentification().getType(),
- EaafConstants.URN_PREFIX_CDID + "ZP");
-
- IdentificationType vszId = new IdentificationType();
- vszPerson.getPerson().setIdentification(vszId);
- vszId.setValue(bpkCalc.getFirst());
- vszId.setType(bpkCalc.getSecond());
-
- String vsz = szrClient.getEncryptedStammzahl(vszPerson);
- Assert.assertNotNull("vsz", vsz);
-
- }
-
- @Test
- public void getEidasBind() throws SzrCommunicationException, EidasSAuthenticationException {
- String vsz = RandomStringUtils.randomAlphanumeric(10);
- String bindingPubKey = Base64.toBase64String(RandomStringUtils.random(20).getBytes());
- String eidStatus = "urn:eidgvat:eid.status.eidas";
- ErnbEidData eidData = new ErnbEidData();
- eidData.setFamilyName(familyName);
- eidData.setGivenName(givenName);
- eidData.setDateOfBirth(new DateTime());
- eidData.setCitizenCountryCode("IS");
- eidData.setPseudonym("1234sdgsdfg56789ABCDEF");
-
-
- String eidasBind = szrClient.getEidsaBind(vsz, bindingPubKey, eidStatus, eidData);
-
- Assert.assertNotNull("eidasBind", eidasBind);
-
- }
-
-
- @Test
- public void getIdentityLinkRawMode() throws SZRException_Exception, EaafParserException,
- NoSuchProviderException, IOException, InvalidKeyException, EidasSAuthenticationException {
- log.debug("Starting connecting SZR Gateway");
- final IdentityLinkType result = szrClient.getIdentityLinkInRawMode(
- getPersonInfo());
-
- final Element idlFromSzr = (Element) result.getAssertion();
- final IIdentityLink identityLink = new SimpleIdentityLinkAssertionParser(idlFromSzr).parseIdentityLink();
-
- if (identityLink == null) {
- throw new SzrCommunicationException("ernb.00", new Object[] { "NO IDL object" });
- }
-
- System.out.println(identityLink.getSerializedSamlAssertion());
-
- if (StringUtils.isEmpty(identityLink.getFamilyName())) {
- throw new SzrCommunicationException("ernb.00", new Object[] { "NO FamilyName from IDL" });
- }
-
- if (StringUtils.isEmpty(identityLink.getGivenName())) {
- throw new SzrCommunicationException("ernb.00", new Object[] { "NO GivenName from IDL" });
- }
-
- if (StringUtils.isEmpty(identityLink.getDateOfBirth())) {
- throw new SzrCommunicationException("ernb.00", new Object[] { "NO DateOfBirthName from IDL" });
- }
-
- if (StringUtils.isEmpty(identityLink.getIdentificationType())) {
- throw new SzrCommunicationException("ernb.00", new Object[] { "NO baseIdType from IDL" });
- }
-
- if (StringUtils.isEmpty(identityLink.getIdentificationValue())) {
- throw new SzrCommunicationException("ernb.00", new Object[] { "NO baseId from IDL" });
- }
-
- if (StringUtils.isEmpty(identityLink.getSerializedSamlAssertion())) {
- throw new SzrCommunicationException("ernb.00", new Object[] { "NO serialized IDL" });
- }
-
- if (identityLink.getSamlAssertion() == null) {
- throw new SzrCommunicationException("ernb.00", new Object[] { "NO raw IDL" });
- }
-
- }
-
-
- @Ignore
- @Test
- public void getBpkTest() throws SZRException_Exception, EidasSAuthenticationException {
- final List<String> bPK = szrClient.getBpk(getPersonInfo(), DUMMY_TARGET,
- basicConfig.getBasicConfiguration(
- Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_VKZ,
- "no VKZ defined"));
-
- if (bPK.isEmpty()) {
- throw new SzrCommunicationException("ernb.01", new Object[]{"bPK list is empty"});
- }
- for (String b : bPK) {
- if (StringUtils.isEmpty(b)) {
- throw new SzrCommunicationException("ernb.01", new Object[]{"bPK is null or empty"});
- }
- }
-
- }
-
- private String createHashFromUniqueId(String uniqueId) throws EidasSAuthenticationException {
- try {
- final MessageDigest md = MessageDigest.getInstance("SHA-256");
- final byte[] hash = md.digest(uniqueId.getBytes("UTF-8"));
- final String hashBase64 = new String(Base64Utils.encode(hash), "UTF-8").replaceAll("\r\n", "");
- return hashBase64;
-
- } catch (final Exception ex) {
- throw new EidasSAuthenticationException("internal.03", new Object[] {}, ex);
-
- }
- }
-
- private PersonInfoType getPersonInfo() throws EidasSAuthenticationException {
- return getPersonInfo(familyName, givenName, dateOfBirth, eIDASeID);
-
- }
-
- private PersonInfoType getPersonInfo(String familyName, String givenName, String dateOfBirth, String eIDASeID)
- throws EidasSAuthenticationException {
- final PersonInfoType personInfo = new PersonInfoType();
- final PersonNameType personName = new PersonNameType();
- final PhysicalPersonType naturalPerson = new PhysicalPersonType();
- final TravelDocumentType eDocument = new TravelDocumentType();
-
- naturalPerson.setName(personName);
- personInfo.setPerson(naturalPerson);
-
- // person information
- personName.setFamilyName(familyName);
- personName.setGivenName(givenName);
- naturalPerson.setDateOfBirth(dateOfBirth);
-
- // parse some eID attributes
- if (eIDASeID != null) {
- final Triple<String, String, String> eIdentifier =
- EidasResponseUtils.parseEidasPersonalIdentifier(eIDASeID);
- final String uniqueId = createHashFromUniqueId(eIdentifier.getThird());
- final String citizenCountry = eIdentifier.getFirst();
-
- eDocument.setIssuingCountry(citizenCountry);
- eDocument.setDocumentNumber(uniqueId);
-
- // eID document information
- eDocument.setDocumentType(basicConfig.getBasicConfiguration(
- Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_EDOCUMENTTYPE,
- Constants.SZR_CONSTANTS_DEFAULT_DOCUMENT_TYPE));
-
- personInfo.setTravelDocument(eDocument);
-
- }
-
- return personInfo;
-
- }
-}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ErnpRestClientProductionTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ErnpRestClientProductionTest.java
new file mode 100644
index 00000000..59cf4520
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ErnpRestClientProductionTest.java
@@ -0,0 +1,486 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.clients;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertThrows;
+import static org.junit.Assert.assertTrue;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.junit.Ignore;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.annotation.IfProfileValue;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.TestPropertySource;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.ernp.ErnpRestClient.ErnpRegisterResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.ernp.IErnpClient;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.DeSpecificDetailSearchProcessor;
+import at.gv.bmi.namespace.zmr_su.zmr._20040201.PersonSuchenRequest;
+import lombok.SneakyThrows;
+
+@IfProfileValue(name = "spring.profiles.active", value = "devEnvironment")
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_realConfig.xml"})
+@TestPropertySource(locations = {
+ //"classpath:/application.properties",
+ "file:/home/tlenz/Projekte/config/ms_connector/default_config.properties",
+ })
+public class ErnpRestClientProductionTest {
+
+ //private static final String TEST_PREFIX = "XXX_";
+ private static final String TEST_PREFIX = "";
+
+ @Autowired IErnpClient client;
+
+ @Test
+ @SneakyThrows
+ public void searchWithPersonalIdentifierServerError() {
+ String personalIdentifierFirst = "7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit";
+ personalIdentifierFirst = "";
+ final String cc = "DE";
+ final SimpleEidasData eidasDataFirst = SimpleEidasData.builder()
+ .citizenCountryCode(cc)
+ .familyName("XXXvon Brandenburg")
+ .givenName("XXXClaus - Maria")
+ .dateOfBirth("1994-12-00")
+ .personalIdentifier(cc + "/AT/" + personalIdentifierFirst)
+ .pseudonym(personalIdentifierFirst)
+ .build();
+
+ // execute operation
+ EidasSAuthenticationException error = assertThrows("wrong Exception", EidasSAuthenticationException.class,
+ () -> client.searchWithPersonIdentifier(
+ eidasDataFirst.getPseudonym(), eidasDataFirst.getCitizenCountryCode()));
+
+ assertEquals("wrong errorCode", "module.eidasauth.matching.11", error.getErrorId());
+
+ }
+
+ @Ignore
+ @Test
+ @SneakyThrows
+ public void searchWithPersonalIdentifierSuccess() {
+ final String personalIdentifierFirst = "7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit";
+ final String cc = "CZ";
+ final SimpleEidasData eidasDataFirst = SimpleEidasData.builder()
+ .citizenCountryCode(cc)
+ .familyName("DOPISNÍ")
+ .givenName("DANA")
+ .dateOfBirth("1996-01-01")
+ .personalIdentifier(cc + "/AT/" + personalIdentifierFirst)
+ .pseudonym(personalIdentifierFirst)
+ .build();
+
+ // execute operation
+ ErnpRegisterResult resp = client.searchWithPersonIdentifier(
+ eidasDataFirst.getPseudonym(), eidasDataFirst.getCitizenCountryCode());
+
+ // validate state
+ assertNotNull("no ERnP response", resp);
+ assertEquals("wrong resp size", 1, resp.getPersonResult().size());
+ checkErnpResult(resp.getPersonResult().get(0), eidasDataFirst, 1);
+ assertEquals("wrong bpk", "vypyCkyczK7i+cgPWlJasuJphIA=",
+ resp.getPersonResult().get(0).getBpk());
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void searchWithPersonalIdentifierNoResult() {
+ final String personalIdentifierFirst = RandomStringUtils.randomAlphanumeric(10);
+ final String cc = "CZ";
+ final SimpleEidasData eidasDataFirst = SimpleEidasData.builder()
+ .citizenCountryCode(cc)
+ .familyName("DOPISNÍ")
+ .givenName("DANA")
+ .dateOfBirth("1996-01-01")
+ .personalIdentifier(cc + "/AT/" + personalIdentifierFirst)
+ .pseudonym(personalIdentifierFirst)
+ .build();
+
+ // execute operation
+ ErnpRegisterResult resp = client.searchWithPersonIdentifier(
+ eidasDataFirst.getPseudonym(), eidasDataFirst.getCitizenCountryCode());
+
+ // validate state
+ assertNotNull("no ERnP response", resp);
+ assertEquals("wrong resp size", 0, resp.getPersonResult().size());
+
+ }
+
+ @Ignore
+ @Test
+ @SneakyThrows
+ public void searchWithMdsSuccess() {
+ final String personalIdentifierFirst = "7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit";
+ final String cc = "CZ";
+ final SimpleEidasData eidasDataFirst = SimpleEidasData.builder()
+ .citizenCountryCode(cc)
+ .familyName("DOPISNÍ")
+ .givenName("DANA")
+ .dateOfBirth("1996-01-01")
+ .personalIdentifier(cc + "/AT/" + personalIdentifierFirst)
+ .pseudonym(personalIdentifierFirst)
+ .build();
+
+ // execute operation
+ ErnpRegisterResult resp = client.searchWithMds(eidasDataFirst.getGivenName(), eidasDataFirst.getFamilyName(),
+ eidasDataFirst.getDateOfBirth(), eidasDataFirst.getCitizenCountryCode());
+
+ // validate state
+ assertNotNull("no ERnP response", resp);
+ assertEquals("wrong resp size", 1, resp.getPersonResult().size());
+ checkErnpResult(resp.getPersonResult().get(0), eidasDataFirst, 1);
+ assertEquals("wrong bpk", "vypyCkyczK7i+cgPWlJasuJphIA=",
+ resp.getPersonResult().get(0).getBpk());
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void searchWithMdsNoResult() {
+ final String personalIdentifierFirst = RandomStringUtils.randomAlphanumeric(10);
+ final String cc = "CZ";
+ final SimpleEidasData eidasDataFirst = SimpleEidasData.builder()
+ .citizenCountryCode(cc)
+ .familyName(RandomStringUtils.randomAlphanumeric(10))
+ .givenName(RandomStringUtils.randomAlphanumeric(10))
+ .dateOfBirth("1996-10-15")
+ .personalIdentifier(cc + "/AT/" + personalIdentifierFirst)
+ .pseudonym(personalIdentifierFirst)
+ .build();
+
+ // execute operation
+ ErnpRegisterResult resp = client.searchWithMds(eidasDataFirst.getGivenName(), eidasDataFirst.getFamilyName(),
+ eidasDataFirst.getDateOfBirth(), eidasDataFirst.getCitizenCountryCode());
+
+ // validate state
+ assertNotNull("no ERnP response", resp);
+ assertEquals("wrong resp size", 0, resp.getPersonResult().size());
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void addTwiceSameMdsAndMdsSearch() {
+ // *** add new random first person ***
+ final String addFirstPersonPersonalIdentifier = RandomStringUtils.randomAlphanumeric(10);
+ final String cc = "XZ";
+ final SimpleEidasData addFirstPersonData = SimpleEidasData.builder()
+ .citizenCountryCode(cc)
+ .familyName(TEST_PREFIX + RandomStringUtils.randomAlphabetic(8))
+ .givenName(TEST_PREFIX + RandomStringUtils.randomAlphabetic(8))
+ .dateOfBirth("1996-01-01")
+ .personalIdentifier(cc + "/AT/" + addFirstPersonPersonalIdentifier)
+ .pseudonym(addFirstPersonPersonalIdentifier)
+ .build();
+
+ // add entry
+ ErnpRegisterResult addFirstPersonResponse = client.add(addFirstPersonData);
+
+ // verify added entry
+ assertNotNull("no ERnP response", addFirstPersonResponse);
+ assertEquals("wrong resp size", 1, addFirstPersonResponse.getPersonResult().size());
+ checkErnpResult(addFirstPersonResponse.getPersonResult().get(0), addFirstPersonData, 1);
+
+
+ // *** add new random second person with same MDS ***
+ final String addSecondPersonPersonalIdentifier = RandomStringUtils.randomAlphanumeric(10);
+ final SimpleEidasData addSecondPersonData = addFirstPersonData.toBuilder()
+ .personalIdentifier(cc + "/AT/" + addSecondPersonPersonalIdentifier)
+ .pseudonym(addSecondPersonPersonalIdentifier)
+ .build();
+
+ // add entry
+ ErnpRegisterResult addSecondPersonResponse = client.add(addSecondPersonData);
+
+ // verify added entry
+ assertNotNull("no ERnP response", addSecondPersonResponse);
+ assertEquals("wrong resp size", 1, addSecondPersonResponse.getPersonResult().size());
+ checkErnpResult(addSecondPersonResponse.getPersonResult().get(0), addSecondPersonData, 1);
+
+
+
+ // search with MDS
+ ErnpRegisterResult resp = client.searchWithMds(addFirstPersonData.getGivenName(), addFirstPersonData.getFamilyName(),
+ addFirstPersonData.getDateOfBirth(), cc);
+
+ // validate state
+ assertNotNull("no ERnP response", resp);
+ assertEquals("wrong resp size", 2, resp.getPersonResult().size());
+
+ }
+
+
+
+ @Test
+ @SneakyThrows
+ public void addSearchAndPersonalIdUpdate() {
+ // *** add new random entry ***
+
+ final String addPersonPersonalIdentifier = RandomStringUtils.randomAlphanumeric(10);
+ final String cc = "DE";
+ final SimpleEidasData addPersonData = SimpleEidasData.builder()
+ .citizenCountryCode(cc)
+ .familyName(TEST_PREFIX + RandomStringUtils.randomAlphabetic(8))
+ .givenName(TEST_PREFIX + RandomStringUtils.randomAlphabetic(8))
+ .dateOfBirth("1996-01-01")
+ .personalIdentifier(cc + "/AT/" + addPersonPersonalIdentifier)
+ .pseudonym(addPersonPersonalIdentifier)
+ .birthName(RandomStringUtils.randomAlphabetic(8))
+ .placeOfBirth(RandomStringUtils.randomAlphabetic(8))
+ .build();
+
+ // add entry
+ ErnpRegisterResult addPersonResponse = client.add(addPersonData);
+
+ // verify added entry
+ assertNotNull("no ERnP response", addPersonResponse);
+ assertEquals("wrong resp size", 1, addPersonResponse.getPersonResult().size());
+ checkErnpResult(addPersonResponse.getPersonResult().get(0), addPersonData, 1);
+
+
+ // *** search entry by countrySpecifics ***
+ final String ccPersonPersonalIdentifier = RandomStringUtils.randomAlphanumeric(10);
+ SimpleEidasData ccSpecificData = addPersonData.toBuilder()
+ .personalIdentifier(cc + "/AT/" + ccPersonPersonalIdentifier)
+ .pseudonym(ccPersonPersonalIdentifier)
+ .build();
+ PersonSuchenRequest ccSearchReq =
+ new DeSpecificDetailSearchProcessor().generateSearchRequest(ccSpecificData);
+
+ // search CC specific
+ ErnpRegisterResult ccSearchResponse = client.searchCountrySpecific(ccSearchReq, cc);
+
+ // verify cc specific result
+ assertNotNull("no ERnP response", ccSearchResponse);
+ assertEquals("wrong resp size", 1, ccSearchResponse.getPersonResult().size());
+ RegisterResult ccSearchPersResult = ccSearchResponse.getPersonResult().get(0);
+ checkErnpResult(ccSearchResponse.getPersonResult().get(0), addPersonData, 1);
+ assertEquals("wrong bPK", addPersonResponse.getPersonResult().get(0).getBpk(),
+ ccSearchPersResult.getBpk());
+ assertFalse("no PersonalId change detected", ccSpecificData.equalsRegisterData(ccSearchPersResult));
+
+
+ // *** update entry because PersonalId has changed ***
+ // update ERnP entry
+ ErnpRegisterResult updateResponse = client.update(ccSearchPersResult, ccSpecificData);
+ assertNotNull("no ERnP response", updateResponse);
+ assertEquals("wrong resp size", 1, updateResponse.getPersonResult().size());
+ checkErnpResult(updateResponse.getPersonResult().get(0), addPersonData, 2);
+ assertEquals("wrong bPK", addPersonResponse.getPersonResult().get(0).getBpk(), ccSearchPersResult.getBpk());
+ checkPersonalIdentifier(updateResponse.getPersonResult().get(0), addPersonPersonalIdentifier);
+ checkPersonalIdentifier(updateResponse.getPersonResult().get(0), ccPersonPersonalIdentifier);
+
+
+
+ // *** search by first personalIdentifier
+ ErnpRegisterResult persIdSearchFirstResp = client.searchWithPersonIdentifier(
+ addPersonPersonalIdentifier, cc);
+ assertNotNull("no ERnP response", persIdSearchFirstResp);
+ assertEquals("wrong resp size", 1, persIdSearchFirstResp.getPersonResult().size());
+ assertEquals("wrong bPK", addPersonResponse.getPersonResult().get(0).getBpk(), ccSearchPersResult.getBpk());
+ checkPersonalIdentifier(updateResponse.getPersonResult().get(0), addPersonPersonalIdentifier);
+ checkPersonalIdentifier(updateResponse.getPersonResult().get(0), ccPersonPersonalIdentifier);
+ checkErnpResult(updateResponse.getPersonResult().get(0), addPersonData, 2);
+
+
+
+ // *** search by second personalIdentifier
+ ErnpRegisterResult persIdSearchSecondResp = client.searchWithPersonIdentifier(
+ ccPersonPersonalIdentifier, cc);
+ assertNotNull("no ERnP response", persIdSearchSecondResp);
+ assertEquals("wrong resp size", 1, persIdSearchSecondResp.getPersonResult().size());
+ assertEquals("wrong bPK", addPersonResponse.getPersonResult().get(0).getBpk(), ccSearchPersResult.getBpk());
+ checkPersonalIdentifier(updateResponse.getPersonResult().get(0), addPersonPersonalIdentifier);
+ checkPersonalIdentifier(updateResponse.getPersonResult().get(0), ccPersonPersonalIdentifier);
+ checkErnpResult(updateResponse.getPersonResult().get(0), addPersonData, 2);
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void addSearchAndMdsUpdate() {
+ // *** add new random entry ***
+
+ final String addPersonPersonalIdentifier = RandomStringUtils.randomAlphanumeric(10);
+ final String cc = "DE";
+ final SimpleEidasData addPersonData = SimpleEidasData.builder()
+ .citizenCountryCode(cc)
+ .familyName(TEST_PREFIX + RandomStringUtils.randomAlphabetic(8))
+ .givenName(TEST_PREFIX + RandomStringUtils.randomAlphabetic(8))
+ .dateOfBirth("1985-05-05")
+ .personalIdentifier(cc + "/AT/" + addPersonPersonalIdentifier)
+ .pseudonym(addPersonPersonalIdentifier)
+ .birthName(RandomStringUtils.randomAlphabetic(8))
+ .placeOfBirth(RandomStringUtils.randomAlphabetic(8))
+ .build();
+
+ // add entry
+ ErnpRegisterResult addPersonResponse = client.add(addPersonData);
+
+ // verify added entry
+ assertNotNull("no ERnP response", addPersonResponse);
+ assertEquals("wrong resp size", 1, addPersonResponse.getPersonResult().size());
+ checkErnpResult(addPersonResponse.getPersonResult().get(0), addPersonData, 1);
+
+
+ // *** search entry by personalId ***
+ SimpleEidasData mdsHasChanged = addPersonData.toBuilder()
+ .givenName(RandomStringUtils.randomAlphanumeric(10))
+ .familyName(RandomStringUtils.randomAlphanumeric(10))
+ .build();
+
+ // search by personalId
+ ErnpRegisterResult personalIdResponse = client.searchWithPersonIdentifier(addPersonPersonalIdentifier, cc);
+
+ // verify personalId result
+ assertNotNull("no ERnP response", personalIdResponse);
+ assertEquals("wrong resp size", 1, personalIdResponse.getPersonResult().size());
+ RegisterResult persIdSearchResult = personalIdResponse.getPersonResult().get(0);
+ checkErnpResult(personalIdResponse.getPersonResult().get(0), addPersonData, 1);
+ assertEquals("wrong bPK", addPersonResponse.getPersonResult().get(0).getBpk(),
+ persIdSearchResult.getBpk());
+ assertFalse("no MDS change detected", mdsHasChanged.equalsRegisterData(persIdSearchResult));
+
+
+ // *** update entry because MDS has changed ***
+ // update ERnP entry
+ ErnpRegisterResult updateResponse = client.update(persIdSearchResult, mdsHasChanged);
+ assertNotNull("no ERnP response", updateResponse);
+ assertEquals("wrong resp size", 1, updateResponse.getPersonResult().size());
+ checkErnpResult(updateResponse.getPersonResult().get(0), mdsHasChanged, 1);
+ assertEquals("wrong bPK", addPersonResponse.getPersonResult().get(0).getBpk(), persIdSearchResult.getBpk());
+ checkPersonalIdentifier(updateResponse.getPersonResult().get(0), addPersonPersonalIdentifier);
+
+
+ // *** search by first personalIdentifier
+ ErnpRegisterResult persIdSearchFirstResp = client.searchWithPersonIdentifier(
+ addPersonPersonalIdentifier, cc);
+ assertNotNull("no ERnP response", persIdSearchFirstResp);
+ assertEquals("wrong resp size", 1, persIdSearchFirstResp.getPersonResult().size());
+ assertEquals("wrong bPK", addPersonResponse.getPersonResult().get(0).getBpk(), persIdSearchResult.getBpk());
+ checkPersonalIdentifier(updateResponse.getPersonResult().get(0), addPersonPersonalIdentifier);
+ checkErnpResult(updateResponse.getPersonResult().get(0), mdsHasChanged, 1);
+
+ // *** search by first personalIdentifier
+ ErnpRegisterResult mdsSearchResp = client.searchWithMds(
+ mdsHasChanged.getGivenName(), mdsHasChanged.getFamilyName(), mdsHasChanged.getDateOfBirth(), cc);
+ assertNotNull("no ERnP response", mdsSearchResp);
+ assertEquals("wrong resp size", 1, mdsSearchResp.getPersonResult().size());
+ assertEquals("wrong bPK", addPersonResponse.getPersonResult().get(0).getBpk(), persIdSearchResult.getBpk());
+ checkPersonalIdentifier(updateResponse.getPersonResult().get(0), addPersonPersonalIdentifier);
+ checkErnpResult(updateResponse.getPersonResult().get(0), mdsHasChanged, 1);
+
+
+
+ }
+
+
+ @Ignore
+ @Test
+ @SneakyThrows
+ public void addErnpEntry() {
+ final String personalIdentifierFirst = "7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit";
+ final String cc = "CZ";
+ final SimpleEidasData eidasDataFirst = SimpleEidasData.builder()
+ .citizenCountryCode(cc)
+ .familyName("DOPISNÍ")
+ .givenName("DANA")
+ .dateOfBirth("1996-01-01")
+ .personalIdentifier(cc + "/AT/" + personalIdentifierFirst)
+ .pseudonym(personalIdentifierFirst)
+ .build();
+
+ // execute operation
+ ErnpRegisterResult resp = client.add(eidasDataFirst);
+
+ // validate state
+ assertNotNull("no ERnP response", resp);
+ assertEquals("wrong resp size", 1, resp.getPersonResult().size());
+ checkErnpResult(resp.getPersonResult().get(0), eidasDataFirst, 1);
+
+ }
+
+ @Ignore
+ @Test
+ @SneakyThrows
+ public void addErnpEntryE2ETest() {
+ final String personalIdentifierFirst = "adfasfsadvsafsafweqrwr432553324";
+ final String cc = "EE";
+ final SimpleEidasData eidasDataFirst = SimpleEidasData.builder()
+ .citizenCountryCode(cc)
+ .familyName("Mustermatch01")
+ .givenName("Max")
+ .dateOfBirth("1965-01-01")
+ .personalIdentifier(cc + "/AT/" + personalIdentifierFirst)
+ .pseudonym(personalIdentifierFirst)
+ .build();
+
+ // execute operation
+ ErnpRegisterResult resp = client.add(eidasDataFirst);
+
+ // validate state
+ assertNotNull("no ERnP response", resp);
+ assertEquals("wrong resp size", 1, resp.getPersonResult().size());
+ checkErnpResult(resp.getPersonResult().get(0), eidasDataFirst, 1);
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void addRandomErnpEntry() {
+ final String addPersonPersonalIdentifier = RandomStringUtils.randomAlphanumeric(10);
+ final String cc = "XZ";
+ final SimpleEidasData addPersonData = SimpleEidasData.builder()
+ .citizenCountryCode(cc)
+ .familyName(TEST_PREFIX + RandomStringUtils.randomAlphabetic(8))
+ .givenName(TEST_PREFIX + RandomStringUtils.randomAlphabetic(8))
+ .dateOfBirth("1985-05-05")
+ .personalIdentifier(cc + "/AT/" + addPersonPersonalIdentifier)
+ .pseudonym(addPersonPersonalIdentifier)
+ .birthName(RandomStringUtils.randomAlphabetic(8))
+ .placeOfBirth(RandomStringUtils.randomAlphabetic(8))
+ .build();
+
+ // add entry
+ ErnpRegisterResult addPersonResponse = client.add(addPersonData);
+
+ // verify added entry
+ assertNotNull("no ERnP response", addPersonResponse);
+ assertEquals("wrong resp size", 1, addPersonResponse.getPersonResult().size());
+ checkErnpResult(addPersonResponse.getPersonResult().get(0), addPersonData, 1);
+
+ }
+
+
+ private void checkErnpResult(RegisterResult registerResult, final SimpleEidasData eidasData, int numOfPseudonyms) {
+ assertEquals("wrong familyname", eidasData.getFamilyName(), registerResult.getFamilyName());
+ assertEquals("wrong givenname", eidasData.getGivenName(), registerResult.getGivenName());
+ assertEquals("wrong birthday", eidasData.getDateOfBirth(), registerResult.getDateOfBirth());
+ assertEquals("wrong personalId size", numOfPseudonyms, registerResult.getPseudonym().size());
+ assertEquals("wrong placeOfBirth", eidasData.getPlaceOfBirth(), registerResult.getPlaceOfBirth());
+ assertEquals("wrong birthName", eidasData.getBirthName(), registerResult.getBirthName());
+ assertTrue("no bPK", StringUtils.isNotEmpty(registerResult.getBpk()));
+ checkPersonalIdentifier(registerResult, eidasData.getPseudonym());
+
+ }
+
+ private void checkPersonalIdentifier(RegisterResult registerResult, String pseudonym) {
+ assertTrue("wrong or no personalId", registerResult.getPseudonym().stream()
+ .filter(el -> pseudonym.equals(el))
+ .findFirst()
+ .isPresent());
+
+ }
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ErnpRestClientTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ErnpRestClientTest.java
new file mode 100644
index 00000000..a9e10de6
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ErnpRestClientTest.java
@@ -0,0 +1,1085 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.clients;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertThrows;
+import static org.junit.Assert.assertTrue;
+
+import java.net.HttpURLConnection;
+import java.util.Arrays;
+import java.util.Iterator;
+import java.util.UUID;
+import java.util.concurrent.TimeUnit;
+
+import org.apache.commons.io.IOUtils;
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.AfterClass;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.ClassMode;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.ObjectMapper;
+
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.ernp.ErnpRestClient.ErnpRegisterResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.ernp.IErnpClient;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.DeSpecificDetailSearchProcessor;
+import at.gv.egiz.eaaf.core.impl.utils.TransactionIdUtils;
+import lombok.SneakyThrows;
+import okhttp3.mockwebserver.MockResponse;
+import okhttp3.mockwebserver.MockWebServer;
+import okhttp3.mockwebserver.RecordedRequest;
+import okhttp3.mockwebserver.SocketPolicy;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml" })
+@DirtiesContext(classMode = ClassMode.AFTER_CLASS)
+public class ErnpRestClientTest {
+
+ @Autowired MsConnectorDummyConfigMap basicConfig;
+ @Autowired IErnpClient client;
+
+ private static ObjectMapper mapper = new ObjectMapper();
+ private static MockWebServer mockWebServer;
+
+ /**
+ * JUnit class initializer.
+ *
+ * @throws Exception In case of an OpenSAML3 initialization error
+ */
+ @BeforeClass
+ @SneakyThrows
+ public static void classInitializer() {
+ mockWebServer = new MockWebServer();
+ mockWebServer.start(1718);
+
+ }
+
+ @AfterClass
+ @SneakyThrows
+ public static void resetTestEnviroment() {
+ mockWebServer.shutdown();
+
+ }
+
+ /**
+ * jUnit test initializer.
+ *
+ * @throws InterruptedException in case of an error
+ */
+ @Before
+ public void initialize() throws InterruptedException {
+ mockWebServer.takeRequest(2, TimeUnit.MILLISECONDS);
+ TransactionIdUtils.setTransactionId(UUID.randomUUID().toString());
+
+ }
+
+
+ @Test
+ @SneakyThrows
+ public void searchWithPersonalIdentifierServerError() {
+ final String personalIdentifierFirst = "7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit";
+ final String cc = "DE";
+ final SimpleEidasData eidasDataFirst = SimpleEidasData.builder()
+ .citizenCountryCode(cc)
+ .familyName("XXXvon Brandenburg")
+ .givenName("XXXClaus - Maria")
+ .dateOfBirth("1994-12-31")
+ .personalIdentifier(cc + "/AT/" + personalIdentifierFirst)
+ .pseudonym(personalIdentifierFirst)
+ .build();
+
+ // set ERnP response
+ mockWebServer.enqueue(new MockResponse().setResponseCode(500)
+ .setBody("Internal error"));
+
+ // execute operation
+ EidasSAuthenticationException error = assertThrows("wrong Exception", EidasSAuthenticationException.class,
+ () -> client.searchWithPersonIdentifier(
+ eidasDataFirst.getPseudonym(), eidasDataFirst.getCitizenCountryCode()));
+
+ mockWebServer.takeRequest();
+ assertEquals("wrong errorCode", "module.eidasauth.matching.11", error.getErrorId());
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void searchWithPersonalIdentifierSuccess() {
+ final String personalIdentifierFirst = "7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit";
+ final String cc = "DE";
+ final SimpleEidasData eidasDataFirst = SimpleEidasData.builder()
+ .citizenCountryCode(cc)
+ .familyName("XXXvon Brandenburg")
+ .givenName("XXXClaus - Maria")
+ .dateOfBirth("1994-12-31")
+ .personalIdentifier(cc + "/AT/" + personalIdentifierFirst)
+ .pseudonym(personalIdentifierFirst)
+ .build();
+
+
+ // set ERnP response
+ mockWebServer.enqueue(new MockResponse().setResponseCode(200)
+ .setBody(IOUtils.toString(
+ ErnpRestClientTest.class.getResourceAsStream("/data/ernp/ernp_handbook_example.json"),
+ "UTF-8"))
+ .setHeader("Content-Type", "application/json;charset=utf-8"));
+
+
+ // execute operation
+ ErnpRegisterResult resp = client.searchWithPersonIdentifier(
+ eidasDataFirst.getPseudonym(), eidasDataFirst.getCitizenCountryCode());
+
+ // validate request
+ final RecordedRequest request = mockWebServer.takeRequest();
+ String reqBody = request.getBody().readUtf8();
+ assertFalse("no request body", reqBody.isEmpty());
+
+ // validate state
+ assertNotNull("no ERnP response", resp);
+ assertEquals("wrong resp size", 1, resp.getPersonResult().size());
+
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void searchResidence() {
+ // execute operation
+ ErnpRegisterResult resp = client.searchWithResidenceData(null, null, null, null, null, null);
+ assertNotNull("no ERnP response", resp);
+ assertEquals("wrong resp size", 0, resp.getPersonResult().size());
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void searchWithMdsNoResponse() {
+ final String cc = "CZ";
+ final SimpleEidasData eidasDataFirst = generateRandomEidasData(cc);
+
+ mockWebServer.enqueue(new MockResponse()
+ .setSocketPolicy(SocketPolicy.NO_RESPONSE)
+ .setResponseCode(HttpURLConnection.HTTP_NO_CONTENT));
+
+ // execute operation
+ EidasSAuthenticationException error = assertThrows("wrong Exception", EidasSAuthenticationException.class,
+ () -> client.searchWithMds(eidasDataFirst.getGivenName(), eidasDataFirst.getFamilyName(), eidasDataFirst.getDateOfBirth(), cc));
+ assertEquals("wrong errorCode", "module.eidasauth.matching.11", error.getErrorId());
+ mockWebServer.takeRequest();
+
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void searchWithMdsErrorResponse() {
+ final String cc = "CZ";
+ final SimpleEidasData eidasDataFirst = generateRandomEidasData(cc);
+
+ // set ERnP response
+ mockWebServer.enqueue(new MockResponse().setResponseCode(400)
+ .setBody(IOUtils.toString(
+ ErnpRestClientTest.class.getResourceAsStream("/data/ernp/error_resp.json"),
+ "UTF-8"))
+ .setHeader("Content-Type", "application/json;charset=utf-8"));
+
+ // execute operation
+ EidasSAuthenticationException error = assertThrows("wrong Exception", EidasSAuthenticationException.class,
+ () -> client.searchWithMds(eidasDataFirst.getGivenName(), eidasDataFirst.getFamilyName(), eidasDataFirst.getDateOfBirth(), cc));
+ assertEquals("wrong errorCode", "module.eidasauth.matching.11", error.getErrorId());
+ mockWebServer.takeRequest();
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void searchWithMdsNoResult() {
+ final String cc = "CZ";
+ final SimpleEidasData eidasDataFirst = generateRandomEidasData(cc);
+
+ // set ERnP response
+ mockWebServer.enqueue(new MockResponse().setResponseCode(200)
+ .setBody(IOUtils.toString(
+ ErnpRestClientTest.class.getResourceAsStream("/data/ernp/ernp_empty_resp.json"),
+ "UTF-8"))
+ .setHeader("Content-Type", "application/json;charset=utf-8"));
+
+ // execute operation
+ ErnpRegisterResult resp = client.searchWithMds(eidasDataFirst.getGivenName(), eidasDataFirst.getFamilyName(), eidasDataFirst.getDateOfBirth(), cc);
+
+ // validate request
+ final RecordedRequest request = mockWebServer.takeRequest();
+ String reqBody = request.getBody().readUtf8();
+ assertFalse("no request body", reqBody.isEmpty());
+ JsonNode reqJson = mapper.readTree(reqBody);
+ checkSearchOptions(reqJson, "Searching with MDS only");
+ JsonNode person = getJsonObject(reqJson, "suchdaten");
+ checkJsonElement(person, "familienname", eidasDataFirst.getFamilyName());
+ checkJsonElement(person, "vorname", eidasDataFirst.getGivenName());
+ checkPersonDateOfBirth(person, eidasDataFirst.getDateOfBirth());
+
+ // validate state
+ assertNotNull("no ERnP response", resp);
+ assertEquals("wrong resp size", 0, resp.getPersonResult().size());
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void searchWithMdsSingleResult() {
+ final String cc = "CZ";
+ final SimpleEidasData eidasDataFirst = generateRandomEidasData(cc);
+
+ // set ERnP response
+ mockWebServer.enqueue(new MockResponse().setResponseCode(200)
+ .setBody(IOUtils.toString(
+ ErnpRestClientTest.class.getResourceAsStream("/data/ernp/3_search_with_mds_resp.json"),
+ "UTF-8"))
+ .setHeader("Content-Type", "application/json;charset=utf-8"));
+
+ // execute operation
+ ErnpRegisterResult resp = client.searchWithMds(eidasDataFirst.getGivenName(), eidasDataFirst.getFamilyName(), eidasDataFirst.getDateOfBirth(), cc);
+
+ // validate state
+ mockWebServer.takeRequest();
+ assertNotNull("no ERnP response", resp);
+ assertEquals("wrong resp size", 1, resp.getPersonResult().size());
+ RegisterResult persInfo = resp.getPersonResult().get(0);
+ assertEquals("wrong familyname", "DOPISNÍ", persInfo.getFamilyName());
+ assertEquals("wrong givenName", "DANA", persInfo.getGivenName());
+ assertEquals("wrong dateOfBirth", "1996-01-01", persInfo.getDateOfBirth());
+ assertEquals("wrong bpk", "vypyCkyczK7i+cgPWlJasuJphIA=", persInfo.getBpk());
+ assertEquals("wrong pseudonym", "7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", persInfo.getPseudonym().get(0));
+ assertNull("placeOfBirth", persInfo.getPlaceOfBirth());
+ assertNull("birthName", persInfo.getBirthName());
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void searchWithMdsMultiResult() {
+ final String cc = "CZ";
+ final SimpleEidasData eidasDataFirst = generateRandomEidasData(cc);
+
+ // set ERnP response
+ mockWebServer.enqueue(new MockResponse().setResponseCode(200)
+ .setBody(IOUtils.toString(
+ ErnpRestClientTest.class.getResourceAsStream("/data/ernp/4_search_with_mds_multi_resp.json"),
+ "UTF-8"))
+ .setHeader("Content-Type", "application/json;charset=utf-8"));
+
+ // execute operation
+ ErnpRegisterResult resp = client.searchWithMds(eidasDataFirst.getGivenName(), eidasDataFirst.getFamilyName(), eidasDataFirst.getDateOfBirth(), cc);
+
+ // validate state
+ mockWebServer.takeRequest();
+ assertNotNull("no ERnP response", resp);
+ assertEquals("wrong resp size", 2, resp.getPersonResult().size());
+
+ }
+
+
+ @Test
+ @SneakyThrows
+ public void searchWithPersonalIdNoResponse() {
+ final String cc = "CZ";
+ final SimpleEidasData eidasDataFirst = generateRandomEidasData(cc);
+
+ mockWebServer.enqueue(new MockResponse()
+ .setSocketPolicy(SocketPolicy.NO_RESPONSE)
+ .setResponseCode(HttpURLConnection.HTTP_NO_CONTENT));
+
+ // execute operation
+ EidasSAuthenticationException error = assertThrows("wrong Exception", EidasSAuthenticationException.class,
+ () -> client.searchWithPersonIdentifier(eidasDataFirst.getPseudonym(), cc));
+ assertEquals("wrong errorCode", "module.eidasauth.matching.11", error.getErrorId());
+ mockWebServer.takeRequest();
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void searchWithPersonalIdErrorResponse() {
+ final String cc = "CZ";
+ final SimpleEidasData eidasDataFirst = generateRandomEidasData(cc);
+
+ // set ERnP response
+ mockWebServer.enqueue(new MockResponse().setResponseCode(400)
+ .setBody(IOUtils.toString(
+ ErnpRestClientTest.class.getResourceAsStream("/data/ernp/error_resp.json"),
+ "UTF-8"))
+ .setHeader("Content-Type", "application/json;charset=utf-8"));
+
+ // execute operation
+ EidasSAuthenticationException error = assertThrows("wrong Exception", EidasSAuthenticationException.class,
+ () -> client.searchWithPersonIdentifier(eidasDataFirst.getPseudonym(), cc));
+ assertEquals("wrong errorCode", "module.eidasauth.matching.11", error.getErrorId());
+ mockWebServer.takeRequest();
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void searchWithPersonalIdNoResult() {
+ final String cc = "CZ";
+ final SimpleEidasData eidasDataFirst = generateRandomEidasData(cc);
+
+ // set ERnP response
+ mockWebServer.enqueue(new MockResponse().setResponseCode(200)
+ .setBody(IOUtils.toString(
+ ErnpRestClientTest.class.getResourceAsStream("/data/ernp/ernp_empty_resp.json"),
+ "UTF-8"))
+ .setHeader("Content-Type", "application/json;charset=utf-8"));
+
+ // execute operation
+ ErnpRegisterResult resp = client.searchWithPersonIdentifier(eidasDataFirst.getPseudonym(), cc);
+
+ // validate request
+ final RecordedRequest request = mockWebServer.takeRequest();
+ String reqBody = request.getBody().readUtf8();
+ assertFalse("no request body", reqBody.isEmpty());
+ JsonNode reqJson = mapper.readTree(reqBody);
+ checkSearchOptions(reqJson, "Searching PersonIdentifier");
+ JsonNode person = getJsonObject(reqJson, "suchdaten");
+ checkEidasDocument(person, "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", cc, eidasDataFirst.getPseudonym());
+
+ // validate state
+ assertNotNull("no ERnP response", resp);
+ assertEquals("wrong resp size", 0, resp.getPersonResult().size());
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void searchWithPersonalIdSingleResult() {
+ final String cc = "DE";
+ final SimpleEidasData eidasDataFirst = generateRandomEidasData(cc);
+
+ // set ERnP response
+ mockWebServer.enqueue(new MockResponse().setResponseCode(200)
+ .setBody(IOUtils.toString(
+ ErnpRestClientTest.class.getResourceAsStream("/data/ernp/1_search_with_personalId_resp.json"),
+ "UTF-8"))
+ .setHeader("Content-Type", "application/json;charset=utf-8"));
+
+ // execute operation
+ ErnpRegisterResult resp = client.searchWithPersonIdentifier(eidasDataFirst.getPseudonym(), cc);
+
+ // validate state
+ mockWebServer.takeRequest();
+ assertNotNull("no ERnP response", resp);
+ assertEquals("wrong resp size", 1, resp.getPersonResult().size());
+ RegisterResult persInfo = resp.getPersonResult().get(0);
+ assertEquals("wrong familyname", "CtKKrtUe", persInfo.getFamilyName());
+ assertEquals("wrong givenName", "dUeYzUFg", persInfo.getGivenName());
+ assertEquals("wrong dateOfBirth", "1985-05-05", persInfo.getDateOfBirth());
+ assertEquals("wrong bpk", "+OQnljn0Son1W2rkM73nP/VMsvc=", persInfo.getBpk());
+ assertEquals("wrong pseudonym", "Y8ADWaeh0h", persInfo.getPseudonym().get(0));
+ assertEquals("wrong placeOfBirth", "hrFevCfP", persInfo.getPlaceOfBirth());
+ assertEquals("wrong birthName", "sNUEAhEr", persInfo.getBirthName());
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void searchWithPersonalIdSingleResultCountryNoMatch() {
+ final String cc = "CZ";
+ final SimpleEidasData eidasDataFirst = generateRandomEidasData(cc);
+
+ // set ERnP response
+ mockWebServer.enqueue(new MockResponse().setResponseCode(200)
+ .setBody(IOUtils.toString(
+ ErnpRestClientTest.class.getResourceAsStream("/data/ernp/1_search_with_personalId_resp.json"),
+ "UTF-8"))
+ .setHeader("Content-Type", "application/json;charset=utf-8"));
+
+ // execute operation
+ ErnpRegisterResult resp = client.searchWithPersonIdentifier(eidasDataFirst.getPseudonym(), cc);
+
+ // validate state
+ mockWebServer.takeRequest();
+ assertNotNull("no ERnP response", resp);
+ assertEquals("wrong resp size", 1, resp.getPersonResult().size());
+ RegisterResult persInfo = resp.getPersonResult().get(0);
+ assertEquals("wrong familyname", "CtKKrtUe", persInfo.getFamilyName());
+ assertEquals("wrong givenName", "dUeYzUFg", persInfo.getGivenName());
+ assertEquals("wrong dateOfBirth", "1985-05-05", persInfo.getDateOfBirth());
+ assertEquals("wrong bpk", "+OQnljn0Son1W2rkM73nP/VMsvc=", persInfo.getBpk());
+ assertTrue("pseudonym", persInfo.getPseudonym().isEmpty());
+ assertNull("placeOfBirth", persInfo.getPlaceOfBirth());
+ assertNull("birthName", persInfo.getBirthName());
+
+ }
+
+
+ @Test
+ @SneakyThrows
+ public void searchWithPersonalIdMultiResult() {
+ final String cc = "CZ";
+ final SimpleEidasData eidasDataFirst = generateRandomEidasData(cc);
+
+ // set ERnP response
+ mockWebServer.enqueue(new MockResponse().setResponseCode(200)
+ .setBody(IOUtils.toString(
+ ErnpRestClientTest.class.getResourceAsStream("/data/ernp/4_search_with_mds_multi_resp.json"),
+ "UTF-8"))
+ .setHeader("Content-Type", "application/json;charset=utf-8"));
+
+ // execute operation
+ EidasSAuthenticationException error = assertThrows("wrong Exception", EidasSAuthenticationException.class,
+ () -> client.searchWithPersonIdentifier(eidasDataFirst.getPseudonym(), cc));
+ assertEquals("wrong errorCode", "module.eidasauth.matching.03", error.getErrorId());
+ mockWebServer.takeRequest();
+
+ }
+
+
+ @Test
+ @SneakyThrows
+ public void searchWithCcspecificsNoResponse() {
+ final String cc = "CZ";
+ final SimpleEidasData eidasDataFirst = generateRandomEidasData(cc);
+
+ mockWebServer.enqueue(new MockResponse()
+ .setSocketPolicy(SocketPolicy.NO_RESPONSE)
+ .setResponseCode(HttpURLConnection.HTTP_NO_CONTENT));
+
+ // execute operation
+ EidasSAuthenticationException error = assertThrows("wrong Exception", EidasSAuthenticationException.class,
+ () -> client.searchCountrySpecific(new DeSpecificDetailSearchProcessor().generateSearchRequest(eidasDataFirst), cc));
+ assertEquals("wrong errorCode", "module.eidasauth.matching.11", error.getErrorId());
+ mockWebServer.takeRequest();
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void searchWithCcspecificsErrorResponse() {
+ final String cc = "CZ";
+ final SimpleEidasData eidasDataFirst = generateRandomEidasData(cc);
+
+ // set ERnP response
+ mockWebServer.enqueue(new MockResponse().setResponseCode(400)
+ .setBody(IOUtils.toString(
+ ErnpRestClientTest.class.getResourceAsStream("/data/ernp/error_resp.json"),
+ "UTF-8"))
+ .setHeader("Content-Type", "application/json;charset=utf-8"));
+
+ // execute operation
+ EidasSAuthenticationException error = assertThrows("wrong Exception", EidasSAuthenticationException.class,
+ () -> client.searchCountrySpecific(new DeSpecificDetailSearchProcessor().generateSearchRequest(eidasDataFirst), cc));
+ assertEquals("wrong errorCode", "module.eidasauth.matching.11", error.getErrorId());
+ mockWebServer.takeRequest();
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void searchWithCcspecificsNoResult() {
+ final String cc = "DE";
+ final SimpleEidasData eidasDataFirst = generateRandomEidasData(cc).toBuilder()
+ .birthName(RandomStringUtils.randomAlphabetic(5))
+ .placeOfBirth(RandomStringUtils.randomAlphabetic(5))
+ .build();
+
+ // set ERnP response
+ mockWebServer.enqueue(new MockResponse().setResponseCode(200)
+ .setBody(IOUtils.toString(
+ ErnpRestClientTest.class.getResourceAsStream("/data/ernp/ernp_empty_resp.json"),
+ "UTF-8"))
+ .setHeader("Content-Type", "application/json;charset=utf-8"));
+
+ // execute operation
+ ErnpRegisterResult resp = client.searchCountrySpecific(
+ new DeSpecificDetailSearchProcessor().generateSearchRequest(eidasDataFirst), cc);
+
+ // validate request
+ final RecordedRequest request = mockWebServer.takeRequest();
+ String reqBody = request.getBody().readUtf8();
+ assertFalse("no request body", reqBody.isEmpty());
+ JsonNode reqJson = mapper.readTree(reqBody);
+ checkSearchOptions(reqJson, "Searching DE specific");
+ JsonNode person = getJsonObject(reqJson, "suchdaten");
+ checkJsonElement(person, "familienname", eidasDataFirst.getFamilyName());
+ checkJsonElement(person, "vorname", eidasDataFirst.getGivenName());
+ checkPersonDateOfBirth(person, eidasDataFirst.getDateOfBirth());
+ checkEidasDocument(person, "http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth", cc, eidasDataFirst.getPlaceOfBirth());
+ checkEidasDocument(person, "http://eidas.europa.eu/attributes/naturalperson/BirthName", cc, eidasDataFirst.getBirthName());
+
+ // validate state
+ assertNotNull("no ERnP response", resp);
+ assertEquals("wrong resp size", 0, resp.getPersonResult().size());
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void searchWithCcspecificsSingleResult() {
+ final String cc = "DE";
+ final SimpleEidasData eidasDataFirst = generateRandomEidasData(cc);
+
+ // set ERnP response
+ mockWebServer.enqueue(new MockResponse().setResponseCode(200)
+ .setBody(IOUtils.toString(
+ ErnpRestClientTest.class.getResourceAsStream("/data/ernp/1_search_with_personalId_resp.json"),
+ "UTF-8"))
+ .setHeader("Content-Type", "application/json;charset=utf-8"));
+
+ // execute operation
+ ErnpRegisterResult resp = client.searchCountrySpecific(
+ new DeSpecificDetailSearchProcessor().generateSearchRequest(eidasDataFirst), cc);
+
+ // validate state
+ mockWebServer.takeRequest();
+ assertNotNull("no ERnP response", resp);
+ assertEquals("wrong resp size", 1, resp.getPersonResult().size());
+ RegisterResult persInfo = resp.getPersonResult().get(0);
+ assertEquals("wrong familyname", "CtKKrtUe", persInfo.getFamilyName());
+ assertEquals("wrong givenName", "dUeYzUFg", persInfo.getGivenName());
+ assertEquals("wrong dateOfBirth", "1985-05-05", persInfo.getDateOfBirth());
+ assertEquals("wrong bpk", "+OQnljn0Son1W2rkM73nP/VMsvc=", persInfo.getBpk());
+ assertEquals("wrong pseudonym", "Y8ADWaeh0h", persInfo.getPseudonym().get(0));
+ assertEquals("wrong placeOfBirth", "hrFevCfP", persInfo.getPlaceOfBirth());
+ assertEquals("wrong birthName", "sNUEAhEr", persInfo.getBirthName());
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void searchWithCcspecificsSingleResultCountryNoMatch() {
+ final String cc = "CZ";
+ final SimpleEidasData eidasDataFirst = generateRandomEidasData(cc);
+
+ // set ERnP response
+ mockWebServer.enqueue(new MockResponse().setResponseCode(200)
+ .setBody(IOUtils.toString(
+ ErnpRestClientTest.class.getResourceAsStream("/data/ernp/1_search_with_personalId_resp.json"),
+ "UTF-8"))
+ .setHeader("Content-Type", "application/json;charset=utf-8"));
+
+ // execute operation
+ ErnpRegisterResult resp = client.searchCountrySpecific(
+ new DeSpecificDetailSearchProcessor().generateSearchRequest(eidasDataFirst), cc);
+
+ // validate state
+ mockWebServer.takeRequest();
+ assertNotNull("no ERnP response", resp);
+ assertEquals("wrong resp size", 1, resp.getPersonResult().size());
+ RegisterResult persInfo = resp.getPersonResult().get(0);
+ assertEquals("wrong familyname", "CtKKrtUe", persInfo.getFamilyName());
+ assertEquals("wrong givenName", "dUeYzUFg", persInfo.getGivenName());
+ assertEquals("wrong dateOfBirth", "1985-05-05", persInfo.getDateOfBirth());
+ assertEquals("wrong bpk", "+OQnljn0Son1W2rkM73nP/VMsvc=", persInfo.getBpk());
+ assertTrue("pseudonym", persInfo.getPseudonym().isEmpty());
+ assertNull("placeOfBirth", persInfo.getPlaceOfBirth());
+ assertNull("birthName", persInfo.getBirthName());
+
+ }
+
+
+ @Test
+ @SneakyThrows
+ public void searchWithCcspecificsMultiResult() {
+ final String cc = "CZ";
+ final SimpleEidasData eidasDataFirst = generateRandomEidasData(cc);
+
+ // set ERnP response
+ mockWebServer.enqueue(new MockResponse().setResponseCode(200)
+ .setBody(IOUtils.toString(
+ ErnpRestClientTest.class.getResourceAsStream("/data/ernp/4_search_with_mds_multi_resp.json"),
+ "UTF-8"))
+ .setHeader("Content-Type", "application/json;charset=utf-8"));
+
+ // execute operation
+ EidasSAuthenticationException error = assertThrows("wrong Exception", EidasSAuthenticationException.class,
+ () -> client.searchCountrySpecific(new DeSpecificDetailSearchProcessor().generateSearchRequest(eidasDataFirst), cc));
+ assertEquals("wrong errorCode", "module.eidasauth.matching.03", error.getErrorId());
+ mockWebServer.takeRequest();
+
+ }
+
+
+ @Test
+ @SneakyThrows
+ public void addPersonNoResponse() {
+ final String cc = "CZ";
+ final SimpleEidasData eidasDataFirst = generateRandomEidasData(cc);
+
+ mockWebServer.enqueue(new MockResponse()
+ .setSocketPolicy(SocketPolicy.NO_RESPONSE)
+ .setResponseCode(HttpURLConnection.HTTP_NO_CONTENT));
+
+ // execute operation
+ EidasSAuthenticationException error = assertThrows("wrong Exception", EidasSAuthenticationException.class,
+ () -> client.add(eidasDataFirst));
+ assertEquals("wrong errorCode", "module.eidasauth.matching.11", error.getErrorId());
+ mockWebServer.takeRequest();
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void addPersonSimpleSuccess() {
+ final String cc = "CZ";
+ final SimpleEidasData eidasDataFirst = generateRandomEidasData(cc);
+
+ // set ERnP response
+ mockWebServer.enqueue(new MockResponse().setResponseCode(200)
+ .setBody(IOUtils.toString(
+ ErnpRestClientTest.class.getResourceAsStream("/data/ernp/2_add_resp.json"),
+ "UTF-8"))
+ .setHeader("Content-Type", "application/json;charset=utf-8"));
+
+ // execute operation
+ // execute operation
+ ErnpRegisterResult resp = client.add(eidasDataFirst);
+
+ // validate request
+ final RecordedRequest request = mockWebServer.takeRequest();
+ String reqBody = request.getBody().readUtf8();
+ assertFalse("no request body", reqBody.isEmpty());
+ JsonNode reqJson = mapper.readTree(reqBody);
+ checkJsonElement(reqJson, "begruendung", "Add new person");
+ JsonNode person = getJsonObject(reqJson, "personendaten");
+ checkJsonElement(person, "familienname", eidasDataFirst.getFamilyName());
+ checkJsonElement(person, "vorname", eidasDataFirst.getGivenName());
+ checkPersonDateOfBirth(person, eidasDataFirst.getDateOfBirth());
+ checkEidasDocument(reqJson, "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", cc, eidasDataFirst.getPseudonym());
+ checkEidasDocument(reqJson, "http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth", cc);
+ checkEidasDocument(reqJson, "http://eidas.europa.eu/attributes/naturalperson/BirthName", cc);
+
+
+ // validate state
+ assertNotNull("no ERnP response", resp);
+ assertEquals("wrong resp size", 1, resp.getPersonResult().size());
+ RegisterResult persInfo = resp.getPersonResult().get(0);
+ assertEquals("wrong familyname", "mRjMKAQc", persInfo.getFamilyName());
+ assertEquals("wrong givenName", "vdqZZIaA", persInfo.getGivenName());
+ assertEquals("wrong dateOfBirth", "1996-01-01", persInfo.getDateOfBirth());
+ assertEquals("wrong bpk", "TBGoMlirU881e2jMGETa9WLx1+A=", persInfo.getBpk());
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void addPersonSimpleComplexe() {
+ final String cc = "DE";
+ final SimpleEidasData eidasDataFirst = generateRandomEidasData(cc).toBuilder()
+ .birthName(RandomStringUtils.randomAlphabetic(5))
+ .placeOfBirth(RandomStringUtils.randomAlphabetic(5))
+ .build();
+
+ // set ERnP response
+ mockWebServer.enqueue(new MockResponse().setResponseCode(200)
+ .setBody(IOUtils.toString(
+ ErnpRestClientTest.class.getResourceAsStream("/data/ernp/2_add_resp.json"),
+ "UTF-8"))
+ .setHeader("Content-Type", "application/json;charset=utf-8"));
+
+ // execute operation
+ // execute operation
+ ErnpRegisterResult resp = client.add(eidasDataFirst);
+
+ // validate request
+ final RecordedRequest request = mockWebServer.takeRequest();
+ String reqBody = request.getBody().readUtf8();
+ assertFalse("no request body", reqBody.isEmpty());
+ JsonNode reqJson = mapper.readTree(reqBody);
+ checkJsonElement(reqJson, "begruendung", "Add new person");
+ JsonNode person = getJsonObject(reqJson, "personendaten");
+ checkJsonElement(person, "familienname", eidasDataFirst.getFamilyName());
+ checkJsonElement(person, "vorname", eidasDataFirst.getGivenName());
+ checkPersonDateOfBirth(person, eidasDataFirst.getDateOfBirth());
+ checkEidasDocument(reqJson, "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", cc, eidasDataFirst.getPseudonym());
+ checkEidasDocument(reqJson, "http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth", cc, eidasDataFirst.getPlaceOfBirth());
+ checkEidasDocument(reqJson, "http://eidas.europa.eu/attributes/naturalperson/BirthName", cc, eidasDataFirst.getBirthName());
+
+ // validate state
+ assertNotNull("no ERnP response", resp);
+ assertEquals("wrong resp size", 1, resp.getPersonResult().size());
+ RegisterResult persInfo = resp.getPersonResult().get(0);
+ assertEquals("wrong familyname", "mRjMKAQc", persInfo.getFamilyName());
+ assertEquals("wrong givenName", "vdqZZIaA", persInfo.getGivenName());
+ assertEquals("wrong dateOfBirth", "1996-01-01", persInfo.getDateOfBirth());
+ assertEquals("wrong bpk", "TBGoMlirU881e2jMGETa9WLx1+A=", persInfo.getBpk());
+ assertEquals("wrong pseudonym", "88hvWzUaIX", persInfo.getPseudonym().get(0));
+ assertEquals("wrong placeOfBirth", "VRNCAylF", persInfo.getPlaceOfBirth());
+ assertEquals("wrong birthName", "miEklFHC", persInfo.getBirthName());
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void updateNoLatestVersion() {
+ final String cc = "DE";
+ final SimpleEidasData eidasDataFirst = generateRandomEidasData(cc).toBuilder()
+ .birthName(RandomStringUtils.randomAlphabetic(5))
+ .placeOfBirth(RandomStringUtils.randomAlphabetic(5))
+ .build();
+
+ // set ERnP response
+ mockWebServer.enqueue(new MockResponse().setResponseCode(200)
+ .setBody(IOUtils.toString(
+ ErnpRestClientTest.class.getResourceAsStream("/data/ernp/ernp_empty_resp.json"),
+ "UTF-8"))
+ .setHeader("Content-Type", "application/json;charset=utf-8"));
+
+ RegisterResult ernpResult = RegisterResult.builder()
+ .familyName(eidasDataFirst.getFamilyName())
+ .givenName(eidasDataFirst.getGivenName())
+ .dateOfBirth(eidasDataFirst.getDateOfBirth())
+ .bpk("")
+ .pseudonym(Arrays.asList(eidasDataFirst.getPseudonym()))
+ .build();
+
+ // execute operation
+ EidasSAuthenticationException error = assertThrows("wrong Exception", EidasSAuthenticationException.class,
+ () -> client.update(ernpResult, eidasDataFirst));
+ assertEquals("wrong errorCode", "module.eidasauth.matching.03", error.getErrorId());
+ mockWebServer.takeRequest();
+
+
+ }
+
+
+ @Test
+ @SneakyThrows
+ public void updateNoUpdateRequired() {
+ final String cc = "DE";
+ final String personalIdentifierFirst = "Y8ADWaeh0h";
+ final SimpleEidasData eidasDataFirst = SimpleEidasData.builder()
+ .citizenCountryCode(cc)
+ .familyName("CtKKrtUe")
+ .givenName("dUeYzUFg")
+ .dateOfBirth("1985-05-05")
+ .personalIdentifier(cc + "/AT/" + personalIdentifierFirst)
+ .pseudonym(personalIdentifierFirst)
+ .build();
+
+ // set ERnP response
+ mockWebServer.enqueue(new MockResponse().setResponseCode(200)
+ .setBody(IOUtils.toString(
+ ErnpRestClientTest.class.getResourceAsStream("/data/ernp/1_kitt_search_latest_resp.json"),
+ "UTF-8"))
+ .setHeader("Content-Type", "application/json;charset=utf-8"));
+
+ RegisterResult ernpResult = RegisterResult.builder()
+ .familyName(eidasDataFirst.getFamilyName())
+ .givenName(eidasDataFirst.getGivenName())
+ .dateOfBirth(eidasDataFirst.getDateOfBirth())
+ .bpk("+OQnljn0Son1W2rkM73nP/VMsvc=")
+ .pseudonym(Arrays.asList(eidasDataFirst.getPseudonym()))
+ .birthName("sNUEAhEr")
+ .placeOfBirth("hrFevCfP")
+ .build();
+
+ // execute operation
+ ErnpRegisterResult resp = client.update(ernpResult, eidasDataFirst);
+
+ // validate request
+ final RecordedRequest request = mockWebServer.takeRequest();
+ String reqBody = request.getBody().readUtf8();
+ assertFalse("no request body", reqBody.isEmpty());
+ JsonNode reqJson = mapper.readTree(reqBody);
+ checkSearchOptions(reqJson, "KITT get-latest-version");
+ JsonNode person = getJsonObject(reqJson, "suchdaten");
+ checkJsonElement(person, "familienname", ernpResult.getFamilyName());
+ checkJsonElement(person, "vorname", ernpResult.getGivenName());
+ checkJsonElement(person, "bpkZp", ernpResult.getBpk());
+ checkPersonDateOfBirth(person, ernpResult.getDateOfBirth());
+
+ //validate state
+ assertNotNull("no ERnP response", resp);
+ assertEquals("wrong resp size", 1, resp.getPersonResult().size());
+ RegisterResult persInfo = resp.getPersonResult().get(0);
+ assertEquals("wrong familyname", ernpResult.getFamilyName(), persInfo.getFamilyName());
+ assertEquals("wrong givenName", ernpResult.getGivenName(), persInfo.getGivenName());
+ assertEquals("wrong dateOfBirth", ernpResult.getDateOfBirth(), persInfo.getDateOfBirth());
+ assertEquals("wrong bpk", ernpResult.getBpk(), persInfo.getBpk());
+ assertEquals("wrong pseudonym", ernpResult.getPseudonym().get(0), persInfo.getPseudonym().get(0));
+ assertEquals("wrong placeOfBirth", "hrFevCfP", persInfo.getPlaceOfBirth());
+ assertEquals("wrong birthName", "sNUEAhEr", persInfo.getBirthName());
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void updateUpdateRequiredMds() {
+ final String cc = "DE";
+ final String personalIdentifierFirst = "Y8ADWaeh0h";
+ final SimpleEidasData eidasDataFirst = SimpleEidasData.builder()
+ .citizenCountryCode(cc)
+ .familyName("mVzTMpig6r")
+ .givenName("Jb2vj1Xpql")
+ .dateOfBirth("1985-05-05")
+ .personalIdentifier(cc + "/AT/" + personalIdentifierFirst)
+ .pseudonym(personalIdentifierFirst)
+ .placeOfBirth("hrFevCfP")
+ .birthName("sNUEAhEr")
+ .build();
+
+ // set ERnP response
+ mockWebServer.enqueue(new MockResponse().setResponseCode(200)
+ .setBody(IOUtils.toString(
+ ErnpRestClientTest.class.getResourceAsStream("/data/ernp/1_kitt_search_latest_resp.json"),
+ "UTF-8"))
+ .setHeader("Content-Type", "application/json;charset=utf-8"));
+ mockWebServer.enqueue(new MockResponse().setResponseCode(200)
+ .setBody(IOUtils.toString(
+ ErnpRestClientTest.class.getResourceAsStream("/data/ernp/1_kitt_update_resp.json"),
+ "UTF-8"))
+ .setHeader("Content-Type", "application/json;charset=utf-8"));
+
+ RegisterResult ernpResult = RegisterResult.builder()
+ .familyName("CtKKrtUe")
+ .givenName("dUeYzUFg")
+ .dateOfBirth("1985-05-05")
+ .bpk("+OQnljn0Son1W2rkM73nP/VMsvc=")
+ .pseudonym(Arrays.asList("Y8ADWaeh0h"))
+ .birthName("sNUEAhEr")
+ .placeOfBirth("hrFevCfP")
+ .build();
+
+ // execute operation
+ ErnpRegisterResult resp = client.update(ernpResult, eidasDataFirst);
+
+ // validate request
+ // check get-latest-version request
+ final RecordedRequest request = mockWebServer.takeRequest();
+ String reqBody = request.getBody().readUtf8();
+ assertFalse("no request body", reqBody.isEmpty());
+ JsonNode reqJson = mapper.readTree(reqBody);
+ checkSearchOptions(reqJson, "KITT get-latest-version");
+ JsonNode person = getJsonObject(reqJson, "suchdaten");
+ checkJsonElement(person, "familienname", ernpResult.getFamilyName());
+ checkJsonElement(person, "vorname", ernpResult.getGivenName());
+ checkJsonElement(person, "bpkZp", ernpResult.getBpk());
+ checkPersonDateOfBirth(person, ernpResult.getDateOfBirth());
+
+ // check update request
+ final RecordedRequest requestKitt = mockWebServer.takeRequest();
+ String reqBodyKitt = requestKitt.getBody().readUtf8();
+ assertFalse("no request body", reqBodyKitt.isEmpty());
+ JsonNode reqJsonKitt = mapper.readTree(reqBodyKitt);
+ checkJsonElement(reqJsonKitt, "begruendung", "KITT update dataset");
+ checkJsonElement(reqJsonKitt, "entityId", "1933000000000475");
+ checkJsonElement(reqJsonKitt, "version", "2022-03-03T10:07:28.885Z");
+ JsonNode personChange = getJsonObject(reqJsonKitt, "aendern");
+ JsonNode personKitt = getJsonObject(personChange, "personendaten");
+ checkJsonElement(personKitt, "familienname", eidasDataFirst.getFamilyName());
+ checkJsonElement(personKitt, "vorname", eidasDataFirst.getGivenName());
+ checkPersonDateOfBirth(personKitt, eidasDataFirst.getDateOfBirth());
+
+ assertFalse("find 'aendern' element", reqJsonKitt.has("anlegen"));
+ assertFalse("find 'aendern' element", personChange.has("eidas"));
+
+
+ //validate state
+ assertNotNull("no ERnP response", resp);
+ assertEquals("wrong resp size", 1, resp.getPersonResult().size());
+ RegisterResult persInfo = resp.getPersonResult().get(0);
+ assertEquals("wrong familyname", eidasDataFirst.getFamilyName(), persInfo.getFamilyName());
+ assertEquals("wrong givenName", eidasDataFirst.getGivenName(), persInfo.getGivenName());
+ assertEquals("wrong dateOfBirth", ernpResult.getDateOfBirth(), persInfo.getDateOfBirth());
+ assertEquals("wrong bpk", ernpResult.getBpk(), persInfo.getBpk());
+ assertEquals("wrong pseudonym", ernpResult.getPseudonym().get(0), persInfo.getPseudonym().get(0));
+ assertEquals("wrong placeOfBirth", "hrFevCfP", persInfo.getPlaceOfBirth());
+ assertEquals("wrong birthName", "sNUEAhEr", persInfo.getBirthName());
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void updateUpdateRequiredEidasDocs() {
+ final String cc = "DE";
+ final String personalIdentifierFirst = "nj1m79jm9z";
+ final SimpleEidasData eidasDataFirst = SimpleEidasData.builder()
+ .citizenCountryCode(cc)
+ .familyName("mRjMKAQc")
+ .givenName("vdqZZIaA")
+ .dateOfBirth("1996-01-01")
+ .personalIdentifier(cc + "/AT/" + personalIdentifierFirst)
+ .pseudonym(personalIdentifierFirst)
+ .birthName(RandomStringUtils.randomAlphabetic(10))
+ .build();
+
+ // set ERnP response
+ mockWebServer.enqueue(new MockResponse().setResponseCode(200)
+ .setBody(IOUtils.toString(
+ ErnpRestClientTest.class.getResourceAsStream("/data/ernp/2_kitt_search_latest_resp.json"),
+ "UTF-8"))
+ .setHeader("Content-Type", "application/json;charset=utf-8"));
+ mockWebServer.enqueue(new MockResponse().setResponseCode(200)
+ .setBody(IOUtils.toString(
+ ErnpRestClientTest.class.getResourceAsStream("/data/ernp/2_kitt_update_resp.json"),
+ "UTF-8"))
+ .setHeader("Content-Type", "application/json;charset=utf-8"));
+
+ RegisterResult ernpResult = RegisterResult.builder()
+ .familyName("mRjMKAQc")
+ .givenName("vdqZZIaA")
+ .dateOfBirth("1996-01-01")
+ .bpk("TBGoMlirU881e2jMGETa9WLx1+A=")
+ .pseudonym(Arrays.asList("88hvWzUaIX"))
+ .birthName("VRNCAylF")
+ .placeOfBirth("miEklFHC")
+ .build();
+
+ // execute operation
+ ErnpRegisterResult resp = client.update(ernpResult, eidasDataFirst);
+
+ // validate request
+ // check get-latest-version request
+ final RecordedRequest request = mockWebServer.takeRequest();
+ String reqBody = request.getBody().readUtf8();
+ assertFalse("no request body", reqBody.isEmpty());
+ JsonNode reqJson = mapper.readTree(reqBody);
+ checkSearchOptions(reqJson, "KITT get-latest-version");
+ JsonNode person = getJsonObject(reqJson, "suchdaten");
+ checkJsonElement(person, "familienname", ernpResult.getFamilyName());
+ checkJsonElement(person, "vorname", ernpResult.getGivenName());
+ checkJsonElement(person, "bpkZp", ernpResult.getBpk());
+ checkPersonDateOfBirth(person, ernpResult.getDateOfBirth());
+
+ // check update request
+ final RecordedRequest requestKitt = mockWebServer.takeRequest();
+ String reqBodyKitt = requestKitt.getBody().readUtf8();
+ assertFalse("no request body", reqBodyKitt.isEmpty());
+ JsonNode reqJsonKitt = mapper.readTree(reqBodyKitt);
+ checkJsonElement(reqJsonKitt, "begruendung", "KITT update dataset");
+ checkJsonElement(reqJsonKitt, "entityId", "1933000000000498");
+ checkJsonElement(reqJsonKitt, "version", "2022-03-03T10:14:59.712Z");
+ JsonNode personChange = getJsonObject(reqJsonKitt, "anlegen");
+ checkEidasDocument(personChange, "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", cc, eidasDataFirst.getPseudonym());
+ assertFalse("find 'aendern' element", reqJsonKitt.has("aendern"));
+
+ //validate state
+ assertNotNull("no ERnP response", resp);
+ assertEquals("wrong resp size", 1, resp.getPersonResult().size());
+ RegisterResult persInfo = resp.getPersonResult().get(0);
+ assertEquals("wrong familyname", eidasDataFirst.getFamilyName(), persInfo.getFamilyName());
+ assertEquals("wrong givenName", eidasDataFirst.getGivenName(), persInfo.getGivenName());
+ assertEquals("wrong dateOfBirth", ernpResult.getDateOfBirth(), persInfo.getDateOfBirth());
+ assertEquals("wrong bpk", ernpResult.getBpk(), persInfo.getBpk());
+ assertEquals("wrong pseudonym", ernpResult.getPseudonym().get(0), persInfo.getPseudonym().get(0));
+ assertEquals("wrong pseudonym", eidasDataFirst.getPseudonym(), persInfo.getPseudonym().get(1));
+ assertEquals("wrong placeOfBirth", "VRNCAylF", persInfo.getPlaceOfBirth());
+ assertEquals("wrong birthName", "miEklFHC", persInfo.getBirthName());
+
+ }
+
+
+ private SimpleEidasData generateRandomEidasData(String cc) {
+ final String personalIdentifierFirst = RandomStringUtils.randomAlphanumeric(10);
+ return SimpleEidasData.builder()
+ .citizenCountryCode(cc)
+ .familyName(RandomStringUtils.randomAlphanumeric(10))
+ .givenName(RandomStringUtils.randomAlphanumeric(10))
+ .dateOfBirth("1996-10-15")
+ .personalIdentifier(cc + "/AT/" + personalIdentifierFirst)
+ .pseudonym(personalIdentifierFirst)
+ .build();
+
+ }
+
+ private void checkEidasDocument(JsonNode person, String art, String cc, String expected) {
+ assertTrue("no element: eidas", person.has("eidas"));
+ assertTrue("wrong type element: eidas", person.get("eidas").isArray());
+
+ boolean found = false;
+ Iterator<JsonNode> docs = person.get("eidas").elements();
+ while (docs.hasNext() && !found) {
+ JsonNode el = docs.next();
+ assertTrue("art", el.has("art"));
+ assertTrue("wert", el.has("wert"));
+ assertTrue("cc", el.has("staatscode2"));
+ found = art.equals(el.get("art").asText()) && cc.equals(el.get("staatscode2").asText())
+ && expected.equals(el.get("wert").asText());
+
+ }
+ assertTrue("Missing eidas document", found);
+
+ }
+
+ private void checkEidasDocument(JsonNode person, String art, String cc) {
+ assertTrue("no element: eidas", person.has("eidas"));
+ assertTrue("wrong type element: eidas", person.get("eidas").isArray());
+
+ boolean found = false;
+ Iterator<JsonNode> docs = person.get("eidas").elements();
+ while (docs.hasNext() && !found) {
+ JsonNode el = docs.next();
+ assertTrue("art", el.has("art"));
+ assertTrue("wert", el.has("wert"));
+ assertTrue("cc", el.has("staatscode2"));
+ found = art.equals(el.get("art").asText()) && cc.equals(el.get("staatscode2").asText());
+
+ }
+ assertFalse("Missing eidas document", found);
+
+ }
+
+ private void checkPersonDateOfBirth(JsonNode person, String dateOfBirth) {
+ JsonNode birthDay = getJsonObject(person, "geburtsdatum");
+ String[] el = dateOfBirth.split("-");
+ checkJsonElement(birthDay, "jahr", Integer.parseInt(el[0]));
+ checkJsonElement(birthDay, "monat", Integer.parseInt(el[1]));
+ checkJsonElement(birthDay, "tag", Integer.parseInt(el[2]));
+
+ }
+
+ private void checkSearchOptions(JsonNode json, String reason) {
+ checkJsonElement(json, "begruendung", reason);
+ JsonNode options = getJsonObject(json, "suchoptionen");
+ checkJsonElement(options, "historisch", "AktuellUndHistorisch");
+ checkJsonElement(options, "sucheMitNamensteilen", false);
+ checkJsonElement(options, "suchwizard", false);
+ checkJsonElement(options, "zmr", false);
+
+ }
+
+ private JsonNode getJsonObject(JsonNode json, String key) {
+ assertTrue("no element: " + key, json.has(key));
+ assertTrue("wrong type element: " + key, json.get(key).isObject());
+ return json.get(key);
+
+ }
+
+ private void checkJsonElement(JsonNode json, String key, int expected) {
+ assertTrue("no element: " + key, json.has(key));
+ assertTrue("wong element-type: " + key, json.get(key).isInt());
+ assertEquals("wong element-value: " + key, expected, json.get(key).asInt());
+
+ }
+
+ private void checkJsonElement(JsonNode json, String key, String expected) {
+ assertTrue("no element: " + key, json.has(key));
+ assertTrue("wong element-type: " + key, json.get(key).isTextual());
+ assertEquals("wong element-value: " + key, expected, json.get(key).asText());
+
+ }
+
+ private void checkJsonElement(JsonNode json, String key, boolean expected) {
+ assertTrue("no element: " + key, json.has(key));
+ assertTrue("wong element-type: " + key, json.get(key).isBoolean());
+ assertEquals("wong element-value: " + key, expected, json.get(key).asBoolean());
+
+ }
+
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/SzrClientProductionTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/SzrClientProductionTest.java
new file mode 100644
index 00000000..d2bfe662
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/SzrClientProductionTest.java
@@ -0,0 +1,140 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.clients;
+
+import static org.junit.Assert.assertNotNull;
+
+import java.util.List;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.bouncycastle.util.encoders.Base64;
+import org.junit.Assert;
+import org.junit.Ignore;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.annotation.IfProfileValue;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.TestPropertySource;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.szr.SzrClient;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+
+
+@IfProfileValue(name = "spring.profiles.active", value = "devEnvironment")
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_realConfig.xml"})
+@TestPropertySource(locations = {
+ //"classpath:/application.properties",
+ "file:/home/tlenz/Projekte/config/ms_connector/default_config.properties",
+ })
+public class SzrClientProductionTest {
+ private static final Logger log = LoggerFactory.getLogger(SzrClientProductionTest.class);
+
+ @Autowired
+ SzrClient szrClient;
+ @Autowired
+ IConfiguration basicConfig;
+
+ private static final String DUMMY_TARGET = EaafConstants.URN_PREFIX_CDID + "ZP";
+
+ @Test
+ public void dummyTest() {
+
+ }
+
+
+ @Ignore
+ @Test
+ public void getEncBaseId() throws SzrCommunicationException {
+
+ MatchedPersonResult matchingResult = MatchedPersonResult.builder()
+ .bpk("QusNG6WEct/vkD1aoRfxHod0Dtk=")
+ .familyName("Garcia")
+ .givenName("javier")
+ .dateOfBirth("1964-12-31")
+ .build();
+
+
+ String baseId = szrClient.getEncryptedStammzahl(matchingResult);
+
+
+ assertNotNull("not encrypted baseId", baseId);
+
+ }
+
+
+ @Test
+ public void getEidasBind() throws EidasSAuthenticationException {
+ String vsz = RandomStringUtils.randomAlphanumeric(10);
+ String bindingPubKey = Base64.toBase64String(RandomStringUtils.random(20).getBytes());
+ String eidStatus = "urn:eidgvat:eid.status.eidas";
+
+ String eidasBind = szrClient.getEidasBind(vsz, bindingPubKey, eidStatus, getEidData());
+
+ Assert.assertNotNull("eidasBind", eidasBind);
+
+ }
+
+ @Ignore
+ @Test
+ public void getBpkTest() throws EidasSAuthenticationException {
+ String vkz = basicConfig.getBasicConfiguration(
+ Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_VKZ, "no VKZ defined");
+ final List<String> bPK = szrClient.getBpk(getEidData(), DUMMY_TARGET, vkz);
+
+ if (bPK.isEmpty()) {
+ throw new SzrCommunicationException("ernb.01", new Object[]{"bPK list is empty"});
+ }
+ for (String b : bPK) {
+ if (StringUtils.isEmpty(b)) {
+ throw new SzrCommunicationException("ernb.01", new Object[]{"bPK is null or empty"});
+ }
+ }
+
+ }
+
+ private SimpleEidasData getEidData() {
+ return SimpleEidasData.builder()
+ .familyName("Mustermann")
+ .givenName("Franz")
+ .dateOfBirth("1989-05-04")
+ .citizenCountryCode("IS")
+ .pseudonym("1234ffgsdfg56789ABCDEF")
+ .build();
+ }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/SzrClientTest.java
index 4d9ae035..e61532a3 100644
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/SzrClientTest.java
@@ -21,100 +21,71 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-package at.asitplus.eidas.specific.modules.auth.eidas.v2.test;
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.clients;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.anyList;
import static org.mockito.Mockito.when;
import java.io.IOException;
-import java.security.InvalidKeyException;
-import java.security.MessageDigest;
-import java.security.NoSuchProviderException;
import java.util.List;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Unmarshaller;
import javax.xml.parsers.ParserConfigurationException;
-import javax.xml.ws.soap.SOAPFaultException;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.RandomStringUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.cxf.binding.soap.SoapFault;
-import org.joda.time.DateTime;
-import org.jose4j.lang.JoseException;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Ignore;
import org.junit.Rule;
import org.junit.Test;
import org.junit.runner.RunWith;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.test.annotation.DirtiesContext;
import org.springframework.test.annotation.DirtiesContext.ClassMode;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
-import org.springframework.util.Base64Utils;
import org.w3c.dom.Element;
import org.xml.sax.SAXException;
-import com.fasterxml.jackson.core.JsonProcessingException;
-import com.fasterxml.jackson.databind.JsonMappingException;
-import com.fasterxml.jackson.databind.ObjectMapper;
import com.github.skjolber.mockito.soap.SoapServiceRule;
import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.szr.SzrClient;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.szr.SzrClient;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils;
-import at.gv.e_government.reference.namespace.persondata._20020228.PersonNameType;
-import at.gv.e_government.reference.namespace.persondata._20020228.PhysicalPersonType;
import at.gv.egiz.eaaf.core.api.data.EaafConstants;
-import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
-import at.gv.egiz.eaaf.core.exceptions.EaafParserException;
-import at.gv.egiz.eaaf.core.impl.data.Triple;
-import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser;
import at.gv.egiz.eaaf.core.impl.utils.DomUtils;
-import szrservices.GetBPKFromStammzahlEncryptedResponse;
-import szrservices.GetBPKFromStammzahlEncryptedResponseType;
+import lombok.extern.slf4j.Slf4j;
import szrservices.GetIdentityLinkEidasResponse;
-import szrservices.IdentityLinkType;
import szrservices.PersonInfoType;
import szrservices.SZR;
import szrservices.SZRException_Exception;
import szrservices.SignContentEntry;
import szrservices.SignContentResponse;
import szrservices.SignContentResponseType;
-import szrservices.TravelDocumentType;
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration(locations = {
"/SpringTest-context_tasks_test.xml",
"/SpringTest-context_basic_mapConfig.xml"})
@DirtiesContext(classMode = ClassMode.AFTER_CLASS)
+@Slf4j
public class SzrClientTest {
- private static final Logger log = LoggerFactory.getLogger(SzrClientTest.class);
@Autowired SzrClient szrClient;
@Autowired MsConnectorDummyConfigMap basicConfig;
- private static ObjectMapper mapper = new ObjectMapper();
-
- private static final String givenName = "Franz";
- private static final String familyName = "Mustermann";
- private static final String dateOfBirth = "1989-05-05";
- private static final String eIDASeID = "IS/AT/1234sdgsdfg56789ABCDEF";
private static final String DUMMY_TARGET = EaafConstants.URN_PREFIX_CDID + "ZP";
private SZR szrMock = null;
- ErnbEidData eidData = null;
@Rule
public SoapServiceRule soap = SoapServiceRule.newInstance();
@@ -126,45 +97,10 @@ public class SzrClientTest {
public void initializer() {
if (szrMock == null) {
szrMock = soap.mock(SZR.class, "http://localhost:1234/demoszr");
-
}
-
- eidData = new ErnbEidData();
- eidData.setFamilyName(familyName);
- eidData.setGivenName(givenName);
- eidData.setDateOfBirth(new DateTime());
- eidData.setCitizenCountryCode("IS");
- eidData.setPseudonym("1234sdgsdfg56789ABCDEF");
-
- basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject", "false");
-
- }
-
-
-
-
- @Test
- public void getStammzahlenEcryptedTest() throws JAXBException, SZRException_Exception, SzrCommunicationException {
- final GetBPKFromStammzahlEncryptedResponse szrResponse = new GetBPKFromStammzahlEncryptedResponse();
- final GetBPKFromStammzahlEncryptedResponseType result1 = new GetBPKFromStammzahlEncryptedResponseType();
- szrResponse.getOut().add(result1);
- result1.setKey(RandomStringUtils.randomAlphanumeric(20));
-
- // when(szrMock.getBPKFromStammzahlEncrypted(anyList()))
- // .thenReturn(Arrays.asList(result1));
- when(szrMock.getStammzahlEncrypted(any(), any())).thenReturn(result1.getKey());
-
- String stammzahlEncrypted = szrClient.getEncryptedStammzahl(new PersonInfoType());
-
- Assert.assertEquals("bcBind not match", result1.getKey(), stammzahlEncrypted);
-
- when(szrMock.getStammzahlEncrypted(any(), any())).thenReturn(null);
- try {
- stammzahlEncrypted = szrClient.getEncryptedStammzahl(new PersonInfoType());
- } catch (SzrCommunicationException e) {
- Assert.assertTrue("Not correct error", e.getMessage().contains("ernb.01"));
- }
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject", "false");
+
}
@Test
@@ -181,45 +117,45 @@ public class SzrClientTest {
when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(content);
final String bcBind = szrClient
- .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10),
- RandomStringUtils.randomAlphabetic(10), eidData);
+ .getEidasBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10),
+ RandomStringUtils.randomAlphabetic(10), getEidData());
Assert.assertNotNull("bcBind is null", bcBind);
Assert.assertEquals("bcBind not match", result1.getValue(), bcBind);
-
+
}
@Test
public void eidasBindNull() throws SZRException_Exception {
when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(null);
-
- try {
+
+ try {
szrClient
- .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10),
- RandomStringUtils.randomAlphabetic(10), eidData);
+ .getEidasBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10),
+ RandomStringUtils.randomAlphabetic(10), getEidData());
} catch (SzrCommunicationException e) {
Assert.assertTrue("Not correct error", e.getMessage().contains("ernb.01"));
-
- }
+
+ }
}
-
+
@Test
public void eidasBindInvalidResponse() throws SZRException_Exception {
final SignContentEntry result2 = new SignContentEntry();
final SignContentResponseType content1 = new SignContentResponseType();
content1.getOut().add(result2);
when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(content1);
-
+
try {
szrClient
- .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10),
- RandomStringUtils.randomAlphabetic(10), eidData);
+ .getEidasBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10),
+ RandomStringUtils.randomAlphabetic(10), getEidData());
} catch (SzrCommunicationException e) {
Assert.assertTrue("Not correct error", e.getMessage().contains("ernb.01"));
-
+
}
}
-
+
public void eidasBindEmptyResponse() throws SZRException_Exception {
final SignContentEntry result2 = new SignContentEntry();
final SignContentResponseType content1 = new SignContentResponseType();
@@ -227,20 +163,19 @@ public class SzrClientTest {
result2.setKey("bcBindReq");
result2.setValue("");
when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(content1);
-
+
try {
szrClient
- .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10),
- RandomStringUtils.randomAlphabetic(10), eidData);
+ .getEidasBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10),
+ RandomStringUtils.randomAlphabetic(10), getEidData());
} catch (SzrCommunicationException e) {
Assert.assertTrue("Not correct error", e.getMessage().contains("ernb.01"));
-
- }
+
+ }
}
-
+
@Test
- public void eidasBindValid() throws SZRException_Exception, SzrCommunicationException, JsonMappingException,
- JsonProcessingException, JoseException {
+ public void eidasBindValid() throws SZRException_Exception, SzrCommunicationException {
final SignContentResponse szrResponse = new SignContentResponse();
final SignContentEntry result1 = new SignContentEntry();
final SignContentResponseType content = new SignContentResponseType();
@@ -253,19 +188,18 @@ public class SzrClientTest {
when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(content);
final String bcBind = szrClient
- .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10),
- RandomStringUtils.randomAlphabetic(10), eidData);
+ .getEidasBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10),
+ RandomStringUtils.randomAlphabetic(10), getEidData());
Assert.assertNotNull("bcBind is null", bcBind);
Assert.assertEquals("bcBind not match", result1.getValue(), bcBind);
-
+
}
@Test
- public void eidasBindValidWithMds() throws SZRException_Exception, SzrCommunicationException, JoseException,
- JsonMappingException, JsonProcessingException {
+ public void eidasBindValidWithMds() throws SZRException_Exception, SzrCommunicationException {
basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject", "true");
-
+
final SignContentResponse szrResponse = new SignContentResponse();
final SignContentEntry result1 = new SignContentEntry();
final SignContentResponseType content = new SignContentResponseType();
@@ -278,77 +212,18 @@ public class SzrClientTest {
when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(content);
final String bcBind = szrClient
- .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10),
- RandomStringUtils.randomAlphabetic(10), eidData);
+ .getEidasBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10),
+ RandomStringUtils.randomAlphabetic(10), getEidData());
Assert.assertNotNull("bcBind is null", bcBind);
Assert.assertEquals("bcBind not match", result1.getValue(), bcBind);
}
-
- @Test
- public void getIdentityLinkRawModeValidResponse()
- throws SZRException_Exception, EaafParserException, NoSuchProviderException, IOException, InvalidKeyException,
- EidasSAuthenticationException, JAXBException {
- setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
-
- try {
- log.debug("Starting connecting SZR Gateway");
- final IdentityLinkType result = szrClient.getIdentityLinkInRawMode(getPersonInfo());
-
- Assert.assertNotNull(result);
- Assert.assertNotNull(result.getAssertion());
-
- final IIdentityLink identityLink = new SimpleIdentityLinkAssertionParser((Element) result.getAssertion())
- .parseIdentityLink();
- Assert.assertNotNull(identityLink);
-
- System.out.println(identityLink.getSerializedSamlAssertion());
-
- checkElement("Mustermann", identityLink.getFamilyName());
- checkElement("Hans", identityLink.getGivenName());
- checkElement("1989-05-05", identityLink.getDateOfBirth());
- checkElement("urn:publicid:gv.at:baseid", identityLink.getIdentificationType());
- checkElement("k+zDM1BVpN1WJO4x7ZQ3ng==", identityLink.getIdentificationValue());
- Assert.assertNotNull(identityLink.getSerializedSamlAssertion());
- Assert.assertNotNull(identityLink.getSamlAssertion());
-
- } catch (final SzrCommunicationException e) {
- Assert.fail();
-
- }
-
- }
-
- @Test
- public void getIdentityLinkRawModeErrorTravelerDocExists()
- throws SZRException_Exception, EaafParserException, NoSuchProviderException, IOException, InvalidKeyException,
- EidasSAuthenticationException, JAXBException, ParserConfigurationException, SAXException {
- setSzrExceptionIdentityLink("/data/szr/szr_resp_error_travelerdocexists.xml");
-
- try {
- log.debug("Starting connecting SZR Gateway");
- szrClient.getIdentityLinkInRawMode(getPersonInfo());
- Assert.fail();
-
- } catch (final SzrCommunicationException e) {
- checkElement("ernb.02", e.getErrorId());
- Assert.assertNotNull(e.getCause());
- org.springframework.util.Assert.isInstanceOf(SOAPFaultException.class, e.getCause());
- Assert.assertNotNull(((SOAPFaultException) e.getCause()).getFault());
- checkElement("p344:F455", ((SOAPFaultException) e.getCause()).getFault().getFaultCode());
- checkElement(
- "The travel document you sent to insert a person already exists for another person. " + "Either check the document or have the person altered accordingly",
- ((SOAPFaultException) e.getCause()).getFault().getFaultString());
-
- }
-
- }
@Ignore
@Test
- public void getBpkTest() throws SZRException_Exception, EidasSAuthenticationException {
- final List<String> bPK = szrClient.getBpk(getPersonInfo(), DUMMY_TARGET, basicConfig
+ public void getBpkTest() throws EidasSAuthenticationException {
+ final List<String> bPK = szrClient.getBpk(getEidData(), DUMMY_TARGET, basicConfig
.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_VKZ, "no VKZ defined"));
if (bPK.isEmpty()) {
@@ -368,6 +243,7 @@ public class SzrClientTest {
}
+ @SuppressWarnings("SameParameterValue")
private void setSzrResponseIdentityLink(String responseXmlPath) throws JAXBException, SZRException_Exception {
final JAXBContext jaxbContext = JAXBContext
.newInstance(szrservices.ObjectFactory.class, org.w3._2001._04.xmldsig_more.ObjectFactory.class,
@@ -380,8 +256,9 @@ public class SzrClientTest {
}
+ @SuppressWarnings("SameParameterValue")
private void setSzrExceptionIdentityLink(String responseXmlPath)
- throws JAXBException, ParserConfigurationException, SAXException, IOException, SZRException_Exception {
+ throws ParserConfigurationException, SAXException, IOException, SZRException_Exception {
final Element detailerror = DomUtils.parseXmlNonValidating(this.getClass().getResourceAsStream(responseXmlPath));
final javax.xml.namespace.QName qName = new javax.xml.namespace.QName("urn:SZRServices", "F455", "p344");
final SoapFault fault = new SoapFault(
@@ -393,47 +270,15 @@ public class SzrClientTest {
}
- private String createHashFromUniqueId(String uniqueId) throws EidasSAuthenticationException {
- try {
- final MessageDigest md = MessageDigest.getInstance("SHA-256");
- final byte[] hash = md.digest(uniqueId.getBytes("UTF-8"));
- final String hashBase64 = new String(Base64Utils.encode(hash), "UTF-8").replaceAll("\r\n", "");
- return hashBase64;
-
- } catch (final Exception ex) {
- throw new EidasSAuthenticationException("internal.03", new Object[]{}, ex);
-
- }
+ private SimpleEidasData getEidData() {
+ return SimpleEidasData.builder()
+ .familyName("Mustermann")
+ .givenName("Franz")
+ .dateOfBirth("1989-05-05")
+ .citizenCountryCode("IS")
+ .pseudonym("1234sdgsdfg56789ABCDEF")
+ .build();
}
- private PersonInfoType getPersonInfo() throws EidasSAuthenticationException {
- final PersonInfoType personInfo = new PersonInfoType();
- final PersonNameType personName = new PersonNameType();
- final PhysicalPersonType naturalPerson = new PhysicalPersonType();
- final TravelDocumentType eDocument = new TravelDocumentType();
-
- naturalPerson.setName(personName);
- personInfo.setPerson(naturalPerson);
- personInfo.setTravelDocument(eDocument);
-
- // parse some eID attributes
- final Triple<String, String, String> eIdentifier = EidasResponseUtils.parseEidasPersonalIdentifier(eIDASeID);
- final String uniqueId = createHashFromUniqueId(eIdentifier.getThird());
- final String citizenCountry = eIdentifier.getFirst();
-
- // person information
- personName.setFamilyName(familyName);
- personName.setGivenName(givenName);
- naturalPerson.setDateOfBirth(dateOfBirth);
- eDocument.setIssuingCountry(citizenCountry);
- eDocument.setDocumentNumber(uniqueId);
-
- // eID document information
- eDocument.setDocumentType(basicConfig
- .getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_EDOCUMENTTYPE,
- Constants.SZR_CONSTANTS_DEFAULT_DOCUMENT_TYPE));
-
- return personInfo;
- }
}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ZmrAddressSearchClientProductionTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ZmrAddressSearchClientProductionTest.java
new file mode 100644
index 00000000..a6ff234b
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ZmrAddressSearchClientProductionTest.java
@@ -0,0 +1,169 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.clients;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.annotation.IfProfileValue;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.TestPropertySource;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.zmr.ZmrAddressSoapClient;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.zmr.ZmrAddressSoapClient.AddressInfo;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.zmr.ZmrAddressSoapClient.DetailLevel;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.LoggingHandler;
+import at.gv.bmi.namespace.zmr_su.zrm._20040201_.address.Adressdaten;
+import at.gv.e_government.reference.namespace.persondata.de._20040201.PostAdresseTyp;
+import at.gv.e_government.reference.namespace.persondata.de._20040201.ZustelladresseTyp;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import ch.qos.logback.classic.Level;
+import ch.qos.logback.classic.Logger;
+
+@IfProfileValue(name = "spring.profiles.active", value = "devEnvironment")
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_realConfig.xml" })
+@TestPropertySource(locations = {
+ // "classpath:/application.properties",
+ "file:/home/tlenz/Projekte/config/ms_connector/default_config.properties",
+})
+public class ZmrAddressSearchClientProductionTest {
+
+
+ @Autowired ZmrAddressSoapClient client;
+ @Autowired IConfiguration basicConfig;
+
+ @BeforeClass
+ public static void classInitializer() {
+ final Logger logger1 = (Logger) LoggerFactory.getLogger(LoggingHandler.class);
+ logger1.setLevel(Level.TRACE);
+
+ final Logger logger2 = (Logger) LoggerFactory.getLogger(ZmrAddressSoapClient.class);
+ logger2.setLevel(Level.TRACE);
+
+ final Logger rootLogger = (Logger) LoggerFactory.getLogger(org.slf4j.Logger.ROOT_LOGGER_NAME);
+ rootLogger.setLevel(Level.INFO);
+
+ }
+
+ @Test
+ public void gemeinde() throws EidasSAuthenticationException {
+ // build dummy request
+ Adressdaten req = new Adressdaten();
+ PostAdresseTyp address = new PostAdresseTyp();
+ address.setGemeinde("Frohnl*");
+ req.setPostAdresse(address);
+
+ // execute test
+ AddressInfo resp = client.searchAddress(req);
+
+ // validate state
+ assertFalse("no results", resp.getPersonResult().isEmpty());
+ assertEquals("wrong detail level", DetailLevel.CITY, resp.getLevel());
+
+
+ }
+
+ @Test
+ public void ortschaftAndGemeinde() throws EidasSAuthenticationException {
+ // build dummy request
+ Adressdaten req = new Adressdaten();
+ PostAdresseTyp address = new PostAdresseTyp();
+ address.setGemeinde("Frohnleiten");
+ address.setOrtschaft("Wannersdorf");
+ req.setPostAdresse(address);
+
+ // execute test
+ AddressInfo resp = client.searchAddress(req);
+
+ // validate state
+ assertFalse("no results", resp.getPersonResult().isEmpty());
+ assertEquals("wrong detail level", DetailLevel.STREET, resp.getLevel());
+
+ }
+
+ @Test
+ public void ortschaftAndGemeindeAndStreet() throws EidasSAuthenticationException {
+ // build dummy request
+ Adressdaten req = new Adressdaten();
+ PostAdresseTyp address = new PostAdresseTyp();
+ address.setGemeinde("Frohnleiten");
+ address.setOrtschaft("Wannersdorf");
+ req.setPostAdresse(address);
+
+ ZustelladresseTyp addressDetail = new ZustelladresseTyp();
+ addressDetail.setStrassenname("Wannersdorf");
+ address.setZustelladresse(addressDetail);
+
+ // execute test
+ AddressInfo resp = client.searchAddress(req);
+
+ // validate state
+ assertFalse("no results", resp.getPersonResult().isEmpty());
+ assertEquals("wrong detail level", DetailLevel.NUMBER, resp.getLevel());
+
+ }
+
+
+ @Test
+ public void ortschaftAndGemeinde2() throws EidasSAuthenticationException {
+ // build dummy request
+ Adressdaten req = new Adressdaten();
+ PostAdresseTyp address = new PostAdresseTyp();
+ address.setGemeinde("Fro*");
+ address.setOrtschaft("Wannersdorf");
+ req.setPostAdresse(address);
+
+ // execute test
+ AddressInfo resp = client.searchAddress(req);
+
+ // validate state
+ assertFalse("no results", resp.getPersonResult().isEmpty());
+ assertEquals("wrong detail level", DetailLevel.CITY, resp.getLevel());
+
+ }
+
+ @Test
+ public void ortschaftAndGemeinde3() throws EidasSAuthenticationException {
+ // build dummy request
+ Adressdaten req = new Adressdaten();
+ PostAdresseTyp address = new PostAdresseTyp();
+ address.setGemeinde("Eggelsberg");
+ address.setOrtschaft("Wannersdorf");
+ req.setPostAdresse(address);
+
+ // execute test
+ AddressInfo resp = client.searchAddress(req);
+
+ // validate state
+ assertFalse("no results", resp.getPersonResult().isEmpty());
+ assertEquals("wrong detail level", DetailLevel.STREET, resp.getLevel());
+
+ }
+
+
+ @Test
+ public void ortschaft() throws EidasSAuthenticationException {
+ // build dummy request
+ Adressdaten req = new Adressdaten();
+ PostAdresseTyp address = new PostAdresseTyp();
+ address.setOrtschaft("Wannersdorf");
+ req.setPostAdresse(address);
+
+ // execute test
+ AddressInfo resp = client.searchAddress(req);
+
+ // validate state
+ assertFalse("no results", resp.getPersonResult().isEmpty());
+ assertEquals("wrong detail level", DetailLevel.CITY, resp.getLevel());
+
+ }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ZmrClientProductionTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ZmrClientProductionTest.java
new file mode 100644
index 00000000..cada6f40
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ZmrClientProductionTest.java
@@ -0,0 +1,478 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.clients;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+
+import java.util.List;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.junit.BeforeClass;
+import org.junit.Ignore;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.annotation.IfProfileValue;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.TestPropertySource;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.zmr.ZmrSoapClient;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.zmr.ZmrSoapClient.ZmrRegisterResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.LoggingHandler;
+import at.gv.bmi.namespace.zmr_su.zmr._20040201.EidasSuchdatenType;
+import at.gv.bmi.namespace.zmr_su.zmr._20040201.PersonSuchenRequest;
+import at.gv.e_government.reference.namespace.persondata.de._20040201.NatuerlichePersonTyp;
+import at.gv.e_government.reference.namespace.persondata.de._20040201.PersonenNameTyp;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import ch.qos.logback.classic.Level;
+import ch.qos.logback.classic.Logger;
+
+@IfProfileValue(name = "spring.profiles.active", value = "devEnvironment")
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_realConfig.xml" })
+@TestPropertySource(locations = {
+ // "classpath:/application.properties",
+ "file:/home/tlenz/Projekte/config/ms_connector/default_config.properties",
+})
+public class ZmrClientProductionTest {
+
+ @Autowired
+ ZmrSoapClient client;
+ @Autowired
+ IConfiguration basicConfig;
+
+ @BeforeClass
+ public static void classInitializer() {
+ final Logger logger1 = (Logger) LoggerFactory.getLogger(LoggingHandler.class);
+ logger1.setLevel(Level.TRACE);
+
+ final Logger logger2 = (Logger) LoggerFactory.getLogger(ZmrSoapClient.class);
+ logger2.setLevel(Level.TRACE);
+
+ final Logger rootLogger = (Logger) LoggerFactory.getLogger(org.slf4j.Logger.ROOT_LOGGER_NAME);
+ rootLogger.setLevel(Level.INFO);
+
+ }
+
+ @Ignore
+ @Test
+ public void searchWithMdsOnly() throws EidasSAuthenticationException {
+
+ final ZmrRegisterResult result = client.searchWithMds(null,
+ "Thomas", "Lenz", "1982-09-06",
+ "AT");
+
+ assertNotNull("ZMR response", result);
+ assertNotNull("ZMR processId", result.getProcessId());
+ assertNotNull("ZMR personResult", result.getPersonResult());
+ assertEquals("personResult size", 1, result.getPersonResult().size());
+
+ }
+
+ @Test
+ public void searchWithMdsOnlyTestIdentity() throws EidasSAuthenticationException {
+
+ final ZmrRegisterResult result = client.searchWithMds(null,
+ "XXXHildegard", "XXXÖhlinger", "1971-02-18",
+ "AT");
+
+ assertNotNull("ZMR response", result);
+ assertNotNull("ZMR processId", result.getProcessId());
+ assertNotNull("ZMR personResult", result.getPersonResult());
+ assertEquals("personResult size", 1, result.getPersonResult().size());
+
+ }
+
+ /*
+ * Ignore this test because "javier", "Garcia", "1964-12-31", "EE" is used as test-identity
+ * in test-country on vidp.gv.at. vidp.gv.at uses Test-SZR, but Test-SZR is connected to
+ * Q-ZMR and Q-ERnP. There is a staging problem because this test uses T-ZMR and T-ERnP.
+ */
+ @Ignore
+ @Test
+ public void searchWithMdsOnlyEidasIdentity() throws EidasSAuthenticationException {
+
+ final ZmrRegisterResult result = client.searchWithMds(null,
+ "javier", "Garcia", "1964-12-31",
+ "EE");
+
+ assertNotNull("ZMR response", result);
+ assertNotNull("ZMR processId", result.getProcessId());
+ assertNotNull("ZMR personResult", result.getPersonResult());
+ assertEquals("personResult size", 1, result.getPersonResult().size());
+
+ }
+
+ @Test
+ public void searchWithCountrySpecificsNoExits() throws EidasSAuthenticationException {
+ final ZmrRegisterResult result = client.searchCountrySpecific(null,
+ generateCustomRequest("AT", "Lenz", "Thomas", "1982-09-06",
+ null,
+ RandomStringUtils.randomAlphabetic(5),
+ RandomStringUtils.randomAlphabetic(5)),
+ "AT");
+
+ assertNotNull("ZMR response", result);
+ assertNotNull("ZMR processId", result.getProcessId());
+ assertNotNull("ZMR personResult", result.getPersonResult());
+ assertEquals("personResult size", 0, result.getPersonResult().size());
+
+ }
+
+ @Ignore
+ @Test
+ public void searchWithCountrySpecificsWithPersonalId() throws EidasSAuthenticationException {
+ final ZmrRegisterResult result = client.searchCountrySpecific(null,
+ generateCustomRequest("EE", "Lenz", "Thomas", "1982-09-06",
+ "7cEYSvKZvon+V4CDVzNT4E7cjkU4Vq",
+ null,
+ null),
+ "EE");
+
+ assertNotNull("ZMR response", result);
+ assertNotNull("ZMR processId", result.getProcessId());
+ assertNotNull("ZMR personResult", result.getPersonResult());
+ assertEquals("personResult size", 1, result.getPersonResult().size());
+
+ }
+
+ @Test
+ public void searchWithPersonalIdOnlyNoExisting() throws EidasSAuthenticationException {
+
+ final ZmrRegisterResult result = client.searchWithPersonIdentifier(null,
+ RandomStringUtils.randomAlphanumeric(25),
+ "AT");
+
+ assertNotNull("ZMR response", result);
+ assertNotNull("ZMR processId", result.getProcessId());
+ assertNotNull("ZMR personResult", result.getPersonResult());
+ assertEquals("personResult size", 0, result.getPersonResult().size());
+
+ }
+
+ @Test
+ public void updateZmrEntry() throws EidasSAuthenticationException {
+ final String personalIdentifier = "7cEYSvKZvon+V4CDVzNT4E7cjkU4Vq";
+ final String cc = "EE";
+
+ final SimpleEidasData eidasData = SimpleEidasData.builder()
+ .citizenCountryCode(cc)
+ .familyName("Lenz")
+ .givenName("Thomas")
+ .dateOfBirth("1982-09-06")
+ .personalIdentifier(cc + "/AT/" + personalIdentifier)
+ .pseudonym(personalIdentifier)
+ .build();
+
+ // get initial result
+ final ZmrRegisterResult result = client.searchWithMds(null,
+ eidasData.getGivenName(),
+ eidasData.getFamilyName(),
+ eidasData.getDateOfBirth(),
+ eidasData.getCitizenCountryCode());
+ assertNotNull("ZMR response", result);
+ assertEquals("personResult size", 1, result.getPersonResult().size());
+
+ // update ZMR entry
+ final ZmrRegisterResult updateResult =
+ client.update(result.getProcessId(),
+ result.getPersonResult().get(0),
+ eidasData);
+
+ assertNotNull("ZMR response", updateResult);
+ assertEquals("personResult size", 1, updateResult.getPersonResult().size());
+
+ final ZmrRegisterResult afterUpdateResult = client.searchWithPersonIdentifier(null,
+ personalIdentifier, cc);
+
+ assertNotNull("ZMR response", afterUpdateResult);
+ assertEquals("personResult size", 1, afterUpdateResult.getPersonResult().size());
+
+ }
+
+ @Test
+ public void updateZmrEntryTestIdentity() throws EidasSAuthenticationException {
+ final String personalIdentifier = "7cEYSvKZasdfsafsaf4CDVzNT4E7cjkU4Vq";
+ final String cc = "EE";
+
+ final SimpleEidasData eidasData = SimpleEidasData.builder()
+ .citizenCountryCode(cc)
+ .familyName("Muster301")
+ .givenName("Eric")
+ .dateOfBirth("1988-01-03")
+ .personalIdentifier(cc + "/AT/" + personalIdentifier)
+ .pseudonym(personalIdentifier)
+ .build();
+
+ // get initial result
+ final ZmrRegisterResult result = client.searchWithMds(null,
+ eidasData.getGivenName(),
+ eidasData.getFamilyName(),
+ eidasData.getDateOfBirth(),
+ eidasData.getCitizenCountryCode());
+ assertNotNull("ZMR response", result);
+ assertEquals("personResult size", 1, result.getPersonResult().size());
+
+ // update ZMR entry
+ final ZmrRegisterResult updateResult =
+ client.update(result.getProcessId(),
+ result.getPersonResult().get(0),
+ eidasData);
+
+ assertNotNull("ZMR response", updateResult);
+ assertEquals("personResult size", 1, updateResult.getPersonResult().size());
+
+
+ final ZmrRegisterResult afterUpdateResultMds = client.searchCountrySpecific(null,
+ generateCustomRequest("EE", "XXXHildegard", "XXXÖhlinger", "1971-02-18",
+ "7cEYSvKZasdfsafsaf4CDVzNT4E7cjkU4Vq",
+ null,
+ null),
+ cc);
+
+ assertNotNull("ZMR response", afterUpdateResultMds);
+ assertNotNull("ZMR processId", afterUpdateResultMds.getProcessId());
+ assertNotNull("ZMR personResult", afterUpdateResultMds.getPersonResult());
+ assertEquals("personResult size", 1, afterUpdateResultMds.getPersonResult().size());
+
+
+ // check if ZMR entry can be found by PersonalId
+ final ZmrRegisterResult afterUpdateResult = client.searchWithPersonIdentifier(null,
+ personalIdentifier, cc);
+
+ assertNotNull("ZMR response", afterUpdateResult);
+ assertEquals("personResult size", 1, afterUpdateResult.getPersonResult().size());
+
+ }
+
+ @Test
+ public void updateZmrEntryDeSpecific() throws EidasSAuthenticationException {
+ final String personalIdentifierFirst = "7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit";
+ final String cc = "DE";
+ final SimpleEidasData eidasDataFirst = SimpleEidasData.builder()
+ .citizenCountryCode(cc)
+ .familyName("XXXvon Brandenburg")
+ .givenName("XXXClaus - Maria")
+ .dateOfBirth("1994-12-31")
+ .personalIdentifier(cc + "/AT/" + personalIdentifierFirst)
+ .pseudonym(personalIdentifierFirst)
+ .placeOfBirth("Hintergigritzpotschn")
+ .birthName("XXXvon Heuburg")
+ .build();
+
+ // first login with update
+ // get initial result
+ final ZmrRegisterResult result = client.searchWithMds(null,
+ eidasDataFirst.getGivenName(),
+ eidasDataFirst.getFamilyName(),
+ eidasDataFirst.getDateOfBirth(),
+ eidasDataFirst.getCitizenCountryCode());
+ assertNotNull("ZMR response", result);
+ assertEquals("personResult size", 1, result.getPersonResult().size());
+
+ // update ZMR entry
+ final ZmrRegisterResult updateResult =
+ client.update(result.getProcessId(),
+ result.getPersonResult().get(0),
+ eidasDataFirst);
+
+ assertNotNull("ZMR response", updateResult);
+ assertEquals("personResult size", 1, updateResult.getPersonResult().size());
+
+ // check if ZMR entry can be found by first PersonalId
+ final ZmrRegisterResult firstPersonalIdResult = client.searchWithPersonIdentifier(null,
+ personalIdentifierFirst, cc);
+ assertNotNull("ZMR response", firstPersonalIdResult);
+ assertEquals("first personResult size", 1, firstPersonalIdResult.getPersonResult().size());
+
+
+ // check if ZMR entry is not found by valid pseudonym but wrong country
+ final ZmrRegisterResult wrongPersonalIdResult = client.searchWithPersonIdentifier(null,
+ personalIdentifierFirst, "ES");
+ assertNotNull("ZMR response", wrongPersonalIdResult);
+ assertEquals("first personResult size", 0, wrongPersonalIdResult.getPersonResult().size());
+
+
+ // search CC-specific with MDS + placeOfBirth + birthName
+ final ZmrRegisterResult ccSpecificFirstEntry = client.searchCountrySpecific(null,
+ generateCustomRequest(
+ eidasDataFirst.getCitizenCountryCode(),
+ eidasDataFirst.getFamilyName(),
+ eidasDataFirst.getGivenName(),
+ eidasDataFirst.getDateOfBirth(),
+ null,
+ eidasDataFirst.getPlaceOfBirth(),
+ eidasDataFirst.getBirthName()),
+ cc);
+
+ assertNotNull("ZMR response", ccSpecificFirstEntry);
+ assertNotNull("ZMR processId", ccSpecificFirstEntry.getProcessId());
+ assertNotNull("ZMR personResult", ccSpecificFirstEntry.getPersonResult());
+ assertEquals("personResult size", 1, ccSpecificFirstEntry.getPersonResult().size());
+
+ }
+
+ @Test
+ public void updateZmrEntryTestIdentity2() throws EidasSAuthenticationException {
+ final String personalIdentifierFirst = "7cEYSvKZasdfsafsaf4CDVzNT4E7cjkU4Vq_first";
+ final String personalIdentifierSecond = "7cEYSvKZasdfsafsaf4CDVzNT4E7cjkU4Vq_second";
+ final String cc = "EE";
+
+ final SimpleEidasData eidasDataFirst = SimpleEidasData.builder()
+ .citizenCountryCode(cc)
+ .familyName("XXXTüzekçi")
+ .givenName("XXXŐzgür")
+ .dateOfBirth("1983-06-04")
+ .personalIdentifier(cc + "/AT/" + personalIdentifierFirst)
+ .pseudonym(personalIdentifierFirst)
+ .build();
+
+ final SimpleEidasData eidasDataSecond = SimpleEidasData.builder()
+ .citizenCountryCode(cc)
+ .familyName("XXXTüzekçi")
+ .givenName("XXXŐzgür")
+ .dateOfBirth("1983-06-04")
+ .personalIdentifier(cc + "/AT/" + personalIdentifierSecond)
+ .pseudonym(personalIdentifierSecond)
+ .build();
+
+
+ // first login with update
+ // get initial result
+ final ZmrRegisterResult result = client.searchWithMds(null,
+ eidasDataFirst.getGivenName(),
+ eidasDataFirst.getFamilyName(),
+ eidasDataFirst.getDateOfBirth(),
+ eidasDataFirst.getCitizenCountryCode());
+ assertNotNull("ZMR response", result);
+ assertEquals("personResult size", 1, result.getPersonResult().size());
+
+ // update ZMR entry
+ final ZmrRegisterResult updateResult =
+ client.update(result.getProcessId(),
+ result.getPersonResult().get(0),
+ eidasDataFirst);
+
+ assertNotNull("ZMR response", updateResult);
+ assertEquals("personResult size", 1, updateResult.getPersonResult().size());
+
+
+ // second login with update
+ // get initial result
+ final ZmrRegisterResult resultSecond = client.searchWithMds(null,
+ eidasDataSecond.getGivenName(),
+ eidasDataSecond.getFamilyName(),
+ eidasDataSecond.getDateOfBirth(),
+ eidasDataSecond.getCitizenCountryCode());
+ assertNotNull("ZMR response", resultSecond);
+ assertEquals("personResult size", 1, resultSecond.getPersonResult().size());
+
+ // update ZMR entry
+ final ZmrRegisterResult updateResultSecond =
+ client.update(resultSecond.getProcessId(),
+ resultSecond.getPersonResult().get(0),
+ eidasDataSecond);
+
+ assertNotNull("ZMR response", updateResultSecond);
+ assertEquals("personResult size", 1, updateResultSecond.getPersonResult().size());
+
+
+ // check if ZMR entry can be found by first PersonalId
+ final ZmrRegisterResult firstPersonalIdResult = client.searchWithPersonIdentifier(null,
+ personalIdentifierFirst, cc);
+ assertNotNull("ZMR response", firstPersonalIdResult);
+ assertEquals("first personResult size", 1, firstPersonalIdResult.getPersonResult().size());
+
+ // check if ZMR entry can be found by second PersonalId
+ final ZmrRegisterResult secondPersonalIdResult = client.searchWithPersonIdentifier(null,
+ personalIdentifierFirst, cc);
+ assertNotNull("ZMR response", secondPersonalIdResult);
+ assertEquals("second personResult size", 1, secondPersonalIdResult.getPersonResult().size());
+
+
+ // search CC-specific with first MDS
+ final ZmrRegisterResult ccSpecificFirstEntry = client.searchCountrySpecific(null,
+ generateCustomRequest(
+ eidasDataFirst.getCitizenCountryCode(),
+ eidasDataFirst.getFamilyName(),
+ eidasDataFirst.getGivenName(),
+ eidasDataFirst.getDateOfBirth(),
+ eidasDataFirst.getPseudonym(),
+ null,
+ null),
+ cc);
+
+ assertNotNull("ZMR response", ccSpecificFirstEntry);
+ assertNotNull("ZMR processId", ccSpecificFirstEntry.getProcessId());
+ assertNotNull("ZMR personResult", ccSpecificFirstEntry.getPersonResult());
+ assertEquals("personResult size", 1, ccSpecificFirstEntry.getPersonResult().size());
+
+
+ // search CC-specific with second MDS
+ final ZmrRegisterResult ccSpecificSecondEntry = client.searchCountrySpecific(null,
+ generateCustomRequest(
+ eidasDataSecond.getCitizenCountryCode(),
+ eidasDataSecond.getFamilyName(),
+ eidasDataSecond.getGivenName(),
+ eidasDataSecond.getDateOfBirth(),
+ eidasDataSecond.getPseudonym(),
+ null,
+ null),
+ cc);
+
+ assertNotNull("ZMR response", ccSpecificSecondEntry);
+ assertNotNull("ZMR processId", ccSpecificSecondEntry.getProcessId());
+ assertNotNull("ZMR personResult", ccSpecificSecondEntry.getPersonResult());
+ assertEquals("personResult size", 1, ccSpecificSecondEntry.getPersonResult().size());
+
+
+ }
+
+
+ private PersonSuchenRequest generateCustomRequest(String cc, String familyName, String givenName,
+ String dateOfBirth, String personalId, String placeOfBirth, String birthName) {
+ final PersonSuchenRequest req = new PersonSuchenRequest();
+
+ // set basic MDS information
+ final NatuerlichePersonTyp searchNatPerson = new NatuerlichePersonTyp();
+ req.setNatuerlichePerson(searchNatPerson);
+ final PersonenNameTyp searchNatPersonName = new PersonenNameTyp();
+ searchNatPerson.setPersonenName(searchNatPersonName);
+ searchNatPersonName.setFamilienname(familyName);
+ searchNatPersonName.setVorname(givenName);
+ searchNatPerson.setGeburtsdatum(dateOfBirth);
+
+ // add addtional eIDAS attributes if available
+ addIfAvailable(req.getEidasSuchdaten(), cc, Constants.eIDAS_ATTRURN_PLACEOFBIRTH, placeOfBirth);
+ addIfAvailable(req.getEidasSuchdaten(), cc, Constants.eIDAS_ATTRURN_BIRTHNAME, birthName);
+ addIfAvailable(req.getEidasSuchdaten(), cc, Constants.eIDAS_ATTRURN_PERSONALIDENTIFIER, personalId);
+
+ return req;
+
+ }
+
+ private void addIfAvailable(List<EidasSuchdatenType> eidasSuchdaten,
+ String cc, String attrName, String attrValue) {
+ if (StringUtils.isNotEmpty(attrValue)) {
+ eidasSuchdaten.add(buildEidasSuchData(cc, attrName, attrValue));
+
+ }
+ }
+
+ private EidasSuchdatenType buildEidasSuchData(String cc, String attrName, String attrValue) {
+ final EidasSuchdatenType eidasInfos = new EidasSuchdatenType();
+ eidasInfos.setStaatscode2(cc);
+ eidasInfos.setEidasArt(attrName);
+ eidasInfos.setEidasWert(attrValue);
+ return eidasInfos;
+
+ }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ZmrClientTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ZmrClientTest.java
new file mode 100644
index 00000000..4e0a1f28
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ZmrClientTest.java
@@ -0,0 +1,1242 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.clients;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertThrows;
+import static org.junit.Assert.assertTrue;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.when;
+
+import java.math.BigInteger;
+import java.util.Arrays;
+import java.util.List;
+import java.util.Optional;
+
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBElement;
+import javax.xml.bind.JAXBException;
+import javax.xml.bind.Unmarshaller;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.cxf.binding.soap.SoapFault;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Ignore;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.ArgumentCaptor;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.ClassMode;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import com.github.skjolber.mockito.soap.SoapServiceRule;
+
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.zmr.ZmrSoapClient;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.zmr.ZmrSoapClient.ZmrRegisterResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.controller.AdresssucheController.AdresssucheOutput;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.WorkflowException;
+import at.gv.bmi.namespace.zmr_su.base._20040201.RequestType;
+import at.gv.bmi.namespace.zmr_su.base._20040201.ResponseType;
+import at.gv.bmi.namespace.zmr_su.base._20040201_.ServicePort;
+import at.gv.bmi.namespace.zmr_su.zmr._20040201.EidasIdentitaetAnlageType;
+import at.gv.bmi.namespace.zmr_su.zmr._20040201.EidasSuchdatenType;
+import at.gv.bmi.namespace.zmr_su.zmr._20040201.PersonAendernRequest;
+import at.gv.bmi.namespace.zmr_su.zmr._20040201.PersonSuchenRequest;
+import at.gv.bmi.namespace.zmr_su.zmr._20040201.PersonensucheInfoType;
+import at.gv.e_government.reference.namespace.persondata.de._20040201.NatuerlichePersonTyp;
+import at.gv.e_government.reference.namespace.persondata.de._20040201.PersonenNameTyp;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import lombok.SneakyThrows;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml" })
+@DirtiesContext(classMode = ClassMode.AFTER_CLASS)
+public class ZmrClientTest {
+
+ public static final String PROCESS_GENERAL = "GP_EIDAS";
+ public static final String PROCESS_TASK_SEARCH = "ZPR_VO_Person_suchen_Meldevorgang";
+ public static final String PROCESS_TASK_UPDATE = "ZPR_VO_Person_aendern";
+
+ @Autowired
+ MsConnectorDummyConfigMap basicConfig;
+ @Autowired
+ ZmrSoapClient client;
+
+ @Rule
+ public SoapServiceRule soap = SoapServiceRule.newInstance();
+
+ private ServicePort zmrMock = null;
+
+ private static JAXBContext jaxbContext;
+
+ /**
+ * Initialize jUnit class.
+ */
+ @BeforeClass
+ @SneakyThrows
+ public static void classInitializer() {
+ jaxbContext = JAXBContext.newInstance(
+ at.gv.bmi.namespace.zmr_su.zmr._20040201.ObjectFactory.class,
+ at.gv.bmi.namespace.zmr_su.gis._20070725.ObjectFactory.class,
+ at.gv.bmi.namespace.zmr_su.base._20040201.ObjectFactory.class);
+ }
+
+ /**
+ * Initialize jUnit test.
+ */
+ @Before
+ public void initializer() {
+ if (zmrMock == null) {
+ zmrMock = soap.mock(ServicePort.class, "http://localhost:1234/demozmr");
+ }
+ }
+
+ @Test
+ @SneakyThrows
+ public void searchWithMdsEmpty() {
+ String familyName = RandomStringUtils.randomAlphabetic(10);
+ String givenName = RandomStringUtils.randomAlphabetic(10);
+ String dateOfBirth = RandomStringUtils.randomAlphabetic(10);
+ final String cc = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+ BigInteger processId = new BigInteger(RandomStringUtils.randomNumeric(6));
+
+ final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);
+
+ // inject response
+ when(zmrMock.service(zmrReq.capture(), any())).thenReturn(
+ loadResponseFromFile("/data/zmr/empty_zmr_result.xml"));
+
+ // execute operation
+ ZmrRegisterResult resp = client.searchWithMds(processId,
+ givenName, familyName, dateOfBirth, cc);
+
+ // validate state
+ assertNotNull("no ZMR response", resp);
+ assertEquals("wrong processId", "367100000000079", resp.getProcessId().toString());
+ assertEquals("wrong resp size", 0, resp.getPersonResult().size());
+
+ // validate request
+ assertEquals("wrong number of req.", 1, zmrReq.getAllValues().size());
+ assertNotNull("Personensuche req.", zmrReq.getValue().getPersonSuchenRequest());
+
+ checkBasicRequestParameters(zmrReq.getValue(), PROCESS_TASK_SEARCH, processId, "jUnit123456");
+ PersonSuchenRequest pSuche = zmrReq.getValue().getPersonSuchenRequest();
+ checkSearchParameters(pSuche.getPersonensucheInfo());
+
+ assertEquals("eidas Docs. size", 0, pSuche.getEidasSuchdaten().size());
+ assertNotNull("mds", pSuche.getNatuerlichePerson());
+
+ assertEquals("req. givenName", givenName, pSuche.getNatuerlichePerson().getPersonenName().getVorname());
+ assertEquals("req. familyName", familyName, pSuche.getNatuerlichePerson().getPersonenName().getFamilienname());
+ assertEquals("req. dateOfBirth", dateOfBirth, pSuche.getNatuerlichePerson().getGeburtsdatum());
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void searchWithMdsGetHistoricInfos() {
+ String familyName = RandomStringUtils.randomAlphabetic(10);
+ String givenName = RandomStringUtils.randomAlphabetic(10);
+ String dateOfBirth = RandomStringUtils.randomAlphabetic(10);
+ final String cc = "EE";
+
+ BigInteger processId = new BigInteger(RandomStringUtils.randomNumeric(6));
+
+ final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);
+
+ // inject response
+ when(zmrMock.service(zmrReq.capture(), any())).thenReturn(
+ loadResponseFromFile("/data/zmr/search_with_personalId_only_resp_historicIncluded.xml"));
+
+ // execute operation
+ ZmrRegisterResult resp = client.searchWithMds(processId,
+ givenName, familyName, dateOfBirth, cc);
+
+ // validate state
+ assertNotNull("no ZMR response", resp);
+ assertEquals("wrong processId", "367100000000080", resp.getProcessId().toString());
+ assertEquals("wrong resp size", 0, resp.getPersonResult().size());
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void searchWithMdsSuccess() {
+ String familyName = RandomStringUtils.randomAlphabetic(10);
+ String givenName = RandomStringUtils.randomAlphabetic(10);
+ String dateOfBirth = RandomStringUtils.randomAlphabetic(10);
+ final String cc = "EE";
+
+ BigInteger processId = new BigInteger(RandomStringUtils.randomNumeric(6));
+
+ final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);
+
+ // inject response
+ when(zmrMock.service(zmrReq.capture(), any())).thenReturn(
+ loadResponseFromFile("/data/zmr/search_with_personalId_only_resp_moreThanOne_2.xml"));
+
+ // execute operation
+ ZmrRegisterResult resp = client.searchWithMds(processId,
+ givenName, familyName, dateOfBirth, cc);
+
+ // validate state
+ assertNotNull("no ZMR response", resp);
+ assertEquals("wrong processId", "367100000000080", resp.getProcessId().toString());
+ assertEquals("wrong resp size", 2, resp.getPersonResult().size());
+
+ // check first person
+ RegisterResult persInfo = resp.getPersonResult().get(0);
+ assertEquals("bPK", "9/MtsPZgBHQMBpQOD6aOY2TUqcY=", persInfo.getBpk());
+ assertEquals("dateOfBirth", "1983-06-04", persInfo.getDateOfBirth());
+ assertEquals("familyName", "XXXTüzekçi", persInfo.getFamilyName());
+ assertEquals("givenName", "XXXŐzgür", persInfo.getGivenName());
+ assertNull("placeOfBirth", persInfo.getPlaceOfBirth());
+ assertNull("birthName", persInfo.getBirthName());
+ assertEquals("num. stored eIDAS identifiers", 1, persInfo.getPseudonym().size());
+ assertEquals("stored eIDAS identifiers",
+ "aabbcc_should_not_be_included_for_DE", persInfo.getPseudonym().get(0));
+
+ // check second person
+ RegisterResult persInfo2 = resp.getPersonResult().get(1);
+ assertEquals("bPK", "UgeknNsc26lVuB7U/uYGVmWtnnA=", persInfo2.getBpk());
+ assertEquals("dateOfBirth", "1983-06-04", persInfo2.getDateOfBirth());
+ assertEquals("familyName", "XXXTüzekçi", persInfo2.getFamilyName());
+ assertEquals("givenName", "XXXŐzgür", persInfo2.getGivenName());
+ assertEquals("num. stored eIDAS identifiers", 1, persInfo2.getPseudonym().size());
+ assertEquals("stored eIDAS identifiers",
+ "7cEYSvKZasdfsafsaf4CDVzNT4E7cjkU4Vq_first", persInfo2.getPseudonym().get(0));
+
+ // validate request
+ assertEquals("wrong number of req.", 1, zmrReq.getAllValues().size());
+ assertNotNull("Personensuche req.", zmrReq.getValue().getPersonSuchenRequest());
+ checkBasicRequestParameters(zmrReq.getValue(), PROCESS_TASK_SEARCH, processId, "jUnit123456");
+ PersonSuchenRequest pSuche = zmrReq.getValue().getPersonSuchenRequest();
+ checkSearchParameters(pSuche.getPersonensucheInfo());
+
+ assertEquals("eidas Docs. size", 0, pSuche.getEidasSuchdaten().size());
+ assertNotNull("mds", pSuche.getNatuerlichePerson());
+
+ assertEquals("req. givenName", givenName, pSuche.getNatuerlichePerson().getPersonenName().getVorname());
+ assertEquals("req. familyName", familyName, pSuche.getNatuerlichePerson().getPersonenName().getFamilienname());
+ assertEquals("req. dateOfBirth", dateOfBirth, pSuche.getNatuerlichePerson().getGeburtsdatum());
+
+ }
+
+ //TODO: test does not throw the valid exception to catch the error that we like to test.
+ @Ignore
+ @Test
+ @SneakyThrows
+ public void searchWithPersonalIdentifierZmrError() {
+ final String personalIdentifierFirst = RandomStringUtils.randomAlphanumeric(10);
+ final String cc = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+
+ // inject response
+ when(zmrMock.service(any(), any())).thenThrow(injectError(false));
+
+ // execute operation
+ EidasSAuthenticationException error = assertThrows("wrong Exception", EidasSAuthenticationException.class,
+ () -> client.searchWithPersonIdentifier(null, personalIdentifierFirst, cc));
+
+ assertEquals("wrong errorCode", "module.eidasauth.matching.01", error.getErrorId());
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void searchWithPersonalIdentifierZmrGenericError() {
+ final String personalIdentifierFirst = RandomStringUtils.randomAlphanumeric(10);
+ final String cc = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+
+ // inject response
+ when(zmrMock.service(any(), any())).thenThrow(injectError(true));
+
+ // execute operation
+ EidasSAuthenticationException error = assertThrows("wrong Exception", EidasSAuthenticationException.class,
+ () -> client.searchWithPersonIdentifier(null, personalIdentifierFirst, cc));
+
+ assertEquals("wrong errorCode", "module.eidasauth.matching.99", error.getErrorId());
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void searchWithPersonalIdentifierGetHistoricInfos() {
+ final String personalIdentifierFirst = RandomStringUtils.randomAlphanumeric(10);
+ final String cc = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+
+ final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);
+
+ // inject response
+ when(zmrMock.service(zmrReq.capture(), any())).thenReturn(
+ loadResponseFromFile("/data/zmr/search_with_personalId_only_resp_historicIncluded.xml"));
+
+ // execute operation
+ EidasSAuthenticationException error = assertThrows("wrong Exception", EidasSAuthenticationException.class,
+ () -> client.searchWithPersonIdentifier(null, personalIdentifierFirst, cc));
+
+ assertEquals("wrong errorCode", "module.eidasauth.matching.99", error.getErrorId());
+ assertEquals("wrong errorCode", "module.eidasauth.matching.02", ((EaafException) error.getCause()).getErrorId());
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void searchWithPersonalIdentifierEmptyResult() {
+ final String personalIdentifierFirst = RandomStringUtils.randomAlphanumeric(10);
+ final String cc = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+
+ final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);
+
+ // inject response
+ when(zmrMock.service(zmrReq.capture(), any())).thenReturn(
+ loadResponseFromFile("/data/zmr/empty_zmr_result.xml"));
+
+ // execute operation
+ ZmrRegisterResult resp = client.searchWithPersonIdentifier(null, personalIdentifierFirst, cc);
+
+ // validate state
+ assertNotNull("no ZMR response", resp);
+ assertEquals("wrong processId", "367100000000079", resp.getProcessId().toString());
+ assertEquals("wrong resp size", 0, resp.getPersonResult().size());
+
+ // validate request
+ assertEquals("wrong number of req.", 1, zmrReq.getAllValues().size());
+ assertNotNull("Personensuche req.", zmrReq.getValue().getPersonSuchenRequest());
+
+ checkBasicRequestParameters(zmrReq.getValue(), PROCESS_TASK_SEARCH, null, "jUnit123456");
+ PersonSuchenRequest pSuche = zmrReq.getValue().getPersonSuchenRequest();
+ checkSearchParameters(pSuche.getPersonensucheInfo());
+
+ assertEquals("eidas Docs. size", 1, pSuche.getEidasSuchdaten().size());
+ checkEidasDocumentResult(pSuche.getEidasSuchdaten(),
+ "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", cc, personalIdentifierFirst);
+ assertNull("mds", pSuche.getNatuerlichePerson());
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void searchWithPersonalIdentifierMoreThanOneResult() {
+ final String personalIdentifierFirst = RandomStringUtils.randomAlphanumeric(10);
+ final String cc = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+
+ // inject response
+ when(zmrMock.service(any(), any())).thenReturn(
+ loadResponseFromFile("/data/zmr/search_with_personalId_only_resp_moreThanOne.xml"));
+
+ // execute operation
+ WorkflowException error = assertThrows("wrong Exception", WorkflowException.class,
+ () -> client.searchWithPersonIdentifier(null, personalIdentifierFirst, cc));
+
+ assertEquals("wrong errorCode", "module.eidasauth.matching.03", error.getErrorId());
+ assertEquals("wrong param 1", "Searching PersonIdentifier", error.getParams()[0]);
+ assertEquals("wrong param 2", "Find more-than-one ZMR entry with search criteria that has to be unique",
+ error.getParams()[1]);
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void searchWithPersonalIdentifierSuccess() {
+ final String personalIdentifierFirst = "7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit";
+ final String cc = "DE";
+ final SimpleEidasData eidasDataFirst = SimpleEidasData.builder()
+ .citizenCountryCode(cc)
+ .familyName("XXXvon Brandenburg")
+ .givenName("XXXClaus - Maria")
+ .dateOfBirth("1994-12-31")
+ .personalIdentifier(cc + "/AT/" + personalIdentifierFirst)
+ .pseudonym(personalIdentifierFirst)
+ .build();
+
+ BigInteger processId = new BigInteger(RandomStringUtils.randomNumeric(6));
+
+ final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);
+
+ // inject response
+ when(zmrMock.service(zmrReq.capture(), any())).thenReturn(
+ loadResponseFromFile("/data/zmr/search_with_personalId_only_resp.xml"));
+
+ // execute operation
+ ZmrRegisterResult resp = client.searchWithPersonIdentifier(processId,
+ eidasDataFirst.getPseudonym(), eidasDataFirst.getCitizenCountryCode());
+
+ // validate state
+ assertNotNull("no ZMR response", resp);
+ assertEquals("wrong processId", "367100000000079", resp.getProcessId().toString());
+ assertEquals("wrong resp size", 1, resp.getPersonResult().size());
+
+ RegisterResult persInfo = resp.getPersonResult().get(0);
+ assertEquals("bPK", "UgeknNsc26lVuB7U/uYGVmWtnnA=", persInfo.getBpk());
+ assertEquals("dateOfBirth", eidasDataFirst.getDateOfBirth(), persInfo.getDateOfBirth());
+ assertEquals("familyName", eidasDataFirst.getFamilyName(), persInfo.getFamilyName());
+ assertEquals("givenName", eidasDataFirst.getGivenName(), persInfo.getGivenName());
+ assertEquals("placeOfBirth", "Hintergigritzpotschn", persInfo.getPlaceOfBirth());
+ assertEquals("birthName", "XXXvon Heuburg", persInfo.getBirthName());
+ assertEquals("num. stored eIDAS identifiers", 2, persInfo.getPseudonym().size());
+ assertEquals("stored eIDAS identifiers", "7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit",
+ persInfo.getPseudonym().get(0));
+ assertEquals("stored eIDAS identifiers",
+ "7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit_second_one",
+ persInfo.getPseudonym().get(1));
+
+ // validate request
+ assertEquals("wrong number of req.", 1, zmrReq.getAllValues().size());
+ assertNotNull("Personensuche req.", zmrReq.getValue().getPersonSuchenRequest());
+ checkBasicRequestParameters(zmrReq.getValue(), PROCESS_TASK_SEARCH, processId, "jUnit123456");
+ PersonSuchenRequest pSuche = zmrReq.getValue().getPersonSuchenRequest();
+ checkSearchParameters(pSuche.getPersonensucheInfo());
+
+ assertEquals("eidas Docs. size", 1, pSuche.getEidasSuchdaten().size());
+ checkEidasDocumentResult(pSuche.getEidasSuchdaten(),
+ "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", cc, personalIdentifierFirst);
+ assertNull("mds", pSuche.getNatuerlichePerson());
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void searchWithPersonalIdentifierNoBpkZP() {
+ final String personalIdentifierFirst = "7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit";
+ final String cc = "DE";
+ final SimpleEidasData eidasDataFirst = SimpleEidasData.builder()
+ .citizenCountryCode(cc)
+ .familyName("XXXvon Brandenburg")
+ .givenName("XXXClaus - Maria")
+ .dateOfBirth("1994-12-31")
+ .personalIdentifier(cc + "/AT/" + personalIdentifierFirst)
+ .pseudonym(personalIdentifierFirst)
+ .build();
+
+ BigInteger processId = new BigInteger(RandomStringUtils.randomNumeric(6));
+
+ final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);
+
+ // inject response
+ when(zmrMock.service(zmrReq.capture(), any())).thenReturn(
+ loadResponseFromFile("/data/zmr/no_bpk_zp.xml"));
+
+ // execute operation
+ ZmrRegisterResult resp = client.searchWithPersonIdentifier(processId,
+ eidasDataFirst.getPseudonym(), eidasDataFirst.getCitizenCountryCode());
+
+ // validate state
+ assertNotNull("no ZMR response", resp);
+ assertEquals("wrong processId", "367100000000079", resp.getProcessId().toString());
+ assertEquals("wrong resp size", 1, resp.getPersonResult().size());
+
+ RegisterResult persInfo = resp.getPersonResult().get(0);
+ assertNull("bPK", persInfo.getBpk());
+ assertEquals("dateOfBirth", eidasDataFirst.getDateOfBirth(), persInfo.getDateOfBirth());
+ assertEquals("familyName", eidasDataFirst.getFamilyName(), persInfo.getFamilyName());
+ assertEquals("givenName", eidasDataFirst.getGivenName(), persInfo.getGivenName());
+ assertEquals("placeOfBirth", "Hintergigritzpotschn", persInfo.getPlaceOfBirth());
+ assertEquals("birthName", "XXXvon Heuburg", persInfo.getBirthName());
+ assertEquals("num. stored eIDAS identifiers", 2, persInfo.getPseudonym().size());
+ assertEquals("stored eIDAS identifiers", "7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit",
+ persInfo.getPseudonym().get(0));
+ assertEquals("stored eIDAS identifiers",
+ "7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit_second_one",
+ persInfo.getPseudonym().get(1));
+
+ // validate request
+ assertEquals("wrong number of req.", 1, zmrReq.getAllValues().size());
+ assertNotNull("Personensuche req.", zmrReq.getValue().getPersonSuchenRequest());
+ checkBasicRequestParameters(zmrReq.getValue(), PROCESS_TASK_SEARCH, processId, "jUnit123456");
+ PersonSuchenRequest pSuche = zmrReq.getValue().getPersonSuchenRequest();
+ checkSearchParameters(pSuche.getPersonensucheInfo());
+
+ assertEquals("eidas Docs. size", 1, pSuche.getEidasSuchdaten().size());
+ checkEidasDocumentResult(pSuche.getEidasSuchdaten(),
+ "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", cc, personalIdentifierFirst);
+ assertNull("mds", pSuche.getNatuerlichePerson());
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void searchCcSpecificEmpty() {
+ BigInteger processId = new BigInteger(RandomStringUtils.randomNumeric(6));
+
+ final String cc = "DE";
+ String familyName = RandomStringUtils.randomAlphabetic(10);
+ String givenName = RandomStringUtils.randomAlphabetic(10);
+ String dateOfBirth = RandomStringUtils.randomAlphabetic(10);
+ String personalIdentifier = RandomStringUtils.randomAlphabetic(10);
+ String placeOfBirth = RandomStringUtils.randomAlphabetic(10);
+ String birthName = RandomStringUtils.randomAlphabetic(10);
+
+ final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);
+
+ // inject response
+ when(zmrMock.service(zmrReq.capture(), any())).thenReturn(
+ loadResponseFromFile("/data/zmr/empty_zmr_result.xml"));
+
+ // execute operation
+ ZmrRegisterResult resp = client.searchCountrySpecific(processId,
+ generateCustomRequest(cc, familyName, givenName, dateOfBirth, personalIdentifier, placeOfBirth, birthName),
+ cc);
+
+ // validate state
+ assertNotNull("no ZMR response", resp);
+ assertEquals("wrong processId", "367100000000079", resp.getProcessId().toString());
+ assertEquals("wrong resp size", 0, resp.getPersonResult().size());
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void searchCcSpecificMoreThanOneResult() {
+ BigInteger processId = new BigInteger(RandomStringUtils.randomNumeric(6));
+
+ final String cc = "DE";
+ String familyName = RandomStringUtils.randomAlphabetic(10);
+ String givenName = RandomStringUtils.randomAlphabetic(10);
+ String dateOfBirth = RandomStringUtils.randomAlphabetic(10);
+ String personalIdentifier = RandomStringUtils.randomAlphabetic(10);
+ String placeOfBirth = RandomStringUtils.randomAlphabetic(10);
+ String birthName = RandomStringUtils.randomAlphabetic(10);
+
+ final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);
+
+ // inject response
+ when(zmrMock.service(zmrReq.capture(), any())).thenReturn(
+ loadResponseFromFile("/data/zmr/search_with_personalId_only_resp_moreThanOne.xml"));
+
+ // execute operation
+ WorkflowException error = assertThrows("wrong Exception", WorkflowException.class,
+ () -> client.searchCountrySpecific(processId,
+ generateCustomRequest(cc, familyName, givenName, dateOfBirth, personalIdentifier, placeOfBirth, birthName),
+ cc));
+
+ assertEquals("wrong errorCode", "module.eidasauth.matching.03", error.getErrorId());
+ assertEquals("wrong param 1", "Searching DE specific", error.getParams()[0]);
+ assertEquals("wrong param 2", "Find more-than-one ZMR entry with search criteria that has to be unique",
+ error.getParams()[1]);
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void searchCcSpecificSuccess() {
+ final String personalIdentifierFirst = "7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit";
+ final String cc = "DE";
+ final SimpleEidasData eidasDataFirst = SimpleEidasData.builder()
+ .citizenCountryCode(cc)
+ .familyName("XXXvon Brandenburg")
+ .givenName("XXXClaus - Maria")
+ .dateOfBirth("1994-12-31")
+ .personalIdentifier(cc + "/AT/" + personalIdentifierFirst)
+ .pseudonym(personalIdentifierFirst)
+ .build();
+
+ BigInteger processId = new BigInteger(RandomStringUtils.randomNumeric(6));
+
+ String familyName = RandomStringUtils.randomAlphabetic(10);
+ String givenName = RandomStringUtils.randomAlphabetic(10);
+ String dateOfBirth = RandomStringUtils.randomAlphabetic(10);
+ String personalIdentifier = RandomStringUtils.randomAlphabetic(10);
+ String placeOfBirth = RandomStringUtils.randomAlphabetic(10);
+ String birthName = RandomStringUtils.randomAlphabetic(10);
+
+ final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);
+
+ // inject response
+ when(zmrMock.service(zmrReq.capture(), any())).thenReturn(
+ loadResponseFromFile("/data/zmr/search_with_personalId_only_resp.xml"));
+
+ // execute operation
+ ZmrRegisterResult resp = client.searchCountrySpecific(processId,
+ generateCustomRequest(cc, familyName, givenName, dateOfBirth, personalIdentifier, placeOfBirth, birthName),
+ cc);
+
+ // validate state
+ assertNotNull("no ZMR response", resp);
+ assertEquals("wrong processId", "367100000000079", resp.getProcessId().toString());
+ assertEquals("wrong resp size", 1, resp.getPersonResult().size());
+
+ RegisterResult persInfo = resp.getPersonResult().get(0);
+ assertEquals("bPK", "UgeknNsc26lVuB7U/uYGVmWtnnA=", persInfo.getBpk());
+ assertEquals("dateOfBirth", eidasDataFirst.getDateOfBirth(), persInfo.getDateOfBirth());
+ assertEquals("familyName", eidasDataFirst.getFamilyName(), persInfo.getFamilyName());
+ assertEquals("givenName", eidasDataFirst.getGivenName(), persInfo.getGivenName());
+ assertEquals("placeOfBirth", "Hintergigritzpotschn", persInfo.getPlaceOfBirth());
+ assertEquals("birthName", "XXXvon Heuburg", persInfo.getBirthName());
+ assertEquals("num. stored eIDAS identifiers", 2, persInfo.getPseudonym().size());
+ assertEquals("stored eIDAS identifiers", "7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit",
+ persInfo.getPseudonym().get(0));
+ assertEquals("stored eIDAS identifiers",
+ "7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit_second_one",
+ persInfo.getPseudonym().get(1));
+
+ // validate request
+ assertEquals("wrong number of req.", 1, zmrReq.getAllValues().size());
+ assertNotNull("Personensuche req.", zmrReq.getValue().getPersonSuchenRequest());
+ checkBasicRequestParameters(zmrReq.getValue(), PROCESS_TASK_SEARCH, processId, "jUnit123456");
+ PersonSuchenRequest pSuche = zmrReq.getValue().getPersonSuchenRequest();
+ checkSearchParameters(pSuche.getPersonensucheInfo());
+
+ assertEquals("eidas Docs. size", 3, pSuche.getEidasSuchdaten().size());
+ checkEidasDocumentResult(pSuche.getEidasSuchdaten(),
+ "http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth", cc, placeOfBirth);
+ checkEidasDocumentResult(pSuche.getEidasSuchdaten(),
+ "http://eidas.europa.eu/attributes/naturalperson/BirthName", cc, birthName);
+ checkEidasDocumentResult(pSuche.getEidasSuchdaten(),
+ "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", cc, personalIdentifier);
+
+ assertNotNull("mds", pSuche.getNatuerlichePerson());
+ assertEquals("req. givenName", givenName, pSuche.getNatuerlichePerson().getPersonenName().getVorname());
+ assertEquals("req. familyName", familyName, pSuche.getNatuerlichePerson().getPersonenName().getFamilienname());
+ assertEquals("req. dateOfBirth", dateOfBirth, pSuche.getNatuerlichePerson().getGeburtsdatum());
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void searchResidenceEmpty() {
+ BigInteger processId = new BigInteger(RandomStringUtils.randomNumeric(6));
+
+ final String cc = "DE";
+ String familyName = RandomStringUtils.randomAlphabetic(10);
+ String givenName = RandomStringUtils.randomAlphabetic(10);
+ String dateOfBirth = RandomStringUtils.randomAlphabetic(10);
+ AdresssucheOutput addressInfo = AdresssucheOutput.builder()
+ .municipality(RandomStringUtils.randomAlphabetic(10))
+ .number(RandomStringUtils.randomAlphabetic(10))
+ .postleitzahl(RandomStringUtils.randomAlphabetic(10))
+ .street(RandomStringUtils.randomAlphabetic(10))
+ .village(RandomStringUtils.randomAlphabetic(10))
+ .build();
+
+
+ final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);
+
+ // inject response
+ when(zmrMock.service(zmrReq.capture(), any())).thenReturn(
+ loadResponseFromFile("/data/zmr/empty_zmr_result.xml"));
+
+ // execute operation
+ ZmrRegisterResult resp = client.searchWithResidenceData(processId,
+ givenName, familyName, dateOfBirth, cc, addressInfo);
+
+ // validate state
+ assertNotNull("no ZMR response", resp);
+ assertEquals("wrong processId", "367100000000079", resp.getProcessId().toString());
+ assertEquals("wrong resp size", 0, resp.getPersonResult().size());
+
+ // validate request
+ assertEquals("wrong number of req.", 1, zmrReq.getAllValues().size());
+ assertNotNull("Personensuche req.", zmrReq.getValue().getPersonSuchenRequest());
+ checkBasicRequestParameters(zmrReq.getValue(), PROCESS_TASK_SEARCH, processId, "jUnit123456");
+ PersonSuchenRequest pSuche = zmrReq.getValue().getPersonSuchenRequest();
+ checkSearchParameters(pSuche.getPersonensucheInfo());
+
+ assertNotNull("mds", pSuche.getNatuerlichePerson());
+ assertEquals("req. givenName", givenName, pSuche.getNatuerlichePerson().getPersonenName().getVorname());
+ assertEquals("req. familyName", familyName, pSuche.getNatuerlichePerson().getPersonenName().getFamilienname());
+ assertEquals("req. dateOfBirth", dateOfBirth, pSuche.getNatuerlichePerson().getGeburtsdatum());
+
+ assertEquals("req. Municipality", addressInfo.getMunicipality(), pSuche.getPostAdresse().getGemeinde());
+ assertEquals("req. Postleitzahl", addressInfo.getPostleitzahl(), pSuche.getPostAdresse().getPostleitzahl());
+ assertEquals("req. Village", addressInfo.getVillage(), pSuche.getPostAdresse().getOrtschaft());
+ assertEquals("req. Street", addressInfo.getStreet(), pSuche.getPostAdresse().getZustelladresse().getStrassenname());
+ assertEquals("req. Number", addressInfo.getNumber(), pSuche.getPostAdresse().getZustelladresse().getOrientierungsnummer());
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void searchResidenceMoreThanOneResult() {
+ BigInteger processId = new BigInteger(RandomStringUtils.randomNumeric(6));
+
+ final String cc = "DE";
+ String familyName = RandomStringUtils.randomAlphabetic(10);
+ String givenName = RandomStringUtils.randomAlphabetic(10);
+ String dateOfBirth = RandomStringUtils.randomAlphabetic(10);
+ AdresssucheOutput addressInfo = AdresssucheOutput.builder()
+ .municipality(RandomStringUtils.randomAlphabetic(10))
+ .postleitzahl(RandomStringUtils.randomAlphabetic(10))
+ .street(RandomStringUtils.randomAlphabetic(10))
+ .build();
+
+ final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);
+
+ // inject response
+ when(zmrMock.service(zmrReq.capture(), any())).thenReturn(
+ loadResponseFromFile("/data/zmr/search_with_personalId_only_resp_moreThanOne.xml"));
+
+ // execute operation
+ ZmrRegisterResult resp = client.searchWithResidenceData(processId,
+ givenName, familyName, dateOfBirth, cc, addressInfo);
+
+ // validate state
+ assertNotNull("no ZMR response", resp);
+ assertEquals("wrong processId", "367100000000079", resp.getProcessId().toString());
+ assertEquals("wrong resp size", 2, resp.getPersonResult().size());
+
+ // validate request
+ assertEquals("wrong number of req.", 1, zmrReq.getAllValues().size());
+ assertNotNull("Personensuche req.", zmrReq.getValue().getPersonSuchenRequest());
+ checkBasicRequestParameters(zmrReq.getValue(), PROCESS_TASK_SEARCH, processId, "jUnit123456");
+ PersonSuchenRequest pSuche = zmrReq.getValue().getPersonSuchenRequest();
+ assertEquals("req. Municipality", addressInfo.getMunicipality(), pSuche.getPostAdresse().getGemeinde());
+ assertEquals("req. Postleitzahl", addressInfo.getPostleitzahl(), pSuche.getPostAdresse().getPostleitzahl());
+ assertNull("req. Village", pSuche.getPostAdresse().getOrtschaft());
+ assertEquals("req. Street", addressInfo.getStreet(), pSuche.getPostAdresse().getZustelladresse().getStrassenname());
+ assertNull("req. Number", pSuche.getPostAdresse().getZustelladresse().getOrientierungsnummer());
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void searchResidenceSuccess() {
+ final String personalIdentifierFirst = "7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit";
+ final String cc = "DE";
+ final SimpleEidasData eidasDataFirst = SimpleEidasData.builder()
+ .citizenCountryCode(cc)
+ .familyName("XXXvon Brandenburg")
+ .givenName("XXXClaus - Maria")
+ .dateOfBirth("1994-12-31")
+ .personalIdentifier(cc + "/AT/" + personalIdentifierFirst)
+ .pseudonym(personalIdentifierFirst)
+ .build();
+
+ BigInteger processId = new BigInteger(RandomStringUtils.randomNumeric(6));
+
+ String familyName = RandomStringUtils.randomAlphabetic(10);
+ String givenName = RandomStringUtils.randomAlphabetic(10);
+ String dateOfBirth = RandomStringUtils.randomAlphabetic(10);
+ AdresssucheOutput addressInfo = AdresssucheOutput.builder()
+ .municipality(RandomStringUtils.randomAlphabetic(10))
+ .postleitzahl(RandomStringUtils.randomAlphabetic(10))
+ .build();
+
+ final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);
+
+ // inject response
+ when(zmrMock.service(zmrReq.capture(), any())).thenReturn(
+ loadResponseFromFile("/data/zmr/search_with_personalId_only_resp.xml"));
+
+ // execute operation
+ ZmrRegisterResult resp = client.searchWithResidenceData(processId,
+ givenName, familyName, dateOfBirth, cc, addressInfo);
+
+ // validate state
+ assertNotNull("no ZMR response", resp);
+ assertEquals("wrong processId", "367100000000079", resp.getProcessId().toString());
+ assertEquals("wrong resp size", 1, resp.getPersonResult().size());
+
+ RegisterResult persInfo = resp.getPersonResult().get(0);
+ assertEquals("bPK", "UgeknNsc26lVuB7U/uYGVmWtnnA=", persInfo.getBpk());
+ assertEquals("dateOfBirth", eidasDataFirst.getDateOfBirth(), persInfo.getDateOfBirth());
+ assertEquals("familyName", eidasDataFirst.getFamilyName(), persInfo.getFamilyName());
+ assertEquals("givenName", eidasDataFirst.getGivenName(), persInfo.getGivenName());
+ assertEquals("placeOfBirth", "Hintergigritzpotschn", persInfo.getPlaceOfBirth());
+ assertEquals("birthName", "XXXvon Heuburg", persInfo.getBirthName());
+ assertEquals("num. stored eIDAS identifiers", 2, persInfo.getPseudonym().size());
+ assertEquals("stored eIDAS identifiers", "7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit",
+ persInfo.getPseudonym().get(0));
+ assertEquals("stored eIDAS identifiers",
+ "7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit_second_one",
+ persInfo.getPseudonym().get(1));
+
+ // validate request
+ assertEquals("wrong number of req.", 1, zmrReq.getAllValues().size());
+ assertNotNull("Personensuche req.", zmrReq.getValue().getPersonSuchenRequest());
+ checkBasicRequestParameters(zmrReq.getValue(), PROCESS_TASK_SEARCH, processId, "jUnit123456");
+ PersonSuchenRequest pSuche = zmrReq.getValue().getPersonSuchenRequest();
+ assertEquals("req. Municipality", addressInfo.getMunicipality(), pSuche.getPostAdresse().getGemeinde());
+ assertEquals("req. Postleitzahl", addressInfo.getPostleitzahl(), pSuche.getPostAdresse().getPostleitzahl());
+ assertNull("req. Village", pSuche.getPostAdresse().getOrtschaft());
+ assertNull("req. Number", pSuche.getPostAdresse().getZustelladresse());
+
+ }
+
+
+ @Test
+ @SneakyThrows
+ public void updateProcessNoLatestVersionResult() {
+ BigInteger processId = new BigInteger(RandomStringUtils.randomNumeric(6));
+
+ final String personalIdentifier = "7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit";
+ final String cc = "DE";
+ final SimpleEidasData eidasData = SimpleEidasData.builder()
+ .citizenCountryCode(cc)
+ .familyName("XXXvon Brandenburg")
+ .givenName("XXXClaus - Maria")
+ .dateOfBirth("1994-12-31")
+ .personalIdentifier(cc + "/AT/" + personalIdentifier)
+ .pseudonym(personalIdentifier)
+ .birthName("XXXvon Heuburg")
+ .placeOfBirth("Hintergigritzpotschn")
+ .build();
+
+ RegisterResult toUpdate = RegisterResult.builder()
+ .bpk("UgeknNsc26lVuB7U/uYGVmWtnnA=")
+ .dateOfBirth("1994-12-31")
+ .familyName("XXXvon Brandenburg")
+ .givenName("XXXClaus - Maria")
+ //.birthName("")
+ //.placeOfBirth("")
+ //.pseudonym(Arrays.asList(""))
+ .build();
+
+
+ final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);
+
+ // inject response
+ when(zmrMock.service(zmrReq.capture(), any()))
+ .thenReturn(loadResponseFromFile("/data/zmr/empty_zmr_result.xml"))
+ .thenThrow(new RuntimeException("Request not needed any more"));
+
+
+ // execute operation
+ WorkflowException error = assertThrows("wrong Exception", WorkflowException.class,
+ () -> client.update(processId, toUpdate, eidasData));
+
+ assertEquals("wrong errorCode", "module.eidasauth.matching.03", error.getErrorId());
+ assertEquals("wrong param 1", "KITT get-latest-version", error.getParams()[0]);
+ assertEquals("wrong param 2", "Find NO data-set with already matchted eID during ZMR KITT process",
+ error.getParams()[1]);
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void updateProcessMultiLatestVersionResult() {
+ BigInteger processId = new BigInteger(RandomStringUtils.randomNumeric(6));
+
+ final String personalIdentifier = "7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit";
+ final String cc = "DE";
+ final SimpleEidasData eidasData = SimpleEidasData.builder()
+ .citizenCountryCode(cc)
+ .familyName("XXXvon Brandenburg")
+ .givenName("XXXClaus - Maria")
+ .dateOfBirth("1994-12-31")
+ .personalIdentifier(cc + "/AT/" + personalIdentifier)
+ .pseudonym(personalIdentifier)
+ .birthName("XXXvon Heuburg")
+ .placeOfBirth("Hintergigritzpotschn")
+ .build();
+
+ RegisterResult toUpdate = RegisterResult.builder()
+ .bpk("UgeknNsc26lVuB7U/uYGVmWtnnA=")
+ .dateOfBirth("1994-12-31")
+ .familyName("XXXvon Brandenburg")
+ .givenName("XXXClaus - Maria")
+ //.birthName("")
+ //.placeOfBirth("")
+ //.pseudonym(Arrays.asList(""))
+ .build();
+
+
+ final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);
+
+ // inject response
+ when(zmrMock.service(zmrReq.capture(), any()))
+ .thenReturn(loadResponseFromFile("/data/zmr/search_with_personalId_only_resp_moreThanOne.xml"))
+ .thenThrow(new RuntimeException("Request not needed any more"));
+
+
+ // execute operation
+ WorkflowException error = assertThrows("wrong Exception", WorkflowException.class,
+ () -> client.update(processId, toUpdate, eidasData));
+
+ assertEquals("wrong errorCode", "module.eidasauth.matching.03", error.getErrorId());
+ assertEquals("wrong param 1", "KITT get-latest-version", error.getParams()[0]);
+ assertEquals("wrong param 2", "Find MORE-THAN-ONE data-sets with already matchted eID during ZMR KITT process",
+ error.getParams()[1]);
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void updateProcessRequired() {
+ BigInteger processId = new BigInteger(RandomStringUtils.randomNumeric(6));
+
+ final String personalIdentifier = "7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit";
+ final String cc = "DE";
+ final SimpleEidasData eidasData = SimpleEidasData.builder()
+ .citizenCountryCode(cc)
+ .familyName("XXXvon Brandenburg")
+ .givenName("XXXClaus - Maria")
+ .dateOfBirth("1994-12-31")
+ .personalIdentifier(cc + "/AT/" + personalIdentifier)
+ .pseudonym(personalIdentifier)
+ .birthName("XXXvon Heuburg")
+ .placeOfBirth("Hintergigritzpotschn")
+ .build();
+
+ RegisterResult toUpdate = RegisterResult.builder()
+ .bpk("UgeknNsc26lVuB7U/uYGVmWtnnA=")
+ .dateOfBirth("1994-12-31")
+ .familyName("XXXvon Brandenburg")
+ .givenName("XXXClaus - Maria")
+ //.birthName("")
+ //.placeOfBirth("")
+ //.pseudonym(Arrays.asList(""))
+ .build();
+
+
+ final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);
+
+ // inject response
+ when(zmrMock.service(zmrReq.capture(), any()))
+ .thenReturn(loadResponseFromFile("/data/zmr/seq_1-4_kitt_get_latest_version_resp.xml"))
+ .thenReturn(loadResponseFromFile("/data/zmr/seq_1-6_kitt_update_resp.xml"))
+ .thenThrow(new RuntimeException("Request not needed any more"));
+
+
+ // execute operation
+ ZmrRegisterResult resp = client.update(processId, toUpdate, eidasData);
+
+ // validate request
+ assertEquals("wrong number of req.", 2, zmrReq.getAllValues().size());
+
+ // check get laterst version request
+ RequestType firstReq = zmrReq.getAllValues().get(0);
+ assertNotNull("1 req.", firstReq.getPersonSuchenRequest());
+ checkBasicRequestParameters(firstReq , PROCESS_TASK_SEARCH, processId, "jUnit123456");
+ PersonSuchenRequest pSuche = firstReq .getPersonSuchenRequest();
+ checkSearchParameters(pSuche.getPersonensucheInfo());
+ assertNull("1 req. ZMR Zahl", pSuche.getZMRZahl());
+ assertEquals("1 req. identifier size", 1,
+ pSuche.getNatuerlichePerson().getIdentification().size());
+ assertEquals("1 req. givenName", toUpdate.getBpk(),
+ pSuche.getNatuerlichePerson().getIdentification().get(0).getValue());
+ assertEquals("1 req. givenName", "urn:publicid:gv.at:cdid+ZP",
+ pSuche.getNatuerlichePerson().getIdentification().get(0).getType());
+ assertNotNull("1 mds", pSuche.getNatuerlichePerson());
+ assertEquals("1 req. givenName", toUpdate.getGivenName(),
+ pSuche.getNatuerlichePerson().getPersonenName().getVorname());
+ assertEquals("1 req. familyName", toUpdate.getFamilyName(),
+ pSuche.getNatuerlichePerson().getPersonenName().getFamilienname());
+ assertEquals("1 req. dateOfBirth", toUpdate.getDateOfBirth(),
+ pSuche.getNatuerlichePerson().getGeburtsdatum());
+
+
+ // check update request
+ RequestType secondReq = zmrReq.getAllValues().get(1);
+ assertNotNull("2 req.", secondReq.getPersonAendernRequest());
+ checkBasicRequestParameters(secondReq , PROCESS_TASK_UPDATE, processId, "jUnit123456");
+ PersonAendernRequest secondpSuche = secondReq.getPersonAendernRequest();
+
+ assertEquals("2 req. ZMR Zahl", "000430320173", secondpSuche.getPersonReferenz().getZMRZahl());
+ assertEquals("2 req. tech. Ref. value", "44453600000000697",
+ secondpSuche.getPersonReferenz().getTechnisch().getEntityID());
+ assertEquals("2 req. tech. Ref. date", "2020-02-05T13:07:06.311",
+ secondpSuche.getPersonReferenz().getTechnisch().getLetzteAenderung().toString());
+
+ assertEquals("eidas Docs. size", 6, secondpSuche.getEidasIdentitaetAnlage().size());
+ checkEidasDocumentAdd(secondpSuche.getEidasIdentitaetAnlage(),
+ "http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth", cc, eidasData.getPlaceOfBirth());
+ checkEidasDocumentAdd(secondpSuche.getEidasIdentitaetAnlage(),
+ "http://eidas.europa.eu/attributes/naturalperson/BirthName", cc, eidasData.getBirthName());
+ checkEidasDocumentAdd(secondpSuche.getEidasIdentitaetAnlage(),
+ "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", cc, eidasData.getPseudonym());
+ checkEidasDocumentAdd(secondpSuche.getEidasIdentitaetAnlage(),
+ "http://eidas.europa.eu/attributes/naturalperson/CurrentGivenName", cc, eidasData.getGivenName());
+ checkEidasDocumentAdd(secondpSuche.getEidasIdentitaetAnlage(),
+ "http://eidas.europa.eu/attributes/naturalperson/CurrentFamilyName", cc, eidasData.getFamilyName());
+ checkEidasDocumentAdd(secondpSuche.getEidasIdentitaetAnlage(),
+ "http://eidas.europa.eu/attributes/naturalperson/DateOfBirth", cc, eidasData.getDateOfBirth());
+
+
+ // validate state
+ assertNotNull("no ZMR response", resp);
+ assertEquals("wrong processId", "366200000000082", resp.getProcessId().toString());
+ assertEquals("wrong resp size", 1, resp.getPersonResult().size());
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void updateProcessNoUpdateRequired() {
+ BigInteger processId = new BigInteger(RandomStringUtils.randomNumeric(6));
+
+ final String personalIdentifier = "7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit";
+ final String cc = "DE";
+ final SimpleEidasData eidasData = SimpleEidasData.builder()
+ .citizenCountryCode(cc)
+ .familyName("XXXvon Brandenburg")
+ .givenName("XXXClaus - Maria")
+ .dateOfBirth("1994-12-31")
+ .personalIdentifier(cc + "/AT/" + personalIdentifier)
+ .pseudonym(personalIdentifier)
+ .birthName("XXXvon Heuburg")
+ .placeOfBirth("Hintergigritzpotschn")
+ .build();
+
+ RegisterResult toUpdate = RegisterResult.builder()
+ .bpk("UgeknNsc26lVuB7U/uYGVmWtnnA=")
+ .dateOfBirth("1994-12-31")
+ .familyName("XXXvon Brandenburg")
+ .givenName("XXXClaus - Maria")
+ .birthName("XXXvon Heuburg")
+ .placeOfBirth("Hintergigritzpotschn")
+ .pseudonym(Arrays.asList(personalIdentifier))
+ .build();
+
+
+ final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);
+
+ // inject response
+ when(zmrMock.service(zmrReq.capture(), any()))
+ .thenReturn(loadResponseFromFile("/data/zmr/seq_1-8_search_with_personalId_only_resp.xml"))
+ .thenThrow(new RuntimeException("Request not needed any more"));
+
+
+ // execute operation
+ ZmrRegisterResult resp = client.update(processId, toUpdate, eidasData);
+
+ // validate request
+ assertEquals("wrong number of req.", 1, zmrReq.getAllValues().size());
+
+ // check get laterst version request
+ RequestType firstReq = zmrReq.getAllValues().get(0);
+ assertNotNull("1 req.", firstReq.getPersonSuchenRequest());
+ checkBasicRequestParameters(firstReq , PROCESS_TASK_SEARCH, processId, "jUnit123456");
+ PersonSuchenRequest pSuche = firstReq .getPersonSuchenRequest();
+ checkSearchParameters(pSuche.getPersonensucheInfo());
+ assertNull("1 req. ZMR Zahl", pSuche.getZMRZahl());
+ assertEquals("1 req. identifier size", 1,
+ pSuche.getNatuerlichePerson().getIdentification().size());
+ assertEquals("1 req. givenName", toUpdate.getBpk(),
+ pSuche.getNatuerlichePerson().getIdentification().get(0).getValue());
+ assertEquals("1 req. givenName", "urn:publicid:gv.at:cdid+ZP",
+ pSuche.getNatuerlichePerson().getIdentification().get(0).getType());
+ assertNotNull("1 mds", pSuche.getNatuerlichePerson());
+ assertEquals("1 req. givenName", toUpdate.getGivenName(),
+ pSuche.getNatuerlichePerson().getPersonenName().getVorname());
+ assertEquals("1 req. familyName", toUpdate.getFamilyName(),
+ pSuche.getNatuerlichePerson().getPersonenName().getFamilienname());
+ assertEquals("1 req. dateOfBirth", toUpdate.getDateOfBirth(),
+ pSuche.getNatuerlichePerson().getGeburtsdatum());
+
+
+ // validate state
+ assertNotNull("no ZMR response", resp);
+ assertEquals("wrong processId", processId.toString(), resp.getProcessId().toString());
+ assertEquals("wrong resp size", 1, resp.getPersonResult().size());
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void updateProcessSomeSpecialCases() {
+ BigInteger processId = new BigInteger(RandomStringUtils.randomNumeric(6));
+
+ final String personalIdentifier = RandomStringUtils.randomAlphanumeric(10);
+ final String cc = "DE";
+ final SimpleEidasData eidasData = SimpleEidasData.builder()
+ .citizenCountryCode(cc)
+ .familyName("XXXvon Brandenburg")
+ .givenName("XXXClaus - Maria")
+ .dateOfBirth("1994-12-31")
+ .personalIdentifier(cc + "/AT/" + personalIdentifier)
+ .pseudonym(personalIdentifier)
+ .birthName("") //empty addr. values should be ignored
+ .placeOfBirth(RandomStringUtils.randomAlphabetic(10)) //should be ignored because it was already set for DE
+ .build();
+
+ RegisterResult toUpdate = RegisterResult.builder()
+ .bpk("UgeknNsc26lVuB7U/uYGVmWtnnA=")
+ .dateOfBirth("1994-12-31")
+ .familyName("XXXvon Brandenburg")
+ .givenName("XXXClaus - Maria")
+ .birthName("XXXvon Heuburg")
+ .placeOfBirth("Hintergigritzpotschn")
+ .pseudonym(Arrays.asList("7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit"))
+ .build();
+
+
+ final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);
+
+ // inject response
+ when(zmrMock.service(zmrReq.capture(), any()))
+ .thenReturn(loadResponseFromFile("/data/zmr/seq_1-8_search_with_personalId_only_resp.xml"))
+ .thenReturn(loadResponseFromFile("/data/zmr/seq_1-6_kitt_update_resp.xml"))
+ .thenThrow(new RuntimeException("Request not needed any more"));
+
+
+ // execute operation
+ ZmrRegisterResult resp = client.update(processId, toUpdate, eidasData);
+
+ // validate request
+ assertEquals("wrong number of req.", 2, zmrReq.getAllValues().size());
+
+ // check get latest version request
+ RequestType firstReq = zmrReq.getAllValues().get(0);
+ assertNotNull("1 req.", firstReq.getPersonSuchenRequest());
+ checkBasicRequestParameters(firstReq , PROCESS_TASK_SEARCH, processId, "jUnit123456");
+ PersonSuchenRequest pSuche = firstReq .getPersonSuchenRequest();
+ checkSearchParameters(pSuche.getPersonensucheInfo());
+ assertNull("1 req. ZMR Zahl", pSuche.getZMRZahl());
+ assertEquals("1 req. identifier size", 1,
+ pSuche.getNatuerlichePerson().getIdentification().size());
+ assertEquals("1 req. givenName", toUpdate.getBpk(),
+ pSuche.getNatuerlichePerson().getIdentification().get(0).getValue());
+ assertEquals("1 req. givenName", "urn:publicid:gv.at:cdid+ZP",
+ pSuche.getNatuerlichePerson().getIdentification().get(0).getType());
+ assertNotNull("1 mds", pSuche.getNatuerlichePerson());
+ assertEquals("1 req. givenName", toUpdate.getGivenName(),
+ pSuche.getNatuerlichePerson().getPersonenName().getVorname());
+ assertEquals("1 req. familyName", toUpdate.getFamilyName(),
+ pSuche.getNatuerlichePerson().getPersonenName().getFamilienname());
+ assertEquals("1 req. dateOfBirth", toUpdate.getDateOfBirth(),
+ pSuche.getNatuerlichePerson().getGeburtsdatum());
+
+ // check update request
+ RequestType secondReq = zmrReq.getAllValues().get(1);
+ assertNotNull("2 req.", secondReq.getPersonAendernRequest());
+ checkBasicRequestParameters(secondReq , PROCESS_TASK_UPDATE, processId, "jUnit123456");
+ PersonAendernRequest secondpSuche = secondReq.getPersonAendernRequest();
+
+ assertEquals("2 req. ZMR Zahl", "000430320173", secondpSuche.getPersonReferenz().getZMRZahl());
+ assertEquals("2 req. tech. Ref. value", "44453600000000697",
+ secondpSuche.getPersonReferenz().getTechnisch().getEntityID());
+ assertEquals("2 req. tech. Ref. date", "2020-02-05T13:07:06.311",
+ secondpSuche.getPersonReferenz().getTechnisch().getLetzteAenderung().toString());
+
+
+ // only one attribute for update because birthname is empty and placeOfBirth was already set for DE
+ assertEquals("eidas Docs. size", 1, secondpSuche.getEidasIdentitaetAnlage().size());
+ checkEidasDocumentAdd(secondpSuche.getEidasIdentitaetAnlage(),
+ "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", cc, eidasData.getPseudonym());
+
+ // validate state
+ assertNotNull("no ZMR response", resp);
+ assertEquals("wrong processId", "366200000000082", resp.getProcessId().toString());
+ assertEquals("wrong resp size", 1, resp.getPersonResult().size());
+
+ }
+
+
+ private PersonSuchenRequest generateCustomRequest(String cc, String familyName, String givenName,
+ String dateOfBirth, String personalId, String placeOfBirth, String birthName) {
+ final PersonSuchenRequest req = new PersonSuchenRequest();
+
+ // set basic MDS information
+ final NatuerlichePersonTyp searchNatPerson = new NatuerlichePersonTyp();
+ req.setNatuerlichePerson(searchNatPerson);
+ final PersonenNameTyp searchNatPersonName = new PersonenNameTyp();
+ searchNatPerson.setPersonenName(searchNatPersonName);
+ searchNatPersonName.setFamilienname(familyName);
+ searchNatPersonName.setVorname(givenName);
+ searchNatPerson.setGeburtsdatum(dateOfBirth);
+
+ // add addtional eIDAS attributes if available
+ addIfAvailable(req.getEidasSuchdaten(), cc, Constants.eIDAS_ATTRURN_PLACEOFBIRTH, placeOfBirth);
+ addIfAvailable(req.getEidasSuchdaten(), cc, Constants.eIDAS_ATTRURN_BIRTHNAME, birthName);
+ addIfAvailable(req.getEidasSuchdaten(), cc, Constants.eIDAS_ATTRURN_PERSONALIDENTIFIER, personalId);
+
+ return req;
+
+ }
+
+ private void addIfAvailable(List<EidasSuchdatenType> eidasSuchdaten,
+ String cc, String attrName, String attrValue) {
+ if (StringUtils.isNotEmpty(attrValue)) {
+ eidasSuchdaten.add(buildEidasSuchData(cc, attrName, attrValue));
+
+ }
+ }
+
+ private EidasSuchdatenType buildEidasSuchData(String cc, String attrName, String attrValue) {
+ final EidasSuchdatenType eidasInfos = new EidasSuchdatenType();
+ eidasInfos.setStaatscode2(cc);
+ eidasInfos.setEidasArt(attrName);
+ eidasInfos.setEidasWert(attrValue);
+ return eidasInfos;
+
+ }
+
+ private void checkSearchParameters(PersonensucheInfoType toCheck) {
+ assertTrue("searchWithHistory flag", toCheck.getSuchkriterien().isInclusivHistorie());
+ assertFalse("withERsB flag", toCheck.getSuchkriterien().isInclusivERnP());
+ assertFalse("formalisiert flag", toCheck.getSuchkriterien().isFormalisiert());
+ assertFalse("resultWithHistory flag", toCheck.getErgebniskriterien().isInclusivHistorie());
+
+ }
+
+ private void checkEidasDocumentResult(List<EidasSuchdatenType> list, String type, String cc, String value) {
+ Optional<EidasSuchdatenType> eidasDoc = list.stream()
+ .filter(el -> type.equals(el.getEidasArt()))
+ .findFirst();
+
+ assertTrue("eidas doc: " + type, eidasDoc.isPresent());
+ assertEquals("eIDAS docType", type, eidasDoc.get().getEidasArt());
+ assertEquals("eIDAS docValue", value, eidasDoc.get().getEidasWert());
+ assertEquals("eIDAS docCC", cc, eidasDoc.get().getStaatscode2());
+
+ }
+
+ private void checkEidasDocumentAdd(List<EidasIdentitaetAnlageType> list, String type, String cc,
+ String value) {
+ Optional<EidasIdentitaetAnlageType> eidasDoc = list.stream()
+ .filter(el -> type.equals(el.getEidasArt()))
+ .findFirst();
+
+ assertTrue("eidas doc: " + type, eidasDoc.isPresent());
+ assertEquals("eIDAS docType", type, eidasDoc.get().getEidasArt());
+ assertEquals("eIDAS docValue", value, eidasDoc.get().getEidasWert());
+ assertEquals("eIDAS docCC", cc, eidasDoc.get().getStaatscode2());
+
+ }
+
+ private void checkBasicRequestParameters(RequestType requestType, String vorgangName, BigInteger processId,
+ String behoerdennummer) {
+ assertNotNull("no workflow infos", requestType.getWorkflowInfoClient());
+ assertEquals("processName", PROCESS_GENERAL, requestType.getWorkflowInfoClient().getProzessName());
+ assertEquals("vorgangsName", vorgangName, requestType.getWorkflowInfoClient().getVorgangName());
+
+ if (processId != null) {
+ assertEquals("processId", processId, requestType.getWorkflowInfoClient().getProzessInstanzID());
+ } else {
+ assertNull("processId", requestType.getWorkflowInfoClient().getProzessInstanzID());
+ }
+
+ assertNotNull("no client infos", requestType.getClientInfo());
+ assertEquals("behoerdennummer", behoerdennummer, requestType.getClientInfo().getOrganisation()
+ .getBehoerdenNr());
+ }
+
+ private ResponseType loadResponseFromFile(String filepath) throws JAXBException {
+ final Unmarshaller unmarshaller = jaxbContext.createUnmarshaller();
+ JAXBElement<?> resp = (JAXBElement<?>) unmarshaller.unmarshal(ZmrClientTest.class.getResourceAsStream(
+ filepath));
+ return (ResponseType) resp.getValue();
+
+ }
+
+ private Throwable injectError(boolean isGeneric) {
+ javax.xml.namespace.QName qName;
+ if (isGeneric) {
+ qName = new javax.xml.namespace.QName("urn:SZRServices", "F455", "p344");
+
+ } else {
+ qName = new javax.xml.namespace.QName("http://bmi.gv.at/namespace/zmr-su/base/20040201#", "ServiceFault", "zmr");
+
+ }
+ final SoapFault fault = new SoapFault(
+ "The travel document you sent to insert a person already exists for another person. " + "Either check the document or have the person altered accordingly",
+ qName);
+ fault.setRole("zmr:ServiceFault");
+ return fault;
+
+ }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/config/EidasConnectorMessageSourceTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/config/EidasConnectorMessageSourceTest.java
new file mode 100644
index 00000000..1f96b25c
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/config/EidasConnectorMessageSourceTest.java
@@ -0,0 +1,43 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.config;
+
+import java.util.List;
+
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.core.io.Resource;
+import org.springframework.core.io.ResourceLoader;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.api.logging.IMessageSourceLocation;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml"})
+@DirtiesContext
+public class EidasConnectorMessageSourceTest {
+
+ @Autowired
+ private ResourceLoader loader;
+ @Autowired(required = false)
+ private List<IMessageSourceLocation> messageSources;
+
+ @Test
+ public void checkMessageSources() {
+ Assert.assertNotNull("No messageSource", messageSources);
+
+ for (final IMessageSourceLocation messageSource : messageSources) {
+ Assert.assertNotNull("No sourcePath", messageSource.getMessageSourceLocation());
+
+ for (final String el : messageSource.getMessageSourceLocation()) {
+ final Resource messages = loader.getResource(el + ".properties");
+ Assert.assertTrue("Source not exist", messages.exists());
+
+ }
+ }
+ }
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummyAuthConfigMap.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummyAuthConfigMap.java
new file mode 100644
index 00000000..ba531029
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummyAuthConfigMap.java
@@ -0,0 +1,144 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.URI;
+import java.net.URL;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Properties;
+
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
+import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
+
+import org.apache.commons.lang3.StringUtils;
+
+/**
+ * Dummy Application-configuration implementation for jUnit tests.
+ *
+ * @author tlenz
+ *
+ */
+public class DummyAuthConfigMap implements IConfigurationWithSP {
+
+ private Map<String, String> config = new HashMap<>();
+
+ /**
+ * Empty Dummy Application-configuration.
+ *
+ */
+ public DummyAuthConfigMap() {
+
+ }
+
+ /**
+ * Dummy Application-configuration.
+ *
+ * @param configIs Property based configuration
+ * @throws IOException In case of an configuration read error
+ */
+ public DummyAuthConfigMap(final InputStream configIs) throws IOException {
+
+ final Properties props = new Properties();
+ props.load(configIs);
+
+ config = KeyValueUtils.convertPropertiesToMap(props);
+
+ }
+
+ /**
+ * Dummy Application-configuration.
+ *
+ * @param path Path to property based configuration
+ * @throws IOException In case of an configuration read error
+ */
+ public DummyAuthConfigMap(final String path) throws IOException {
+
+ final Properties props = new Properties();
+ props.load(this.getClass().getResourceAsStream(path));
+
+ config = KeyValueUtils.convertPropertiesToMap(props);
+
+ }
+
+
+ @Override
+ public String getBasicConfiguration(final String key) {
+ return config.get(key);
+
+ }
+
+ @Override
+ public String getBasicConfiguration(final String key, final String defaultValue) {
+ final String value = getBasicConfiguration(key);
+ if (StringUtils.isEmpty(value)) {
+ return defaultValue;
+ } else {
+ return value;
+ }
+
+ }
+
+ @Override
+ public boolean getBasicConfigurationBoolean(final String key) {
+ final String value = getBasicConfiguration(key);
+ if (StringUtils.isEmpty(value)) {
+ return false;
+ } else {
+ return Boolean.valueOf(value);
+ }
+ }
+
+ @Override
+ public boolean getBasicConfigurationBoolean(final String key, final boolean defaultValue) {
+ return Boolean.parseBoolean(getBasicConfiguration(key, String.valueOf(defaultValue)));
+
+ }
+
+ @Override
+ public Map<String, String> getBasicConfigurationWithPrefix(final String prefix) {
+ return KeyValueUtils.getSubSetWithPrefix(config, prefix);
+
+ }
+
+ @Override
+ public ISpConfiguration getServiceProviderConfiguration(final String uniqueID)
+ throws EaafConfigurationException {
+ return null;
+ }
+
+ @Override
+ public <T> T getServiceProviderConfiguration(final String spIdentifier, final Class<T> decorator)
+ throws EaafConfigurationException {
+ return null;
+ }
+
+ @Override
+ public URI getConfigurationRootDirectory() {
+ return new java.io.File(".").toURI();
+
+ }
+
+ @Override
+ public String validateIdpUrl(final URL authReqUrl) throws EaafException {
+ return authReqUrl.toString();
+ }
+
+ public void putConfigValue(final String key, final String value) {
+ config.put(key, value);
+ }
+
+ public void removeConfigValue(final String key) {
+ config.remove(key);
+
+ }
+
+ public void removeAll() {
+ config.clear();
+
+ }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummyOA.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummyOA.java
new file mode 100644
index 00000000..074dd0bb
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummyOA.java
@@ -0,0 +1,304 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+import org.apache.commons.lang3.StringUtils;
+
+import at.gv.egiz.eaaf.core.impl.builder.BpkBuilder;
+import at.gv.egiz.eaaf.core.impl.data.Pair;
+import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
+import lombok.Getter;
+import lombok.Setter;
+
+public class DummyOA implements IAhSpConfiguration {
+
+ private static final long serialVersionUID = 1L;
+ private String uniqueAppId = null;
+ private String targetIdentifier = null;
+ private String friendlyName = null;
+ private String cc = "AT";
+ private final Map<String, String> config = new HashMap<>();
+ private final List<Pair<String, String>> reqAttributes = new ArrayList<>();
+
+ private boolean mandateEnabled = false;
+ private boolean onlyMandateEnabled = false;
+ private String mandateProfilesCsv;
+
+ private boolean eidasEnabled = false;
+
+ private boolean testCredentialEnabled = true;
+ private String additionalBpkTargetCsv;
+ private List<Pair<String, String>> additionalEncBpkTargets;
+
+ @Setter
+ private boolean restricted = true;
+
+ @Setter
+ private long latestVdaAuthentication = 60 * 365 * 5;
+
+ @Getter
+ @Setter
+ private boolean publicServiceProvider;
+
+ @Getter
+ @Setter
+ private boolean multiMandateEnabled;
+
+ @Setter
+ private String bmiUniqueIdentifier;
+
+ @Override
+ public Map<String, String> getFullConfiguration() {
+ return this.config;
+ }
+
+ @Override
+ public String getConfigurationValue(final String key) {
+ return this.config.get(key);
+ }
+
+ @Override
+ public String getConfigurationValue(final String key, final String defaultValue) {
+ if (StringUtils.isNotEmpty(getConfigurationValue(key))) {
+ return getConfigurationValue(key);
+ } else {
+ return defaultValue;
+ }
+ }
+
+ @Override
+ public boolean isConfigurationValue(final String key) {
+ if (StringUtils.isNotEmpty(getConfigurationValue(key))) {
+ return Boolean.parseBoolean(getConfigurationValue(key));
+ } else {
+ return false;
+ }
+
+ }
+
+ @Override
+ public boolean isConfigurationValue(final String key, final boolean defaultValue) {
+ return Boolean.parseBoolean(getConfigurationValue(key, String.valueOf(defaultValue)));
+
+ }
+
+ @Override
+ public boolean containsConfigurationKey(final String key) {
+ return this.config.containsKey(key);
+ }
+
+ @Override
+ public String getUniqueIdentifier() {
+ return this.uniqueAppId;
+ }
+
+ @Override
+ public String getUniqueApplicationRegisterIdentifier() {
+ return this.bmiUniqueIdentifier;
+
+ }
+
+ @Override
+ public String getFriendlyName() {
+ return this.friendlyName;
+ }
+
+ @Override
+ public boolean hasBaseIdInternalProcessingRestriction() {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+ @Override
+ public boolean hasBaseIdTransferRestriction() {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+ @Override
+ public Set<String> getTargetsWithNoBaseIdInternalProcessingRestriction() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Set<String> getTargetsWithNoBaseIdTransferRestriction() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public List<String> getRequiredLoA() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getLoAMatchingMode() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getAreaSpecificTargetIdentifier() {
+ return this.targetIdentifier;
+ }
+
+ @Override
+ public boolean isTestCredentialEnabled() {
+ return this.testCredentialEnabled;
+ }
+
+ @Override
+ public List<String> getTestCredentialOids() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public List<Pair<String, String>> getRequiredAttributes() {
+ return this.reqAttributes;
+
+ }
+
+ public void setUniqueAppId(final String uniqueAppId) {
+ this.uniqueAppId = uniqueAppId;
+ }
+
+ @Override
+ public String getCountryCode() {
+ return cc;
+ }
+
+ @Override
+ public void setCountryCode(final String cc) {
+ this.cc = cc;
+
+ }
+
+ public void setTargetIdentifier(final String targetIdentifier) {
+ this.targetIdentifier = BpkBuilder.normalizeBpkTargetIdentifierToCommonFormat(targetIdentifier);
+
+ }
+
+ public void setFriendlyName(final String friendlyName) {
+ this.friendlyName = friendlyName;
+ }
+
+ public void putGenericConfigurationKey(final String key, final String value) {
+ this.config.put(key, value);
+
+ }
+
+ public void addRequiredAttribute(final String attrUri) {
+ this.reqAttributes.add(Pair.newInstance(attrUri, null));
+
+ }
+
+ public void removeRequiredAttribute(final String attrUri) {
+ for (final Pair<String, String> el : reqAttributes) {
+ if (el.getFirst().equals(attrUri)) {
+ reqAttributes.remove(el);
+ break;
+
+ }
+
+
+ }
+ }
+
+ public void addRequiredAttribute(final String attrUri, String param) {
+ this.reqAttributes.add(Pair.newInstance(attrUri, param));
+
+ }
+
+ @Override
+ public boolean isMandateEnabled() {
+ return this.mandateEnabled;
+ }
+
+ @Override
+ public boolean isOnlyMandateEnabled() {
+ return this.onlyMandateEnabled;
+
+ }
+
+ @Override
+ public List<String> getMandateProfiles() {
+ return KeyValueUtils.getListOfCsvValues(mandateProfilesCsv);
+ }
+
+ @Override
+ public List<String> getAdditionalBpkTargets() {
+ return KeyValueUtils.getListOfCsvValues(additionalBpkTargetCsv);
+
+ }
+
+ @Override
+ public List<Pair<String, String>> getAdditionalForeignBpkTargets() {
+ if (additionalEncBpkTargets == null) {
+ return Collections.emptyList();
+
+ } else {
+ return additionalEncBpkTargets;
+
+ }
+ }
+
+ @Override
+ public long lastVdaAuthenticationDelay() {
+ return latestVdaAuthentication;
+
+ }
+
+ @Override
+ public boolean isRestrictedServiceProvider() {
+ return this.restricted;
+ }
+
+
+ public void setMandateEnabled(final boolean mandateEnabled) {
+ this.mandateEnabled = mandateEnabled;
+ }
+
+ public void setOnlyMandateEnabled(final boolean onlyMandateEnabled) {
+ this.onlyMandateEnabled = onlyMandateEnabled;
+ }
+
+ public void setMandateProfilesCsv(final String mandateProfilesCsv) {
+ this.mandateProfilesCsv = mandateProfilesCsv;
+ }
+
+ public void setTestCredentialEnabled(final boolean testCredentialEnabled) {
+ this.testCredentialEnabled = testCredentialEnabled;
+ }
+
+ public void setAdditionalBpkTargetCsv(String additionalBpkTargetCsv) {
+ this.additionalBpkTargetCsv = additionalBpkTargetCsv;
+ }
+
+ public void setAdditionalEncBpkTargets(List<Pair<String, String>> additionalEncBpkTargets) {
+ this.additionalEncBpkTargets = additionalEncBpkTargets;
+ }
+
+ @Override
+ public boolean isEnabled() {
+ return true;
+ }
+
+ @Override
+ public boolean isEidasEnabled() {
+ return this.eidasEnabled;
+
+ }
+
+ public void setEidasEnabled(boolean eidasEnabled) {
+ this.eidasEnabled = eidasEnabled;
+ }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummyPendingRequest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummyPendingRequest.java
new file mode 100644
index 00000000..9a91ecbd
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummyPendingRequest.java
@@ -0,0 +1,8 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy;
+
+import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl;
+
+public class DummyPendingRequest extends RequestImpl {
+ private static final long serialVersionUID = 8136280395622411505L;
+}
+
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/IAhSpConfiguration.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/IAhSpConfiguration.java
new file mode 100644
index 00000000..13d61f15
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/IAhSpConfiguration.java
@@ -0,0 +1,152 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy;
+
+import java.util.List;
+
+import javax.annotation.Nonnull;
+import javax.annotation.Nullable;
+
+import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
+import at.gv.egiz.eaaf.core.impl.data.Pair;
+
+public interface IAhSpConfiguration extends ISpConfiguration {
+
+
+ /**
+ * Flag if this Service Provider is enabled.
+ *
+ * @return true if the SP is enabled, otherwise false
+ */
+ boolean isEnabled();
+
+ /**
+ * Get unique identifier that is used in Application-Register from BM.I.
+ *
+ * <p>If no BM.I specific identifier is available then this method returns
+ * the same identifier as <code>getUniqueIdentifier()</code></p>
+ *
+ * @return unique identifier from BM.I AppReg, or generic uniqueId of no specific exists
+ */
+ String getUniqueApplicationRegisterIdentifier();
+
+ /**
+ * Flag that marks this Service-Provider as <i>public</i> or <i>private</i>.
+ *
+ * <p><b>Default:</b> If it is not set or has an unknown value, its <i>private</i> by default</p>
+ *
+ * @return <code>true</code> if it is from <i>public</i>, otherwise <code>false</code>
+ */
+ boolean isPublicServiceProvider();
+
+ /**
+ * Enable test identities for this Service Provider.
+ *
+ * @return true if test identities are allowed, otherwise false
+ */
+ boolean isTestCredentialEnabled();
+
+ /**
+ * Get a List of OID's that refine the set of allowed test identities.
+ *
+ * @return @link {@link List} of test-identity OID's
+ */
+ @Nullable
+ List<String> getTestCredentialOids();
+
+
+ /**
+ * Get a List of unique attribute URI's that are required by this SP.
+ *
+ * @return {@link List} of attribute URI's / parameter {@link Pair}s
+ */
+ List<Pair<String, String>> getRequiredAttributes();
+
+
+ /**
+ * Get the CountryCode for this service. <br>
+ * <br>
+ * <b>Default:</b> AT
+ *
+ * @return
+ */
+ String getCountryCode();
+
+ /**
+ * Set the CountryCode for this service. If not countryCode is set, AT is used as default.
+ *
+ * @param cc Service-Provider country-code
+ */
+ void setCountryCode(String cc);
+
+ /**
+ * Enable mandates for this service provider.
+ *
+ * @return <code>true</code> if mandates are enabled, otherwise <code>false</code>
+ */
+ boolean isMandateEnabled();
+
+ /**
+ * Enables multi-mandates for this service-provider.
+ *
+ * @return <code>true</code> if multi-mandates are enabled, otherwise <code>false</code>
+ */
+ boolean isMultiMandateEnabled();
+
+ /**
+ * Only mandates are allowed for this service provider.
+ *
+ * @return <code>true</code> if only mandates are allowed, otherwise <code>false</code>
+ */
+ boolean isOnlyMandateEnabled();
+
+ /**
+ * Get a {@link List} of mandate profiles that are supported by this Service provider.
+ *
+ * @return
+ */
+ @Nonnull List<String> getMandateProfiles();
+
+
+ /**
+ * eIDAS authentication allowed flag.
+ *
+ * @return <code>true</code> if eIDAS authentication is enabled, otherwise <code>false</code>
+ */
+ boolean isEidasEnabled();
+
+ /**
+ * Get a List of targets for additional bPKs that are required by this service provider.
+ *
+ * @return List of prefixed bPK targets
+ */
+ @Nonnull List<String> getAdditionalBpkTargets();
+
+ /**
+ * Get a list of foreign bPK targets that are required by this service provider.
+ *
+ * @return List of pairs with prefixed bPK targets as first element and VKZ as second element
+ */
+ @Nonnull List<Pair<String, String>> getAdditionalForeignBpkTargets();
+
+ /**
+ * Flag that indicates that service-provider as restricted or unrestricted.
+ *
+ * <p>A restricted service-provider can only used by test-identities that contains a
+ * valid application-restriction in User-Certificate Pinning</p>
+ *
+ * <p><b>Default:</b> true</p>
+ *
+ * @return <code>true</code> if it is restricted, otherwise <code>false</code>
+ */
+ boolean isRestrictedServiceProvider();
+
+
+/**
+ * Defines the time in minutes how long the last VDA registration h@Override
+ ave passed as maximum.
+ *
+ * @return time in minutes
+ */
+long lastVdaAuthenticationDelay();
+
+}
+
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/handler/DeSpecificDetailSearchProcessorTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/handler/DeSpecificDetailSearchProcessorTest.java
new file mode 100644
index 00000000..21c9fd80
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/handler/DeSpecificDetailSearchProcessorTest.java
@@ -0,0 +1,105 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.handler;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.BlockJUnit4ClassRunner;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.DeSpecificDetailSearchProcessor;
+import at.gv.bmi.namespace.zmr_su.zmr._20040201.PersonSuchenRequest;
+
+@RunWith(BlockJUnit4ClassRunner.class)
+public class DeSpecificDetailSearchProcessorTest {
+
+ private DeSpecificDetailSearchProcessor handler = new DeSpecificDetailSearchProcessor();
+
+ @Test
+ public void checkName() {
+ assertEquals("wrong handler name", "DeSpecificDetailSearchProcessor", handler.getName());
+
+ }
+
+ @Test
+ public void canHandlerCheck_1() {
+ SimpleEidasData eidData = SimpleEidasData.builder()
+ .birthName(RandomStringUtils.randomAlphabetic(5))
+ .placeOfBirth(RandomStringUtils.randomAlphabetic(5))
+ .build();
+ assertFalse("wrong 'canHandle' flag", handler.canHandle("XX", eidData));
+
+ }
+
+ @Test
+ public void canHandlerCheck_2() {
+ SimpleEidasData eidData = SimpleEidasData.builder()
+ .birthName(RandomStringUtils.randomAlphabetic(5))
+ .placeOfBirth(RandomStringUtils.randomAlphabetic(5))
+ .build();
+ assertTrue("wrong 'canHandle' flag", handler.canHandle("DE", eidData));
+
+ }
+
+ @Test
+ public void canHandlerCheck_3() {
+ SimpleEidasData eidData = SimpleEidasData.builder()
+ .birthName(RandomStringUtils.randomAlphabetic(5))
+ .placeOfBirth(RandomStringUtils.randomAlphabetic(5))
+ .build();
+ assertTrue("wrong 'canHandle' flag", handler.canHandle("de", eidData));
+
+ }
+
+ @Test
+ public void canHandlerCheck_4() {
+ SimpleEidasData eidData = SimpleEidasData.builder()
+ .birthName(null)
+ .placeOfBirth(RandomStringUtils.randomAlphabetic(5))
+ .build();
+ assertFalse("wrong 'canHandle' flag", handler.canHandle("DE", eidData));
+
+ }
+
+ @Test
+ public void canHandlerCheck_5() {
+ SimpleEidasData eidData = SimpleEidasData.builder()
+ .birthName(RandomStringUtils.randomAlphabetic(5))
+ .placeOfBirth(null)
+ .build();
+ assertFalse("wrong 'canHandle' flag", handler.canHandle("DE", eidData));
+
+ }
+
+ @Test
+ public void generateZmrSearchRequest() {
+ SimpleEidasData eidData = SimpleEidasData.builder()
+ .citizenCountryCode("DE")
+ .givenName(RandomStringUtils.randomAlphabetic(5))
+ .familyName(RandomStringUtils.randomAlphabetic(5))
+ .dateOfBirth(RandomStringUtils.randomAlphabetic(5))
+ .birthName(RandomStringUtils.randomAlphabetic(5))
+ .placeOfBirth(RandomStringUtils.randomAlphabetic(5))
+ .build();
+
+ // perform operation
+ PersonSuchenRequest req = handler.generateSearchRequest(eidData);
+
+ //validate response
+ assertNotNull("no search request", req);
+ assertNotNull("no MDS", req.getNatuerlichePerson());
+ assertNotNull("no MDS PersonName", req.getNatuerlichePerson().getPersonenName());
+ assertEquals("familyName", eidData.getFamilyName(), req.getNatuerlichePerson().getPersonenName().getFamilienname());
+ assertEquals("givenName", eidData.getGivenName(), req.getNatuerlichePerson().getPersonenName().getVorname());
+ assertEquals("birthday", eidData.getDateOfBirth(), req.getNatuerlichePerson().getGeburtsdatum());
+
+ assertNotNull("no eIDAS documenst", req.getEidasSuchdaten());
+ //TODO: add validation if we can add more than one eIDAS document
+
+ }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/handler/ItSpecificDetailSearchProcessorTes.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/handler/ItSpecificDetailSearchProcessorTes.java
new file mode 100644
index 00000000..9b638ee5
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/handler/ItSpecificDetailSearchProcessorTes.java
@@ -0,0 +1,84 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.handler;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.BlockJUnit4ClassRunner;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.ItSpecificDetailSearchProcessor;
+import at.gv.bmi.namespace.zmr_su.zmr._20040201.PersonSuchenRequest;
+
+@RunWith(BlockJUnit4ClassRunner.class)
+public class ItSpecificDetailSearchProcessorTes {
+
+ private ItSpecificDetailSearchProcessor handler = new ItSpecificDetailSearchProcessor();
+
+ @Test
+ public void checkName() {
+ assertEquals("wrong handler name", "ItSpecificDetailSearchProcessor", handler.getName());
+
+ }
+
+ @Test
+ public void canHandlerCheck_1() {
+ SimpleEidasData eidData = SimpleEidasData.builder()
+ .taxNumber(RandomStringUtils.randomAlphabetic(5))
+ .build();
+ assertFalse("wrong 'canHandle' flag", handler.canHandle("XX", eidData));
+
+ }
+
+ @Test
+ public void canHandlerCheck_2() {
+ SimpleEidasData eidData = SimpleEidasData.builder()
+ .taxNumber(RandomStringUtils.randomAlphabetic(5))
+ .build();
+ assertTrue("wrong 'canHandle' flag", handler.canHandle("IT", eidData));
+
+ }
+
+ @Test
+ public void canHandlerCheck_3() {
+ SimpleEidasData eidData = SimpleEidasData.builder()
+ .taxNumber(RandomStringUtils.randomAlphabetic(5))
+ .build();
+ assertTrue("wrong 'canHandle' flag", handler.canHandle("it", eidData));
+
+ }
+
+ @Test
+ public void canHandlerCheck_4() {
+ SimpleEidasData eidData = SimpleEidasData.builder()
+ .taxNumber("")
+ .build();
+ assertFalse("wrong 'canHandle' flag", handler.canHandle("IT", eidData));
+
+ }
+
+ @Test
+ public void generateZmrSearchRequest() {
+ SimpleEidasData eidData = SimpleEidasData.builder()
+ .citizenCountryCode("IT")
+ .givenName(RandomStringUtils.randomAlphabetic(5))
+ .familyName(RandomStringUtils.randomAlphabetic(5))
+ .dateOfBirth(RandomStringUtils.randomAlphabetic(5))
+ .taxNumber(RandomStringUtils.randomAlphabetic(5))
+ .build();
+
+ // perform operation
+ PersonSuchenRequest req = handler.generateSearchRequest(eidData);
+
+ //validate response
+ assertNotNull("no search request", req);
+
+ //TODO: add validation if we can add more information about taxNumber from Italy
+
+ }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaAuthSignalControllerTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaAuthSignalControllerTest.java
new file mode 100644
index 00000000..cddcd11c
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaAuthSignalControllerTest.java
@@ -0,0 +1,197 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.idaustriaclient;
+
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.util.SerializationUtils;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.controller.IdAustriaClientAuthSignalController;
+import at.gv.egiz.eaaf.core.api.IRequestStorage;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.ExceptionContainer;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage;
+import at.gv.egiz.eaaf.core.api.utils.IPendingRequestIdGenerationStrategy;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyProtocolAuthService;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.spring.test.DummyTransactionStorage.DummyDbEntry;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml"
+})
+public class IdAustriaAuthSignalControllerTest {
+
+ @Autowired(required = true)
+ private IdAustriaClientAuthSignalController controller;
+ @Autowired(required = true)
+ private ITransactionStorage cache;
+ @Autowired(required = true)
+ private IPendingRequestIdGenerationStrategy pendingReqGeneration;
+ @Autowired(required = true)
+ private IRequestStorage reqStorage;
+ @Autowired(required = true)
+ private IConfiguration basicConfig;
+ @Autowired private ITransactionStorage transactionStorage;
+
+ @Autowired private DummyProtocolAuthService protAuthService;
+
+ @Test
+ public void noRelayState() throws IOException, EaafException {
+ final MockHttpServletRequest httpReq =
+ new MockHttpServletRequest("POST", "https://localhost/authhandler");
+ final MockHttpServletResponse httpResp = new MockHttpServletResponse();
+
+ controller.performAuthentication(httpReq, httpResp);
+ Assert.assertEquals("httpStausCode", 200, httpResp.getStatus());
+
+ final String errorId = protAuthService.getErrorKey();
+ final Object error = cache.get(errorId);
+ Assert.assertNotNull("Error is null", error);
+ org.springframework.util.Assert.isInstanceOf(byte[].class,
+ ((DummyDbEntry) error).getObj());
+ final Object errorObj = SerializationUtils.deserialize((byte[]) ((DummyDbEntry) error).getObj());
+ org.springframework.util.Assert.isInstanceOf(ExceptionContainer.class, errorObj);
+ org.springframework.util.Assert.isInstanceOf(EaafException.class,
+ ((ExceptionContainer) errorObj).getExceptionThrown());
+
+ }
+
+ @Test
+ public void validRelayStateNoPendingReqId() throws EaafException, IOException {
+ final String pendingReqId = pendingReqGeneration.generateExternalPendingRequestId();
+ final MockHttpServletRequest httpReq =
+ new MockHttpServletRequest("POST", "https://localhost/authhandler");
+ httpReq.addParameter(IdAustriaClientAuthSignalController.HTTP_PARAM_RELAYSTATE, pendingReqId);
+ final MockHttpServletResponse httpResp = new MockHttpServletResponse();
+
+ controller.performAuthentication(httpReq, httpResp);
+ Assert.assertEquals("httpStausCode", 200, httpResp.getStatus());
+
+ final String errorId = protAuthService.getErrorKey();
+ final Object error = cache.get(errorId);
+ Assert.assertNotNull("Error is null", error);
+ org.springframework.util.Assert.isInstanceOf(byte[].class,
+ ((DummyDbEntry) error).getObj());
+ final Object errorObj = SerializationUtils.deserialize((byte[]) ((DummyDbEntry) error).getObj());
+ org.springframework.util.Assert.isInstanceOf(ExceptionContainer.class, errorObj);
+ org.springframework.util.Assert.isInstanceOf(EaafException.class,
+ ((ExceptionContainer) errorObj).getExceptionThrown());
+ //TODO:
+ Assert.assertEquals("ErrorCode not match", "auth.26",
+ ((EaafException) ((ExceptionContainer) errorObj).getExceptionThrown()).getErrorId());
+
+ }
+
+ @Test
+ public void validRelayStateSuspectPendingReqId() throws EaafException, IOException {
+ String relayState = RandomStringUtils.randomAlphanumeric(10);
+ transactionStorage.put(relayState, false, -1);
+
+ final MockHttpServletRequest httpReq =
+ new MockHttpServletRequest("POST", "https://localhost/authhandler");
+ httpReq.addParameter(IdAustriaClientAuthSignalController.HTTP_PARAM_RELAYSTATE, relayState);
+ final MockHttpServletResponse httpResp = new MockHttpServletResponse();
+
+ controller.performAuthentication(httpReq, httpResp);
+ Assert.assertEquals("httpStausCode", 200, httpResp.getStatus());
+
+ final String errorId = protAuthService.getErrorKey();
+ final Object error = cache.get(errorId);
+ Assert.assertNotNull("Error is null", error);
+ org.springframework.util.Assert.isInstanceOf(byte[].class,
+ ((DummyDbEntry) error).getObj());
+ final Object errorObj = SerializationUtils.deserialize((byte[]) ((DummyDbEntry) error).getObj());
+ org.springframework.util.Assert.isInstanceOf(ExceptionContainer.class, errorObj);
+ org.springframework.util.Assert.isInstanceOf(EaafException.class,
+ ((ExceptionContainer) errorObj).getExceptionThrown());
+ //TODO:
+ Assert.assertEquals("ErrorCode not match", "auth.26",
+ ((EaafException) ((ExceptionContainer) errorObj).getExceptionThrown()).getErrorId());
+
+ Assert.assertNull("RelayState was not removed", transactionStorage.get(relayState));
+
+ }
+
+ @Test
+ public void validRelayStateNoPendingReq() throws EaafException, IOException {
+ final String pendingReqId = pendingReqGeneration.generateExternalPendingRequestId();
+ String relayState = RandomStringUtils.randomAlphanumeric(10);
+ transactionStorage.put(relayState, pendingReqId, -1);
+
+ final MockHttpServletRequest httpReq =
+ new MockHttpServletRequest("POST", "https://localhost/authhandler");
+ httpReq.addParameter(IdAustriaClientAuthSignalController.HTTP_PARAM_RELAYSTATE, relayState);
+ final MockHttpServletResponse httpResp = new MockHttpServletResponse();
+
+ controller.performAuthentication(httpReq, httpResp);
+ Assert.assertEquals("httpStausCode", 200, httpResp.getStatus());
+
+ final String errorId = protAuthService.getErrorKey();
+ final Object error = cache.get(errorId);
+ Assert.assertNotNull("Error is null", error);
+ org.springframework.util.Assert.isInstanceOf(byte[].class,
+ ((DummyDbEntry) error).getObj());
+ final Object errorObj = SerializationUtils.deserialize((byte[]) ((DummyDbEntry) error).getObj());
+ org.springframework.util.Assert.isInstanceOf(ExceptionContainer.class, errorObj);
+ org.springframework.util.Assert.isInstanceOf(EaafException.class,
+ ((ExceptionContainer) errorObj).getExceptionThrown());
+ Assert.assertEquals("ErrorCode not match", "auth.28",
+ ((EaafException) ((ExceptionContainer) errorObj).getExceptionThrown()).getErrorId());
+
+ Assert.assertNull("RelayState was not removed", transactionStorage.get(relayState));
+
+ }
+
+ @Test
+ public void validRelayStateWithPendingReq() throws EaafException, IOException {
+ final String pendingReqId = pendingReqGeneration.generateExternalPendingRequestId();
+
+ String relayState = RandomStringUtils.randomAlphanumeric(10);
+ transactionStorage.put(relayState, pendingReqId, -1);
+
+ final TestRequestImpl pendingReq = new TestRequestImpl();
+ pendingReq.setPendingReqId(pendingReqId);
+ pendingReq.setAuthUrl("http://localhost/idp");
+ final Map<String, String> spConfigMap = new HashMap<>();
+ spConfigMap.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "http://test.sp");
+ final DummySpConfiguration spConfig = new DummySpConfiguration(spConfigMap, basicConfig);
+ pendingReq.setSpConfig(spConfig);
+ reqStorage.storePendingRequest(pendingReq);
+
+ final MockHttpServletRequest httpReq =
+ new MockHttpServletRequest("POST", "https://localhost/authhandler");
+ httpReq.addParameter(IdAustriaClientAuthSignalController.HTTP_PARAM_RELAYSTATE, relayState);
+ final MockHttpServletResponse httpResp = new MockHttpServletResponse();
+
+ controller.performAuthentication(httpReq, httpResp);
+
+ Assert.assertEquals("httpStausCode", 200, httpResp.getStatus());
+
+ final String errorId = protAuthService.getErrorKey();
+ final Object error = cache.get(errorId);
+ Assert.assertNotNull("Error is null", error);
+ org.springframework.util.Assert.isInstanceOf(byte[].class,
+ ((DummyDbEntry) error).getObj());
+ final Object errorObj = SerializationUtils.deserialize((byte[]) ((DummyDbEntry) error).getObj());
+ org.springframework.util.Assert.isInstanceOf(ExceptionContainer.class, errorObj);
+ org.springframework.util.Assert.isInstanceOf(EaafException.class,
+ ((ExceptionContainer) errorObj).getExceptionThrown());
+ Assert.assertEquals("ErrorCode not match",
+ "PendingRequest object is not of type 'RequestImpl.class'",
+ ((EaafException) ((ExceptionContainer) errorObj).getExceptionThrown()).getErrorId());
+ }
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaClientAuthHealthCheckTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaClientAuthHealthCheckTest.java
new file mode 100644
index 00000000..a912f344
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaClientAuthHealthCheckTest.java
@@ -0,0 +1,130 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.idaustriaclient;
+
+import java.time.Instant;
+import java.time.temporal.ChronoUnit;
+
+import org.junit.Assert;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
+import org.opensaml.core.xml.io.MarshallingException;
+import org.opensaml.core.xml.io.UnmarshallingException;
+import org.opensaml.core.xml.util.XMLObjectSupport;
+import org.opensaml.saml.saml2.metadata.EntityDescriptor;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.actuate.health.Health;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.w3c.dom.Element;
+
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustriaClientAuthConstants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.provider.IdAustriaClientAuthHealthCheck;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.provider.IdAustriaClientAuthMetadataProvider;
+import at.gv.egiz.eaaf.modules.pvp2.api.utils.IPvp2CredentialProvider;
+import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
+import at.gv.egiz.eaaf.modules.pvp2.exception.SamlSigningException;
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer;
+import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
+import net.shibboleth.utilities.java.support.resolver.ResolverException;
+import net.shibboleth.utilities.java.support.xml.SerializeSupport;
+import net.shibboleth.utilities.java.support.xml.XMLParserException;
+import okhttp3.HttpUrl;
+import okhttp3.mockwebserver.MockResponse;
+import okhttp3.mockwebserver.MockWebServer;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml"
+})
+public class IdAustriaClientAuthHealthCheckTest {
+
+ @Autowired private IdAustriaClientAuthHealthCheck toCheck;
+ @Autowired protected MsConnectorDummyConfigMap config;
+ @Autowired private IPvp2CredentialProvider credentialProvider;
+ @Autowired IdAustriaClientAuthMetadataProvider provider;
+
+ private static MockWebServer mockWebServer;
+ private static HttpUrl mockServerUrl;
+
+ /**
+ * JUnit class initializer.
+ *
+ * @throws Exception In case of an OpenSAML3 initialization error
+ */
+ @BeforeClass
+ public static void classInitializer() throws Exception {
+ EaafOpenSaml3xInitializer.eaafInitialize();
+
+ mockWebServer = new MockWebServer();
+ mockServerUrl = mockWebServer.url("/sp/metadata");
+
+ }
+
+ @Test
+ public void notActive() {
+ //set-up test
+ config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_ID_AUSTRIA_ENTITYID,
+ null);
+
+ //perform check
+ Health status = toCheck.health();
+
+ //evaluate status
+ Assert.assertEquals("wrong status", Health.unknown().build().getStatus(), status.getStatus());
+
+ }
+
+ @Test
+ public void success() throws SamlSigningException, CredentialsNotAvailableException,
+ XMLParserException, UnmarshallingException, MarshallingException {
+
+ //set-up test
+ config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_ID_AUSTRIA_ENTITYID,
+ mockServerUrl.url().toString());
+ injectValidHttpMetadata(mockServerUrl.url().toString());
+
+ //perform check
+ Health status = toCheck.health();
+
+ //evaluate status
+ Assert.assertEquals("wrong status", Health.up().build().getStatus(), status.getStatus());
+
+ }
+
+ @Test
+ public void invalid() throws SamlSigningException, CredentialsNotAvailableException,
+ XMLParserException, UnmarshallingException, MarshallingException, ResolverException {
+ //set-up test
+ provider.clear();
+ config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_ID_AUSTRIA_ENTITYID,
+ "http://localhost:1234/junit/metadata");
+
+ //perform check
+ Health status = toCheck.health();
+
+ //evaluate status
+ Assert.assertEquals("wrong status", Health.outOfService().build().getStatus(), status.getStatus());
+
+ }
+
+ private String injectValidHttpMetadata(String dynEntityId) throws XMLParserException,
+ UnmarshallingException, MarshallingException, SamlSigningException, CredentialsNotAvailableException {
+ final EntityDescriptor metadata = (EntityDescriptor) XMLObjectSupport.unmarshallFromInputStream(
+ XMLObjectProviderRegistrySupport.getParserPool(),
+ IdAustriaClientAuthHealthCheckTest.class.getResourceAsStream("/data/idp_metadata_no_sig.xml"));
+ metadata.setValidUntil(Instant.now().plus(1, ChronoUnit.DAYS));
+ metadata.setSignature(null);
+ metadata.setEntityID(dynEntityId);
+ Saml2Utils.signSamlObject(metadata, credentialProvider.getMetaDataSigningCredential(), true);
+ final Element metadataElement = XMLObjectSupport.marshall(metadata);
+ mockWebServer.enqueue(new MockResponse().setResponseCode(200)
+ .setBody(SerializeSupport.nodeToString(metadataElement))
+ .setHeader("Content-Type", "text/html;charset=utf-8"));
+ return dynEntityId;
+
+}
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaClientAuthMetadataControllerTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaClientAuthMetadataControllerTest.java
new file mode 100644
index 00000000..b7f27204
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaClientAuthMetadataControllerTest.java
@@ -0,0 +1,136 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.idaustriaclient;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
+import org.opensaml.core.xml.io.UnmarshallingException;
+import org.opensaml.core.xml.util.XMLObjectSupport;
+import org.opensaml.saml.common.xml.SAMLConstants;
+import org.opensaml.saml.metadata.resolver.filter.FilterException;
+import org.opensaml.saml.metadata.resolver.filter.MetadataFilterContext;
+import org.opensaml.saml.saml2.metadata.EntityDescriptor;
+import org.opensaml.saml.saml2.metadata.SPSSODescriptor;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustriaClientAuthConstants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.controller.IdAustriaClientAuthMetadataController;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.provider.IdAustriaClientAuthCredentialProvider;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer;
+import at.gv.egiz.eaaf.modules.pvp2.impl.validation.metadata.SchemaValidationFilter;
+import at.gv.egiz.eaaf.modules.pvp2.impl.validation.metadata.SimpleMetadataSignatureVerificationFilter;
+import net.shibboleth.utilities.java.support.xml.XMLParserException;
+
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml"
+})
+@DirtiesContext(classMode = DirtiesContext.ClassMode.AFTER_CLASS)
+public class IdAustriaClientAuthMetadataControllerTest {
+
+ private MockHttpServletRequest httpReq;
+ private MockHttpServletResponse httpResp;
+
+ @Autowired private IdAustriaClientAuthMetadataController controller;
+ @Autowired private IdAustriaClientAuthCredentialProvider credProvider;
+
+ /**
+ * JUnit class initializer.
+ *
+ * @throws Exception In case of an OpenSAML3 initialization error
+ */
+ @BeforeClass
+ public static void initialize() throws Exception {
+ EaafOpenSaml3xInitializer.eaafInitialize();
+
+ }
+
+ /**
+ * Single jUnit-test set-up.
+ */
+ @Before
+ public void testSetup() {
+ httpReq = new MockHttpServletRequest("GET", "http://localhost/authhandler");
+ httpReq.setContextPath("/authhandler");
+ httpResp = new MockHttpServletResponse();
+
+ }
+
+ @Test
+ public void buildMetadataValidInEidMode() throws IOException, EaafException,
+ XMLParserException, UnmarshallingException, FilterException {
+
+ //build metdata
+ controller.getSpMetadata(httpReq, httpResp);
+
+ //check result
+ validateResponse(6);
+
+ }
+
+ private void validateResponse(int numberOfRequestedAttributes) throws UnsupportedEncodingException,
+ XMLParserException, UnmarshallingException, FilterException, CredentialsNotAvailableException {
+ Assert.assertEquals("HTTP Statuscode", 200, httpResp.getStatus());
+ Assert.assertEquals("ContentType", "text/xml; charset=utf-8", httpResp.getContentType());
+ Assert.assertEquals("ContentEncoding", "UTF-8", httpResp.getCharacterEncoding());
+
+ final String metadataXml = httpResp.getContentAsString();
+ Assert.assertNotNull("XML Metadata", metadataXml);
+
+ final EntityDescriptor metadata = (EntityDescriptor) XMLObjectSupport.unmarshallFromInputStream(
+ XMLObjectProviderRegistrySupport.getParserPool(), new ByteArrayInputStream(metadataXml.getBytes("UTF-8")));
+
+ Assert.assertEquals("EntityId",
+ "http://localhost/authhandler" + IdAustriaClientAuthConstants.ENDPOINT_METADATA,
+ metadata.getEntityID());
+
+ MetadataFilterContext filterContext = new MetadataFilterContext();
+
+ //check XML scheme
+ final SchemaValidationFilter schemaFilter = new SchemaValidationFilter();
+ schemaFilter.filter(metadata, filterContext);
+
+ //check signature
+ final SimpleMetadataSignatureVerificationFilter sigFilter =
+ new SimpleMetadataSignatureVerificationFilter(credProvider.getKeyStore().getFirst(),
+ metadata.getEntityID());
+ sigFilter.filter(metadata, filterContext);
+
+ //check content
+ final SPSSODescriptor spSsoDesc = metadata.getSPSSODescriptor(SAMLConstants.SAML20P_NS);
+ Assert.assertNotNull("SPSSODescr.", spSsoDesc);
+
+ Assert.assertFalse("AssertionConsumerServices",
+ spSsoDesc.getAssertionConsumerServices().isEmpty());
+
+ Assert.assertFalse("KeyDescriptors",
+ spSsoDesc.getKeyDescriptors().isEmpty());
+ Assert.assertEquals("#KeyDescriptors", 2, spSsoDesc.getKeyDescriptors().size());
+
+ Assert.assertFalse("NameIDFormats",
+ spSsoDesc.getNameIDFormats().isEmpty());
+ Assert.assertEquals("wrong NameIDFormats", "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent",
+ spSsoDesc.getNameIDFormats().get(0).getURI());
+
+ Assert.assertFalse("AttributeConsumingServices",
+ spSsoDesc.getAttributeConsumingServices().isEmpty());
+ Assert.assertEquals("#RequestAttributes", numberOfRequestedAttributes,
+ spSsoDesc.getAttributeConsumingServices().get(0).getRequestedAttributes().size());
+
+ }
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaClientAuthMetadataProviderFirstTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaClientAuthMetadataProviderFirstTest.java
new file mode 100644
index 00000000..c4dd5d2e
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaClientAuthMetadataProviderFirstTest.java
@@ -0,0 +1,239 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.idaustriaclient;
+
+import java.io.IOException;
+import java.time.Instant;
+import java.time.temporal.ChronoUnit;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.opensaml.core.criterion.EntityIdCriterion;
+import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
+import org.opensaml.core.xml.io.MarshallingException;
+import org.opensaml.core.xml.io.UnmarshallingException;
+import org.opensaml.core.xml.util.XMLObjectSupport;
+import org.opensaml.saml.saml2.metadata.EntityDescriptor;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.w3c.dom.Element;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.provider.IdAustriaClientAuthMetadataProvider;
+import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider;
+import at.gv.egiz.eaaf.modules.pvp2.api.utils.IPvp2CredentialProvider;
+import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
+import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException;
+import at.gv.egiz.eaaf.modules.pvp2.exception.SamlSigningException;
+import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.PvpMetadataResolverFactory;
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer;
+import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
+import at.gv.egiz.eaaf.modules.pvp2.test.metadata.MetadataResolverTest;
+import net.shibboleth.utilities.java.support.resolver.CriteriaSet;
+import net.shibboleth.utilities.java.support.resolver.ResolverException;
+import net.shibboleth.utilities.java.support.xml.SerializeSupport;
+import net.shibboleth.utilities.java.support.xml.XMLParserException;
+import okhttp3.HttpUrl;
+import okhttp3.mockwebserver.MockResponse;
+import okhttp3.mockwebserver.MockWebServer;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml"
+})
+public class IdAustriaClientAuthMetadataProviderFirstTest {
+
+ @Autowired
+ IPvp2CredentialProvider credentialProvider;
+ @Autowired
+ IdAustriaClientAuthMetadataProvider provider;
+ @Autowired
+ PvpMetadataResolverFactory resolverFactory;
+
+ private static MockWebServer mockWebServer;
+ private static HttpUrl mockServerUrl;
+
+ /**
+ * JUnit class initializer.
+ *
+ * @throws Exception In case of an OpenSAML3 initialization error
+ */
+ @BeforeClass
+ public static void classInitializer() throws Exception {
+ EaafOpenSaml3xInitializer.eaafInitialize();
+
+ mockWebServer = new MockWebServer();
+ mockServerUrl = mockWebServer.url("/sp/metadata");
+
+ }
+
+ /**
+ * jUnit test set-up.
+ *
+ * @throws ResolverException
+ *
+ */
+ @Before
+ public void testSetup() {
+ provider.fullyDestroy();
+
+ }
+
+ @Test
+ public void simpleManuelAddingTest() throws Pvp2MetadataException, ResolverException {
+ final IPvp2MetadataProvider resolver1 = resolverFactory.createMetadataProvider(
+ "classpath:/data/idp_metadata_sig_notvalid.xml",
+ null, "junit", null);
+ Assert.assertNotNull("Resolver 1 is null", resolver1);
+ provider.addMetadataResolverIntoChain(resolver1);
+
+ final IPvp2MetadataProvider resolver2 = resolverFactory.createMetadataProvider(
+ "classpath:/data/idp_metadata_sig_valid_wrong_alg.xml",
+ null, "junit", null);
+ Assert.assertNotNull("Resolver 2 is null", resolver2);
+ provider.addMetadataResolverIntoChain(resolver2);
+
+ final EntityDescriptor entity1 = provider.getEntityDescriptor("https://localEntity");
+ Assert.assertNotNull("Entity 1 not found", entity1);
+
+ final EntityDescriptor entity2 = provider.getEntityDescriptor(
+ "https://vidp.gv.at/ms_connector/pvp/metadata");
+ Assert.assertNotNull("Entity 2 not found", entity2);
+
+ final EntityDescriptor entity3 = provider.getEntityDescriptor("https://egiz.gv.at/abababa");
+ Assert.assertNull("Entity 3 found", entity3);
+
+ }
+
+ @Test
+ public void dynamicLoadingNoValidSignature() throws ResolverException {
+ final EntityDescriptor entity = provider.getEntityDescriptor("classpath:/data/idp_metadata_no_sig2.xml");
+ Assert.assertNull("Entity found", entity);
+
+ }
+
+ @Test
+ public void dynamicLoadingValidSignature() throws XMLParserException, UnmarshallingException,
+ SamlSigningException, CredentialsNotAvailableException, MarshallingException, ResolverException {
+
+ final String entityId = injectValidHttpMetadata();
+ final EntityDescriptor entity = provider.getEntityDescriptor(entityId);
+ Assert.assertNotNull("Entity not found", entity);
+
+ }
+
+ @Test
+ public void reloadNotPossible() throws XMLParserException, UnmarshallingException,
+ SamlSigningException, CredentialsNotAvailableException, MarshallingException, ResolverException {
+
+ final String entityId = injectValidHttpMetadata();
+ final EntityDescriptor entity = provider.getEntityDescriptor(entityId);
+ Assert.assertNotNull("Entity not found", entity);
+ Assert.assertNotNull("Entity not found",
+ provider.resolveSingle(generateEntityIdCreteria(entityId)));
+
+ Assert.assertFalse("Refresh should not be possible",
+ provider.refreshMetadataProvider(entityId));
+
+ final EntityDescriptor entity2 = provider.getEntityDescriptor(entityId);
+ Assert.assertNull("Entity not found", entity2);
+ Assert.assertNull("Entity not found",
+ provider.resolveSingle(generateEntityIdCreteria(entityId)));
+
+ Assert.assertFalse("Last refresh", provider.wasLastRefreshSuccess());
+
+ }
+
+ @Test
+ public void refeshTest() throws Pvp2MetadataException, ResolverException {
+ Assert.assertFalse("Last refresh", provider.wasLastRefreshSuccess());
+ Assert.assertNull("LastRefresh", provider.getLastRefresh());
+ Assert.assertNull("LastSuccessfulRefresh", provider.getLastSuccessfulRefresh());
+ Assert.assertNull("LastUpdate", provider.getLastUpdate());
+
+ final IPvp2MetadataProvider resolver1 = resolverFactory.createMetadataProvider(
+ "classpath:/data/idp_metadata_sig_notvalid.xml",
+ null, "junit", null);
+ Assert.assertNotNull("Resolver 1 is null", resolver1);
+ provider.addMetadataResolverIntoChain(resolver1);
+
+ final IPvp2MetadataProvider resolver2 = resolverFactory.createMetadataProvider(
+ "classpath:/data/idp_metadata_sig_valid_wrong_alg.xml",
+ null, "junit", null);
+ Assert.assertNotNull("Resolver 2 is null", resolver2);
+ provider.addMetadataResolverIntoChain(resolver2);
+
+ provider.refresh();
+
+ Assert.assertTrue("Last refresh", provider.wasLastRefreshSuccess());
+ Assert.assertNotNull("LastRefresh", provider.getLastRefresh());
+ Assert.assertNotNull("LastSuccessfulRefresh", provider.getLastSuccessfulRefresh());
+ Assert.assertNotNull("LastUpdate", provider.getLastUpdate());
+
+ }
+
+ @Test
+ public void reloadPossible() throws XMLParserException, UnmarshallingException,
+ SamlSigningException, CredentialsNotAvailableException, MarshallingException, ResolverException,
+ IOException {
+
+ mockWebServer.shutdown();
+ mockWebServer = new MockWebServer();
+ mockServerUrl = mockWebServer.url("/sp/metadata");
+
+ final String entityId = injectValidHttpMetadata();
+ final EntityDescriptor entity = provider.getEntityDescriptor(entityId);
+ Assert.assertNotNull("Entity not found", entity);
+ Assert.assertNotNull("Entity not found",
+ provider.resolveSingle(generateEntityIdCreteria(entityId)));
+
+ Assert.assertFalse("Last refresh", provider.wasLastRefreshSuccess());
+
+ injectValidHttpMetadata(entityId);
+ Assert.assertTrue("Refresh should not be possible",
+ provider.refreshMetadataProvider(entityId));
+
+ final EntityDescriptor entity2 = provider.getEntityDescriptor(entityId);
+ Assert.assertNotNull("Entity not found", entity2);
+ Assert.assertNotNull("Entity not found",
+ provider.resolveSingle(generateEntityIdCreteria(entityId)));
+
+ Assert.assertFalse("Last refresh", provider.wasLastRefreshSuccess());
+
+ }
+
+ private String injectValidHttpMetadata() throws SamlSigningException, CredentialsNotAvailableException,
+ XMLParserException, UnmarshallingException, MarshallingException {
+ return injectValidHttpMetadata(mockServerUrl.url().toString()
+ + "/" + RandomStringUtils.randomAlphabetic(5));
+ }
+
+ private String injectValidHttpMetadata(String dynEntityId) throws XMLParserException,
+ UnmarshallingException,
+ MarshallingException, SamlSigningException, CredentialsNotAvailableException {
+ final EntityDescriptor metadata = (EntityDescriptor) XMLObjectSupport.unmarshallFromInputStream(
+ XMLObjectProviderRegistrySupport.getParserPool(),
+ MetadataResolverTest.class.getResourceAsStream("/data/idp_metadata_no_sig.xml"));
+ metadata.setValidUntil(Instant.now().plus(1, ChronoUnit.DAYS));
+ metadata.setSignature(null);
+ metadata.setEntityID(dynEntityId);
+ Saml2Utils.signSamlObject(metadata, credentialProvider.getMetaDataSigningCredential(), true);
+ final Element metadataElement = XMLObjectSupport.marshall(metadata);
+ mockWebServer.enqueue(new MockResponse().setResponseCode(200)
+ .setBody(SerializeSupport.nodeToString(metadataElement))
+ .setHeader("Content-Type", "text/html;charset=utf-8"));
+
+ return dynEntityId;
+
+ }
+
+ private CriteriaSet generateEntityIdCreteria(String entityId) {
+ final CriteriaSet result = new CriteriaSet();
+ result.add(new EntityIdCriterion(entityId));
+ return result;
+
+ }
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaClientAuthMetadataProviderSecondTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaClientAuthMetadataProviderSecondTest.java
new file mode 100644
index 00000000..3ee6ddcd
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaClientAuthMetadataProviderSecondTest.java
@@ -0,0 +1,66 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.idaustriaclient;
+
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.opensaml.saml.saml2.metadata.EntityDescriptor;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.provider.IdAustriaClientAuthMetadataProvider;
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer;
+import net.shibboleth.utilities.java.support.resolver.ResolverException;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml"
+})
+public class IdAustriaClientAuthMetadataProviderSecondTest {
+
+ @Autowired
+ IdAustriaClientAuthMetadataProvider provider;
+
+ /**
+ * JUnit class initializer.
+ *
+ * @throws Exception In case of an OpenSAML3 initialization error
+ */
+ @BeforeClass
+ public static void classInitializer() throws Exception {
+ EaafOpenSaml3xInitializer.eaafInitialize();
+
+ }
+
+ /**
+ * jUnit test set-up.
+ *
+ * @throws ResolverException
+ *
+ */
+ @Before
+ public void testSetup() {
+ provider.fullyDestroy();
+
+ }
+
+ @Test
+ public void notTrustedX509CertsInTrustStore() throws ResolverException {
+ final EntityDescriptor entity = provider.getEntityDescriptor("classpath:/data/idp_metadata_no_sig2.xml");
+ Assert.assertNull("Entity found", entity);
+
+ }
+
+ @Test
+ public void readStaticInfos() {
+ Assert.assertEquals("wrong providerId",
+ IdAustriaClientAuthMetadataProvider.PROVIDER_ID, provider.getId());
+
+ provider.runGarbageCollector();
+
+ }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaClientCredentialProviderTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaClientCredentialProviderTest.java
new file mode 100644
index 00000000..bdc0df15
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/idaustriaclient/IdAustriaClientCredentialProviderTest.java
@@ -0,0 +1,414 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.idaustriaclient;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.BeansException;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import com.google.common.base.Optional;
+import com.google.common.base.Predicates;
+import com.google.common.base.Throwables;
+import com.google.common.collect.FluentIterable;
+
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustriaClientAuthConstants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.provider.IdAustriaClientAuthCredentialProvider;
+import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.EaafFactoryException;
+import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential;
+import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+ "/SpringTest-context_basic_lazy.xml",
+ "/SpringTest-context_basic_mapConfig.xml"
+})
+@DirtiesContext
+public class IdAustriaClientCredentialProviderTest {
+
+ private static final String PATH_JKS = "../keystore/junit_test.jks";
+ private static final String ALIAS_METADATA = "meta";
+ private static final String ALIAS_SIGN = "sig";
+ private static final String ALIAS_ENC = "enc";
+ private static final String PASSWORD = "password";
+
+ @Autowired
+ private ApplicationContext context;
+ @Autowired(required = true)
+ protected MsConnectorDummyConfigMap config;
+
+ /**
+ * jUnit test initializer.
+ */
+ @Before
+ public void initialize() {
+ config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_KEYSTORE_PATH, PATH_JKS);
+ config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_KEYSTORE_PASSWORD, PASSWORD);
+
+ config.removeConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_METADATA_ALIAS);
+ config.removeConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_METADATA_KEY_PASSWORD);
+
+ config.removeConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_SIGNING_ALIAS);
+ config.removeConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_SIGNING_KEY_PASSWORD);
+
+ config.removeConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_ENCRYPTION_ALIAS);
+ config.removeConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_ENCRYPTION_KEY_PASSWORD);
+
+ }
+
+ @Test
+ @DirtiesContext
+ public void noKeyStoreUrl() {
+ config.removeConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_KEYSTORE_PATH);
+ try {
+ context.getBean(IdAustriaClientAuthCredentialProvider.class);
+ Assert.fail("No KeyStore not detected");
+
+ } catch (final BeansException e) {
+ org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class,
+ e.getCause(), "Wrong exception");
+ }
+
+ }
+
+ @Test
+ @DirtiesContext
+ public void noKeyStore() {
+ config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_KEYSTORE_PATH,
+ "src/test/resources/config/notExist.p12");
+ try {
+ context.getBean(IdAustriaClientAuthCredentialProvider.class);
+ Assert.fail("No KeyStore not detected");
+
+ } catch (final BeansException e) {
+ final Optional<Throwable> eaafException = FluentIterable.from(
+ Throwables.getCausalChain(e)).filter(
+ Predicates.instanceOf(EaafConfigurationException.class)).first();
+ Assert.assertTrue("Wrong exception", eaafException.isPresent());
+ Assert.assertEquals("Wrong errorId", "internal.keystore.06",
+ ((EaafException) eaafException.get()).getErrorId());
+
+ }
+
+ }
+
+ @Test
+ @DirtiesContext
+ public void noWrongKeyStorePassword() {
+ config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_KEYSTORE_PASSWORD, "test");
+ try {
+ context.getBean(IdAustriaClientAuthCredentialProvider.class);
+ Assert.fail("No KeyStore not detected");
+
+ } catch (final BeansException e) {
+ final Optional<Throwable> eaafException = FluentIterable.from(
+ Throwables.getCausalChain(e)).filter(
+ Predicates.instanceOf(EaafFactoryException.class)).first();
+ Assert.assertTrue("Wrong exception", eaafException.isPresent());
+ Assert.assertEquals("Wrong errorId", "internal.keystore.06",
+ ((EaafException) eaafException.get()).getErrorId());
+
+ }
+
+ }
+
+ @Test
+ @DirtiesContext
+ public void notKeyConfigurationWrongAlias() {
+ final IdAustriaClientAuthCredentialProvider credential = context.getBean(
+ IdAustriaClientAuthCredentialProvider.class);
+
+ Assert.assertNotNull("Credetialprovider", credential);
+ Assert.assertNotNull("Friendlyname", credential.getFriendlyName());
+
+ try {
+ config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_METADATA_ALIAS,
+ RandomStringUtils.randomAlphabetic(5));
+ credential.getMetaDataSigningCredential();
+ Assert.fail("No Metadata signing credentials not detected");
+
+ } catch (final CredentialsNotAvailableException e) {
+ Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+ }
+
+ try {
+ config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_SIGNING_ALIAS,
+ RandomStringUtils.randomAlphabetic(5));
+ credential.getMessageSigningCredential();
+ Assert.fail("No Metadata signing credentials not detected");
+
+ } catch (final CredentialsNotAvailableException e) {
+ Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+ }
+
+ try {
+ config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_ENCRYPTION_ALIAS,
+ RandomStringUtils.randomAlphabetic(5));
+ credential.getMessageEncryptionCredential();
+ Assert.fail("No Metadata signing credentials not detected");
+
+ } catch (final CredentialsNotAvailableException e) {
+ Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+ }
+
+ }
+
+ @Test
+ @DirtiesContext
+ public void notKeyConfigurationWrongPassword() {
+ final IdAustriaClientAuthCredentialProvider credential = context.getBean(
+ IdAustriaClientAuthCredentialProvider.class);
+
+ Assert.assertNotNull("Credetialprovider", credential);
+ Assert.assertNotNull("Friendlyname", credential.getFriendlyName());
+
+ try {
+ config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_METADATA_KEY_PASSWORD,
+ RandomStringUtils.randomAlphabetic(5));
+ credential.getMetaDataSigningCredential();
+ Assert.fail("No Metadata signing credentials not detected");
+
+ } catch (final CredentialsNotAvailableException e) {
+ Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+ }
+
+ try {
+ config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_SIGNING_KEY_PASSWORD,
+ RandomStringUtils.randomAlphabetic(5));
+ credential.getMessageSigningCredential();
+ Assert.fail("No message signing credentials not detected");
+
+ } catch (final CredentialsNotAvailableException e) {
+ Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+ }
+
+ try {
+ config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_ENCRYPTION_KEY_PASSWORD,
+ RandomStringUtils.randomAlphabetic(5));
+ final EaafX509Credential encCred = credential.getMessageEncryptionCredential();
+ Assert.assertNull("No encryption signing credentials not detected", encCred);
+
+ } catch (final CredentialsNotAvailableException e) {
+ Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+ }
+
+ }
+
+ @Test
+ @DirtiesContext
+ public void notKeyConfigurationValidAliasWrongPassword() {
+ final IdAustriaClientAuthCredentialProvider credential = context.getBean(
+ IdAustriaClientAuthCredentialProvider.class);
+
+ Assert.assertNotNull("Credetialprovider", credential);
+ Assert.assertNotNull("Friendlyname", credential.getFriendlyName());
+
+ try {
+ config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_METADATA_ALIAS,
+ ALIAS_METADATA);
+ config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_METADATA_KEY_PASSWORD,
+ RandomStringUtils.randomAlphabetic(5));
+ credential.getMetaDataSigningCredential();
+ Assert.fail("No Metadata signing credentials not detected");
+
+ } catch (final CredentialsNotAvailableException e) {
+ Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+ }
+
+ try {
+ config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_SIGNING_ALIAS,
+ ALIAS_SIGN);
+ config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_SIGNING_KEY_PASSWORD,
+ RandomStringUtils.randomAlphabetic(5));
+ credential.getMessageSigningCredential();
+ Assert.fail("No Metadata signing credentials not detected");
+
+ } catch (final CredentialsNotAvailableException e) {
+ Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+ }
+
+ try {
+ config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_ENCRYPTION_ALIAS,
+ ALIAS_ENC);
+ config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_ENCRYPTION_KEY_PASSWORD,
+ RandomStringUtils.randomAlphabetic(5));
+ credential.getMessageEncryptionCredential();
+ Assert.fail("No Metadata signing credentials not detected");
+
+ } catch (final CredentialsNotAvailableException e) {
+ Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+ }
+ }
+
+ @Test
+ @DirtiesContext
+ public void notKeyConfigurationWrongAliasValidPassword() {
+ final IdAustriaClientAuthCredentialProvider credential = context.getBean(
+ IdAustriaClientAuthCredentialProvider.class);
+
+ Assert.assertNotNull("Credetialprovider", credential);
+ Assert.assertNotNull("Friendlyname", credential.getFriendlyName());
+
+ try {
+ config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_METADATA_ALIAS,
+ RandomStringUtils.randomAlphabetic(5));
+ config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_METADATA_KEY_PASSWORD,
+ PASSWORD);
+ credential.getMetaDataSigningCredential();
+ Assert.fail("No Metadata signing credentials not detected");
+
+ } catch (final CredentialsNotAvailableException e) {
+ Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+ }
+
+ try {
+ config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_SIGNING_ALIAS,
+ RandomStringUtils.randomAlphabetic(5));
+ config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_SIGNING_KEY_PASSWORD,
+ PASSWORD);
+ credential.getMessageSigningCredential();
+ Assert.fail("No Metadata signing credentials not detected");
+
+ } catch (final CredentialsNotAvailableException e) {
+ Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+ }
+
+ try {
+ config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_ENCRYPTION_ALIAS,
+ RandomStringUtils.randomAlphabetic(5));
+ config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_ENCRYPTION_KEY_PASSWORD,
+ PASSWORD);
+ credential.getMessageEncryptionCredential();
+ Assert.fail("No Metadata signing credentials not detected");
+
+ } catch (final CredentialsNotAvailableException e) {
+ Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+ }
+ }
+
+ @Test
+ @DirtiesContext
+ public void validonfiguration() throws CredentialsNotAvailableException {
+ final IdAustriaClientAuthCredentialProvider credential = context.getBean(
+ IdAustriaClientAuthCredentialProvider.class);
+
+ Assert.assertNotNull("Credetialprovider", credential);
+ Assert.assertNotNull("Friendlyname", credential.getFriendlyName());
+
+ config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_METADATA_ALIAS,
+ ALIAS_METADATA);
+ config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_METADATA_KEY_PASSWORD,
+ PASSWORD);
+ credential.getMetaDataSigningCredential();
+
+ config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_SIGNING_ALIAS,
+ ALIAS_SIGN);
+ config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_SIGNING_KEY_PASSWORD,
+ PASSWORD);
+ credential.getMessageSigningCredential();
+
+ config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_ENCRYPTION_ALIAS,
+ ALIAS_ENC);
+ config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_ENCRYPTION_KEY_PASSWORD,
+ PASSWORD);
+ credential.getMessageEncryptionCredential();
+
+ }
+
+ @Test
+ @DirtiesContext
+ public void notKeyConfiguration() {
+ final IdAustriaClientAuthCredentialProvider credential = context.getBean(
+ IdAustriaClientAuthCredentialProvider.class);
+
+ Assert.assertNotNull("Credetialprovider", credential);
+ Assert.assertNotNull("Friendlyname", credential.getFriendlyName());
+
+ try {
+ credential.getMetaDataSigningCredential();
+ Assert.fail("No Metadata signing credentials not detected");
+
+ } catch (final CredentialsNotAvailableException e) {
+ Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+ }
+
+ try {
+ credential.getMessageSigningCredential();
+ Assert.fail("No message signing credentials not detected");
+
+ } catch (final CredentialsNotAvailableException e) {
+ Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+ }
+
+ try {
+ final EaafX509Credential encCred = credential.getMessageEncryptionCredential();
+ Assert.assertNull("No encryption signing credentials not detected", encCred);
+
+ } catch (final CredentialsNotAvailableException e) {
+ Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+ }
+
+ }
+
+ @Test
+ @DirtiesContext
+ public void notKeyConfigurationPkcs12() {
+ config.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_KEYSTORE_PATH,
+ "../keystore/pvp.p12");
+ final IdAustriaClientAuthCredentialProvider credential = context.getBean(
+ IdAustriaClientAuthCredentialProvider.class);
+
+ Assert.assertNotNull("Credetialprovider", credential);
+ Assert.assertNotNull("Friendlyname", credential.getFriendlyName());
+
+ try {
+ credential.getMetaDataSigningCredential();
+ Assert.fail("No Metadata signing credentials not detected");
+
+ } catch (final CredentialsNotAvailableException e) {
+ Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+ }
+
+ try {
+ credential.getMessageSigningCredential();
+ Assert.fail("No message signing credentials not detected");
+
+ } catch (final CredentialsNotAvailableException e) {
+ Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+ }
+
+ try {
+ final EaafX509Credential encCred = credential.getMessageEncryptionCredential();
+ Assert.assertNull("No encryption signing credentials not detected", encCred);
+
+ } catch (final CredentialsNotAvailableException e) {
+ Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+ }
+ }
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/AlternativeSearchTaskWithRegisterTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/AlternativeSearchTaskWithRegisterTest.java
new file mode 100644
index 00000000..3814c632
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/AlternativeSearchTaskWithRegisterTest.java
@@ -0,0 +1,1042 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
+
+import static org.apache.commons.lang3.RandomStringUtils.randomAlphabetic;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertThrows;
+import static org.junit.Assert.assertTrue;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.when;
+
+import java.math.BigInteger;
+import java.net.URI;
+import java.net.URISyntaxException;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+import java.util.Optional;
+
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBElement;
+import javax.xml.bind.JAXBException;
+import javax.xml.bind.Unmarshaller;
+import javax.xml.namespace.QName;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.jetbrains.annotations.NotNull;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.ArgumentCaptor;
+import org.mockito.Mock;
+import org.mockito.Mockito;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.ClassMode;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import com.github.skjolber.mockito.soap.SoapServiceRule;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.ernp.ErnpRestClient.ErnpRegisterResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.ernp.IErnpClient;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.zmr.IZmrClient;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.zmr.ZmrSoapClient.ZmrRegisterResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.WorkflowException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.CountrySpecificDetailSearchProcessor;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.GenericEidProcessor;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.ICcSpecificEidProcessingService;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService.RegisterOperationStatus;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService.RegisterStatusResults;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.AlternativeSearchTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.clients.ZmrClientTest;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.MatchingTaskUtils;
+import at.gv.bmi.namespace.zmr_su.base._20040201.RequestType;
+import at.gv.bmi.namespace.zmr_su.base._20040201.ResponseType;
+import at.gv.bmi.namespace.zmr_su.base._20040201_.ServicePort;
+import at.gv.bmi.namespace.zmr_su.zmr._20040201.EidasIdentitaetAnlageType;
+import at.gv.bmi.namespace.zmr_su.zmr._20040201.EidasSuchdatenType;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
+import eu.eidas.auth.commons.attribute.PersonType;
+import eu.eidas.auth.commons.light.impl.LightRequest;
+import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse;
+import lombok.SneakyThrows;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml",
+ "/SpringTest-context_ccSearchProcessor_test.xml"
+})
+@DirtiesContext(classMode = ClassMode.BEFORE_CLASS)
+public class AlternativeSearchTaskWithRegisterTest {
+
+ @Rule
+ public SoapServiceRule soap = SoapServiceRule.newInstance();
+
+ @Mock private IErnpClient ernpClient;
+
+ @Autowired private IZmrClient zmrClient;
+ @Autowired private List<CountrySpecificDetailSearchProcessor> handlers;
+ private RegisterSearchService registerSearchService;
+
+ private ServicePort zmrMock = null;
+
+ private final ICcSpecificEidProcessingService eidPostProcessor = createEidPostProcessor();
+ private AlternativeSearchTask task;
+
+ final ExecutionContext executionContext = new ExecutionContextImpl();
+ private TestRequestImpl pendingReq;
+ private static JAXBContext jaxbContext;
+
+
+ /**
+ * Initialize jUnit class.
+ */
+ @BeforeClass
+ @SneakyThrows
+ public static void classInitializer() {
+ jaxbContext = JAXBContext.newInstance(
+ at.gv.bmi.namespace.zmr_su.zmr._20040201.ObjectFactory.class,
+ at.gv.bmi.namespace.zmr_su.gis._20070725.ObjectFactory.class,
+ at.gv.bmi.namespace.zmr_su.base._20040201.ObjectFactory.class);
+ }
+
+
+ /**
+ * jUnit test set-up.
+ */
+ @Before
+ public void setUp() throws URISyntaxException, EaafStorageException {
+ if (zmrMock == null) {
+ zmrMock = soap.mock(ServicePort.class, "http://localhost:1234/demozmr");
+
+ }
+
+ registerSearchService = new RegisterSearchService(handlers, zmrClient, ernpClient);
+ task = new AlternativeSearchTask(registerSearchService, eidPostProcessor);
+
+ MockHttpServletRequest httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+ MockHttpServletResponse httpResp = new MockHttpServletResponse();
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+ pendingReq = new TestRequestImpl();
+
+ }
+
+
+ @Test
+ @SneakyThrows
+ public void missingStateInfoFirstEidasData() {
+ // inject matching intermediate state
+ RegisterStatusResults matchingState = new RegisterStatusResults(null,
+ Arrays.asList(RegisterResult.builder()
+ .bpk("")
+ .givenName("XXXKlaus - Maria")
+ .familyName("XXXvon Brandenburg")
+ .dateOfBirth("1994-12-31")
+ .pseudonym(Arrays.asList("7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit"))
+ .build()),
+ Collections.emptyList());
+ MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, matchingState );
+
+ //inject alternative eIDAS data
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession(
+ Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE,
+ buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg",
+ "DE/AT/7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "1994-12-31"));
+
+
+ // execute task
+ TaskExecutionException exception = assertThrows(TaskExecutionException.class,
+ () -> task.execute(pendingReq, executionContext));
+
+ // validate state
+ assertTrue("Wrong exception", (exception.getOriginalException() instanceof WorkflowException));
+ assertEquals("wrong errorparam 1", "step11", ((EaafException) exception.getOriginalException()).getParams()[0]);
+ assertTrue("Wrong flag 'step11'",
+ ((WorkflowException) exception.getOriginalException()).isRequiresManualFix());
+ assertEquals("wrong errorparam 1", "No initial eIDAS authn data",
+ ((EaafException) exception.getOriginalException()).getParams()[1]);
+
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void missingStateInfoIntermediateMatchingState() {
+ //inject initial eIDAS data
+ MatchingTaskUtils.storeInitialEidasData(pendingReq, SimpleEidasData.builder()
+ .personalIdentifier("DE/AT/7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit")
+ .pseudonym("cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit")
+ .givenName("XXXKlaus - Maria")
+ .familyName("XXXvon Brandenburg")
+ .dateOfBirth("1994-12-31")
+ .build());
+
+ //inject alternative eIDAS data
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession(
+ Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE,
+ buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg",
+ "DE/AT/7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "1994-12-31"));
+
+
+ // execute task
+ TaskExecutionException exception = assertThrows(TaskExecutionException.class,
+ () -> task.execute(pendingReq, executionContext));
+
+ // validate state
+ assertTrue("Wrong exception", (exception.getOriginalException() instanceof WorkflowException));
+ assertEquals("wrong errorparam 1", "step11", ((EaafException) exception.getOriginalException()).getParams()[0]);
+ assertTrue("Wrong flag 'step11'",
+ ((WorkflowException) exception.getOriginalException()).isRequiresManualFix());
+ assertEquals("wrong errorparam 1", "No intermediate matching-state",
+ ((EaafException) exception.getOriginalException()).getParams()[1]);
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void countryCodeNotMatch() {
+ //inject initial eIDAS data
+ MatchingTaskUtils.storeInitialEidasData(pendingReq, SimpleEidasData.builder()
+ .personalIdentifier("DE/AT/7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit")
+ .pseudonym("cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit")
+ .givenName("XXXKlaus - Maria")
+ .familyName("XXXvon Brandenburg")
+ .dateOfBirth("1994-12-31")
+ .citizenCountryCode("DE")
+ .build());
+
+ // inject matching intermediate state
+ RegisterStatusResults matchingState = new RegisterStatusResults(null,
+ Arrays.asList(RegisterResult.builder()
+ .bpk("")
+ .givenName("XXXKlaus - Maria")
+ .familyName("XXXvon Brandenburg")
+ .dateOfBirth("1994-12-31")
+ .pseudonym(Arrays.asList("7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit"))
+ .build()),
+ Collections.emptyList());
+ MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, matchingState );
+
+ //inject alternative eIDAS data
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession(
+ Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE,
+ buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg",
+ "EE/AT/7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "1994-12-31"));
+
+
+ // execute task
+ TaskExecutionException exception = assertThrows(TaskExecutionException.class,
+ () -> task.execute(pendingReq, executionContext));
+
+ // validate state
+ assertTrue("Wrong exception", (exception.getOriginalException() instanceof WorkflowException));
+ assertEquals("wrong errorparam 1", "step11", ((EaafException) exception.getOriginalException()).getParams()[0]);
+ assertTrue("Wrong flag 'step11'",
+ ((WorkflowException) exception.getOriginalException()).isRequiresManualFix());
+ assertEquals("wrong errorparam 1", "Country Code of alternative eIDAS authn not matching",
+ ((EaafException) exception.getOriginalException()).getParams()[1]);
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void mdsNoMatch() {
+ //inject initial eIDAS data
+ MatchingTaskUtils.storeInitialEidasData(pendingReq, SimpleEidasData.builder()
+ .personalIdentifier("DE/AT/7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit")
+ .pseudonym("cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit")
+ .givenName("XXXKlaus - Maria")
+ .familyName("XXXvon Brandenburg")
+ .dateOfBirth("1994-12-31")
+ .citizenCountryCode("DE")
+ .build());
+
+ // inject matching intermediate state
+ RegisterStatusResults matchingState = new RegisterStatusResults(null,
+ Arrays.asList(RegisterResult.builder()
+ .bpk("")
+ .givenName("XXXKlaus - Maria")
+ .familyName("XXXvon Brandenburg")
+ .dateOfBirth("1994-12-31")
+ .pseudonym(Arrays.asList("7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit"))
+ .build()),
+ Collections.emptyList());
+ MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, matchingState );
+
+ //inject alternative eIDAS data
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession(
+ Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE,
+ buildDummyAuthResponse("XXXClaus - Maria", "XXXvon Brandenburg",
+ "DE/AT/7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "1995-12-31"));
+
+
+ // execute task
+ TaskExecutionException exception = assertThrows(TaskExecutionException.class,
+ () -> task.execute(pendingReq, executionContext));
+
+ // validate state
+ assertTrue("Wrong exception", (exception.getOriginalException() instanceof WorkflowException));
+ assertEquals("wrong errorparam 1", "step11", ((EaafException) exception.getOriginalException()).getParams()[0]);
+ assertTrue("Wrong flag 'step11'",
+ ((WorkflowException) exception.getOriginalException()).isRequiresManualFix());
+ assertEquals("wrong errorparam 1", "MDS of alternative eIDAS authn does not match initial authn",
+ ((EaafException) exception.getOriginalException()).getParams()[1]);
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void seachPersonalIdMoreThanOneResult() {
+ //inject initial eIDAS data
+ MatchingTaskUtils.storeInitialEidasData(pendingReq, SimpleEidasData.builder()
+ .personalIdentifier("DE/AT/7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit")
+ .pseudonym("cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit")
+ .givenName("XXXKlaus - Maria")
+ .familyName("XXXvon Brandenburg")
+ .dateOfBirth("1994-12-31")
+ .citizenCountryCode("DE")
+ .build());
+
+ // inject matching intermediate state
+ RegisterStatusResults matchingState = new RegisterStatusResults(
+ new RegisterOperationStatus(new BigInteger(RandomStringUtils.randomNumeric(5))),
+ Arrays.asList(RegisterResult.builder()
+ .bpk("")
+ .givenName("XXXKlaus - Maria")
+ .familyName("XXXvon Brandenburg")
+ .dateOfBirth("1994-12-31")
+ .pseudonym(Arrays.asList("7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit"))
+ .build()),
+ Collections.emptyList());
+ MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, matchingState);
+
+ //inject alternative eIDAS data
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession(
+ Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE,
+ buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg",
+ "DE/AT/7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "1994-12-31"));
+
+ // inject response
+ final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);
+ when(zmrMock.service(zmrReq.capture(), any()))
+ .thenReturn(loadResponseFromFile("/data/zmr/search_with_personalId_only_resp_moreThanOne.xml"))
+ .thenThrow(new RuntimeException("This request is not needed any more"));
+
+ // execute task
+ TaskExecutionException exception = assertThrows(TaskExecutionException.class,
+ () -> task.execute(pendingReq, executionContext));
+
+ // validate state
+ assertTrue("Wrong exception", (exception.getOriginalException() instanceof WorkflowException));
+ assertEquals("wrong errorparam 1", "searchWithPersonalIdentifier", ((EaafException) exception.getOriginalException()).getParams()[0]);
+ assertTrue("Wrong flag 'step11'",
+ ((WorkflowException) exception.getOriginalException()).isRequiresManualFix());
+
+ // validate request
+ assertEquals("wrong number of req.", 1, zmrReq.getAllValues().size());
+ checkBasicRequestParameters(zmrReq.getValue(), ZmrClientTest.PROCESS_TASK_SEARCH,
+ matchingState.getOperationStatus().getZmrProcessId(), "jUnit123456");
+ assertNotNull("Personensuche req.", zmrReq.getValue().getPersonSuchenRequest());
+ checkEidasDocumentResult(zmrReq.getValue().getPersonSuchenRequest().getEidasSuchdaten(),
+ "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier",
+ "DE", "7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit");
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void seachPersonalIdNoBpkMatchWithIntermediateResults() {
+ //inject initial eIDAS data
+ MatchingTaskUtils.storeInitialEidasData(pendingReq, SimpleEidasData.builder()
+ .personalIdentifier("DE/AT/7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit")
+ .pseudonym("cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit")
+ .givenName("XXXKlaus - Maria")
+ .familyName("XXXvon Brandenburg")
+ .dateOfBirth("1994-12-31")
+ .citizenCountryCode("DE")
+ .build());
+
+ // inject matching intermediate state
+ RegisterStatusResults matchingState = new RegisterStatusResults(null,
+ Arrays.asList(RegisterResult.builder()
+ .bpk("notExists")
+ .givenName("XXXKlaus - Maria")
+ .familyName("XXXvon Brandenburg")
+ .dateOfBirth("1994-12-31")
+ .pseudonym(Arrays.asList("7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit"))
+ .build()),
+ Collections.emptyList());
+ MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, matchingState );
+
+ //inject alternative eIDAS data
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession(
+ Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE,
+ buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg",
+ "DE/AT/7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "1994-12-31"));
+
+ // inject response
+ final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);
+ when(zmrMock.service(zmrReq.capture(), any()))
+ .thenReturn(loadResponseFromFile("/data/zmr/seq_1-8_search_with_personalId_only_resp.xml"))
+ .thenThrow(new RuntimeException("This request is not needed any more"));
+
+ Mockito.when(ernpClient.searchWithPersonIdentifier(any(), any()))
+ .thenReturn(emptyErnpRegisterResult());
+
+ // execute task
+ TaskExecutionException exception = assertThrows(TaskExecutionException.class,
+ () -> task.execute(pendingReq, executionContext));
+
+ // validate state
+ assertTrue("Wrong exception", (exception.getOriginalException() instanceof WorkflowException));
+ assertEquals("wrong errorparam 1", "step7bKittProcess", ((EaafException) exception.getOriginalException()).getParams()[0]);
+ assertFalse("Wrong flag 'step11'",
+ ((WorkflowException) exception.getOriginalException()).isRequiresManualFix());
+ assertEquals("wrong errorparam 1", "Register result from alternativ authentication does not fit into intermediate state",
+ ((EaafException) exception.getOriginalException()).getParams()[1]);
+
+ // validate request
+ assertEquals("wrong number of req.", 1, zmrReq.getAllValues().size());
+ assertNotNull("Personensuche req.", zmrReq.getValue().getPersonSuchenRequest());
+ checkEidasDocumentResult(zmrReq.getValue().getPersonSuchenRequest().getEidasSuchdaten(),
+ "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier",
+ "DE", "7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit");
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void seachPersonalIdSuccess() {
+ //inject initial eIDAS data
+ MatchingTaskUtils.storeInitialEidasData(pendingReq, SimpleEidasData.builder()
+ .personalIdentifier("DE/AT/7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit")
+ .pseudonym("cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit")
+ .givenName("XXXKlaus - Maria")
+ .familyName("XXXvon Brandenburg")
+ .dateOfBirth("1994-12-31")
+ .citizenCountryCode("DE")
+ .build());
+
+ // inject matching intermediate state
+ RegisterStatusResults matchingState = new RegisterStatusResults(
+ new RegisterOperationStatus(new BigInteger(RandomStringUtils.randomNumeric(5))),
+ Arrays.asList(RegisterResult.builder()
+ .bpk("UgeknNsc26lVuB7U/uYGVmWtnnA=")
+ .givenName("XXXKlaus - Maria")
+ .familyName("XXXvon Brandenburg")
+ .dateOfBirth("1994-12-31")
+ .pseudonym(Arrays.asList("7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit"))
+ .build()),
+ Collections.emptyList());
+ MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, matchingState );
+
+ //inject alternative eIDAS data
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession(
+ Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE,
+ buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg",
+ "DE/AT/7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "1994-12-31"));
+
+ // inject response
+ final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);
+ when(zmrMock.service(zmrReq.capture(), any()))
+ .thenReturn(loadResponseFromFile("/data/zmr/seq_1-8_search_with_personalId_only_resp.xml"))
+ .thenReturn(loadResponseFromFile("/data/zmr/seq_3-4_kitt_get_latest_version_resp.xml"))
+ .thenReturn(loadResponseFromFile("/data/zmr/seq_3-6_kitt_update_resp.xml"))
+ .thenReturn(loadResponseFromFile("/data/zmr/seq_3-8_kitt_get_latest_version_resp.xml"))
+ .thenThrow(new RuntimeException("This request is not needed any more"));
+
+ Mockito.when(ernpClient.searchWithPersonIdentifier(any(), any()))
+ .thenReturn(emptyErnpRegisterResult());
+ Mockito.when(ernpClient.searchWithMds(any(), any(), any(), any()))
+ .thenReturn(emptyErnpRegisterResult());
+ Mockito.when(ernpClient.update(any(), any()))
+ .thenThrow(new IllegalStateException("ERnP update should not be neccessary"));
+
+ // execute task
+ task.execute(pendingReq, executionContext);
+
+ // validate state
+ //INFO: has to be the old givenName because ZMR allows no update of MDS information
+ checkMatchingSuccessState(pendingReq, "UgeknNsc26lVuB7U/uYGVmWtnnA=", "XXXvon Brandenburg",
+ "XXXClaus - Maria", "1994-12-31", "DE");
+ assertNull("wrong executionContextFlag 'alternative eIDAS result'",
+ executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK));
+
+
+ // validate request
+ assertEquals("wrong number of req.", 4, zmrReq.getAllValues().size());
+ assertNotNull("Personensuche req.", zmrReq.getAllValues().get(0).getPersonSuchenRequest());
+ checkBasicRequestParameters(zmrReq.getAllValues().get(0), ZmrClientTest.PROCESS_TASK_SEARCH,
+ matchingState.getOperationStatus().getZmrProcessId(), "jUnit123456");
+ checkEidasDocumentResult(zmrReq.getAllValues().get(0).getPersonSuchenRequest().getEidasSuchdaten(),
+ "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier",
+ "DE", "7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit");
+
+
+ assertNotNull("Personensuche KITT req.", zmrReq.getAllValues().get(1).getPersonSuchenRequest());
+ checkBasicRequestParameters(zmrReq.getAllValues().get(1), ZmrClientTest.PROCESS_TASK_SEARCH,
+ new BigInteger("367100000000079"), "jUnit123456");
+
+ assertNotNull("PersonAender KITT req.", zmrReq.getAllValues().get(2).getPersonAendernRequest());
+ checkBasicRequestParameters(zmrReq.getAllValues().get(2), ZmrClientTest.PROCESS_TASK_UPDATE,
+ new BigInteger("367100000000079"), "jUnit123456");
+
+ assertEquals("wrong number of eIDAS Docs to Add", 4,
+ zmrReq.getAllValues().get(2).getPersonAendernRequest().getEidasIdentitaetAnlage().size());
+ checkEidasDocumentAdd(zmrReq.getAllValues().get(2).getPersonAendernRequest().getEidasIdentitaetAnlage(),
+ "http://eidas.europa.eu/attributes/naturalperson/DateOfBirth", "DE", "1994-12-31");
+ checkEidasDocumentAdd(zmrReq.getAllValues().get(2).getPersonAendernRequest().getEidasIdentitaetAnlage(),
+ "http://eidas.europa.eu/attributes/naturalperson/CurrentGivenName", "DE", "XXXKlaus - Maria");
+ checkEidasDocumentAdd(zmrReq.getAllValues().get(2).getPersonAendernRequest().getEidasIdentitaetAnlage(),
+ "http://eidas.europa.eu/attributes/naturalperson/CurrentFamilyName", "DE", "XXXvon Brandenburg");
+
+ assertNotNull("Personensuche KITT req.", zmrReq.getAllValues().get(3).getPersonSuchenRequest());
+ checkBasicRequestParameters(zmrReq.getAllValues().get(3), ZmrClientTest.PROCESS_TASK_SEARCH,
+ new BigInteger("367100000000079"), "jUnit123456");
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void seachCcSpecificSuccess() {
+ //inject initial eIDAS data
+ MatchingTaskUtils.storeInitialEidasData(pendingReq, SimpleEidasData.builder()
+ .personalIdentifier("DE/AT/7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit")
+ .pseudonym("cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit")
+ .givenName("XXXKlaus - Maria")
+ .familyName("XXXvon Brandenburg")
+ .dateOfBirth("1994-12-31")
+ .citizenCountryCode("DE")
+ .build());
+
+ // inject matching intermediate state
+ RegisterStatusResults matchingState = new RegisterStatusResults(
+ new RegisterOperationStatus(new BigInteger(RandomStringUtils.randomNumeric(5))),
+ Arrays.asList(RegisterResult.builder()
+ .bpk("UgeknNsc26lVuB7U/uYGVmWtnnA=")
+ .givenName("XXXKlaus - Maria")
+ .familyName("XXXvon Brandenburg")
+ .dateOfBirth("1994-12-31")
+ .pseudonym(Arrays.asList("7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit"))
+ .build()),
+ Collections.emptyList());
+ MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, matchingState );
+
+ //inject alternative eIDAS data
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession(
+ Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE,
+ buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg",
+ "DE/AT/7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "1994-12-31",
+ null, "Hintergigritzpotschn", "XXXvon Heuburg"));
+
+ // inject response
+ final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);
+ when(zmrMock.service(zmrReq.capture(), any()))
+ .thenReturn(loadResponseFromFile("/data/zmr/empty_zmr_result.xml"))
+ .thenReturn(loadResponseFromFile("/data/zmr/seq_1-8_search_with_personalId_only_resp.xml"))
+ .thenReturn(loadResponseFromFile("/data/zmr/seq_3-4_kitt_get_latest_version_resp.xml"))
+ .thenReturn(loadResponseFromFile("/data/zmr/seq_3-6_kitt_update_resp.xml"))
+ .thenReturn(loadResponseFromFile("/data/zmr/seq_3-8_kitt_get_latest_version_resp.xml"))
+ .thenReturn(loadResponseFromFile("/data/zmr/seq_3-10_kitt_update_resp.xml"))
+ .thenThrow(new RuntimeException("This request is not needed any more"));
+
+ Mockito.when(ernpClient.searchWithPersonIdentifier(any(), any()))
+ .thenReturn(emptyErnpRegisterResult());
+ Mockito.when(ernpClient.searchCountrySpecific(any(), any()))
+ .thenReturn(emptyErnpRegisterResult());
+ Mockito.when(ernpClient.searchWithMds(any(), any(), any(), any()))
+ .thenReturn(emptyErnpRegisterResult());
+ Mockito.when(ernpClient.update(any(), any()))
+ .thenThrow(new IllegalStateException("ERnP update should not be neccessary"));
+
+ // execute task
+ task.execute(pendingReq, executionContext);
+
+ // validate state
+ //INFO: has to be the old givenName because ZMR allows no update of MDS information
+ checkMatchingSuccessState(pendingReq, "UgeknNsc26lVuB7U/uYGVmWtnnA=", "XXXvon Brandenburg",
+ "XXXClaus - Maria", "1994-12-31", "DE");
+ assertNull("wrong executionContextFlag 'alternative eIDAS result'",
+ executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK));
+
+
+ // validate request
+ assertEquals("wrong number of req.", 6, zmrReq.getAllValues().size());
+ assertNotNull("Personensuche req.", zmrReq.getAllValues().get(0).getPersonSuchenRequest());
+ checkBasicRequestParameters(zmrReq.getAllValues().get(0), ZmrClientTest.PROCESS_TASK_SEARCH,
+ matchingState.getOperationStatus().getZmrProcessId(), "jUnit123456");
+ checkEidasDocumentResult(zmrReq.getAllValues().get(0).getPersonSuchenRequest().getEidasSuchdaten(),
+ "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier",
+ "DE", "7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit");
+
+ assertNotNull("Personensuche CC-specific req.", zmrReq.getAllValues().get(0).getPersonSuchenRequest());
+ checkBasicRequestParameters(zmrReq.getAllValues().get(1), ZmrClientTest.PROCESS_TASK_SEARCH,
+ new BigInteger("367100000000079"), "jUnit123456");
+ checkEidasDocumentResult(zmrReq.getAllValues().get(1).getPersonSuchenRequest().getEidasSuchdaten(),
+ "http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth",
+ "DE", "Hintergigritzpotschn");
+ checkEidasDocumentResult(zmrReq.getAllValues().get(1).getPersonSuchenRequest().getEidasSuchdaten(),
+ "http://eidas.europa.eu/attributes/naturalperson/BirthName",
+ "DE", "XXXvon Heuburg");
+
+
+ assertNotNull("Personensuche KITT req.", zmrReq.getAllValues().get(2).getPersonSuchenRequest());
+ checkBasicRequestParameters(zmrReq.getAllValues().get(2), ZmrClientTest.PROCESS_TASK_SEARCH,
+ new BigInteger("367100000000079"), "jUnit123456");
+
+ assertNotNull("PersonAender KITT req.", zmrReq.getAllValues().get(3).getPersonAendernRequest());
+ checkBasicRequestParameters(zmrReq.getAllValues().get(3), ZmrClientTest.PROCESS_TASK_UPDATE,
+ new BigInteger("367100000000079"), "jUnit123456");
+
+ assertNotNull("Personensuche KITT req.", zmrReq.getAllValues().get(4).getPersonSuchenRequest());
+ checkBasicRequestParameters(zmrReq.getAllValues().get(4), ZmrClientTest.PROCESS_TASK_SEARCH,
+ new BigInteger("367100000000079"), "jUnit123456");
+
+ assertNotNull("PersonAender KITT req.", zmrReq.getAllValues().get(5).getPersonAendernRequest());
+ checkBasicRequestParameters(zmrReq.getAllValues().get(5), ZmrClientTest.PROCESS_TASK_UPDATE,
+ new BigInteger("367100000000079"), "jUnit123456");
+ }
+
+ @Test
+ @SneakyThrows
+ public void seachCcSpecificNotPossible() {
+ //inject initial eIDAS data
+ MatchingTaskUtils.storeInitialEidasData(pendingReq, SimpleEidasData.builder()
+ .personalIdentifier("DE/AT/7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit")
+ .pseudonym("cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit")
+ .givenName("XXXKlaus - Maria")
+ .familyName("XXXvon Brandenburg")
+ .dateOfBirth("1994-12-31")
+ .citizenCountryCode("EE")
+ .build());
+
+ // inject matching intermediate state
+ RegisterStatusResults matchingState = new RegisterStatusResults(
+ new RegisterOperationStatus(new BigInteger(RandomStringUtils.randomNumeric(5))),
+ Arrays.asList(RegisterResult.builder()
+ .bpk("UgeknNsc26lVuB7U/uYGVmWtnnA=")
+ .givenName("XXXKlaus - Maria")
+ .familyName("XXXvon Brandenburg")
+ .dateOfBirth("1994-12-31")
+ .pseudonym(Arrays.asList("7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit"))
+ .build()),
+ Collections.emptyList());
+ MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, matchingState );
+
+ //inject alternative eIDAS data
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession(
+ Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE,
+ buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg",
+ "EE/AT/7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "1994-12-31",
+ null, "Hintergigritzpotschn", "XXXvon Heuburg"));
+
+ // inject response
+ final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);
+ when(zmrMock.service(zmrReq.capture(), any()))
+ .thenReturn(loadResponseFromFile("/data/zmr/empty_zmr_result.xml"))
+ .thenThrow(new RuntimeException("This request is not needed any more"));
+
+ Mockito.when(ernpClient.searchWithPersonIdentifier(any(), any()))
+ .thenReturn(emptyErnpRegisterResult());
+
+ // execute task
+ task.execute(pendingReq, executionContext);
+
+ // validate state
+ assertNotNull("find no eIDAS inbut data", MatchingTaskUtils.getInitialEidasData(pendingReq));
+ assertNull("final matching result", MatchingTaskUtils.getFinalMatchingResult(pendingReq));
+ assertEquals("wrong executionContextFlag 'alternative eIDAS result'", true,
+ executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK));
+
+
+ // validate request
+ assertEquals("wrong number of req.", 1, zmrReq.getAllValues().size());
+ assertNotNull("Personensuche req.", zmrReq.getAllValues().get(0).getPersonSuchenRequest());
+ checkBasicRequestParameters(zmrReq.getAllValues().get(0), ZmrClientTest.PROCESS_TASK_SEARCH,
+ matchingState.getOperationStatus().getZmrProcessId(), "jUnit123456");
+ checkEidasDocumentResult(zmrReq.getAllValues().get(0).getPersonSuchenRequest().getEidasSuchdaten(),
+ "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier",
+ "EE", "7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit");
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void seachCcSpecificMoreThanOneResult() {
+ //inject initial eIDAS data
+ MatchingTaskUtils.storeInitialEidasData(pendingReq, SimpleEidasData.builder()
+ .personalIdentifier("DE/AT/7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit")
+ .pseudonym("cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit")
+ .givenName("XXXKlaus - Maria")
+ .familyName("XXXvon Brandenburg")
+ .dateOfBirth("1994-12-31")
+ .citizenCountryCode("DE")
+ .build());
+
+ // inject matching intermediate state
+ RegisterStatusResults matchingState = new RegisterStatusResults(
+ new RegisterOperationStatus(new BigInteger(RandomStringUtils.randomNumeric(5))),
+ Arrays.asList(RegisterResult.builder()
+ .bpk("UgeknNsc26lVuB7U/uYGVmWtnnA=")
+ .givenName("XXXKlaus - Maria")
+ .familyName("XXXvon Brandenburg")
+ .dateOfBirth("1994-12-31")
+ .pseudonym(Arrays.asList("7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit"))
+ .build()),
+ Collections.emptyList());
+ MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, matchingState );
+
+ //inject alternative eIDAS data
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession(
+ Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE,
+ buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg",
+ "DE/AT/7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "1994-12-31",
+ null, "Hintergigritzpotschn", "XXXvon Heuburg"));
+
+ // inject response
+ final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);
+ when(zmrMock.service(zmrReq.capture(), any()))
+ .thenReturn(loadResponseFromFile("/data/zmr/empty_zmr_result.xml"))
+ .thenReturn(loadResponseFromFile("/data/zmr/search_with_personalId_only_resp_moreThanOne.xml"))
+ .thenThrow(new RuntimeException("This request is not needed any more"));
+
+ Mockito.when(ernpClient.searchWithPersonIdentifier(any(), any()))
+ .thenReturn(emptyErnpRegisterResult());
+ Mockito.when(ernpClient.searchWithMds(any(), any(), any(), any()))
+ .thenReturn(emptyErnpRegisterResult());
+ Mockito.when(ernpClient.update(any(), any()))
+ .thenThrow(new IllegalStateException("ERnP update should not be neccessary"));
+
+ // execute task
+ TaskExecutionException exception = assertThrows(TaskExecutionException.class,
+ () -> task.execute(pendingReq, executionContext));
+
+ // validate state
+ assertTrue("Wrong exception", (exception.getOriginalException() instanceof WorkflowException));
+ assertEquals("wrong errorparam 1", "searchWithCountrySpecifics", ((EaafException) exception.getOriginalException()).getParams()[0]);
+ assertTrue("Wrong flag 'step11'",
+ ((WorkflowException) exception.getOriginalException()).isRequiresManualFix());
+
+
+ // validate request
+ assertEquals("wrong number of req.", 2, zmrReq.getAllValues().size());
+ assertNotNull("Personensuche req.", zmrReq.getAllValues().get(0).getPersonSuchenRequest());
+ checkBasicRequestParameters(zmrReq.getAllValues().get(0), ZmrClientTest.PROCESS_TASK_SEARCH,
+ matchingState.getOperationStatus().getZmrProcessId(), "jUnit123456");
+ checkEidasDocumentResult(zmrReq.getAllValues().get(0).getPersonSuchenRequest().getEidasSuchdaten(),
+ "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier",
+ "DE", "7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit");
+
+ assertNotNull("Personensuche CC-specific req.", zmrReq.getAllValues().get(0).getPersonSuchenRequest());
+ checkBasicRequestParameters(zmrReq.getAllValues().get(1), ZmrClientTest.PROCESS_TASK_SEARCH,
+ new BigInteger("367100000000079"), "jUnit123456");
+ checkEidasDocumentResult(zmrReq.getAllValues().get(1).getPersonSuchenRequest().getEidasSuchdaten(),
+ "http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth",
+ "DE", "Hintergigritzpotschn");
+ checkEidasDocumentResult(zmrReq.getAllValues().get(1).getPersonSuchenRequest().getEidasSuchdaten(),
+ "http://eidas.europa.eu/attributes/naturalperson/BirthName",
+ "DE", "XXXvon Heuburg");
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void seachCcSpecificEmptyResult() {
+ //inject initial eIDAS data
+ MatchingTaskUtils.storeInitialEidasData(pendingReq, SimpleEidasData.builder()
+ .personalIdentifier("DE/AT/7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit")
+ .pseudonym("cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit")
+ .givenName("XXXKlaus - Maria")
+ .familyName("XXXvon Brandenburg")
+ .dateOfBirth("1994-12-31")
+ .citizenCountryCode("DE")
+ .build());
+
+ // inject matching intermediate state
+ RegisterStatusResults matchingState = new RegisterStatusResults(
+ new RegisterOperationStatus(new BigInteger(RandomStringUtils.randomNumeric(5))),
+ Arrays.asList(RegisterResult.builder()
+ .bpk("UgeknNsc26lVuB7U/uYGVmWtnnA=")
+ .givenName("XXXKlaus - Maria")
+ .familyName("XXXvon Brandenburg")
+ .dateOfBirth("1994-12-31")
+ .pseudonym(Arrays.asList("7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit"))
+ .build()),
+ Collections.emptyList());
+ MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, matchingState );
+
+ //inject alternative eIDAS data
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession(
+ Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE,
+ buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg",
+ "DE/AT/7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "1994-12-31",
+ null, "Hintergigritzpotschn", "XXXvon Heuburg"));
+
+ // inject response
+ final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);
+ when(zmrMock.service(zmrReq.capture(), any()))
+ .thenReturn(loadResponseFromFile("/data/zmr/empty_zmr_result.xml"))
+ .thenReturn(loadResponseFromFile("/data/zmr/empty_zmr_result.xml"))
+ .thenThrow(new RuntimeException("This request is not needed any more"));
+
+ Mockito.when(ernpClient.searchWithPersonIdentifier("7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "DE"))
+ .thenReturn(emptyErnpRegisterResult());
+ Mockito.when(ernpClient.searchCountrySpecific(any(), any()))
+ .thenReturn(emptyErnpRegisterResult());
+ Mockito.when(ernpClient.update(any(), any()))
+ .thenThrow(new IllegalStateException("ERnP update should not be neccessary"));
+
+
+ // execute task
+ task.execute(pendingReq, executionContext);
+
+ // validate state
+ assertNotNull("find no eIDAS inbut data", MatchingTaskUtils.getInitialEidasData(pendingReq));
+ assertNull("final matching result", MatchingTaskUtils.getFinalMatchingResult(pendingReq));
+ assertEquals("wrong executionContextFlag 'alternative eIDAS result'", true,
+ executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK));
+ assertEquals("matching failed flag", true, executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED));
+ assertEquals("failed reason", "module.eidasauth.matching.25", executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED_REASON));
+
+
+
+ // validate request
+ assertEquals("wrong number of req.", 2, zmrReq.getAllValues().size());
+ assertNotNull("Personensuche req.", zmrReq.getAllValues().get(0).getPersonSuchenRequest());
+ checkBasicRequestParameters(zmrReq.getAllValues().get(0), ZmrClientTest.PROCESS_TASK_SEARCH,
+ matchingState.getOperationStatus().getZmrProcessId(), "jUnit123456");
+ checkEidasDocumentResult(zmrReq.getAllValues().get(0).getPersonSuchenRequest().getEidasSuchdaten(),
+ "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier",
+ "DE", "7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit");
+
+ assertNotNull("Personensuche CC-specific req.", zmrReq.getAllValues().get(0).getPersonSuchenRequest());
+ checkBasicRequestParameters(zmrReq.getAllValues().get(1), ZmrClientTest.PROCESS_TASK_SEARCH,
+ new BigInteger("367100000000079"), "jUnit123456");
+ checkEidasDocumentResult(zmrReq.getAllValues().get(1).getPersonSuchenRequest().getEidasSuchdaten(),
+ "http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth",
+ "DE", "Hintergigritzpotschn");
+ checkEidasDocumentResult(zmrReq.getAllValues().get(1).getPersonSuchenRequest().getEidasSuchdaten(),
+ "http://eidas.europa.eu/attributes/naturalperson/BirthName",
+ "DE", "XXXvon Heuburg");
+
+ }
+
+ @NotNull
+ private ICcSpecificEidProcessingService createEidPostProcessor() {
+ return new ICcSpecificEidProcessingService() {
+
+ private final GenericEidProcessor genericEidProcessor = new GenericEidProcessor();
+
+ @Override
+ public SimpleEidasData postProcess(Map<String, Object> eidasAttrMap) throws EidPostProcessingException, EidasAttributeException {
+ return genericEidProcessor.postProcess(eidasAttrMap);
+ }
+
+ @Override
+ public void preProcess(String selectedCC, IRequest pendingReq, LightRequest.Builder authnRequestBuilder) {
+ genericEidProcessor.preProcess(pendingReq, authnRequestBuilder);
+ }
+ };
+ }
+
+ @NotNull
+ private ZmrRegisterResult zmrRegisterResult(RegisterResult registerResult, BigInteger processId) {
+ return new ZmrRegisterResult(Collections.singletonList(registerResult), processId);
+ }
+
+ @NotNull
+ private ZmrRegisterResult zmrRegisterResult(RegisterResult registerResult) {
+ return zmrRegisterResult(registerResult, generateRandomProcessId());
+ }
+
+
+ private BigInteger generateRandomProcessId() {
+ return new BigInteger(RandomStringUtils.randomNumeric(10));
+
+ }
+
+ private void checkMatchingSuccessState(IRequest pendingReq, String bpk, String familyName, String givenName,
+ String birhday, String countryCode) {
+ assertNull("Find intermediate matching data but matching should be finished",
+ MatchingTaskUtils.getIntermediateMatchingResult(pendingReq));
+ assertNotNull("find no eIDAS inbut data", MatchingTaskUtils.getInitialEidasData(pendingReq));
+
+ MatchedPersonResult personInfo = MatchingTaskUtils.getFinalMatchingResult(pendingReq);
+ assertNotNull("no final matching result", personInfo);
+ assertEquals("wrong bpk", bpk, personInfo.getBpk());
+ assertEquals("wrong givenName", givenName, personInfo.getGivenName());
+ assertEquals("wrong familyName", familyName, personInfo.getFamilyName());
+ assertEquals("wrong dateOfBirth", birhday, personInfo.getDateOfBirth());
+ assertEquals("wrong countryCode", countryCode, personInfo.getCountryCode());
+
+ }
+
+ private void checkIntermediateResult(int resultSize) {
+ Boolean transitionGUI = (Boolean) executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK);
+ Assert.assertTrue("Wrong transition", transitionGUI);
+ Boolean transitionErnb = (Boolean) executionContext.get(Constants.TRANSITION_TO_CREATE_NEW_ERNP_ENTRY_TASK);
+ Assert.assertNull("Wrong transition", transitionErnb);
+
+ assertNotNull("find no eIDAS inbut data", MatchingTaskUtils.getInitialEidasData(pendingReq));
+ assertNull("Find final matching data but no match sould be found",
+ MatchingTaskUtils.getFinalMatchingResult(pendingReq));
+
+ RegisterStatusResults result = MatchingTaskUtils.getIntermediateMatchingResult(pendingReq);
+ assertNotNull("Find no intermediate matching data", result);
+ assertEquals("wrong intermediate result size", resultSize, result.getResultCount());
+
+ }
+
+ @NotNull
+ private AuthenticationResponse buildDummyAuthResponse(String givenName, String familyName, String identifier,
+ String dateOfBirth) throws URISyntaxException {
+ return buildDummyAuthResponse(givenName, familyName, identifier, dateOfBirth, null, null, null);
+ }
+
+ @NotNull
+ private AuthenticationResponse buildDummyAuthResponseDE(String givenName, String familyName, String identifier,
+ String dateOfBirth, String placeOfBirth,
+ String birthName) throws URISyntaxException {
+ return buildDummyAuthResponse(givenName, familyName, identifier, dateOfBirth, null, placeOfBirth, birthName);
+ }
+
+ @NotNull
+ private AuthenticationResponse buildDummyAuthResponse(String givenName, String familyName, String identifier,
+ String dateOfBirth, String taxNumber, String placeOfBirth,
+ String birthName) throws URISyntaxException {
+ ImmutableAttributeMap.Builder builder = ImmutableAttributeMap.builder()
+ .put(generateStringAttribute(Constants.eIDAS_ATTR_PERSONALIDENTIFIER,
+ randomAlphabetic(2), randomAlphabetic(2)), identifier)
+ .put(generateStringAttribute(Constants.eIDAS_ATTR_CURRENTFAMILYNAME,
+ randomAlphabetic(3), randomAlphabetic(3)), familyName)
+ .put(generateStringAttribute(Constants.eIDAS_ATTR_CURRENTGIVENNAME,
+ randomAlphabetic(4), randomAlphabetic(4)), givenName)
+ .put(generateDateTimeAttribute(Constants.eIDAS_ATTR_DATEOFBIRTH,
+ randomAlphabetic(5), randomAlphabetic(5)), dateOfBirth);
+ if (taxNumber != null) {
+ builder.put(generateStringAttribute(Constants.eIDAS_ATTR_TAXREFERENCE,
+ randomAlphabetic(6), randomAlphabetic(6)), taxNumber);
+ }
+ if (birthName != null) {
+ builder.put(generateStringAttribute(Constants.eIDAS_ATTR_BIRTHNAME,
+ randomAlphabetic(7), randomAlphabetic(7)), birthName);
+ }
+ if (placeOfBirth != null) {
+ builder.put(generateStringAttribute(Constants.eIDAS_ATTR_PLACEOFBIRTH,
+ randomAlphabetic(8), randomAlphabetic(8)), placeOfBirth);
+ }
+ final ImmutableAttributeMap attributeMap = builder.build();
+
+ return new AuthenticationResponse.Builder().id(randomAlphabetic(5))
+ .issuer(randomAlphabetic(5)).subject(randomAlphabetic(5)).statusCode("200")
+ .inResponseTo(randomAlphabetic(5)).subjectNameIdFormat(randomAlphabetic(5))
+ .attributes(attributeMap).build();
+ }
+
+ private AttributeDefinition<Object> generateStringAttribute(String friendlyName, String fragment, String prefix)
+ throws URISyntaxException {
+ return generateAttribute(friendlyName, fragment, prefix, "eu.eidas.auth.commons.attribute.impl" +
+ ".LiteralStringAttributeValueMarshaller");
+ }
+
+ @SuppressWarnings("SameParameterValue")
+ private AttributeDefinition<Object> generateDateTimeAttribute(String friendlyName, String fragment, String prefix)
+ throws URISyntaxException {
+ return generateAttribute(friendlyName, fragment, prefix, "eu.eidas.auth.commons.attribute.impl" +
+ ".DateTimeAttributeValueMarshaller");
+ }
+
+ private AttributeDefinition<Object> generateAttribute(String friendlyName, String fragment, String prefix,
+ String marshaller) throws URISyntaxException {
+ return AttributeDefinition.builder()
+ .friendlyName(friendlyName).nameUri(new URI("ad", "sd", fragment))
+ .personType(PersonType.LEGAL_PERSON).xmlType(new QName("http://saf", "as", prefix))
+ .attributeValueMarshaller(marshaller).build();
+ }
+
+ private ResponseType loadResponseFromFile(String filepath) throws JAXBException {
+ final Unmarshaller unmarshaller = jaxbContext.createUnmarshaller();
+ JAXBElement<?> resp = (JAXBElement<?>) unmarshaller.unmarshal(ZmrClientTest.class.getResourceAsStream(
+ filepath));
+ return (ResponseType) resp.getValue();
+
+ }
+
+ private void checkBasicRequestParameters(RequestType requestType, String vorgangName, BigInteger processId,
+ String behoerdennummer) {
+ assertNotNull("no workflow infos", requestType.getWorkflowInfoClient());
+ assertEquals("processName", ZmrClientTest.PROCESS_GENERAL, requestType.getWorkflowInfoClient().getProzessName());
+ assertEquals("vorgangsName", vorgangName, requestType.getWorkflowInfoClient().getVorgangName());
+
+ if (processId != null) {
+ assertEquals("processId", processId, requestType.getWorkflowInfoClient().getProzessInstanzID());
+ } else {
+ assertNull("processId", requestType.getWorkflowInfoClient().getProzessInstanzID());
+ }
+
+ assertNotNull("no client infos", requestType.getClientInfo());
+ assertEquals("behoerdennummer", behoerdennummer, requestType.getClientInfo().getOrganisation()
+ .getBehoerdenNr());
+ }
+
+ private void checkEidasDocumentResult(List<EidasSuchdatenType> list, String type, String cc, String value) {
+ Optional<EidasSuchdatenType> eidasDoc = list.stream()
+ .filter(el -> type.equals(el.getEidasArt()))
+ .findFirst();
+
+ assertTrue("eidas doc: " + type, eidasDoc.isPresent());
+ assertEquals("eIDAS docType", type, eidasDoc.get().getEidasArt());
+ assertEquals("eIDAS docValue", value, eidasDoc.get().getEidasWert());
+ assertEquals("eIDAS docCC", cc, eidasDoc.get().getStaatscode2());
+
+ }
+
+
+ private void checkEidasDocumentAdd(List<EidasIdentitaetAnlageType> list, String type, String cc, String value) {
+ Optional<EidasIdentitaetAnlageType> eidasDoc = list.stream()
+ .filter(el -> type.equals(el.getEidasArt()))
+ .findFirst();
+
+ assertTrue("eidas doc: " + type, eidasDoc.isPresent());
+ assertEquals("eIDAS docType", type, eidasDoc.get().getEidasArt());
+ assertEquals("eIDAS docValue", value, eidasDoc.get().getEidasWert());
+ assertEquals("eIDAS docCC", cc, eidasDoc.get().getStaatscode2());
+ }
+
+ @NotNull
+ private ErnpRegisterResult emptyErnpRegisterResult() {
+ return new ErnpRegisterResult(Collections.emptyList());
+ }
+
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
index 10595402..023c196c 100644
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
@@ -4,7 +4,7 @@ import static at.asitplus.eidas.specific.core.MsEidasNodeConstants.PROP_CONFIG_S
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.Mockito.times;
import static org.mockito.Mockito.verify;
-import static org.powermock.api.mockito.PowerMockito.when;
+import static org.mockito.Mockito.when;
import java.net.URISyntaxException;
import java.security.KeyStore;
@@ -23,6 +23,8 @@ import javax.xml.bind.JAXBException;
import javax.xml.bind.Unmarshaller;
import org.apache.commons.lang3.RandomStringUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.joda.time.DateTime;
import org.jose4j.jwa.AlgorithmConstraints;
import org.jose4j.jwa.AlgorithmConstraints.ConstraintType;
import org.jose4j.jws.AlgorithmIdentifiers;
@@ -32,7 +34,6 @@ import org.junit.Rule;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.ArgumentCaptor;
-import org.powermock.core.classloader.annotations.PrepareForTest;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
@@ -45,15 +46,24 @@ import org.springframework.web.context.request.ServletRequestAttributes;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.github.skjolber.mockito.soap.SoapServiceRule;
+import com.google.common.collect.ImmutableMap;
+import com.google.common.collect.ImmutableSet;
import at.asitplus.eidas.specific.core.MsEidasNodeConstants;
import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.ICcSpecificEidProcessingService;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils.JwsResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.MatchingTaskUtils;
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.IRequestStorage;
import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
@@ -73,8 +83,10 @@ import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
import at.gv.egiz.eaaf.core.impl.utils.Random;
import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.attribute.AttributeValue;
import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
import eu.eidas.auth.commons.attribute.ImmutableAttributeMap.Builder;
+import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress;
import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse;
import lombok.val;
import szrservices.GetIdentityLinkEidasResponse;
@@ -86,7 +98,6 @@ import szrservices.SignContentEntry;
import szrservices.SignContentResponseType;
@RunWith(SpringJUnit4ClassRunner.class)
-@PrepareForTest(CreateIdentityLinkTask.class)
@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)
@ContextConfiguration(locations = {
"/SpringTest-context_tasks_test.xml",
@@ -105,6 +116,9 @@ public class CreateIdentityLinkTaskEidNewTest {
EaafKeyStoreFactory keyStoreFactory;
@Autowired
+ ICcSpecificEidProcessingService eidPostProcessor;
+
+ @Autowired
private IRequestStorage requestStorage;
final ExecutionContext executionContext = new ExecutionContextImpl();
@@ -123,25 +137,27 @@ public class CreateIdentityLinkTaskEidNewTest {
AlgorithmIdentifiers.RSA_PSS_USING_SHA512));
private static ObjectMapper mapper = new ObjectMapper();
-
+
private AuthenticationResponse response;
-
+ private MatchedPersonResult matchingInfos;
+
@Rule
public final SoapServiceRule soap = SoapServiceRule.newInstance();
/**
* jUnit test set-up.
+ * @throws EidasAttributeException
+ * @throws EidPostProcessingException
*/
@Before
- public void setUp() throws EaafStorageException, URISyntaxException {
+ public void setUp() throws EaafStorageException, URISyntaxException, EidPostProcessingException, EidasAttributeException {
httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
httpResp = new MockHttpServletResponse();
RequestContextHolder.resetRequestAttributes();
RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
-
+
basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
- basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.workarounds.use.getidentitylink.for.ida", "true");
final Map<String, String> spConfig = new HashMap<>();
spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
@@ -153,14 +169,27 @@ public class CreateIdentityLinkTaskEidNewTest {
response = buildDummyAuthResponse(false);
pendingReq.getSessionData(AuthProcessDataWrapper.class)
.setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response);
-
+
+ final Map<String, Object> eidasAttributes = convertEidasAttrToSimpleMap(
+ response.getAttributes().getAttributeMap());
+ final SimpleEidasData eidData = eidPostProcessor.postProcess(eidasAttributes);
+ MatchingTaskUtils.storeInitialEidasData(pendingReq, eidData);
+
+ matchingInfos = MatchedPersonResult.builder()
+ .bpk(RandomStringUtils.randomAlphabetic(5))
+ .givenName(eidData.getGivenName())
+ .familyName(eidData.getFamilyName())
+ .dateOfBirth(eidData.getDateOfBirth())
+ .countryCode(eidData.getCitizenCountryCode())
+ .build();
+ MatchingTaskUtils.storeFinalMatchingResult(pendingReq, matchingInfos);
pendingReq.setSpConfig(oaParam);
pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
pendingReq.setAuthUrl("http://test.com/");
pendingReq.setTransactionId("avaasbav");
pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10));
-
+
executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "XX");
executionContext.put(EaafConstants.PROCESS_ENGINE_REQUIRES_NO_POSTAUTH_REDIRECT, true);
@@ -173,27 +202,39 @@ public class CreateIdentityLinkTaskEidNewTest {
response = buildDummyAuthResponse(true);
pendingReq.getSessionData(AuthProcessDataWrapper.class)
.setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response);
-
- setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
+
+ SimpleEidasData eidData = eidPostProcessor.postProcess(
+ convertEidasAttrToSimpleMap(response.getAttributes().getAttributeMap()));
+ MatchingTaskUtils.storeInitialEidasData(pendingReq, eidData);
+
+ matchingInfos = MatchedPersonResult.builder()
+ .bpk(RandomStringUtils.randomAlphabetic(5))
+ .givenName(eidData.getGivenName())
+ .familyName(eidData.getFamilyName())
+ .dateOfBirth(eidData.getDateOfBirth())
+ .countryCode(eidData.getCitizenCountryCode())
+ .build();
+ MatchingTaskUtils.storeFinalMatchingResult(pendingReq, matchingInfos);
+
String vsz = RandomStringUtils.randomNumeric(10);
- when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(vsz);
- val signContentResp = new SignContentResponseType();
+ when(szrMock.getStammzahlEncrypted(any(), any())).thenReturn(vsz);
+ SignContentResponseType signContentResp = new SignContentResponseType();
final SignContentEntry signContentEntry = new SignContentEntry();
signContentEntry.setValue(RandomStringUtils.randomAlphanumeric(10));
signContentResp.getOut().add(signContentEntry);
- when(szrMock, "signContent", any(), any(), any()).thenReturn(signContentResp);
+ when(szrMock.signContent(any(), any(), any())).thenReturn(signContentResp);
String randomTestSp = RandomStringUtils.randomAlphabetic(10);
pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
-
+
//perform test
task.execute(pendingReq, executionContext);
- //validate state
+ //validate state
// check if pendingRequest was stored
IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
Assert.assertNotNull("pendingReq not stored", storedPendingReq);
-
+
//check data in session
final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
Assert.assertNotNull("AuthProcessData", authProcessData);
@@ -201,16 +242,12 @@ public class CreateIdentityLinkTaskEidNewTest {
String authBlock = authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, String.class);
Assert.assertNotNull("AuthBlock", authBlock);
-
+
Assert.assertTrue("EID process", authProcessData.isEidProcess());
Assert.assertTrue("foreigner process", authProcessData.isForeigner());
- Assert.assertEquals("EID-ISSUING_NATION", "LU",
+ Assert.assertEquals("EID-ISSUING_NATION", "LU",
authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
- Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel());
- Assert.assertEquals("LoA", response.getLevelOfAssurance(),
- authProcessData.getQaaLevel());
-
-
+
// check authblock signature
final AlgorithmConstraints constraints = new AlgorithmConstraints(ConstraintType.PERMIT,
BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.toArray(new String[BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.size()]));
@@ -218,52 +255,47 @@ public class CreateIdentityLinkTaskEidNewTest {
X509Certificate[] trustedCerts = EaafKeyStoreUtils
.getPrivateKeyAndCertificates(keyStore.getFirst(), ALIAS, PW.toCharArray(), true, "junit").getSecond();
JwsResult result = JoseUtils.validateSignature(authBlock, Arrays.asList(trustedCerts), constraints);
- Assert.assertTrue("AuthBlock not valid", result.isValid());
- JsonNode authBlockJson = mapper.readTree(result.getPayLoad());
+ Assert.assertTrue("AuthBlock not valid", result.isValid());
+ JsonNode authBlockJson = mapper.readTree(result.getPayLoad());
Assert.assertNotNull("deserialized AuthBlock", authBlockJson);
-
- Assert.assertNotNull("no piiTransactionId in pendingRequesdt",
+
+ Assert.assertNotNull("no piiTransactionId in pendingRequesdt",
storedPendingReq.getUniquePiiTransactionIdentifier());
- Assert.assertEquals("piiTransactionId", storedPendingReq.getUniquePiiTransactionIdentifier(),
+ Assert.assertEquals("piiTransactionId", storedPendingReq.getUniquePiiTransactionIdentifier(),
authBlockJson.get("piiTransactionId").asText());
- Assert.assertEquals("appId", randomTestSp, authBlockJson.get("appId").asText());
+ Assert.assertEquals("appId", randomTestSp, authBlockJson.get("appId").asText());
Assert.assertFalse("'challenge' is null", authBlockJson.get("challenge").asText().isEmpty());
Assert.assertFalse("'timestamp' is null", authBlockJson.get("timestamp").asText().isEmpty());
Assert.assertFalse("binding pubKey", authBlockJson.has("bindingPublicKey"));
+
// check vsz request
ArgumentCaptor<PersonInfoType> argument4 = ArgumentCaptor.forClass(PersonInfoType.class);
- ArgumentCaptor<Boolean> argument5 = ArgumentCaptor.forClass(Boolean.class);
+ ArgumentCaptor<Boolean> argument5 = ArgumentCaptor.forClass(Boolean.class);
verify(szrMock, times(1)).getStammzahlEncrypted(argument4.capture(), argument5.capture());
-
+
Boolean param5 = argument5.getValue();
- Assert.assertFalse("insertERnP flag", param5);
+ Assert.assertFalse("insertERnP flag", param5);
PersonInfoType person = argument4.getValue();
- Assert.assertEquals("FamilyName", "Mustermann", person.getPerson().getName().getFamilyName());
- Assert.assertEquals("GivenName", "Hans", person.getPerson().getName().getGivenName());
- Assert.assertEquals("DateOfBirth", "1989-05-05", person.getPerson().getDateOfBirth());
- Assert.assertEquals("bpk", "1NjpYBHFn6onfNp2pCM8nXrlyQc=", person.getPerson().getIdentification().getValue());
- Assert.assertEquals("bPKType", EaafConstants.URN_PREFIX_CDID + "ZP", person.getPerson().getIdentification().getType());
-
-// Assert.assertEquals("PlaceOfBirth",
-// response.getAttributes().getAttributeValuesByFriendlyName("PlaceOfBirth").getFirstValue(
-// response.getAttributes().getDefinitionsByFriendlyName("PlaceOfBirth").iterator().next()),
-// person.getPerson().getPlaceOfBirth());
-// Assert.assertEquals("BirthName",
-// response.getAttributes().getAttributeValuesByFriendlyName("BirthName").getFirstValue(
-// response.getAttributes().getDefinitionsByFriendlyName("BirthName").iterator().next()),
-// person.getPerson().getAlternativeName().getFamilyName());
-//
-// Assert.assertEquals("CitizenCountry", "LU", person.getTravelDocument().getIssuingCountry());
-// Assert.assertEquals("DocumentType", "ELEKTR_DOKUMENT", person.getTravelDocument().getDocumentType());
-//
-// Assert.assertEquals("Identifier",
-// response.getAttributes().getAttributeValuesByFriendlyName("PersonIdentifier").getFirstValue(
-// response.getAttributes().getDefinitionsByFriendlyName("PersonIdentifier").iterator().next())
-// .toString().split("/")[2],
-// person.getTravelDocument().getDocumentNumber());
-
+ Assert.assertEquals("FamilyName",
+ response.getAttributes().getAttributeValuesByFriendlyName("FamilyName").getFirstValue(
+ response.getAttributes().getDefinitionsByFriendlyName("FamilyName").iterator().next()),
+ person.getPerson().getName().getFamilyName());
+ Assert.assertEquals("GivenName",
+ response.getAttributes().getAttributeValuesByFriendlyName("FirstName").getFirstValue(
+ response.getAttributes().getDefinitionsByFriendlyName("FirstName").iterator().next()),
+ person.getPerson().getName().getGivenName());
+ Assert.assertEquals("DateOfBirth",
+ response.getAttributes().getAttributeValuesByFriendlyName("DateOfBirth").getFirstValue(
+ response.getAttributes().getDefinitionsByFriendlyName("DateOfBirth").iterator().next())
+ .toString().split("T")[0],
+ person.getPerson().getDateOfBirth());
+
+ Assert.assertNull("PlaceOfBirth", person.getPerson().getPlaceOfBirth());
+ Assert.assertNull("BirthName", person.getPerson().getAlternativeName());
+ Assert.assertNull("TravelDocument", person.getTravelDocument());
+
// check bcBind singing request
ArgumentCaptor<Boolean> argument1 = ArgumentCaptor.forClass(Boolean.class);
ArgumentCaptor<List<JwsHeaderParam>> argument2 = ArgumentCaptor.forClass(List.class);
@@ -271,66 +303,67 @@ public class CreateIdentityLinkTaskEidNewTest {
verify(szrMock, times(1)).signContent(argument1.capture(), argument2.capture(), argument3.capture());
Boolean param1 = argument1.getValue();
Assert.assertFalse("addCert flag", param1);
-
+
List<JwsHeaderParam> param2 = argument2.getValue();
- Assert.assertNotNull("JWS Headers", param2);
+ Assert.assertNotNull("JWS Headers", param2);
Assert.assertFalse("JWS Headers empty", param2.isEmpty());
Assert.assertEquals("Wrong JWS header size", 1, param2.size());
Assert.assertEquals("Missing JWS header key", "urn:at.gv.eid:bindtype", param2.get(0).getKey());
Assert.assertEquals("Missing JWS header value", "urn:at.gv.eid:eidasBind", param2.get(0).getValue());
-
+
List<SignContentEntry> param3 = argument3.getValue();
Assert.assertNotNull("sign Payload", param3);
- Assert.assertEquals("wrong sign-payload size", 1, param3.size());
- Assert.assertNotNull("payload", param3.get(0).getValue().getBytes());
+ Assert.assertEquals("wrong sign-payload size", 1, param3.size());
+ Assert.assertNotNull("payload", param3.get(0).getValue().getBytes());
JsonNode bcBind = mapper.readTree(param3.get(0).getValue().getBytes());
Assert.assertNotNull("bcbind req", bcBind);
-
+
Assert.assertEquals("vsz", vsz, bcBind.get("urn:eidgvat:attributes.vsz.value").asText());
- Assert.assertEquals("eid status", "urn:eidgvat:eid.status.eidas",
+ Assert.assertEquals("eid status", "urn:eidgvat:eid.status.eidas",
bcBind.get("urn:eidgvat:attributes.eid.status").asText());
Assert.assertTrue("pubKeys", bcBind.has("urn:eidgvat:attributes.user.pubkeys"));
- Assert.assertTrue("pubKeys", bcBind.get("urn:eidgvat:attributes.user.pubkeys").isArray());
+ Assert.assertTrue("pubKeys", bcBind.get("urn:eidgvat:attributes.user.pubkeys").isArray());
Iterator<JsonNode> pubKeys = bcBind.get("urn:eidgvat:attributes.user.pubkeys").elements();
Assert.assertTrue("No PubKey", pubKeys.hasNext());
- Assert.assertEquals("Wrong pubKey",
+ Assert.assertEquals("Wrong pubKey",
"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxcB5jnrAwGn7xjgVFv1UBUv1pluwDRFQx7x5O6rSn7pblYfwaWeKa8y"
+ "jS5BDDaZ00mhhnSlm2XByNrkg5yBGetTgBGtQVAxV5apfuAWN8TS3uSXgdZol7Khd6kraUITtnulvLe8tNaboom5P0zN6UxbJN"
+ "NVLishVp80HiRXiDbplCTUk8b5cYtmivdb0+5JBTa7L5N/anRVnHHoJCXgNPTouO8daUHZbG1mPk0HgqD8rhZ+OBzE+APKH9No"
- + "agedSrGRDLdIgZxkrg0mxmfsZQIi2wdJSi3y0PAjEps/s4j0nmw9bPRgCMNLBqqjxtN5JKC8E1yyLm7YefXv/nPaMwIDAQAB",
+ + "agedSrGRDLdIgZxkrg0mxmfsZQIi2wdJSi3y0PAjEps/s4j0nmw9bPRgCMNLBqqjxtN5JKC8E1yyLm7YefXv/nPaMwIDAQAB",
pubKeys.next().asText());
Assert.assertFalse("More than one PubKey", pubKeys.hasNext());
-
+
}
@Test
- public void successfulProcessWithStandardInfosWithoutIdl() throws Exception {
+ public void successfulProcessWithDataFromMatching() throws Exception {
//initialize test
- basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.workarounds.use.getidentitylink.for.ida", "false");
-
String vsz = RandomStringUtils.randomNumeric(10);
- when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(vsz);
- val signContentResp = new SignContentResponseType();
+ when(szrMock.getStammzahlEncrypted(any(), any())).thenReturn(vsz);
+ SignContentResponseType signContentResp = new SignContentResponseType();
final SignContentEntry signContentEntry = new SignContentEntry();
signContentEntry.setValue(RandomStringUtils.randomAlphanumeric(10));
signContentResp.getOut().add(signContentEntry);
- when(szrMock, "signContent", any(), any(), any()).thenReturn(signContentResp);
-
+
+ when(szrMock.signContent(any(), any(), any())).thenReturn(signContentResp);
+
String randomTestSp = RandomStringUtils.randomAlphabetic(10);
String bindingPubKey = RandomStringUtils.randomAlphabetic(10);
pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
pendingReq.setRawDataToTransaction(MsEidasNodeConstants.EID_BINDING_PUBLIC_KEY_NAME, bindingPubKey);
+
//perform test
task.execute(pendingReq, executionContext);
-
- //validate state
+
+
+ //validate state
// check if pendingRequest was stored
IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
Assert.assertNotNull("pendingReq not stored", storedPendingReq);
-
+
//check data in session
final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
Assert.assertNotNull("AuthProcessData", authProcessData);
@@ -339,6 +372,7 @@ public class CreateIdentityLinkTaskEidNewTest {
// check authblock signature
String authBlock = authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, String.class);
Assert.assertNotNull("AuthBlock", authBlock);
+
final AlgorithmConstraints constraints = new AlgorithmConstraints(ConstraintType.PERMIT,
BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.toArray(new String[BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.size()]));
Pair<KeyStore, Provider> keyStore = getKeyStore();
@@ -361,122 +395,108 @@ public class CreateIdentityLinkTaskEidNewTest {
Assert.assertTrue("EID process", authProcessData.isEidProcess());
Assert.assertTrue("foreigner process", authProcessData.isForeigner());
- Assert.assertEquals("EID-ISSUING_NATION", "LU",
+ Assert.assertEquals("EID-ISSUING_NATION", "LU",
authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
- Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel());
- Assert.assertEquals("LoA", response.getLevelOfAssurance(),
- authProcessData.getQaaLevel());
-
+
// check vsz request
ArgumentCaptor<PersonInfoType> argument4 = ArgumentCaptor.forClass(PersonInfoType.class);
- ArgumentCaptor<Boolean> argument5 = ArgumentCaptor.forClass(Boolean.class);
+ ArgumentCaptor<Boolean> argument5 = ArgumentCaptor.forClass(Boolean.class);
verify(szrMock, times(1)).getStammzahlEncrypted(argument4.capture(), argument5.capture());
-
+
Boolean param5 = argument5.getValue();
- Assert.assertTrue("insertERnP flag", param5);
+ Assert.assertFalse("insertERnP flag", param5);
PersonInfoType person = argument4.getValue();
- Assert.assertEquals("FamilyName",
- response.getAttributes().getAttributeValuesByFriendlyName("FamilyName").getFirstValue(
- response.getAttributes().getDefinitionsByFriendlyName("FamilyName").iterator().next()),
+ Assert.assertEquals("FamilyName",
+ matchingInfos.getFamilyName(),
person.getPerson().getName().getFamilyName());
- Assert.assertEquals("GivenName",
- response.getAttributes().getAttributeValuesByFriendlyName("FirstName").getFirstValue(
- response.getAttributes().getDefinitionsByFriendlyName("FirstName").iterator().next()),
+ Assert.assertEquals("GivenName",
+ matchingInfos.getGivenName(),
person.getPerson().getName().getGivenName());
- Assert.assertEquals("DateOfBirth",
- response.getAttributes().getAttributeValuesByFriendlyName("DateOfBirth").getFirstValue(
- response.getAttributes().getDefinitionsByFriendlyName("DateOfBirth").iterator().next())
- .toString().split("T")[0],
+ Assert.assertEquals("DateOfBirth",
+ matchingInfos.getDateOfBirth(),
person.getPerson().getDateOfBirth());
+ Assert.assertEquals("bPK",
+ matchingInfos.getBpk(),
+ person.getPerson().getIdentification().getValue());
+ Assert.assertEquals("bPKType",
+ EaafConstants.URN_PREFIX_CDID + "ZP",
+ person.getPerson().getIdentification().getType());
- Assert.assertNull("PlaceOfBirth", person.getPerson().getPlaceOfBirth());
- Assert.assertNull("BirthName", person.getPerson().getAlternativeName());
-
- Assert.assertEquals("CitizenCountry", "LU", person.getTravelDocument().getIssuingCountry());
- Assert.assertEquals("DocumentType", "ELEKTR_DOKUMENT", person.getTravelDocument().getDocumentType());
-
- Assert.assertEquals("Identifier",
- response.getAttributes().getAttributeValuesByFriendlyName("PersonIdentifier").getFirstValue(
- response.getAttributes().getDefinitionsByFriendlyName("PersonIdentifier").iterator().next())
- .toString().split("/")[2],
- person.getTravelDocument().getDocumentNumber());
+ Assert.assertNull("PlaceOfBirth", person.getPerson().getPlaceOfBirth());
+ Assert.assertNull("BirthName", person.getPerson().getAlternativeName());
+
}
@Test
public void successfulProcessWithStandardInfos() throws Exception {
- //initialize test
- setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
+ //initialize test
String vsz = RandomStringUtils.randomNumeric(10);
- when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(vsz);
+ when(szrMock.getStammzahlEncrypted(any(), any())).thenReturn(vsz);
val signContentResp = new SignContentResponseType();
final SignContentEntry signContentEntry = new SignContentEntry();
signContentEntry.setValue(RandomStringUtils.randomAlphanumeric(10));
signContentResp.getOut().add(signContentEntry);
- when(szrMock, "signContent", any(), any(), any()).thenReturn(signContentResp);
-
+ when(szrMock.signContent(any(), any(), any())).thenReturn(signContentResp);
+
String randomTestSp = RandomStringUtils.randomAlphabetic(10);
- String bindingPubKey = RandomStringUtils.randomAlphabetic(10);
pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
- pendingReq.setRawDataToTransaction(MsEidasNodeConstants.EID_BINDING_PUBLIC_KEY_NAME, bindingPubKey);
-
+
//perform test
task.execute(pendingReq, executionContext);
- //validate state
+ //validate state
// check if pendingRequest was stored
IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
Assert.assertNotNull("pendingReq not stored", storedPendingReq);
-
+
//check data in session
final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
Assert.assertNotNull("AuthProcessData", authProcessData);
Assert.assertNotNull("eidasBind", authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, String.class));
- // check authblock signature
String authBlock = authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, String.class);
Assert.assertNotNull("AuthBlock", authBlock);
- final AlgorithmConstraints constraints = new AlgorithmConstraints(ConstraintType.PERMIT,
- BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.toArray(new String[BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.size()]));
- Pair<KeyStore, Provider> keyStore = getKeyStore();
- X509Certificate[] trustedCerts = EaafKeyStoreUtils
- .getPrivateKeyAndCertificates(keyStore.getFirst(), ALIAS, PW.toCharArray(), true, "junit").getSecond();
- JwsResult result = JoseUtils.validateSignature(authBlock, Arrays.asList(trustedCerts), constraints);
- Assert.assertTrue("AuthBlock not valid", result.isValid());
- JsonNode authBlockJson = mapper.readTree(result.getPayLoad());
- Assert.assertNotNull("deserialized AuthBlock", authBlockJson);
-
- Assert.assertNotNull("no piiTransactionId in pendingRequesdt",
- storedPendingReq.getUniquePiiTransactionIdentifier());
- Assert.assertEquals("piiTransactionId", storedPendingReq.getUniquePiiTransactionIdentifier(),
- authBlockJson.get("piiTransactionId").asText());
- Assert.assertEquals("appId", randomTestSp, authBlockJson.get("appId").asText());
- Assert.assertFalse("'challenge' is null", authBlockJson.get("challenge").asText().isEmpty());
- Assert.assertFalse("'timestamp' is null", authBlockJson.get("timestamp").asText().isEmpty());
- Assert.assertTrue("binding pubKey", authBlockJson.has("bindingPublicKey"));
- Assert.assertEquals("binding PubKey", bindingPubKey, authBlockJson.get("bindingPublicKey").asText());
-
+
Assert.assertTrue("EID process", authProcessData.isEidProcess());
Assert.assertTrue("foreigner process", authProcessData.isForeigner());
- Assert.assertEquals("EID-ISSUING_NATION", "LU",
+ Assert.assertEquals("EID-ISSUING_NATION", "LU",
authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
- Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel());
- Assert.assertEquals("LoA", response.getLevelOfAssurance(),
- authProcessData.getQaaLevel());
-
+
// check vsz request
ArgumentCaptor<PersonInfoType> argument4 = ArgumentCaptor.forClass(PersonInfoType.class);
- ArgumentCaptor<Boolean> argument5 = ArgumentCaptor.forClass(Boolean.class);
+ ArgumentCaptor<Boolean> argument5 = ArgumentCaptor.forClass(Boolean.class);
verify(szrMock, times(1)).getStammzahlEncrypted(argument4.capture(), argument5.capture());
-
+
+ Boolean param5 = argument5.getValue();
+ Assert.assertFalse("insertERnP flag", param5);
+ PersonInfoType person = argument4.getValue();
+ Assert.assertEquals("FamilyName",
+ response.getAttributes().getAttributeValuesByFriendlyName("FamilyName").getFirstValue(
+ response.getAttributes().getDefinitionsByFriendlyName("FamilyName").iterator().next()),
+ person.getPerson().getName().getFamilyName());
+ Assert.assertEquals("GivenName",
+ response.getAttributes().getAttributeValuesByFriendlyName("FirstName").getFirstValue(
+ response.getAttributes().getDefinitionsByFriendlyName("FirstName").iterator().next()),
+ person.getPerson().getName().getGivenName());
+ Assert.assertEquals("DateOfBirth",
+ response.getAttributes().getAttributeValuesByFriendlyName("DateOfBirth").getFirstValue(
+ response.getAttributes().getDefinitionsByFriendlyName("DateOfBirth").iterator().next())
+ .toString().split("T")[0],
+ person.getPerson().getDateOfBirth());
+
+ Assert.assertNull("PlaceOfBirth", person.getPerson().getPlaceOfBirth());
+ Assert.assertNull("BirthName", person.getPerson().getAlternativeName());
+ Assert.assertNull("TravelDocument", person.getTravelDocument());
+
}
@Test
public void getStammzahlEncryptedExceptionTest() throws Exception {
try {
- setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
- when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(null);
+ when(szrMock.getStammzahlEncrypted(any(), any())).thenReturn(null);
task.execute(pendingReq, executionContext);
+
} catch (TaskExecutionException e) {
Assert.assertEquals("Incorrect exception thrown", e.getMessage(),
"IdentityLink generation for foreign person " + "FAILED.");
@@ -489,10 +509,10 @@ public class CreateIdentityLinkTaskEidNewTest {
@Test
public void signContentExceptionTest() throws Exception {
try {
- setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
- when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(RandomStringUtils.randomNumeric(10));
- when(szrMock, "signContent", any(), any(), any()).thenReturn(null);
+ when(szrMock.getStammzahlEncrypted(any(), any())).thenReturn(RandomStringUtils.randomNumeric(10));
+ when(szrMock.signContent(any(), any(), any())).thenReturn(null);
task.execute(pendingReq, executionContext);
+
} catch (TaskExecutionException e) {
Assert.assertEquals("Incorrect exception thrown", e.getMessage(),
"IdentityLink generation for foreign person " + "FAILED.");
@@ -502,6 +522,45 @@ public class CreateIdentityLinkTaskEidNewTest {
}
}
+ @Test
+ public void checkEmptyStringAttribute() throws Exception {
+ //initialize test
+ setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
+ String vsz = RandomStringUtils.randomNumeric(10);
+ when(szrMock.getStammzahlEncrypted(any(), any())).thenReturn(vsz);
+ val signContentResp = new SignContentResponseType();
+ final SignContentEntry signContentEntry = new SignContentEntry();
+ signContentEntry.setValue(RandomStringUtils.randomAlphanumeric(10));
+ signContentResp.getOut().add(signContentEntry);
+ when(szrMock.signContent(any(), any(), any())).thenReturn(signContentResp);
+
+ String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+ String bindingPubKey = RandomStringUtils.randomAlphabetic(10);
+ pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+ pendingReq.setRawDataToTransaction(MsEidasNodeConstants.EID_BINDING_PUBLIC_KEY_NAME, bindingPubKey);
+
+
+ response = buildDummyAuthResponse(true, true);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response);
+
+
+ //perform test
+ task.execute(pendingReq, executionContext);
+
+ //validate state
+ // check if pendingRequest was stored
+ IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
+ Assert.assertNotNull("pendingReq not stored", storedPendingReq);
+
+ //check data in session
+ final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
+ Assert.assertNotNull("AuthProcessData", authProcessData);
+ Assert.assertNotNull("eidasBind", authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, String.class));
+
+ }
+
+
private Pair<KeyStore, Provider> getKeyStore() throws EaafException {
// read Connector wide config data TODO connector wide!
String keyStoreName = basicConfig.getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEYSTORE_NAME);
@@ -537,9 +596,14 @@ public class CreateIdentityLinkTaskEidNewTest {
}
-
@Nonnull
private AuthenticationResponse buildDummyAuthResponse(boolean withAll) throws URISyntaxException {
+ return buildDummyAuthResponse(withAll, false);
+
+ }
+
+ @Nonnull
+ private AuthenticationResponse buildDummyAuthResponse(boolean withAll, boolean withEmpty) throws URISyntaxException {
final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first();
final AttributeDefinition attributeDef2 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
@@ -552,16 +616,22 @@ public class CreateIdentityLinkTaskEidNewTest {
Constants.eIDAS_ATTR_PLACEOFBIRTH).first();
final AttributeDefinition attributeDef6 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
Constants.eIDAS_ATTR_BIRTHNAME).first();
-
+
final Builder attributeMap = ImmutableAttributeMap.builder();
attributeMap.put(attributeDef, "LU/AT/" + RandomStringUtils.randomNumeric(64));
attributeMap.put(attributeDef2, RandomStringUtils.randomAlphabetic(10));
attributeMap.put(attributeDef3, RandomStringUtils.randomAlphabetic(10));
attributeMap.put(attributeDef4, "2001-01-01");
if (withAll) {
- attributeMap.put(attributeDef5, RandomStringUtils.randomAlphabetic(10));
+ if (withEmpty) {
+ attributeMap.put(attributeDef5, Collections.emptySet());
+
+ } else {
+ attributeMap.put(attributeDef5, RandomStringUtils.randomAlphabetic(10));
+
+ }
attributeMap.put(attributeDef6, RandomStringUtils.randomAlphabetic(10));
-
+
}
val b = new AuthenticationResponse.Builder();
@@ -575,4 +645,53 @@ public class CreateIdentityLinkTaskEidNewTest {
.attributes(attributeMap.build())
.build();
}
+
+ private Map<String, Object> convertEidasAttrToSimpleMap(
+ ImmutableMap<AttributeDefinition<?>, ImmutableSet<? extends AttributeValue<?>>> attributeMap) {
+ final Map<String, Object> result = new HashMap<>();
+ for (final AttributeDefinition<?> el : attributeMap.keySet()) {
+ final Class<?> parameterizedType = el.getParameterizedType();
+ if (DateTime.class.equals(parameterizedType)) {
+ convertDateTime(attributeMap, result, el);
+ } else if (PostalAddress.class.equals(parameterizedType)) {
+ convertPostalAddress(attributeMap, result, el);
+ } else {
+ convertString(attributeMap, result, el);
+ }
+ }
+ return result;
+ }
+
+ private void convertString(ImmutableMap<AttributeDefinition<?>,
+ ImmutableSet<? extends AttributeValue<?>>> attributeMap,
+ Map<String, Object> result, AttributeDefinition<?> el) {
+ final List<String> natPersonIdObj = EidasResponseUtils
+ .translateStringListAttribute(el, attributeMap.get(el));
+ final String stringAttr = natPersonIdObj.get(0);
+ if (StringUtils.isNotEmpty(stringAttr)) {
+ result.put(el.getFriendlyName(), stringAttr);
+
+ }
+ }
+
+ private void convertPostalAddress(ImmutableMap<AttributeDefinition<?>,
+ ImmutableSet<? extends AttributeValue<?>>> attributeMap,
+ Map<String, Object> result, AttributeDefinition<?> el) {
+ final PostalAddress addressAttribute = EidasResponseUtils
+ .translateAddressAttribute(el, attributeMap.get(el).asList());
+ if (addressAttribute != null) {
+ result.put(el.getFriendlyName(), addressAttribute);
+
+ }
+ }
+
+ private void convertDateTime(ImmutableMap<AttributeDefinition<?>,
+ ImmutableSet<? extends AttributeValue<?>>> attributeMap,
+ Map<String, Object> result, AttributeDefinition<?> el) {
+ final DateTime attribute = EidasResponseUtils.translateDateAttribute(el, attributeMap.get(el).asList());
+ if (attribute != null) {
+ result.put(el.getFriendlyName(), attribute);
+
+ }
+ }
}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java
index a9d2f332..5c528532 100644
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java
@@ -5,20 +5,22 @@ import static org.mockito.ArgumentMatchers.any;
import java.net.URISyntaxException;
import java.util.HashMap;
+import java.util.List;
import java.util.Map;
-import javax.annotation.Nonnull;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Unmarshaller;
import org.apache.commons.lang3.RandomStringUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.jetbrains.annotations.NotNull;
+import org.joda.time.DateTime;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.junit.runner.RunWith;
-import org.powermock.core.classloader.annotations.PrepareForTest;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
@@ -29,12 +31,21 @@ import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import com.github.skjolber.mockito.soap.SoapServiceRule;
+import com.google.common.collect.ImmutableMap;
+import com.google.common.collect.ImmutableSet;
import at.asitplus.eidas.specific.core.MsEidasNodeConstants;
import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.ICcSpecificEidProcessingService;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.MatchingTaskUtils;
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.IRequestStorage;
import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
@@ -51,7 +62,9 @@ import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
import at.gv.egiz.eaaf.core.impl.utils.Random;
import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.attribute.AttributeValue;
import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
+import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress;
import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse;
import lombok.val;
import szrservices.GetBPK;
@@ -62,7 +75,6 @@ import szrservices.SZR;
import szrservices.SZRException_Exception;
@RunWith(SpringJUnit4ClassRunner.class)
-@PrepareForTest(CreateIdentityLinkTask.class)
@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)
@ContextConfiguration(locations = {
"/SpringTest-context_tasks_test.xml",
@@ -81,7 +93,10 @@ public class CreateIdentityLinkTaskTest {
EaafKeyStoreFactory keyStoreFactory;
@Autowired
- private IRequestStorage requestStorage;
+ ICcSpecificEidProcessingService eidPostProcessor;
+
+ @Autowired
+ IRequestStorage requestStorage;
final ExecutionContext executionContext = new ExecutionContextImpl();
private MockHttpServletRequest httpReq;
@@ -89,18 +104,21 @@ public class CreateIdentityLinkTaskTest {
private TestRequestImpl pendingReq;
private DummySpConfiguration oaParam;
private SZR szrMock;
-
+
+ private MatchedPersonResult matchingInfos;
private AuthenticationResponse response;
private Map<String, String> spConfig;
-
+
@Rule
public final SoapServiceRule soap = SoapServiceRule.newInstance();
/**
* jUnit test set-up.
+ * @throws EidasAttributeException
+ * @throws EidPostProcessingException
*/
@Before
- public void setUp() throws EaafStorageException, URISyntaxException {
+ public void setUp() throws EaafStorageException, URISyntaxException, EidPostProcessingException, EidasAttributeException {
httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
httpResp = new MockHttpServletResponse();
@@ -110,7 +128,7 @@ public class CreateIdentityLinkTaskTest {
basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "false");
basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation", "false");
-
+
spConfig = new HashMap<>();
spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
@@ -119,42 +137,55 @@ public class CreateIdentityLinkTaskTest {
pendingReq = new TestRequestImpl();
response = buildDummyAuthResponse();
-
+ final Map<String, Object> eidasAttributes = convertEidasAttrToSimpleMap(
+ response.getAttributes().getAttributeMap());
+ final SimpleEidasData eidData = eidPostProcessor.postProcess(eidasAttributes);
+ MatchingTaskUtils.storeInitialEidasData(pendingReq, eidData);
pendingReq.getSessionData(AuthProcessDataWrapper.class)
.setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response);
+
+ matchingInfos = MatchedPersonResult.builder()
+ .bpk(RandomStringUtils.randomAlphabetic(5))
+ .givenName(eidData.getGivenName())
+ .familyName(eidData.getFamilyName())
+ .dateOfBirth(eidData.getDateOfBirth())
+ .countryCode(eidData.getCitizenCountryCode())
+ .build();
+ MatchingTaskUtils.storeFinalMatchingResult(pendingReq, matchingInfos);
+
pendingReq.setSpConfig(oaParam);
pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
pendingReq.setAuthUrl("http://test.com/");
pendingReq.setTransactionId("avaasbav");
pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10));
-
+
executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "XX");
executionContext.put(EaafConstants.PROCESS_ENGINE_REQUIRES_NO_POSTAUTH_REDIRECT, true);
szrMock = soap.mock(SZR.class, "http://localhost:1234/demoszr");
}
-
+
@Test
public void buildIdentityLink() throws Exception {
- //initialize test
+ //initialize test
setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
-
+
String randomTestSp = RandomStringUtils.randomAlphabetic(10);
pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
-
+
basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
-
-
+
+
//perform test
task.execute(pendingReq, executionContext);
-
- //validate state
+
+ //validate state
// check if pendingRequest was stored
IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
Assert.assertNotNull("pendingReq not stored", storedPendingReq);
-
+
//check data in session
final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
Assert.assertNotNull("AuthProcessData", authProcessData);
@@ -162,15 +193,12 @@ public class CreateIdentityLinkTaskTest {
String authBlock = authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, String.class);
Assert.assertNull("AuthBlock", authBlock);
-
+
Assert.assertFalse("EID process", authProcessData.isEidProcess());
Assert.assertTrue("foreigner process", authProcessData.isForeigner());
- Assert.assertEquals("EID-ISSUING_NATION", "LU",
+ Assert.assertEquals("EID-ISSUING_NATION", "LU",
authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
- Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel());
- Assert.assertEquals("LoA", response.getLevelOfAssurance(),
- authProcessData.getQaaLevel());
-
+
Assert.assertNotNull("IDL", authProcessData.getIdentityLink());
checkElement("Mustermann", authProcessData.getIdentityLink().getFamilyName());
checkElement("Hans", authProcessData.getIdentityLink().getGivenName());
@@ -178,12 +206,69 @@ public class CreateIdentityLinkTaskTest {
checkElement("urn:publicid:gv.at:baseid", authProcessData.getIdentityLink().getIdentificationType());
checkElement("k+zDM1BVpN1WJO4x7ZQ3ng==", authProcessData.getIdentityLink().getIdentificationValue());
Assert.assertNotNull(authProcessData.getIdentityLink().getSerializedSamlAssertion());
- Assert.assertNotNull(authProcessData.getIdentityLink().getSamlAssertion());
-
+ Assert.assertNotNull(authProcessData.getIdentityLink().getSamlAssertion());
+
Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
- Assert.assertEquals("wrong bPK", "XX:FkXtOaSSeR3elyL9KLLvijIYDMU=",
+ Assert.assertEquals("wrong bPK", "XX:FkXtOaSSeR3elyL9KLLvijIYDMU=",
authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+
+ }
+
+ @Test
+ public void successfulProcessWithDataFromMatching() throws Exception {
+ //initialize test
+ setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
+
+ String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+ pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+
+ MatchedPersonResult matchingInfos = MatchedPersonResult.builder()
+ .bpk(RandomStringUtils.randomAlphabetic(5))
+ .givenName(RandomStringUtils.randomAlphabetic(5))
+ .familyName(RandomStringUtils.randomAlphabetic(5))
+ .dateOfBirth(RandomStringUtils.randomAlphabetic(5))
+ .countryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+ .build();
+
+ MatchingTaskUtils.storeFinalMatchingResult(pendingReq, matchingInfos);
+ //perform test
+ task.execute(pendingReq, executionContext);
+
+
+ //validate state
+ // check if pendingRequest was stored
+ IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
+ Assert.assertNotNull("pendingReq not stored", storedPendingReq);
+
+ //check data in session
+ final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
+ Assert.assertNotNull("AuthProcessData", authProcessData);
+ Assert.assertNull("eidasBind", authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, String.class));
+
+ String authBlock = authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, String.class);
+ Assert.assertNull("AuthBlock", authBlock);
+
+ Assert.assertFalse("EID process", authProcessData.isEidProcess());
+ Assert.assertTrue("foreigner process", authProcessData.isForeigner());
+ Assert.assertEquals("EID-ISSUING_NATION", "LU",
+ authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
+
+ Assert.assertNotNull("IDL", authProcessData.getIdentityLink());
+ checkElement("Mustermann", authProcessData.getIdentityLink().getFamilyName());
+ checkElement("Hans", authProcessData.getIdentityLink().getGivenName());
+ checkElement("1989-05-05", authProcessData.getIdentityLink().getDateOfBirth());
+ checkElement("urn:publicid:gv.at:baseid", authProcessData.getIdentityLink().getIdentificationType());
+ checkElement("k+zDM1BVpN1WJO4x7ZQ3ng==", authProcessData.getIdentityLink().getIdentificationValue());
+ Assert.assertNotNull(authProcessData.getIdentityLink().getSerializedSamlAssertion());
+ Assert.assertNotNull(authProcessData.getIdentityLink().getSamlAssertion());
+
+ Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+ Assert.assertEquals("wrong bPK", "XX:FkXtOaSSeR3elyL9KLLvijIYDMU=",
+ authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+
}
@Test
@@ -191,22 +276,22 @@ public class CreateIdentityLinkTaskTest {
//initialize test
setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
spConfig.put("target", EaafConstants.URN_PREFIX_WBPK + "FN+123456i");
-
+
String randomTestSp = RandomStringUtils.randomAlphabetic(10);
pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
-
+
basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true");
-
+
//perform test
task.execute(pendingReq, executionContext);
-
- //validate state
+
+ //validate state
// check if pendingRequest was stored
IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
Assert.assertNotNull("pendingReq not stored", storedPendingReq);
-
+
//check data in session
final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
Assert.assertNotNull("AuthProcessData", authProcessData);
@@ -214,42 +299,39 @@ public class CreateIdentityLinkTaskTest {
String authBlock = authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, String.class);
Assert.assertNull("AuthBlock", authBlock);
-
+
Assert.assertFalse("EID process", authProcessData.isEidProcess());
Assert.assertTrue("foreigner process", authProcessData.isForeigner());
- Assert.assertEquals("EID-ISSUING_NATION", "LU",
+ Assert.assertEquals("EID-ISSUING_NATION", "LU",
authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
- Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel());
- Assert.assertEquals("LoA", response.getLevelOfAssurance(),
- authProcessData.getQaaLevel());
-
+
Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
- Assert.assertEquals("wrong bPK", "FN+123456i:D26vJncPS2W790RH/LP04V+vNOQ=",
+ Assert.assertEquals("wrong bPK", "FN+123456i:D26vJncPS2W790RH/LP04V+vNOQ=",
authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
-
+
}
-
+
@Test
public void buildIdentityLinkWithEidasBpk() throws Exception {
//initialize test
setSzrResponseIdentityLink("/data/szr/szr_resp_valid_2.xml");
spConfig.put("target", EaafConstants.URN_PREFIX_EIDAS + "AT+EU");
-
+
String randomTestSp = RandomStringUtils.randomAlphabetic(10);
pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
-
+
basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true");
-
+
//perform test
task.execute(pendingReq, executionContext);
-
- //validate state
+
+ //validate state
// check if pendingRequest was stored
IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
Assert.assertNotNull("pendingReq not stored", storedPendingReq);
-
+
//check data in session
final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
Assert.assertNotNull("AuthProcessData", authProcessData);
@@ -257,80 +339,77 @@ public class CreateIdentityLinkTaskTest {
String authBlock = authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, String.class);
Assert.assertNull("AuthBlock", authBlock);
-
+
Assert.assertFalse("EID process", authProcessData.isEidProcess());
Assert.assertTrue("foreigner process", authProcessData.isForeigner());
- Assert.assertEquals("EID-ISSUING_NATION", "LU",
+ Assert.assertEquals("EID-ISSUING_NATION", "LU",
authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
- Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel());
- Assert.assertEquals("LoA", response.getLevelOfAssurance(),
- authProcessData.getQaaLevel());
-
+
Assert.assertNotNull("IDL", authProcessData.getIdentityLink());
checkElement("Musterfrau", authProcessData.getIdentityLink().getFamilyName());
checkElement("Martina", authProcessData.getIdentityLink().getGivenName());
checkElement("1991-04-15", authProcessData.getIdentityLink().getDateOfBirth());
checkElement("urn:publicid:gv.at:baseid", authProcessData.getIdentityLink().getIdentificationType());
checkElement("k+zDM1BV1312312332x7ZQ3ng==", authProcessData.getIdentityLink().getIdentificationValue());
-
+
Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
- Assert.assertEquals("wrong bPK", "AT+EU:AT/EU/1+wqDl059/02Ptny0g+LyuLDJV0=",
+ Assert.assertEquals("wrong bPK", "AT+EU:AT/EU/1+wqDl059/02Ptny0g+LyuLDJV0=",
authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
-
+
}
-
+
@Test
public void buildIdentityLinkWithUnknownBpk() throws Exception {
//initialize test
setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
spConfig.put("target", "urn:notextis:1234");
-
+
String randomTestSp = RandomStringUtils.randomAlphabetic(10);
pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
-
+
basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true");
-
+
try {
task.execute(pendingReq, executionContext);
Assert.fail("unknown bPKType not detected");
-
+
} catch (TaskExecutionException e) {
- Assert.assertEquals("ErrorId", "builder.33",
+ Assert.assertEquals("ErrorId", "builder.33",
((EaafException) e.getOriginalException()).getErrorId());
Assert.assertEquals("wrong parameter size", 1, ((EaafException) e.getOriginalException())
.getParams().length);
- }
+ }
}
-
+
@Test
public void noBpkResult() throws Exception {
//initialize test
setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
GetBPKResponse getBpkResp = new GetBPKResponse();
org.mockito.Mockito.when(szrMock.getBPK(any(GetBPK.class))).thenReturn(getBpkResp );
-
+
spConfig.put("target", "urn:notextis:1234");
-
+
String randomTestSp = RandomStringUtils.randomAlphabetic(10);
pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
-
+
basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true");
basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation", "true");
-
+
try {
task.execute(pendingReq, executionContext);
Assert.fail("unknown bPKType not detected");
-
+
} catch (TaskExecutionException e) {
- Assert.assertEquals("ErrorId", "ernb.01",
+ Assert.assertEquals("ErrorId", "ernb.01",
((EaafException) e.getOriginalException()).getErrorId());
-
- }
+
+ }
}
-
+
@Test
public void bPKFromSzr() throws Exception {
//initialize test
@@ -339,25 +418,25 @@ public class CreateIdentityLinkTaskTest {
GetBPKResponse getBpkResp = new GetBPKResponse();
getBpkResp.getGetBPKReturn().add(bpk);
org.mockito.Mockito.when(szrMock.getBPK(any(GetBPK.class))).thenReturn(getBpkResp );
-
+
spConfig.put("target", "urn:notextis:1234");
-
+
String randomTestSp = RandomStringUtils.randomAlphabetic(10);
pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
-
+
basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true");
basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation", "true");
-
+
//execute test
task.execute(pendingReq, executionContext);
-
-
- //validate state
+
+
+ //validate state
// check if pendingRequest was stored
IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
Assert.assertNotNull("pendingReq not stored", storedPendingReq);
-
+
//check data in session
final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
Assert.assertNotNull("AuthProcessData", authProcessData);
@@ -365,58 +444,17 @@ public class CreateIdentityLinkTaskTest {
String authBlock = authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, String.class);
Assert.assertNull("AuthBlock", authBlock);
-
+
Assert.assertFalse("EID process", authProcessData.isEidProcess());
Assert.assertTrue("foreigner process", authProcessData.isForeigner());
- Assert.assertEquals("EID-ISSUING_NATION", "LU",
+ Assert.assertEquals("EID-ISSUING_NATION", "LU",
authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
- Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel());
- Assert.assertEquals("LoA", response.getLevelOfAssurance(),
- authProcessData.getQaaLevel());
-
+
Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
- Assert.assertEquals("wrong bPK", bpk,
+ Assert.assertEquals("wrong bPK", bpk,
authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
}
- @Test
- public void buildDummyIdl() throws Exception {
- //initialize test
- String randomTestSp = RandomStringUtils.randomAlphabetic(10);
- pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
-
- basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "true");
-
-
- //perform test
- task.execute(pendingReq, executionContext);
-
-
- //validate state
- // check if pendingRequest was stored
- IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
- Assert.assertNotNull("pendingReq not stored", storedPendingReq);
-
- //check data in session
- final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
- Assert.assertNotNull("AuthProcessData", authProcessData);
- Assert.assertNull("eidasBind", authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, String.class));
-
- String authBlock = authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, String.class);
- Assert.assertNull("AuthBlock", authBlock);
-
- Assert.assertFalse("EID process", authProcessData.isEidProcess());
- Assert.assertTrue("foreigner process", authProcessData.isForeigner());
- Assert.assertEquals("EID-ISSUING_NATION", "LU",
- authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
- Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel());
- Assert.assertEquals("LoA", response.getLevelOfAssurance(),
- authProcessData.getQaaLevel());
-
- Assert.assertNotNull("IDL", authProcessData.getIdentityLink());
-
- }
-
private void setSzrResponseIdentityLink(String responseXmlPath) throws JAXBException, SZRException_Exception {
final JAXBContext jaxbContext = JAXBContext
.newInstance(szrservices.ObjectFactory.class, org.w3._2001._04.xmldsig_more.ObjectFactory.class,
@@ -433,8 +471,8 @@ public class CreateIdentityLinkTaskTest {
Assert.assertEquals(expected, value);
}
-
- @Nonnull
+
+ @NotNull
private AuthenticationResponse buildDummyAuthResponse() throws URISyntaxException {
final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first();
@@ -444,7 +482,7 @@ public class CreateIdentityLinkTaskTest {
Constants.eIDAS_ATTR_CURRENTGIVENNAME).first();
final AttributeDefinition attributeDef4 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
Constants.eIDAS_ATTR_DATEOFBIRTH).first();
-
+
final ImmutableAttributeMap attributeMap = ImmutableAttributeMap.builder()
.put(attributeDef, "LU/AT/" + RandomStringUtils.randomNumeric(64))
.put(attributeDef2, RandomStringUtils.randomAlphabetic(10))
@@ -461,4 +499,54 @@ public class CreateIdentityLinkTaskTest {
.attributes(attributeMap)
.build();
}
+
+ private Map<String, Object> convertEidasAttrToSimpleMap(
+ ImmutableMap<AttributeDefinition<?>, ImmutableSet<? extends AttributeValue<?>>> attributeMap) {
+ final Map<String, Object> result = new HashMap<>();
+ for (final AttributeDefinition<?> el : attributeMap.keySet()) {
+ final Class<?> parameterizedType = el.getParameterizedType();
+ if (DateTime.class.equals(parameterizedType)) {
+ convertDateTime(attributeMap, result, el);
+ } else if (PostalAddress.class.equals(parameterizedType)) {
+ convertPostalAddress(attributeMap, result, el);
+ } else {
+ convertString(attributeMap, result, el);
+ }
+ }
+ return result;
+ }
+
+ private void convertString(ImmutableMap<AttributeDefinition<?>,
+ ImmutableSet<? extends AttributeValue<?>>> attributeMap,
+ Map<String, Object> result, AttributeDefinition<?> el) {
+ final List<String> natPersonIdObj = EidasResponseUtils
+ .translateStringListAttribute(el, attributeMap.get(el));
+ final String stringAttr = natPersonIdObj.get(0);
+ if (StringUtils.isNotEmpty(stringAttr)) {
+ result.put(el.getFriendlyName(), stringAttr);
+
+ }
+ }
+
+ private void convertPostalAddress(ImmutableMap<AttributeDefinition<?>,
+ ImmutableSet<? extends AttributeValue<?>>> attributeMap,
+ Map<String, Object> result, AttributeDefinition<?> el) {
+ final PostalAddress addressAttribute = EidasResponseUtils
+ .translateAddressAttribute(el, attributeMap.get(el).asList());
+ if (addressAttribute != null) {
+ result.put(el.getFriendlyName(), addressAttribute);
+
+ }
+ }
+
+ private void convertDateTime(ImmutableMap<AttributeDefinition<?>,
+ ImmutableSet<? extends AttributeValue<?>>> attributeMap,
+ Map<String, Object> result, AttributeDefinition<?> el) {
+ final DateTime attribute = EidasResponseUtils.translateDateAttribute(el, attributeMap.get(el).asList());
+ if (attribute != null) {
+ result.put(el.getFriendlyName(), attribute);
+
+ }
+ }
+
}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateNewErnpEntryTaskTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateNewErnpEntryTaskTest.java
new file mode 100644
index 00000000..985a5e14
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateNewErnpEntryTaskTest.java
@@ -0,0 +1,198 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertThrows;
+import static org.junit.Assert.assertTrue;
+import static org.mockito.ArgumentMatchers.any;
+
+import java.net.URISyntaxException;
+import java.util.Arrays;
+import java.util.List;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.jetbrains.annotations.NotNull;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.Mock;
+import org.mockito.Mockito;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.ClassMode;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.ernp.ErnpRestClient;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.ernp.ErnpRestClient.ErnpRegisterResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.WorkflowException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateNewErnpEntryTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.MatchingTaskUtils;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import lombok.SneakyThrows;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml"
+})
+@DirtiesContext(classMode = ClassMode.BEFORE_CLASS)
+public class CreateNewErnpEntryTaskTest {
+
+ CreateNewErnpEntryTask task;
+
+ @Mock ErnpRestClient ernpClient;
+
+ final ExecutionContext executionContext = new ExecutionContextImpl();
+ private TestRequestImpl pendingReq;
+
+ /**
+ * jUnit test set-up.
+ */
+ @Before
+ public void setUp() throws URISyntaxException, EaafStorageException {
+ task = new CreateNewErnpEntryTask(ernpClient);
+
+ MockHttpServletRequest httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+ MockHttpServletResponse httpResp = new MockHttpServletResponse();
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+ pendingReq = new TestRequestImpl();
+ pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10));
+
+ }
+
+
+ @Test
+ @SneakyThrows
+ public void missingEidasData() {
+ Mockito.when(ernpClient.add(any()))
+ .thenThrow(new IllegalStateException("add ERnP entry should not be neccessary"));
+
+ TaskExecutionException error = assertThrows("wrong exception", TaskExecutionException.class,
+ () -> task.execute(pendingReq, executionContext));
+
+ assertEquals("wrong pendingRequestId", pendingReq.getPendingRequestId(), error.getPendingRequestID());
+ assertTrue("Wrong exception", (error.getOriginalException() instanceof WorkflowException));
+ assertTrue("Wrong flag 'manualFixNeeded'",
+ ((WorkflowException) error.getOriginalException()).isRequiresManualFix());
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void noErnpResponse() {
+ SimpleEidasData input = buildInputData();
+ Mockito.when(ernpClient.add(input))
+ .thenReturn(ernpRegisterResult(Arrays.asList()));
+
+ TaskExecutionException error = assertThrows("wrong exception", TaskExecutionException.class,
+ () -> task.execute(pendingReq, executionContext));
+
+ assertEquals("wrong pendingRequestId", pendingReq.getPendingRequestId(), error.getPendingRequestID());
+ assertTrue("Wrong exception", (error.getOriginalException() instanceof WorkflowException));
+ assertTrue("Wrong flag 'manualFixNeeded'",
+ ((WorkflowException) error.getOriginalException()).isRequiresManualFix());
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void moreThanOneErnpResponse() {
+ String bpk = RandomStringUtils.randomAlphabetic(5);
+ SimpleEidasData input = buildInputData();
+ Mockito.when(ernpClient.add(input))
+ .thenReturn(ernpRegisterResult(Arrays.asList(buildErnpResultEntry(input, bpk), buildRandomResultEntry())));
+
+ TaskExecutionException error = assertThrows("wrong exception", TaskExecutionException.class,
+ () -> task.execute(pendingReq, executionContext));
+
+ assertEquals("wrong pendingRequestId", pendingReq.getPendingRequestId(), error.getPendingRequestID());
+ assertTrue("Wrong exception", (error.getOriginalException() instanceof WorkflowException));
+ assertTrue("Wrong flag 'manualFixNeeded'",
+ ((WorkflowException) error.getOriginalException()).isRequiresManualFix());
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void insertErnpSuccess() {
+ String bpk = RandomStringUtils.randomAlphabetic(5);
+ SimpleEidasData input = buildInputData();
+ Mockito.when(ernpClient.add(input))
+ .thenReturn(ernpRegisterResult(Arrays.asList(buildErnpResultEntry(input, bpk))));
+
+ // perform test
+ task.execute(pendingReq, executionContext);
+
+ // validate state
+ MatchedPersonResult result = MatchingTaskUtils.getFinalMatchingResult(pendingReq);
+ assertNotNull("no matching result", result);
+ assertEquals("familyname", input.getFamilyName(), result.getFamilyName());
+ assertEquals("givenyname", input.getGivenName(), result.getGivenName());
+ assertEquals("dateOfBirth", input.getDateOfBirth(), result.getDateOfBirth());
+ assertEquals("bpk", bpk, result.getBpk());
+ assertEquals("countryCode", input.getCitizenCountryCode(), result.getCountryCode());
+
+ }
+
+
+ @NotNull
+ private ErnpRegisterResult ernpRegisterResult(List<RegisterResult> registerResult) {
+ return new ErnpRegisterResult(registerResult);
+
+ }
+
+ private RegisterResult buildErnpResultEntry(SimpleEidasData input, String bpk) {
+ return buildErnpResultEntry(input.getFamilyName(), input.getGivenName(), input.getDateOfBirth(), bpk);
+
+ }
+
+ private RegisterResult buildRandomResultEntry() {
+ return buildErnpResultEntry(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5),
+ RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
+
+ }
+
+ private RegisterResult buildErnpResultEntry(String familyName, String givenName, String birthday, String bpk) {
+ return RegisterResult.builder()
+ .bpk(bpk)
+ .dateOfBirth(birthday)
+ .givenName(givenName)
+ .familyName(familyName)
+ .build();
+
+ }
+
+ private SimpleEidasData buildInputData() throws EaafStorageException {
+ String cc = RandomStringUtils.randomAlphabetic(5).toUpperCase();
+ String pseudonym = RandomStringUtils.randomAlphabetic(5);
+ String familyName = RandomStringUtils.randomAlphabetic(5);
+ String givenName = RandomStringUtils.randomAlphabetic(5);
+ String birthday = RandomStringUtils.randomNumeric(4) + "-"
+ + RandomStringUtils.randomNumeric(2) + "-" + RandomStringUtils.randomNumeric(2);
+
+ SimpleEidasData input = SimpleEidasData.builder()
+ .familyName(familyName)
+ .givenName(givenName)
+ .dateOfBirth(birthday)
+ .personalIdentifier(cc + "/AT/" + pseudonym)
+ .pseudonym(pseudonym)
+ .citizenCountryCode(cc)
+ .build();
+ MatchingTaskUtils.storeInitialEidasData(pendingReq, input);
+ return input;
+
+ }
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAustrianResidenceGuiTaskTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAustrianResidenceGuiTaskTest.java
new file mode 100644
index 00000000..1fc96e10
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAustrianResidenceGuiTaskTest.java
@@ -0,0 +1,172 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+
+import java.io.UnsupportedEncodingException;
+import java.util.Locale;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.i18n.LocaleContextHolder;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.test.context.web.WebAppConfiguration;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.json.JsonMapper;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateAustrianResidenceGuiTask;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import lombok.SneakyThrows;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml",
+ "/common_gui.beans.xml"
+})
+@WebAppConfiguration
+public class GenerateAustrianResidenceGuiTaskTest {
+
+
+ @Autowired
+ GenerateAustrianResidenceGuiTask task;
+
+ private ExecutionContextImpl executionContext = new ExecutionContextImpl();
+ private TestRequestImpl pendingReq;
+ private MockHttpServletRequest httpReq;
+ private MockHttpServletResponse httpResp;
+
+ @BeforeClass
+ public static void classInitializer() {
+ Locale.setDefault(Locale.ENGLISH);
+
+ }
+
+ /**
+ * jUnit test set-up.
+ */
+ @Before
+ public void initialize() {
+ httpReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector");
+ httpResp = new MockHttpServletResponse();
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+ pendingReq = new TestRequestImpl();
+ pendingReq.setAuthUrl("https://localhost/ms_connector");
+ pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10));
+
+ LocaleContextHolder.resetLocaleContext();
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void jsonResponse() throws TaskExecutionException, UnsupportedEncodingException {
+ httpReq.addHeader("Accept", "application/json");
+
+ task.execute(pendingReq, executionContext);
+
+ //result validation
+ Assert.assertEquals("httpStausCode", 200, httpResp.getStatus());
+ Assert.assertEquals("http ContentType", "application/json;charset=UTF-8", httpResp.getContentType());
+ final String content = httpResp.getContentAsString();
+ assertNotNull("response body is null", content);
+ Assert.assertFalse("response body is empty", content.isEmpty());
+ final JsonNode json = new JsonMapper().readTree(content);
+ assertNotNull("response body is null", json);
+ checkJsonElement(json, "wizardEndpoint", "https://localhost/ms_connector/residency/search");
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void jsonResponseWithError() throws TaskExecutionException, UnsupportedEncodingException {
+ httpReq.addHeader("Accept", "application/json");
+
+ String reason = RandomStringUtils.randomAlphabetic(5);
+ executionContext.put(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED, true);
+ executionContext.put(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED_REASON, reason);
+
+ task.execute(pendingReq, executionContext);
+
+ //result validation
+ Assert.assertEquals("httpStausCode", 200, httpResp.getStatus());
+ Assert.assertEquals("http ContentType", "application/json;charset=UTF-8", httpResp.getContentType());
+ final String content = httpResp.getContentAsString();
+ assertNotNull("response body is null", content);
+ Assert.assertFalse("response body is empty", content.isEmpty());
+ final JsonNode json = new JsonMapper().readTree(content);
+ assertNotNull("response body is null", json);
+ checkJsonElement(json, "wizardEndpoint", "https://localhost/ms_connector/residency/search");
+
+ assertNotNull("advancedMatchFailed", json.get(Constants.HTML_FORM_ADVANCED_MATCHING_FAILED));
+ assertTrue("advancedMatchFailed", json.get(Constants.HTML_FORM_ADVANCED_MATCHING_FAILED).asBoolean());
+ assertNotNull("advancedMatchingFailedReason", json.get(Constants.HTML_FORM_ADVANCED_MATCHING_FAILED_REASON));
+ assertEquals("advancedMatchingFailedReason", reason,
+ json.get(Constants.HTML_FORM_ADVANCED_MATCHING_FAILED_REASON).asText());
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void htmlResponse() throws TaskExecutionException, UnsupportedEncodingException {
+
+ task.execute(pendingReq, executionContext);
+
+ //result validation
+ Assert.assertEquals("httpStausCode", 200, httpResp.getStatus());
+ Assert.assertEquals("http ContentType", "text/html;charset=UTF-8", httpResp.getContentType());
+ final String content = httpResp.getContentAsString();
+ assertNotNull("response body is null", content);
+ Assert.assertFalse("response body is empty", content.isEmpty());
+ assertTrue("no wizard endpoint", content.contains("https://localhost/ms_connector/residency/search"));
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void htmlResponseWithError() throws TaskExecutionException, UnsupportedEncodingException {
+
+ String reason = RandomStringUtils.randomAlphabetic(5);
+ executionContext.put(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED, true);
+ executionContext.put(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED_REASON, reason);
+
+ task.execute(pendingReq, executionContext);
+
+ //result validation
+ Assert.assertEquals("httpStausCode", 200, httpResp.getStatus());
+ Assert.assertEquals("http ContentType", "text/html;charset=UTF-8", httpResp.getContentType());
+ final String content = httpResp.getContentAsString();
+ assertNotNull("response body is null", content);
+ Assert.assertFalse("response body is empty", content.isEmpty());
+ assertTrue("no wizard endpoint", content.contains("https://localhost/ms_connector/residency/search"));
+
+ Assert.assertTrue("missing errorfield", content.contains("<div id=\"matchingError\""));
+ Assert.assertTrue("missing errorfield", content.contains(reason));
+
+ }
+
+ private void checkJsonElement(JsonNode json, String key, String expected) {
+ assertTrue("no element: " + key, json.has(key));
+ assertEquals("wrong element:" + key, expected, json.get(key).asText());
+
+ }
+
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateMobilePhoneSignatureRequestTaskTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateMobilePhoneSignatureRequestTaskTest.java
new file mode 100644
index 00000000..ffa02ccd
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateMobilePhoneSignatureRequestTaskTest.java
@@ -0,0 +1,282 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertThrows;
+import static org.junit.Assert.assertTrue;
+import static org.springframework.util.Assert.isInstanceOf;
+
+import java.io.ByteArrayInputStream;
+import java.io.InputStream;
+import java.util.Base64;
+import java.util.Map;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
+import org.opensaml.core.xml.util.XMLObjectSupport;
+import org.opensaml.saml.common.xml.SAMLConstants;
+import org.opensaml.saml.saml2.core.AuthnRequest;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustriaClientAuthConstants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.provider.IdAustriaClientAuthMetadataProvider;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateMobilePhoneSignatureRequestTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummyOA;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiBuilderConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage;
+import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.module.gui.DummyGuiBuilderConfigurationFactory;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
+import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException;
+import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileRequest;
+import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.PvpMetadataResolverFactory;
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer;
+import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
+import at.gv.egiz.eaaf.modules.pvp2.impl.validation.TrustEngineFactory;
+import at.gv.egiz.eaaf.modules.pvp2.impl.verification.SamlVerificationEngine;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml",
+ "classpath:/eaaf_pvp_sp.beans.xml"
+})
+
+public class GenerateMobilePhoneSignatureRequestTaskTest {
+
+ private static final String METADATA_PATH = "classpath:/data/idp_metadata_classpath_entity.xml";
+ private static final String METADATA_SP_PATH = "classpath:/data/sp_metadata_junit.xml";
+
+ @Autowired(required = true)
+ private ApplicationContext context;
+ @Autowired(required = true)
+ protected MsConnectorDummyConfigMap authConfig;
+ @Autowired
+ private IdAustriaClientAuthMetadataProvider metadataProvider;
+ @Autowired
+ private PvpMetadataResolverFactory metadataFactory;
+ @Autowired
+ private DummyGuiBuilderConfigurationFactory guiBuilderConfigFactory;
+ @Autowired
+ private SamlVerificationEngine samlVerifyEngine;
+ @Autowired
+ private ITransactionStorage transactionStorage;
+
+ final ExecutionContext executionContext = new ExecutionContextImpl();
+ private MockHttpServletRequest httpReq;
+ private MockHttpServletResponse httpResp;
+ private TestRequestImpl pendingReq;
+ private DummyOA oaParam;
+
+ private GenerateMobilePhoneSignatureRequestTask task;
+
+ /**
+ * JUnit class initializer.
+ *
+ * @throws Exception In case of an OpenSAML3 initialization error
+ */
+ @BeforeClass
+ public static void initialize() throws Exception {
+ EaafOpenSaml3xInitializer.eaafInitialize();
+
+ }
+
+ /**
+ * jUnit test set-up.
+ *
+ * @throws Exception In case of an set-up error
+ */
+ @Before
+ public void setUp() throws Exception {
+ task = (GenerateMobilePhoneSignatureRequestTask) context.getBean(
+ "GenerateMobilePhoneSignatureRequestTask");
+
+ httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+ httpResp = new MockHttpServletResponse();
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+ authConfig.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_ID_AUSTRIA_ENTITYID,
+ METADATA_PATH);
+ authConfig.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_SIGNING_ALIAS,
+ "sig");
+
+ oaParam = new DummyOA();
+ oaParam.setUniqueAppId("http://test.com/test");
+ oaParam.setBmiUniqueIdentifier(oaParam.getUniqueIdentifier() + "#" + RandomStringUtils.randomAlphanumeric(
+ 5));
+ oaParam.setTargetIdentifier(
+ EaafConstants.URN_PREFIX_CDID + RandomStringUtils.randomAlphabetic(2));
+ oaParam.setEidasEnabled(true);
+
+ pendingReq = new TestRequestImpl();
+ pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10));
+ pendingReq.setSpConfig(oaParam);
+ pendingReq.setAuthUrl("https://localhost/authhandler");
+
+ metadataProvider.fullyDestroy();
+ guiBuilderConfigFactory.setVelocityBuilderConfig(createDummyGuiConfig());
+
+ }
+
+ @Test
+ public void noMetadataAvailableOnGlobalConfig() {
+ authConfig.removeConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_ID_AUSTRIA_ENTITYID);
+
+ final TaskExecutionException e = assertThrows(TaskExecutionException.class,
+ () -> task.execute(pendingReq, executionContext));
+
+ assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
+ assertNotNull(e.getOriginalException());
+ isInstanceOf(EaafConfigurationException.class, e.getOriginalException());
+ assertEquals("module.eidasauth.00", ((EaafConfigurationException) e.getOriginalException()).getErrorId());
+ }
+
+ @Test
+ public void wrongMetadataAvailableOnGlobalConfig() {
+ authConfig.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_ID_AUSTRIA_ENTITYID,
+ "http://wrong.path/" + RandomStringUtils.randomAlphabetic(5));
+
+ final TaskExecutionException e = assertThrows(TaskExecutionException.class,
+ () -> task.execute(pendingReq, executionContext));
+ assertNotNull(e.getPendingRequestID());
+ assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
+ assertNotNull(e.getOriginalException());
+ isInstanceOf(EaafConfigurationException.class, e.getOriginalException());
+ assertEquals("module.eidasauth.idaustria.02",
+ ((EaafConfigurationException) e.getOriginalException()).getErrorId());
+ }
+
+ @Test
+ public void noMetadataSigningKeyStore() throws Pvp2MetadataException {
+ authConfig.removeConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_SIGN_SIGNING_ALIAS);
+
+ metadataProvider.addMetadataResolverIntoChain(
+ metadataFactory.createMetadataProvider(METADATA_PATH, null, "jUnitTest", null));
+
+ final TaskExecutionException e = assertThrows(TaskExecutionException.class,
+ () -> task.execute(pendingReq, executionContext));
+ assertNotNull(e.getPendingRequestID());
+ assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
+ assertNotNull(e.getOriginalException());
+ isInstanceOf(CredentialsNotAvailableException.class, e.getOriginalException());
+ assertEquals("internal.pvp.01",
+ ((CredentialsNotAvailableException) e.getOriginalException()).getErrorId());
+ }
+
+ @Test
+ public void success() throws Exception {
+ metadataProvider.addMetadataResolverIntoChain(
+ metadataFactory.createMetadataProvider(METADATA_PATH, null, "jUnitTest", null));
+ pendingReq.setTransactionId(RandomStringUtils.randomAlphanumeric(10));
+
+ task.execute(pendingReq, executionContext);
+
+ validate();
+
+ }
+
+ private void validate() throws Exception {
+ assertEquals("HTTP Statuscode", 200, httpResp.getStatus());
+ assertEquals("ContentType", "text/html;charset=UTF-8", httpResp.getContentType());
+ assertEquals("ContentEncoding", "UTF-8", httpResp.getCharacterEncoding());
+
+ final String html = httpResp.getContentAsString();
+ assertNotNull("XML Metadata", html);
+
+ final int startIndex = html.indexOf("SAMLRequest=");
+ assertTrue("No SAMLRequest in html", startIndex >= 0);
+ final String authnXml = html.substring(startIndex + "SAMLRequest=".length());
+
+ // check if relaystate was stored
+ final int startIndexRelayState = html.indexOf("RelayState=");
+ assertTrue("wrong RelayState in HTML",
+ startIndexRelayState >= 0);
+ final String relayState = html.substring(startIndexRelayState + "RelayState=".length(), startIndex);
+ final String storedPendingReqId = transactionStorage.get(relayState, String.class);
+ assertEquals("relayStore not map to pendingRequestId",
+ pendingReq.getPendingRequestId(), storedPendingReqId);
+
+ final AuthnRequest authnRequest = (AuthnRequest) XMLObjectSupport.unmarshallFromInputStream(
+ XMLObjectProviderRegistrySupport.getParserPool(), new ByteArrayInputStream(
+ Base64.getDecoder().decode(authnXml)));
+
+ assertNotNull("AuthnReq", authnRequest);
+ assertNotNull("Issuer", authnRequest.getIssuer());
+ assertEquals("EntityId",
+ "https://localhost/authhandler" + IdAustriaClientAuthConstants.ENDPOINT_METADATA,
+ authnRequest.getIssuer().getValue());
+
+ // check XML scheme
+ Saml2Utils.schemeValidation(authnRequest);
+
+ // check signature
+ final PvpSProfileRequest msg = new PvpSProfileRequest(
+ authnRequest,
+ SAMLConstants.SAML2_POST_BINDING_URI);
+ msg.setEntityID(authnRequest.getIssuer().getValue());
+ metadataProvider.addMetadataResolverIntoChain(
+ metadataFactory.createMetadataProvider(METADATA_SP_PATH, null, "jUnit SP", null));
+ samlVerifyEngine.verify(msg, TrustEngineFactory.getSignatureKnownKeysTrustEngine(metadataProvider));
+
+ assertNull("RequestedAuthnContext", authnRequest.getRequestedAuthnContext());
+
+ }
+
+ private IVelocityGuiBuilderConfiguration createDummyGuiConfig() {
+ return new IVelocityGuiBuilderConfiguration() {
+
+ @Override
+ public Map<String, Object> getViewParameters() {
+ return null;
+ }
+
+ @Override
+ public String getViewName() {
+ return "SAML2 Post-Binding";
+ }
+
+ @Override
+ public String getDefaultContentType() {
+ return null;
+ }
+
+ @Override
+ public InputStream getTemplate(String viewName) {
+ return GenerateMobilePhoneSignatureRequestTaskTest.class.getResourceAsStream(
+ "/data/pvp_postbinding_template.html");
+ }
+
+ @Override
+ public String getClasspathTemplateDir() {
+ return null;
+
+ }
+
+ @Override
+ public boolean isWriteAsynch() {
+ return false;
+
+ }
+ };
+ }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateOtherLoginMethodGuiTaskTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateOtherLoginMethodGuiTaskTest.java
new file mode 100644
index 00000000..496158fa
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateOtherLoginMethodGuiTaskTest.java
@@ -0,0 +1,293 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertTrue;
+
+import java.io.UnsupportedEncodingException;
+import java.text.MessageFormat;
+import java.util.Locale;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.i18n.LocaleContextHolder;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.test.context.web.WebAppConfiguration;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.json.JsonMapper;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SelectedLoginMethod;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateOtherLoginMethodGuiTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveOtherLoginMethodGuiResponseTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummyOA;
+import at.gv.egiz.eaaf.core.api.IRequestStorage;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import lombok.SneakyThrows;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml",
+ "/common_gui.beans.xml"
+})
+@WebAppConfiguration
+public class GenerateOtherLoginMethodGuiTaskTest {
+
+ private static final String TEST_PATTER_REQ_PARAM =
+ "<input type=\"hidden\" name=\"loginSelection\" value=\"{0}\">";
+
+ @Autowired
+ GenerateOtherLoginMethodGuiTask task;
+
+ @Autowired IRequestStorage storage;
+
+ private ExecutionContextImpl executionContext;
+ private TestRequestImpl pendingReq;
+ private MockHttpServletRequest httpReq;
+ private MockHttpServletResponse httpResp;
+
+ @BeforeClass
+ public static void classInitializer() {
+ Locale.setDefault(Locale.ENGLISH);
+
+ }
+
+ /**
+ * jUnit test set-up.
+ */
+ @Before
+ public void initialize() {
+ httpReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector");
+ httpResp = new MockHttpServletResponse();
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+ pendingReq = new TestRequestImpl();
+ pendingReq.setAuthUrl("https://localhost/ms_connector");
+ pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10));
+ pendingReq.setSpConfig(new DummyOA());
+
+ executionContext = new ExecutionContextImpl();
+
+ LocaleContextHolder.resetLocaleContext();
+ }
+
+
+ @Test
+ @SneakyThrows
+ public void unsetExecutionContextParameters() throws TaskExecutionException, UnsupportedEncodingException {
+ httpReq.addHeader("Accept", "application/json");
+ ReceiveOtherLoginMethodGuiResponseTask.ALL_EXECUTIONCONTEXT_PARAMETERS.forEach(
+ el -> executionContext.put(el, RandomStringUtils.randomAlphabetic(5)));
+
+ // execute test
+ task.execute(pendingReq, executionContext);
+
+ //result validation
+ Assert.assertEquals("httpStausCode", 200, httpResp.getStatus());
+ Assert.assertEquals("http ContentType", "application/json;charset=UTF-8", httpResp.getContentType());
+
+ ReceiveOtherLoginMethodGuiResponseTask.ALL_EXECUTIONCONTEXT_PARAMETERS.forEach(
+ el -> assertNull("executionContext parameter: " + el, executionContext.get(el)));
+
+ // remove pendingRequestId and changeLanguage because it's added by default
+ executionContext.remove(EaafConstants.PROCESS_ENGINE_PENDINGREQUESTID);
+ executionContext.remove("changeLanguage");
+
+ // in case of 'ReceiveOtherLoginMethodGuiResponseTask.ALL_EXECUTIONCONTEXT_PARAMETERS' does not include all parameters
+ assertTrue("ExecutionContext is not empty", executionContext.keySet().isEmpty());
+
+ }
+
+
+ @Test
+ @SneakyThrows
+ public void jsonResponseInsertErnp() throws TaskExecutionException, UnsupportedEncodingException {
+ String reason = RandomStringUtils.randomAlphabetic(5);
+ executionContext.put(Constants.TRANSITION_TO_REQUESTING_NEW_ERNP_ENTRY_TASK, true);
+ httpReq.addHeader("Accept", "application/json");
+
+ task.execute(pendingReq, executionContext);
+
+ //result validation
+ Assert.assertEquals("httpStausCode", 200, httpResp.getStatus());
+ Assert.assertEquals("http ContentType", "application/json;charset=UTF-8", httpResp.getContentType());
+ final String content = httpResp.getContentAsString();
+ assertNotNull("response body is null", content);
+ Assert.assertFalse("response body is empty", content.isEmpty());
+ final JsonNode json = new JsonMapper().readTree(content);
+ assertNotNull("response body is null", json);
+ assertNull("advancedMatchFailed", json.get(Constants.HTML_FORM_ADVANCED_MATCHING_FAILED));
+ assertNotNull("createNewErnpEntry", json.get(Constants.HTML_FORM_CREATE_NEW_ERNP_ENTRY));
+ assertTrue("createNewErnpEntry", json.get(Constants.HTML_FORM_CREATE_NEW_ERNP_ENTRY).asBoolean());
+
+ assertNull("advancedMatchingFailedReason", json.get(Constants.HTML_FORM_ADVANCED_MATCHING_FAILED_REASON));
+
+ assertNotNull("pendingRequest not stored",
+ storage.getPendingRequest(pendingReq.getPendingRequestId()));
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void jsonResponseMathingFailed() throws TaskExecutionException, UnsupportedEncodingException {
+ String reason = RandomStringUtils.randomAlphabetic(5);
+ executionContext.put(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED, true);
+ executionContext.put(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED_REASON, reason);
+ httpReq.addHeader("Accept", "application/json");
+
+ task.execute(pendingReq, executionContext);
+
+ //result validation
+ Assert.assertEquals("httpStausCode", 200, httpResp.getStatus());
+ Assert.assertEquals("http ContentType", "application/json;charset=UTF-8", httpResp.getContentType());
+ final String content = httpResp.getContentAsString();
+ assertNotNull("response body is null", content);
+ Assert.assertFalse("response body is empty", content.isEmpty());
+ final JsonNode json = new JsonMapper().readTree(content);
+ assertNotNull("response body is null", json);
+ assertNotNull("advancedMatchFailed", json.get(Constants.HTML_FORM_ADVANCED_MATCHING_FAILED));
+ assertTrue("advancedMatchFailed", json.get(Constants.HTML_FORM_ADVANCED_MATCHING_FAILED).asBoolean());
+ assertNotNull("advancedMatchingFailedReason", json.get(Constants.HTML_FORM_ADVANCED_MATCHING_FAILED_REASON));
+ assertEquals("advancedMatchingFailedReason", reason,
+ json.get(Constants.HTML_FORM_ADVANCED_MATCHING_FAILED_REASON).asText());
+
+ assertNotNull("createNewErnpEntry", json.get(Constants.HTML_FORM_CREATE_NEW_ERNP_ENTRY));
+ assertFalse("createNewErnpEntry", json.get(Constants.HTML_FORM_CREATE_NEW_ERNP_ENTRY).asBoolean());
+
+ assertNotNull("pendingRequest not stored",
+ storage.getPendingRequest(pendingReq.getPendingRequestId()));
+
+ }
+
+ @Test
+ public void insertErnpRequested() throws TaskExecutionException, UnsupportedEncodingException {
+ executionContext.put(Constants.TRANSITION_TO_REQUESTING_NEW_ERNP_ENTRY_TASK, true);
+
+ task.execute(pendingReq, executionContext);
+
+ Assert.assertEquals("Wrong http StatusCode", 200, httpResp.getStatus());
+ Assert.assertEquals("Wrong http ContentType", "text/html;charset=UTF-8", httpResp.getContentType());
+
+ String html = httpResp.getContentAsString();
+ Assert.assertNotNull("html result is null", html);
+ Assert.assertFalse("html result is empty", html.isEmpty());
+ Assert.assertTrue("No language selector with pendingRequestId",
+ html.contains("/otherLoginMethod?lang=en&amp;pendingid=" + pendingReq.getPendingRequestId()));
+ Assert.assertTrue("Missing eIDAS infos",
+ html.contains(MessageFormat.format(TEST_PATTER_REQ_PARAM, SelectedLoginMethod.ADD_ME_AS_NEW)));
+
+ }
+
+ @Test
+ public void advancedMatchingFailedMsg() throws TaskExecutionException, UnsupportedEncodingException {
+ executionContext.put(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED, true);
+
+ task.execute(pendingReq, executionContext);
+
+ String html = doBasicValidation();
+ Assert.assertFalse("Missing eIDAS infos",
+ html.contains(MessageFormat.format(TEST_PATTER_REQ_PARAM, SelectedLoginMethod.ADD_ME_AS_NEW)));
+ Assert.assertTrue("missing errorfield",
+ html.contains("<div id=\"matchingError\""));
+
+ }
+
+ @Test
+ public void advancedMatchingFailedMsgWithDetails() throws TaskExecutionException, UnsupportedEncodingException {
+ String reason = RandomStringUtils.randomAlphabetic(5);
+ executionContext.put(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED, true);
+ executionContext.put(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED_REASON, reason);
+
+ task.execute(pendingReq, executionContext);
+
+ String html = doBasicValidation();
+ Assert.assertTrue("missing errorfield",
+ html.contains("<div id=\"matchingError\""));
+ Assert.assertTrue("missing errorfield",
+ html.contains(reason));
+
+ }
+
+ @Test
+ public void validHtmlResponseWithOutLocale() throws TaskExecutionException, UnsupportedEncodingException {
+
+ task.execute(pendingReq, executionContext);
+
+ doBasicValidation();
+
+ }
+
+ @Test
+ public void validHtmlResponseWithDE() throws TaskExecutionException, UnsupportedEncodingException {
+ LocaleContextHolder.setLocale(Locale.GERMAN);
+ httpReq.addHeader("Accept-Language", "de");
+
+ task.execute(pendingReq, executionContext);
+
+ doBasicValidation();
+
+ }
+
+ @Test
+ public void validHtmlResponseWithEN() throws TaskExecutionException, UnsupportedEncodingException {
+ LocaleContextHolder.setLocale(Locale.ENGLISH);
+
+ task.execute(pendingReq, executionContext);
+
+ doBasicValidation();
+
+ }
+
+ @Test
+ public void validHtmlResponseWithFR() throws TaskExecutionException, UnsupportedEncodingException {
+ LocaleContextHolder.setLocale(Locale.FRANCE);
+ httpReq.addHeader("Accept-Language", "fr");
+
+ task.execute(pendingReq, executionContext);
+
+ doBasicValidation();
+
+ }
+
+ private String doBasicValidation() throws UnsupportedEncodingException {
+ Assert.assertEquals("Wrong http StatusCode", 200, httpResp.getStatus());
+ Assert.assertEquals("Wrong http ContentType", "text/html;charset=UTF-8", httpResp.getContentType());
+
+ String html = httpResp.getContentAsString();
+ Assert.assertNotNull("html result is null", html);
+ Assert.assertFalse("html result is empty", html.isEmpty());
+
+ Assert.assertTrue("Missing IDA Login",
+ html.contains(MessageFormat.format(TEST_PATTER_REQ_PARAM, SelectedLoginMethod.MOBILE_PHONE_SIGNATURE_LOGIN)));
+ Assert.assertTrue("Missing residence infos",
+ html.contains(MessageFormat.format(TEST_PATTER_REQ_PARAM, SelectedLoginMethod.NO_OTHER_LOGIN)));
+ Assert.assertTrue("Missing eIDAS infos",
+ html.contains(MessageFormat.format(TEST_PATTER_REQ_PARAM, SelectedLoginMethod.EIDAS_LOGIN)));
+
+ Assert.assertTrue("No language selector with pendingRequestId",
+ html.contains("/otherLoginMethod?lang=en&amp;pendingid=" + pendingReq.getPendingRequestId()));
+ Assert.assertTrue("No country-selection form",
+ html.contains("<form method=\"post\" action=\"/otherLoginMethod\">"));
+
+ return html;
+
+ }
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskTest.java
new file mode 100644
index 00000000..74ac065e
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskTest.java
@@ -0,0 +1,939 @@
+/*
+ * Copyright 2020 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
+
+import static org.apache.commons.lang3.RandomStringUtils.randomAlphabetic;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertThrows;
+import static org.junit.Assert.assertTrue;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.ArgumentMatchers.eq;
+
+import java.math.BigInteger;
+import java.net.URI;
+import java.net.URISyntaxException;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+import java.util.Random;
+
+import javax.xml.namespace.QName;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.jetbrains.annotations.NotNull;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.Mock;
+import org.mockito.Mockito;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.ClassMode;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.ernp.ErnpRestClient.ErnpRegisterResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.ernp.IErnpClient;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.zmr.IZmrClient;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.zmr.ZmrSoapClient;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.zmr.ZmrSoapClient.ZmrRegisterResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.WorkflowException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.ZmrCommunicationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.CountrySpecificDetailSearchProcessor;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.GenericEidProcessor;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.ICcSpecificEidProcessingService;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService.RegisterStatusResults;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.InitialSearchTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.MatchingTaskUtils;
+import at.gv.bmi.namespace.zmr_su.zmr._20040201.PersonSuchenRequest;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
+import eu.eidas.auth.commons.attribute.PersonType;
+import eu.eidas.auth.commons.light.impl.LightRequest;
+import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml"
+})
+@DirtiesContext(classMode = ClassMode.BEFORE_CLASS)
+public class InitialSearchTaskTest {
+
+
+ private static final String EE = "EE";
+ private static final String DE = "DE";
+
+ private static final String EE_ST = EE + "/ST/";
+ private static final String DE_ST = DE + "/ST/";
+
+ @Mock
+ private IZmrClient zmrClient;
+ @Mock
+ private IErnpClient ernpClient;
+
+ @Autowired
+ private List<CountrySpecificDetailSearchProcessor> handlers;
+ private RegisterSearchService registerSearchService;
+
+ private final ICcSpecificEidProcessingService eidPostProcessor = createEidPostProcessor();
+ private InitialSearchTask task;
+
+ final ExecutionContext executionContext = new ExecutionContextImpl();
+ private TestRequestImpl pendingReq;
+ private final String randomBpk = RandomStringUtils.randomNumeric(6);
+ private final String randomPseudonym = RandomStringUtils.randomNumeric(10);
+ private final String randomPersonalIdentifier_DE = DE_ST + randomPseudonym;
+ private final String randomPersonalIdentifier_EE = EE_ST + randomPseudonym;
+ private final String randomFamilyName = randomAlphabetic(10);
+ private final String randomGivenName = randomAlphabetic(10);
+ private final String randomPlaceOfBirth = randomAlphabetic(10);
+ private final String randomBirthName = randomAlphabetic(10);
+ private final String randomBirthDate = "2011-01-" + (10 + new Random().nextInt(18));
+
+ /**
+ * jUnit test set-up.
+ */
+ @Before
+ public void setUp() throws URISyntaxException, EaafStorageException {
+ registerSearchService = new RegisterSearchService(handlers, zmrClient, ernpClient);
+ task = new InitialSearchTask(registerSearchService, eidPostProcessor);
+
+ MockHttpServletRequest httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+ MockHttpServletResponse httpResp = new MockHttpServletResponse();
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+ final AuthenticationResponse response = buildDummyAuthResponseRandomPerson();
+ pendingReq = new TestRequestImpl();
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response);
+ }
+
+ @NotNull
+ private ICcSpecificEidProcessingService createEidPostProcessor() {
+ return new ICcSpecificEidProcessingService() {
+
+ private final GenericEidProcessor genericEidProcessor = new GenericEidProcessor();
+
+ @Override
+ public SimpleEidasData postProcess(Map<String, Object> eidasAttrMap) throws EidPostProcessingException, EidasAttributeException {
+ return genericEidProcessor.postProcess(eidasAttrMap);
+ }
+
+ @Override
+ public void preProcess(String selectedCC, IRequest pendingReq, LightRequest.Builder authnRequestBuilder) {
+ genericEidProcessor.preProcess(pendingReq, authnRequestBuilder);
+ }
+ };
+ }
+
+ /**
+ * One match, but register update needed
+ */
+ @Test
+ @DirtiesContext
+ public void singlePersonalIdMatchUpdateNecessary_Zmr() throws Exception {
+ String oldGivenName = randomAlphabetic(10);
+ String placeOfBirth = randomAlphabetic(10);
+ RegisterResult firstZmrResult = randomRegisterResult(oldGivenName, randomBpk, placeOfBirth);
+ Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPseudonym, DE))
+ .thenReturn(zmrRegisterResult(firstZmrResult));
+
+ Mockito.when(zmrClient.searchCountrySpecific(any(), any(), any()))
+ .thenThrow(new IllegalStateException("CountrySpecific search search should not be neccessary"));
+ Mockito.when(zmrClient.searchWithMds(any(), any(), any(), any(), any()))
+ .thenThrow(new IllegalStateException("MDS search should not be neccessary"));
+ Mockito.when(zmrClient.update(any(), any(), any()))
+ .thenReturn(zmrRegisterResult(firstZmrResult));
+
+ Mockito.when(ernpClient.searchWithPersonIdentifier(randomPseudonym, DE))
+ .thenReturn(emptyErnpRegisterResult());
+ Mockito.when(ernpClient.searchWithMds(any(), any(), any(), any()))
+ .thenThrow(new IllegalStateException("MDS search should not be neccessary"));
+ Mockito.when(ernpClient.update(any(), any()))
+ .thenThrow(new IllegalStateException("ERnP update should not be neccessary"));
+
+ // execute test
+ task.execute(pendingReq, executionContext);
+
+ // validate state
+ //INFO: has to be the old givenName because ZMR allows no update of MDS information
+ checkMatchingSuccessState(pendingReq, randomBpk, randomFamilyName, oldGivenName, randomBirthDate, DE);
+
+ }
+
+ /**
+ *
+ * One match, but register update needed.
+ *
+ * @throws EidasSAuthenticationException
+ */
+ @Test
+ @DirtiesContext
+ public void singlePersonalIdMatchUpdateNecessary_Ernp() throws TaskExecutionException, EidasSAuthenticationException {
+ Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPseudonym, DE))
+ .thenReturn(emptyZmrRegisterResult());
+ Mockito.when(zmrClient.searchCountrySpecific(any(), any(), any()))
+ .thenThrow(new IllegalStateException("CountrySpecific search search should not be neccessary"));
+ Mockito.when(zmrClient.searchWithMds(any(), any(), any(), any(), any()))
+ .thenThrow(new IllegalStateException("MDS search should not be neccessary"));
+ Mockito.when(zmrClient.update(any(), any(), any()))
+ .thenThrow(new IllegalStateException("ZMR update should not be neccessary"));
+
+ String oldRandomGivenName = randomAlphabetic(10);
+ Mockito.when(ernpClient.searchWithPersonIdentifier(randomPseudonym, DE))
+ .thenReturn(ernpRegisterResult(randomRegisterResult(oldRandomGivenName, randomBpk)));
+ Mockito.when(ernpClient.searchCountrySpecific(any(), any()))
+ .thenThrow(new IllegalStateException("CountrySpecific search search should not be neccessary"));
+ Mockito.when(ernpClient.searchWithMds(any(), any(), any(), any()))
+ .thenThrow(new IllegalStateException("MDS search should not be neccessary"));
+ Mockito.when(ernpClient.update(any(), any()))
+ .thenReturn(ernpRegisterResult(RegisterResult.builder()
+ .bpk(randomBpk)
+ .dateOfBirth(randomBirthDate)
+ .givenName(randomGivenName)
+ .familyName(randomFamilyName)
+ .build()));
+
+ // execute test
+ task.execute(pendingReq, executionContext);
+
+ // validate state
+ checkMatchingSuccessState(pendingReq, randomBpk, randomFamilyName, randomGivenName, randomBirthDate, DE);
+ }
+
+
+
+ /**
+ * Two matches by PersonalId found in ZMR
+ *
+ * @throws EidasSAuthenticationException
+ */
+ @Test
+ @DirtiesContext
+ public void multiPersonalIdMatch_Zmr() throws EidasSAuthenticationException {
+ String newRandomGivenName = randomAlphabetic(10);
+ Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPseudonym, DE))
+ .thenReturn(new ZmrRegisterResult(Arrays.asList(randomRegisterResult(), randomRegisterResult(newRandomGivenName, randomBpk)), generateRandomProcessId()));
+ Mockito.when(ernpClient.searchWithPersonIdentifier(randomPseudonym, DE))
+ .thenReturn(emptyErnpRegisterResult());
+
+ // execute task
+ TaskExecutionException exception = assertThrows(TaskExecutionException.class,
+ () -> task.execute(pendingReq, executionContext));
+
+
+ // validate state
+ assertTrue("Wrong exception", (exception.getOriginalException() instanceof WorkflowException));
+ assertTrue("Wrong flag 'manualFixNeeded'",
+ ((WorkflowException) exception.getOriginalException()).isRequiresManualFix());
+
+ }
+
+ /**
+ * Two matches by PersonalId found in ZMR
+ *
+ * @throws EidasSAuthenticationException
+ */
+ @Test
+ @DirtiesContext
+ public void withErrorFromZmr() throws EidasSAuthenticationException {
+ Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPseudonym, DE))
+ .thenThrow(new ZmrCommunicationException("jUnit ZMR error", null));
+ Mockito.when(ernpClient.searchWithPersonIdentifier(randomPseudonym, DE))
+ .thenReturn(emptyErnpRegisterResult());
+
+ // execute task
+ TaskExecutionException exception = assertThrows(TaskExecutionException.class,
+ () -> task.execute(pendingReq, executionContext));
+
+
+ // validate state
+ assertTrue("Wrong exception", (exception.getOriginalException() instanceof WorkflowException));
+ assertFalse("Wrong flag 'manualFixNeeded'",
+ ((WorkflowException) exception.getOriginalException()).isRequiresManualFix());
+
+ }
+
+ /**
+ * Two matches by PersonalId found in ErnP
+ *
+ * @throws EidasSAuthenticationException
+ */
+ @Test
+ @DirtiesContext
+ public void multiPersonalIdMatch_Ernp() throws EidasSAuthenticationException {
+ Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPseudonym, DE))
+ .thenReturn(emptyZmrRegisterResult());
+ String newRandomGivenName = randomAlphabetic(10);
+ Mockito.when(ernpClient.searchWithPersonIdentifier(randomPseudonym, DE))
+ .thenReturn(ernpRegisterResult(
+ Arrays.asList(randomRegisterResult(), randomRegisterResult(newRandomGivenName, randomBpk))));
+
+ // execute task
+ TaskExecutionException exception = assertThrows(TaskExecutionException.class,
+ () -> task.execute(pendingReq, executionContext));
+
+ // validate state
+ assertTrue("Wrong exception", (exception.getOriginalException() instanceof WorkflowException));
+ assertTrue("Wrong flag 'manualFixNeeded'",
+ ((WorkflowException) exception.getOriginalException()).isRequiresManualFix());
+
+ }
+
+ /**
+ * Two matches by PersonalId
+ *
+ * @throws EidasSAuthenticationException
+ */
+ @Test
+ @DirtiesContext
+ public void multiPersonalIdMatch_ErnpAndZmr() throws EidasSAuthenticationException {
+ Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPseudonym, DE))
+ .thenReturn(zmrRegisterResult(randomRegisterResult()));
+ Mockito.when(ernpClient.searchWithPersonIdentifier(randomPseudonym, DE))
+ .thenReturn(ernpRegisterResult(randomRegisterResult()));
+
+ // execute task
+ TaskExecutionException exception = assertThrows(TaskExecutionException.class,
+ () -> task.execute(pendingReq, executionContext));
+
+ // validate state
+ assertTrue("Wrong exception", (exception.getOriginalException() instanceof WorkflowException));
+ assertTrue("Wrong flag 'manualFixNeeded'",
+ ((WorkflowException) exception.getOriginalException()).isRequiresManualFix());
+
+ }
+
+ /**
+ * One match by PersonalId, no register update needed
+ */
+ @Test
+ @DirtiesContext
+ public void singlePersonalIdMatchNoUpdate_Ernp() throws Exception {
+ Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPseudonym, DE))
+ .thenReturn(emptyZmrRegisterResult());
+ Mockito.when(ernpClient.searchWithPersonIdentifier(randomPseudonym, DE))
+ .thenReturn(ernpRegisterResult(randomRegisterResult()));
+
+ Mockito.when(zmrClient.update(any(), any(), any()))
+ .thenThrow(new IllegalStateException("ZMR update should not be neccessary"));
+ Mockito.when(ernpClient.update(any(), any()))
+ .thenThrow(new IllegalStateException("ERnP update should not be neccessary"));
+
+ // execute test
+ task.execute(pendingReq, executionContext);
+
+ // validate state
+ checkMatchingSuccessState(pendingReq, randomBpk, randomFamilyName, randomGivenName, randomBirthDate, DE);
+ }
+
+ /**
+ * One match by PersonalId, no register update needed
+ */
+ @Test
+ @DirtiesContext
+ public void singlePersonalIdMatchNoUpdate_Zmr() throws Exception {
+ Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPseudonym, DE))
+ .thenReturn(zmrRegisterResult(randomRegisterResult()));
+ Mockito.when(ernpClient.searchWithPersonIdentifier(randomPseudonym, DE))
+ .thenReturn(emptyErnpRegisterResult());
+
+ Mockito.when(zmrClient.update(any(), any(), any()))
+ .thenThrow(new IllegalStateException("ZMR update should not be neccessary"));
+ Mockito.when(ernpClient.update(any(), any()))
+ .thenThrow(new IllegalStateException("ERnP update should not be neccessary"));
+
+ // execute test
+ task.execute(pendingReq, executionContext);
+
+ // validate state
+ checkMatchingSuccessState(pendingReq, randomBpk, randomFamilyName, randomGivenName, randomBirthDate, DE);
+ }
+
+ /**
+ * Find single person in ZMR by country specifics.
+ */
+ @Test
+ @DirtiesContext
+ public void singlePersonFindWithCountySpecifics_Zmr() throws Exception {
+ final AuthenticationResponse response = buildDummyAuthResponseDE(randomGivenName, randomFamilyName,
+ randomPersonalIdentifier_DE, randomBirthDate, randomPlaceOfBirth, randomBirthName);
+ TestRequestImpl pendingReq1 = new TestRequestImpl();
+ pendingReq1.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response);
+
+ BigInteger zmrProcessId = generateRandomProcessId();
+ RegisterResult zmrResult = RegisterResult.builder()
+ .bpk(randomBpk)
+ .pseudonym(Collections.singletonList(randomPseudonym))
+ .givenName(randomGivenName)
+ .familyName(randomFamilyName)
+ .dateOfBirth(randomBirthDate)
+ .placeOfBirth(randomPlaceOfBirth)
+ .birthName(randomBirthName)
+ .build();
+ Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPseudonym, DE))
+ .thenReturn(new ZmrRegisterResult(Collections.emptyList(), zmrProcessId));
+ Mockito.when(zmrClient.searchCountrySpecific(eq(zmrProcessId), any(PersonSuchenRequest.class), eq(DE)))
+ .thenReturn(zmrRegisterResult(zmrResult, zmrProcessId));
+ RegisterResult randomRegisterResult = RegisterResult.builder()
+ .bpk(randomBpk)
+ .pseudonym(Arrays.asList(randomPseudonym, RandomStringUtils.randomAlphanumeric(10)))
+ .givenName(randomGivenName)
+ .familyName(randomFamilyName)
+ .dateOfBirth(randomBirthDate)
+ .placeOfBirth(randomPlaceOfBirth)
+ .birthName(randomBirthName)
+ .build();
+ Mockito.when(zmrClient.update(eq(zmrProcessId), eq(zmrResult), any()))
+ .thenReturn(zmrRegisterResult(randomRegisterResult, zmrProcessId));
+ Mockito.when(zmrClient.searchWithMds(any(), any(), any(), any(), any()))
+ .thenThrow(new IllegalStateException("MDS search should not be neccessary"));
+
+ Mockito.when(ernpClient.searchWithPersonIdentifier(randomPseudonym, DE))
+ .thenReturn(emptyErnpRegisterResult());
+ Mockito.when(ernpClient.searchCountrySpecific(any(), eq(DE)))
+ .thenReturn(emptyErnpRegisterResult());
+ Mockito.when(ernpClient.searchWithMds(any(), any(), any(), eq(DE)))
+ .thenThrow(new IllegalStateException("ERnP MDS search should not be neccessary"));
+ Mockito.when(ernpClient.update(any(), any()))
+ .thenThrow(new IllegalStateException("ERnP update should not be neccessary"));
+ Mockito.when(ernpClient.add(any()))
+ .thenThrow(new IllegalStateException("ERnP add-entity should not be neccessary"));
+
+ // execute test
+ task.execute(pendingReq1, executionContext);
+
+ // validate state
+ checkMatchingSuccessState(pendingReq1, randomBpk, randomFamilyName, randomGivenName, randomBirthDate, DE);
+
+ }
+
+ /**
+ * Multiple matches found in ZMR by country specifics.
+ */
+ @Test
+ @DirtiesContext
+ public void multiplePersonFindWithCountySpecifics_Zmr() throws Exception {
+ String newRandomPseudonym = randomPersonalIdentifier_DE + RandomStringUtils.randomNumeric(2);
+ String newRandomBpk = randomBpk + RandomStringUtils.randomNumeric(6);
+ final AuthenticationResponse response = buildDummyAuthResponseDE(randomGivenName, randomFamilyName,
+ randomPersonalIdentifier_DE,
+ randomBirthDate, randomPlaceOfBirth, randomBirthName);
+ TestRequestImpl pendingReq1 = new TestRequestImpl();
+ pendingReq1.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response);
+
+ BigInteger zmrProcessId = generateRandomProcessId();
+ Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPseudonym, DE))
+ .thenReturn(new ZmrRegisterResult(Collections.emptyList(), zmrProcessId));
+ RegisterResult randomResult1 = RegisterResult.builder()
+ .bpk(randomBpk)
+ .pseudonym(Collections.singletonList(randomPseudonym))
+ .givenName(randomGivenName)
+ .familyName(randomFamilyName)
+ .dateOfBirth(randomBirthDate)
+ .placeOfBirth(randomPlaceOfBirth)
+ .birthName(randomBirthName)
+ .build();
+ RegisterResult randomResult2 = RegisterResult.builder()
+ .bpk(newRandomBpk)
+ .pseudonym(Collections.singletonList(newRandomPseudonym))
+ .givenName(randomGivenName)
+ .familyName(randomFamilyName)
+ .dateOfBirth(randomBirthDate)
+ .placeOfBirth(randomPlaceOfBirth)
+ .birthName(randomBirthName)
+ .build();
+ Mockito.when(zmrClient.searchCountrySpecific(eq(zmrProcessId), any(PersonSuchenRequest.class), eq(DE)))
+ .thenReturn(new ZmrRegisterResult(Arrays.asList(randomResult1, randomResult2), zmrProcessId));
+
+ Mockito.when(ernpClient.searchWithPersonIdentifier(randomPseudonym, DE))
+ .thenReturn(emptyErnpRegisterResult());
+ Mockito.when(ernpClient.searchCountrySpecific(any(), eq(DE)))
+ .thenReturn(emptyErnpRegisterResult());
+ Mockito.when(ernpClient.update(any(), any()))
+ .thenThrow(new IllegalStateException("ERnP update should not be neccessary"));
+
+ // execute task
+ TaskExecutionException exception = assertThrows(TaskExecutionException.class,
+ () -> task.execute(pendingReq1, executionContext));
+
+ // validate state
+ assertTrue("Wrong exception", (exception.getOriginalException() instanceof WorkflowException));
+ assertTrue("Wrong flag 'manualFixNeeded'",
+ ((WorkflowException) exception.getOriginalException()).isRequiresManualFix());
+
+ }
+
+ /**
+ * Multiple matches found in ZMR and ERnP by country specifics.
+ */
+ @Test
+ @DirtiesContext
+ public void multiplePersonFindWithCountySpecifics_ZmrAndErnp() throws Exception {
+ final AuthenticationResponse response = buildDummyAuthResponseDE(randomGivenName, randomFamilyName,
+ randomPersonalIdentifier_DE,
+ randomBirthDate, randomPlaceOfBirth, randomBirthName);
+ TestRequestImpl pendingReq1 = new TestRequestImpl();
+ pendingReq1.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response);
+
+ BigInteger zmrProcessId = generateRandomProcessId();
+ Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPseudonym, DE))
+ .thenReturn(new ZmrRegisterResult(Collections.emptyList(), zmrProcessId));
+ RegisterResult randomResult1 = RegisterResult.builder()
+ .bpk(randomBpk)
+ .pseudonym(Collections.singletonList(randomPseudonym))
+ .givenName(randomGivenName)
+ .familyName(randomFamilyName)
+ .dateOfBirth(randomBirthDate)
+ .placeOfBirth(randomPlaceOfBirth)
+ .birthName(randomBirthName)
+ .build();
+ Mockito.when(zmrClient.searchCountrySpecific(eq(zmrProcessId), any(PersonSuchenRequest.class), eq(DE)))
+ .thenReturn(new ZmrRegisterResult(Arrays.asList(randomResult1), zmrProcessId));
+
+ Mockito.when(ernpClient.searchWithPersonIdentifier(randomPseudonym, DE))
+ .thenReturn(emptyErnpRegisterResult());
+ Mockito.when(ernpClient.searchCountrySpecific(any(), eq(DE)))
+ .thenReturn(ernpRegisterResult(randomRegisterResult()));
+ Mockito.when(ernpClient.update(any(), any()))
+ .thenThrow(new IllegalStateException("ERnP update should not be neccessary"));
+
+ // execute task
+ TaskExecutionException exception = assertThrows(TaskExecutionException.class,
+ () -> task.execute(pendingReq1, executionContext));
+
+ // validate state
+ assertTrue("Wrong exception", (exception.getOriginalException() instanceof WorkflowException));
+ assertTrue("Wrong flag 'manualFixNeeded'",
+ ((WorkflowException) exception.getOriginalException()).isRequiresManualFix());
+
+ }
+
+ /**
+ * Multiple matches found in ERnP by country specifics.
+ */
+ @Test
+ @DirtiesContext
+ public void multiplePersonFindWithCountySpecifics_Ernp() throws Exception {
+ final AuthenticationResponse response = buildDummyAuthResponseDE(randomGivenName, randomFamilyName,
+ randomPersonalIdentifier_DE,
+ randomBirthDate, randomPlaceOfBirth, randomBirthName);
+ TestRequestImpl pendingReq1 = new TestRequestImpl();
+ pendingReq1.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response);
+
+ BigInteger zmrProcessId = generateRandomProcessId();
+ Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPseudonym, DE))
+ .thenReturn(new ZmrRegisterResult(Collections.emptyList(), zmrProcessId));
+ Mockito.when(zmrClient.searchCountrySpecific(eq(zmrProcessId), any(PersonSuchenRequest.class), eq(DE)))
+ .thenReturn(new ZmrRegisterResult(Arrays.asList(), zmrProcessId));
+
+ Mockito.when(ernpClient.searchWithPersonIdentifier(randomPseudonym, DE))
+ .thenReturn(emptyErnpRegisterResult());
+ Mockito.when(ernpClient.searchCountrySpecific(any(), eq(DE)))
+ .thenReturn(ernpRegisterResult(Arrays.asList(randomRegisterResult(), randomRegisterResult())));
+ Mockito.when(ernpClient.update(any(), any()))
+ .thenThrow(new IllegalStateException("ERnP update should not be neccessary"));
+
+ // execute task
+ TaskExecutionException exception = assertThrows(TaskExecutionException.class,
+ () -> task.execute(pendingReq1, executionContext));
+
+ // validate state
+ assertTrue("Wrong exception", (exception.getOriginalException() instanceof WorkflowException));
+ assertTrue("Wrong flag 'manualFixNeeded'",
+ ((WorkflowException) exception.getOriginalException()).isRequiresManualFix());
+
+ }
+
+ /**
+ * NO match found in ZMR and ErnP with Initial and MDS search
+ *
+ * @throws EidasSAuthenticationException
+ * @throws URISyntaxException
+ * @throws EaafStorageException
+ */
+ @Test
+ @DirtiesContext
+ public void noResultByAnySearch() throws TaskExecutionException, EidasSAuthenticationException, URISyntaxException, EaafStorageException {
+ BigInteger zmrProcessId = generateRandomProcessId();
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE,
+ buildDummyAuthResponse(randomGivenName, randomFamilyName, randomPersonalIdentifier_EE, randomBirthDate));
+
+ Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPseudonym, EE))
+ .thenReturn(new ZmrRegisterResult(Collections.emptyList(), zmrProcessId));
+ Mockito.when(zmrClient.searchWithMds(zmrProcessId, randomGivenName, randomFamilyName, randomBirthDate, EE))
+ .thenReturn(new ZmrRegisterResult(Collections.emptyList(), zmrProcessId));
+ Mockito.when(zmrClient.update(any(), any(), any()))
+ .thenThrow(new IllegalStateException("ZMR update should not be neccessary"));
+
+ Mockito.when(ernpClient.searchWithPersonIdentifier(randomPseudonym, EE))
+ .thenReturn(emptyErnpRegisterResult());
+ Mockito.when(ernpClient.searchWithMds(randomGivenName, randomFamilyName, randomBirthDate, EE))
+ .thenReturn(new ErnpRegisterResult(Collections.emptyList()));
+ Mockito.when(ernpClient.update(any(), any()))
+ .thenThrow(new IllegalStateException("ZMR update should not be neccessary"));
+
+ // execute task
+ task.execute(pendingReq, executionContext);
+
+
+ // validate state
+ assertNotNull("find no eIDAS inbut data", MatchingTaskUtils.getInitialEidasData(pendingReq));
+
+ assertNull("Find intermediate matching data but matching should be finished",
+ MatchingTaskUtils.getIntermediateMatchingResult(pendingReq));
+ assertNull("Find final matching data but no match sould be found",
+ MatchingTaskUtils.getFinalMatchingResult(pendingReq));
+
+ Boolean transitionGUI = (Boolean) executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK);
+ Assert.assertNull("Wrong transition", transitionGUI);
+ Boolean transitionErnb = (Boolean) executionContext.get(Constants.TRANSITION_TO_CREATE_NEW_ERNP_ENTRY_TASK);
+ Assert.assertTrue("Wrong transition", transitionErnb);
+
+ }
+
+ /**
+ * Find one match with MDS search in ERnP.
+ */
+ @Test
+ @DirtiesContext
+ public void resultByMdsSearch_Ernb() throws TaskExecutionException, EidasSAuthenticationException, URISyntaxException, EaafStorageException {
+ BigInteger zmrProcessId = generateRandomProcessId();
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE,
+ buildDummyAuthResponse(randomGivenName, randomFamilyName, randomPersonalIdentifier_EE, randomBirthDate));
+
+ Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPseudonym, EE))
+ .thenReturn(new ZmrRegisterResult(Collections.emptyList(), zmrProcessId));
+ Mockito.when(zmrClient.searchWithMds(zmrProcessId, randomGivenName, randomFamilyName, randomBirthDate, EE))
+ .thenReturn(new ZmrRegisterResult(Collections.emptyList(), zmrProcessId));
+
+ Mockito.when(ernpClient.searchWithPersonIdentifier(randomPseudonym, EE))
+ .thenReturn(emptyErnpRegisterResult());
+ Mockito.when(ernpClient.searchWithMds(randomGivenName, randomFamilyName, randomBirthDate, EE))
+ .thenReturn(ernpRegisterResult(randomRegisterResult()));
+
+ // execute test
+ task.execute(pendingReq, executionContext);
+
+ // validate state
+ checkIntermediateResult(1);
+
+ }
+
+ /**
+ * Find one match with MDS search in ZMR.
+ */
+ @Test
+ @DirtiesContext
+ public void resultByMdsSearch_Zmr() throws TaskExecutionException, EidasSAuthenticationException {
+ BigInteger zmrProcessId = generateRandomProcessId();
+ Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPseudonym, DE))
+ .thenReturn(new ZmrRegisterResult(Collections.emptyList(), zmrProcessId));
+ Mockito.when(zmrClient.searchWithMds(zmrProcessId, randomGivenName, randomFamilyName, randomBirthDate, DE))
+ .thenReturn(zmrRegisterResult(randomRegisterResult(), zmrProcessId));
+ Mockito.when(zmrClient.update(any(), any(), any()))
+ .thenThrow(new IllegalStateException("ZMR update should not be neccessary"));
+
+ Mockito.when(ernpClient.searchWithPersonIdentifier(randomPseudonym, DE)).thenReturn(
+ emptyErnpRegisterResult());
+ Mockito.when(ernpClient.searchWithMds(randomGivenName, randomFamilyName, randomBirthDate, DE))
+ .thenReturn(emptyErnpRegisterResult());
+ Mockito.when(ernpClient.update(any(), any()))
+ .thenThrow(new IllegalStateException("ERnP update should not be neccessary"));
+
+
+
+ // execute test
+ task.execute(pendingReq, executionContext);
+
+ // validate state
+ checkIntermediateResult(1);
+
+ }
+
+ /**
+ * Find matches with MDS search in ZMR and ERnP.
+ */
+ @Test
+ @DirtiesContext
+ public void resultByMdsSearch_ZmrAndErnp() throws TaskExecutionException, EidasSAuthenticationException {
+ BigInteger zmrProcessId = generateRandomProcessId();
+ Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPseudonym, DE))
+ .thenReturn(new ZmrRegisterResult(Collections.emptyList(), zmrProcessId));
+ Mockito.when(zmrClient.searchWithMds(zmrProcessId, randomGivenName, randomFamilyName, randomBirthDate, DE))
+ .thenReturn(zmrRegisterResult(randomRegisterResult(), zmrProcessId));
+ Mockito.when(zmrClient.update(any(), any(), any()))
+ .thenThrow(new IllegalStateException("ZMR update should not be neccessary"));
+
+ Mockito.when(ernpClient.searchWithPersonIdentifier(randomPseudonym, DE)).thenReturn(
+ emptyErnpRegisterResult());
+ Mockito.when(ernpClient.searchWithMds(randomGivenName, randomFamilyName, randomBirthDate, DE))
+ .thenReturn(ernpRegisterResult(randomRegisterResult()));
+ Mockito.when(ernpClient.update(any(), any()))
+ .thenThrow(new IllegalStateException("ERnP update should not be neccessary"));
+
+
+
+ // execute test
+ task.execute(pendingReq, executionContext);
+
+ // validate state
+ checkIntermediateResult(2);
+
+ }
+
+ /**
+ * resultByMdsSearch
+ */
+ @Test
+ @DirtiesContext
+ public void multipleResultsByMdsSearch() throws TaskExecutionException, EidasSAuthenticationException {
+ BigInteger zmrProcessId = generateRandomProcessId();
+ Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPseudonym, DE))
+ .thenReturn(new ZmrRegisterResult(Collections.emptyList(), zmrProcessId));
+ Mockito.when(zmrClient.searchCountrySpecific(eq(zmrProcessId), any(PersonSuchenRequest.class), any(String.class)))
+ .thenReturn(new ZmrRegisterResult(Collections.emptyList(), zmrProcessId));
+ Mockito.when(zmrClient.searchWithMds(zmrProcessId, randomGivenName, randomFamilyName, randomBirthDate, DE))
+ .thenReturn(zmrRegisterResult(randomRegisterResult(randomBpk + "2"), zmrProcessId));
+ Mockito.when(zmrClient.update(any(), any(), any()))
+ .thenThrow(new IllegalStateException("ZMR update should not be neccessary"));
+
+ Mockito.when(ernpClient.searchWithPersonIdentifier(randomPseudonym, DE))
+ .thenReturn(emptyErnpRegisterResult());
+ Mockito.when(ernpClient.searchWithMds(randomGivenName, randomFamilyName, randomBirthDate, DE))
+ .thenReturn(ernpRegisterResult(Arrays.asList(randomRegisterResult(), randomRegisterResult(randomBpk + "1"))));
+
+ // execute test
+ task.execute(pendingReq, executionContext);
+
+ // validate state
+ checkIntermediateResult(3);
+
+ }
+
+ @NotNull
+ private ZmrSoapClient.ZmrRegisterResult emptyZmrRegisterResult() {
+ return new ZmrRegisterResult(Collections.emptyList(), generateRandomProcessId());
+ }
+
+ @NotNull
+ private ErnpRegisterResult emptyErnpRegisterResult() {
+ return new ErnpRegisterResult(Collections.emptyList());
+ }
+
+ @NotNull
+ private ZmrRegisterResult zmrRegisterResult(RegisterResult registerResult, BigInteger processId) {
+ return new ZmrRegisterResult(Collections.singletonList(registerResult), processId);
+ }
+
+ @NotNull
+ private ZmrRegisterResult zmrRegisterResult(RegisterResult registerResult) {
+ return zmrRegisterResult(registerResult, generateRandomProcessId());
+ }
+
+ @NotNull
+ private ErnpRegisterResult ernpRegisterResult(RegisterResult registerResult) {
+ return new ErnpRegisterResult(Collections.singletonList(registerResult));
+ }
+
+ @NotNull
+ private ErnpRegisterResult ernpRegisterResult(List<RegisterResult> registerResult) {
+ return new ErnpRegisterResult(registerResult);
+ }
+
+ @NotNull
+ private RegisterResult randomRegisterResult() {
+ return randomRegisterResult(randomGivenName, randomBpk);
+ }
+
+ @NotNull
+ private RegisterResult randomRegisterResult(String randomBpk) {
+ return randomRegisterResult(randomGivenName, randomBpk);
+ }
+
+ @NotNull
+ private RegisterResult randomRegisterResult(String randomGivenName, String randomBpk) {
+ return RegisterResult.builder()
+ .bpk(randomBpk)
+ .pseudonym(Collections.singletonList(randomPseudonym))
+ .givenName(randomGivenName)
+ .familyName(randomFamilyName)
+ .dateOfBirth(randomBirthDate)
+ .build();
+ }
+
+ @NotNull
+ private RegisterResult randomRegisterResult(String randomGivenName, String randomBpk, String placeOfBirth) {
+ return RegisterResult.builder()
+ .bpk(randomBpk)
+ .pseudonym(Collections.singletonList(randomPseudonym))
+ .givenName(randomGivenName)
+ .familyName(randomFamilyName)
+ .dateOfBirth(randomBirthDate)
+ .placeOfBirth(placeOfBirth)
+ .build();
+ }
+
+ @NotNull
+ private AuthenticationResponse buildDummyAuthResponseRandomPerson() throws URISyntaxException {
+ return buildDummyAuthResponse(randomGivenName, randomFamilyName, DE_ST + randomPseudonym, randomBirthDate);
+ }
+
+ private BigInteger generateRandomProcessId() {
+ return new BigInteger(RandomStringUtils.randomNumeric(10));
+
+ }
+
+ private void checkMatchingSuccessState(IRequest pendingReq, String bpk, String familyName, String givenName,
+ String birhday, String countryCode) {
+ assertNull("Find intermediate matching data but matching should be finished",
+ MatchingTaskUtils.getIntermediateMatchingResult(pendingReq));
+ assertNotNull("find no eIDAS inbut data", MatchingTaskUtils.getInitialEidasData(pendingReq));
+
+ MatchedPersonResult personInfo = MatchingTaskUtils.getFinalMatchingResult(pendingReq);
+ assertNotNull("no final matching result", personInfo);
+ assertEquals("wrong bpk", bpk, personInfo.getBpk());
+ assertEquals("wrong givenName", givenName, personInfo.getGivenName());
+ assertEquals("wrong familyName", familyName, personInfo.getFamilyName());
+ assertEquals("wrong dateOfBirth", birhday, personInfo.getDateOfBirth());
+ assertEquals("wrong countryCode", countryCode, personInfo.getCountryCode());
+
+ }
+
+ private void checkIntermediateResult(int resultSize) {
+ Boolean transitionGUI = (Boolean) executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK);
+ Assert.assertTrue("Wrong transition", transitionGUI);
+ Boolean transitionErnb = (Boolean) executionContext.get(Constants.TRANSITION_TO_CREATE_NEW_ERNP_ENTRY_TASK);
+ Assert.assertNull("Wrong transition", transitionErnb);
+
+ assertNotNull("find no eIDAS inbut data", MatchingTaskUtils.getInitialEidasData(pendingReq));
+ assertNull("Find final matching data but no match sould be found",
+ MatchingTaskUtils.getFinalMatchingResult(pendingReq));
+
+ RegisterStatusResults result = MatchingTaskUtils.getIntermediateMatchingResult(pendingReq);
+ assertNotNull("Find no intermediate matching data", result);
+ assertEquals("wrong intermediate result size", resultSize, result.getResultCount());
+
+ }
+
+ @NotNull
+ private AuthenticationResponse buildDummyAuthResponse(String givenName, String familyName, String identifier,
+ String dateOfBirth) throws URISyntaxException {
+ return buildDummyAuthResponse(givenName, familyName, identifier, dateOfBirth, null, null, null);
+ }
+
+ @NotNull
+ private AuthenticationResponse buildDummyAuthResponseDE(String givenName, String familyName, String identifier,
+ String dateOfBirth, String placeOfBirth,
+ String birthName) throws URISyntaxException {
+ return buildDummyAuthResponse(givenName, familyName, identifier, dateOfBirth, null, placeOfBirth, birthName);
+ }
+
+ @NotNull
+ private AuthenticationResponse buildDummyAuthResponse(String givenName, String familyName, String identifier,
+ String dateOfBirth, String taxNumber, String placeOfBirth,
+ String birthName) throws URISyntaxException {
+ ImmutableAttributeMap.Builder builder = ImmutableAttributeMap.builder()
+ .put(generateStringAttribute(Constants.eIDAS_ATTR_PERSONALIDENTIFIER,
+ randomAlphabetic(2), randomAlphabetic(2)), identifier)
+ .put(generateStringAttribute(Constants.eIDAS_ATTR_CURRENTFAMILYNAME,
+ randomAlphabetic(3), randomAlphabetic(3)), familyName)
+ .put(generateStringAttribute(Constants.eIDAS_ATTR_CURRENTGIVENNAME,
+ randomAlphabetic(4), randomAlphabetic(4)), givenName)
+ .put(generateDateTimeAttribute(Constants.eIDAS_ATTR_DATEOFBIRTH,
+ randomAlphabetic(5), randomAlphabetic(5)), dateOfBirth);
+ if (taxNumber != null) {
+ builder.put(generateStringAttribute(Constants.eIDAS_ATTR_TAXREFERENCE,
+ randomAlphabetic(6), randomAlphabetic(6)), taxNumber);
+ }
+ if (birthName != null) {
+ builder.put(generateStringAttribute(Constants.eIDAS_ATTR_BIRTHNAME,
+ randomAlphabetic(7), randomAlphabetic(7)), birthName);
+ }
+ if (placeOfBirth != null) {
+ builder.put(generateStringAttribute(Constants.eIDAS_ATTR_PLACEOFBIRTH,
+ randomAlphabetic(8), randomAlphabetic(8)), placeOfBirth);
+ }
+ final ImmutableAttributeMap attributeMap = builder.build();
+
+ return new AuthenticationResponse.Builder().id(randomAlphabetic(5))
+ .issuer(randomAlphabetic(5)).subject(randomAlphabetic(5)).statusCode("200")
+ .inResponseTo(randomAlphabetic(5)).subjectNameIdFormat(randomAlphabetic(5))
+ .attributes(attributeMap).build();
+ }
+
+ private AttributeDefinition<Object> generateStringAttribute(String friendlyName, String fragment, String prefix)
+ throws URISyntaxException {
+ return generateAttribute(friendlyName, fragment, prefix, "eu.eidas.auth.commons.attribute.impl" +
+ ".LiteralStringAttributeValueMarshaller");
+ }
+
+ @SuppressWarnings("SameParameterValue")
+ private AttributeDefinition<Object> generateDateTimeAttribute(String friendlyName, String fragment, String prefix)
+ throws URISyntaxException {
+ return generateAttribute(friendlyName, fragment, prefix, "eu.eidas.auth.commons.attribute.impl" +
+ ".DateTimeAttributeValueMarshaller");
+ }
+
+ private AttributeDefinition<Object> generateAttribute(String friendlyName, String fragment, String prefix,
+ String marshaller) throws URISyntaxException {
+ return AttributeDefinition.builder()
+ .friendlyName(friendlyName).nameUri(new URI("ad", "sd", fragment))
+ .personType(PersonType.LEGAL_PERSON).xmlType(new QName("http://saf", "as", prefix))
+ .attributeValueMarshaller(marshaller).build();
+ }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskWithRegistersTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskWithRegistersTest.java
new file mode 100644
index 00000000..6d0e7c31
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskWithRegistersTest.java
@@ -0,0 +1,683 @@
+/*
+ * Copyright 2020 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
+
+import static org.apache.commons.lang3.RandomStringUtils.randomAlphabetic;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertThrows;
+import static org.junit.Assert.assertTrue;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.when;
+
+import java.math.BigInteger;
+import java.net.URI;
+import java.net.URISyntaxException;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBElement;
+import javax.xml.bind.JAXBException;
+import javax.xml.bind.Unmarshaller;
+import javax.xml.namespace.QName;
+
+import org.apache.commons.io.IOUtils;
+import org.apache.commons.lang3.RandomStringUtils;
+import org.jetbrains.annotations.NotNull;
+import org.junit.AfterClass;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.ArgumentCaptor;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.ClassMode;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import com.github.skjolber.mockito.soap.SoapServiceRule;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.ernp.IErnpClient;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.zmr.IZmrClient;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.zmr.ZmrSoapClient.ZmrRegisterResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.WorkflowException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.CountrySpecificDetailSearchProcessor;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.GenericEidProcessor;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.ICcSpecificEidProcessingService;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService.RegisterStatusResults;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.InitialSearchTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.clients.ErnpRestClientTest;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.clients.ZmrClientTest;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.MatchingTaskUtils;
+import at.gv.bmi.namespace.zmr_su.base._20040201.RequestType;
+import at.gv.bmi.namespace.zmr_su.base._20040201.ResponseType;
+import at.gv.bmi.namespace.zmr_su.base._20040201_.ServicePort;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
+import eu.eidas.auth.commons.attribute.PersonType;
+import eu.eidas.auth.commons.light.impl.LightRequest;
+import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse;
+import lombok.SneakyThrows;
+import okhttp3.mockwebserver.MockResponse;
+import okhttp3.mockwebserver.MockWebServer;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml",
+ "/SpringTest-context_ccSearchProcessor_test.xml"
+})
+@DirtiesContext(classMode = ClassMode.BEFORE_CLASS)
+public class InitialSearchTaskWithRegistersTest {
+
+ private static final String EE = "EE";
+ private static final String DE = "DE";
+
+ @Rule
+ public SoapServiceRule soap = SoapServiceRule.newInstance();
+
+ @Autowired IErnpClient ernpClient;
+ @Autowired IZmrClient zmrClient;
+ @Autowired List<CountrySpecificDetailSearchProcessor> handlers;
+
+ private RegisterSearchService registerSearchService;
+
+ private ServicePort zmrMock = null;
+
+ private static MockWebServer mockWebServer;
+
+ private final ICcSpecificEidProcessingService eidPostProcessor = createEidPostProcessor();
+ private InitialSearchTask task;
+
+ final ExecutionContext executionContext = new ExecutionContextImpl();
+ private TestRequestImpl pendingReq;
+ private static JAXBContext jaxbContext;
+
+ /**
+ * Initialize jUnit class.
+ */
+ @BeforeClass
+ @SneakyThrows
+ public static void classInitializer() {
+ jaxbContext = JAXBContext.newInstance(
+ at.gv.bmi.namespace.zmr_su.zmr._20040201.ObjectFactory.class,
+ at.gv.bmi.namespace.zmr_su.gis._20070725.ObjectFactory.class,
+ at.gv.bmi.namespace.zmr_su.base._20040201.ObjectFactory.class);
+
+ mockWebServer = new MockWebServer();
+ mockWebServer.start(1718);
+
+ }
+
+ @AfterClass
+ @SneakyThrows
+ public static void resetTestEnviroment() {
+ mockWebServer.shutdown();
+
+ }
+
+ /**
+ * jUnit test set-up.
+ */
+ @Before
+ @SneakyThrows
+ public void setUp() throws URISyntaxException, EaafStorageException {
+ if (zmrMock == null) {
+ zmrMock = soap.mock(ServicePort.class, "http://localhost:1234/demozmr");
+
+ }
+
+ registerSearchService = new RegisterSearchService(handlers, zmrClient, ernpClient);
+ task = new InitialSearchTask(registerSearchService, eidPostProcessor);
+
+ MockHttpServletRequest httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+ MockHttpServletResponse httpResp = new MockHttpServletResponse();
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+ pendingReq = new TestRequestImpl();
+
+ }
+
+ /**
+ * One match, but register update needed
+ * <p>
+ * <b>Check if ZMR update request is NOT executed in case of MDS change!</b>
+ * </p>
+ */
+ @Test
+ @DirtiesContext
+ public void singlePersonalIdMatchUpdateNecessary_ZmrNotDone() throws Exception {
+
+ String oldGivenName = "XXXClaus - Maria";
+
+ //inject eIDAS data
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession(
+ Constants.DATA_FULL_EIDAS_RESPONSE,
+ buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg",
+ "DE/AT/7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "1994-12-31"));
+
+ final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);
+
+ // inject response
+ when(zmrMock.service(zmrReq.capture(), any()))
+ .thenReturn(loadResponseFromFile("/data/zmr/seq_1-8_search_with_personalId_only_resp.xml"))
+
+ //perform prepair-update request
+ .thenReturn(loadResponseFromFile("/data/zmr/seq_1-8_search_with_personalId_only_resp.xml"))
+
+ //do not make an update because, MDS update is not allowed and no other data has been changed
+ .thenThrow(new RuntimeException("This request is not needed any more"));
+
+ mockWebServer.enqueue(new MockResponse().setResponseCode(200)
+ .setBody("{}")
+ .setHeader("Content-Type", "application/json;charset=utf-8"));
+
+
+ // execute test
+ task.execute(pendingReq, executionContext);
+
+ // validate state
+ //INFO: has to be the old givenName because ZMR allows no update of MDS information
+ checkMatchingSuccessState(pendingReq, "UgeknNsc26lVuB7U/uYGVmWtnnA=", "XXXvon Brandenburg",
+ oldGivenName, "1994-12-31", DE);
+
+ // validate request
+ assertEquals("wrong number of req.", 2, zmrReq.getAllValues().size());
+ assertNotNull("Personensuche req.", zmrReq.getValue().getPersonSuchenRequest());
+ checkBasicRequestParameters(zmrReq.getValue(), ZmrClientTest.PROCESS_TASK_SEARCH,
+ new BigInteger("367100000000079"), "jUnit123456");
+
+ }
+
+ /**
+ * One match, but register update needed
+ * <p>
+ * <b>Check if ZMR update request is executed in case of other data than MDS change!</b>
+ * </p>
+ */
+ @Test
+ @DirtiesContext
+ public void singlePersonalIdMatchUpdateNecessary_ZmrDone() throws Exception {
+
+ String oldGivenName = "XXXClaus - Maria";
+ String placeOfBirth = RandomStringUtils.randomAlphabetic(5);
+
+ //inject eIDAS data
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession(
+ Constants.DATA_FULL_EIDAS_RESPONSE,
+ buildDummyAuthResponse(oldGivenName, "XXXvon Brandenburg",
+ "DE/AT/7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "1994-12-31", null, placeOfBirth, null));
+
+ final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);
+
+ // inject response
+ when(zmrMock.service(zmrReq.capture(), any()))
+ .thenReturn(loadResponseFromFile("/data/zmr/seq_1-8_search_with_personalId_only_resp_no_additional_attributes.xml"))
+
+ //perform prepair-update request
+ .thenReturn(loadResponseFromFile("/data/zmr/seq_1-8_search_with_personalId_only_resp_no_additional_attributes.xml"))
+
+ //do make an update because, MDS DOES NOT change, but additional attribute was available
+ .thenReturn(loadResponseFromFile("/data/zmr/seq_3-6_kitt_update_resp.xml"));
+
+ mockWebServer.enqueue(new MockResponse().setResponseCode(200)
+ .setBody("{}")
+ .setHeader("Content-Type", "application/json;charset=utf-8"));
+
+ // execute test
+ task.execute(pendingReq, executionContext);
+
+ // validate state
+ //INFO: has to be the old givenName because ZMR allows no update of MDS information
+ checkMatchingSuccessState(pendingReq, "UgeknNsc26lVuB7U/uYGVmWtnnA=", "XXXvon Brandenburg",
+ oldGivenName, "1994-12-31", DE);
+
+ // validate request
+ assertEquals("wrong number of req.", 3, zmrReq.getAllValues().size());
+ assertNotNull("Personensuche req.", zmrReq.getAllValues().get(0).getPersonSuchenRequest());
+ checkBasicRequestParameters(zmrReq.getAllValues().get(0), ZmrClientTest.PROCESS_TASK_SEARCH, null, "jUnit123456");
+
+ assertNotNull("Personenupdate req.", zmrReq.getAllValues().get(2).getPersonAendernRequest());
+ checkBasicRequestParameters(zmrReq.getAllValues().get(2), ZmrClientTest.PROCESS_TASK_UPDATE,
+ new BigInteger("367100000000079"), "jUnit123456");
+ assertEquals("eIDAS attribute to add", 4,
+ zmrReq.getAllValues().get(2).getPersonAendernRequest().getEidasIdentitaetAnlage().size());
+ assertNull("ZMR update MDS", zmrReq.getAllValues().get(2).getPersonAendernRequest().getPersonAenderung());
+
+ }
+
+
+ /**
+ * Two matches by PersonalId found in ZMR
+ *
+ * @throws EidasSAuthenticationException
+ */
+ @Test
+ @DirtiesContext
+ @SneakyThrows
+ public void multiPersonalIdMatch_Zmr() throws EidasSAuthenticationException {
+ //inject eIDAS data
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession(
+ Constants.DATA_FULL_EIDAS_RESPONSE,
+ buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg",
+ "DE/AT/7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "1994-12-31"));
+
+ // inject response
+ when(zmrMock.service(any(), any()))
+ .thenReturn(loadResponseFromFile("/data/zmr/search_with_personalId_only_resp_moreThanOne.xml"))
+ .thenThrow(new RuntimeException("This request is not needed any more"));
+
+ // execute task
+ TaskExecutionException exception = assertThrows(TaskExecutionException.class,
+ () -> task.execute(pendingReq, executionContext));
+
+ // validate state
+ assertTrue("Wrong exception", (exception.getOriginalException() instanceof WorkflowException));
+ assertTrue("Wrong flag 'manualFixNeeded'",
+ ((WorkflowException) exception.getOriginalException()).isRequiresManualFix());
+
+ }
+
+ /**
+ * Find single person in ZMR by country specifics.
+ */
+ @Test
+ @DirtiesContext
+ public void singlePersonFindWithCountySpecifics_Ernp() throws Exception {
+ //inject eIDAS data
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession(
+ Constants.DATA_FULL_EIDAS_RESPONSE,
+ buildDummyAuthResponse("vdqZZIaA", "mRjMKAQc",
+ "DE/AT/nj1m79jm9z", "1996-01-01",
+ null, "VRNCAylF", "miEklFHC"));
+
+ final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);
+ BigInteger processId = new BigInteger("367100000000079");
+
+ // inject response
+ when(zmrMock.service(zmrReq.capture(), any()))
+ .thenReturn(loadResponseFromFile("/data/zmr/empty_zmr_result.xml")) //personalId search
+ .thenReturn(loadResponseFromFile("/data/zmr/empty_zmr_result.xml")) //CC specific search
+ .thenThrow(new RuntimeException("This request is not needed any more"));
+
+ mockWebServer.enqueue(new MockResponse().setResponseCode(200) //personalId search
+ .setBody("{}")
+ .setHeader("Content-Type", "application/json;charset=utf-8"));
+ mockWebServer.enqueue(new MockResponse().setResponseCode(200) //CC specific search
+ .setBody(IOUtils.toString(
+ ErnpRestClientTest.class.getResourceAsStream("/data/ernp/2_search_with_cc_specific_resp.json"), "UTF-8"))
+ .setHeader("Content-Type", "application/json;charset=utf-8"));
+ mockWebServer.enqueue(new MockResponse().setResponseCode(200) //KITT search
+ .setBody(IOUtils.toString(
+ ErnpRestClientTest.class.getResourceAsStream("/data/ernp/2_kitt_search_latest_resp.json"), "UTF-8"))
+ .setHeader("Content-Type", "application/json;charset=utf-8"));
+ mockWebServer.enqueue(new MockResponse().setResponseCode(200) //KITT update
+ .setBody(IOUtils.toString(
+ ErnpRestClientTest.class.getResourceAsStream("/data/ernp/2_kitt_update_resp.json"), "UTF-8"))
+ .setHeader("Content-Type", "application/json;charset=utf-8"));
+
+ // execute test
+ task.execute(pendingReq, executionContext);
+
+ // validate state
+ checkMatchingSuccessState(pendingReq, "TBGoMlirU881e2jMGETa9WLx1+A=", "mRjMKAQc",
+ "vdqZZIaA", "1996-01-01", DE);
+
+ // validate request
+ assertEquals("wrong number of req.", 2, zmrReq.getAllValues().size());
+ checkBasicRequestParameters(zmrReq.getAllValues().get(0), ZmrClientTest.PROCESS_TASK_SEARCH, null, "jUnit123456");
+ checkBasicRequestParameters(zmrReq.getAllValues().get(1), ZmrClientTest.PROCESS_TASK_SEARCH, processId, "jUnit123456");
+
+ }
+
+
+ /**
+ * Find single person in ZMR by country specifics.
+ */
+ @Test
+ @DirtiesContext
+ public void singlePersonFindWithCountySpecifics_Zmr() throws Exception {
+ //inject eIDAS data
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession(
+ Constants.DATA_FULL_EIDAS_RESPONSE,
+ buildDummyAuthResponse("XXXClaus - Maria", "XXXvon Brandenburg",
+ "DE/AT/7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit_with_New_ID", "1994-12-31",
+ null, "Hintergigritzpotschn", "XXXvon Heuburg"));
+
+ final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);
+ BigInteger processId = new BigInteger("367100000000079");
+
+ // inject response
+ when(zmrMock.service(zmrReq.capture(), any()))
+ .thenReturn(loadResponseFromFile("/data/zmr/empty_zmr_result.xml")) //personalId search
+ .thenReturn(loadResponseFromFile("/data/zmr/seq_1-8_search_with_personalId_only_resp.xml")) //CC specific search
+ .thenReturn(loadResponseFromFile("/data/zmr/seq_1-4_kitt_get_latest_version_resp.xml")) //KITT latest version
+ .thenReturn(loadResponseFromFile("/data/zmr/seq_1-6_kitt_update_resp.xml")) //KITT update
+ .thenThrow(new RuntimeException("This request is not needed any more"));
+
+ mockWebServer.enqueue(new MockResponse().setResponseCode(200)
+ .setBody("{}")
+ .setHeader("Content-Type", "application/json;charset=utf-8"));
+
+ mockWebServer.enqueue(new MockResponse().setResponseCode(200) //CC specific search
+ .setBody("{}")
+ .setHeader("Content-Type", "application/json;charset=utf-8"));
+
+
+ // execute test
+ task.execute(pendingReq, executionContext);
+
+ // validate state
+ checkMatchingSuccessState(pendingReq, "UgeknNsc26lVuB7U/uYGVmWtnnA=", "XXXvon Brandenburg",
+ "XXXClaus - Maria", "1994-12-31", DE);
+
+ // validate request
+ assertEquals("wrong number of req.", 4, zmrReq.getAllValues().size());
+ checkBasicRequestParameters(zmrReq.getAllValues().get(0), ZmrClientTest.PROCESS_TASK_SEARCH, null, "jUnit123456");
+ checkBasicRequestParameters(zmrReq.getAllValues().get(1), ZmrClientTest.PROCESS_TASK_SEARCH, processId, "jUnit123456");
+ checkBasicRequestParameters(zmrReq.getAllValues().get(2), ZmrClientTest.PROCESS_TASK_SEARCH, processId, "jUnit123456");
+ checkBasicRequestParameters(zmrReq.getAllValues().get(3), ZmrClientTest.PROCESS_TASK_UPDATE, processId, "jUnit123456");
+
+ }
+
+ /**
+ * Find one match with MDS search in ZMR.
+ */
+ @Test
+ @DirtiesContext
+ @SneakyThrows
+ public void resultByMdsSearch_Zmr() throws TaskExecutionException, EidasSAuthenticationException {
+ //inject eIDAS data
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession(
+ Constants.DATA_FULL_EIDAS_RESPONSE,
+ buildDummyAuthResponse("XXXClaus - Maria", "XXXvon Brandenburg",
+ "DE/AT/7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit_with_New_ID", "1994-12-31"));
+
+ final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);
+ BigInteger processId = new BigInteger("367100000000079");
+
+ // inject response
+ when(zmrMock.service(zmrReq.capture(), any()))
+ .thenReturn(loadResponseFromFile("/data/zmr/empty_zmr_result.xml")) //personalId search
+ //CC-specific will be ignored because CC is DE but BirthName and PlaceOfBirth is 'null'
+ .thenReturn(loadResponseFromFile("/data/zmr/seq_1-2_search_with_mds_resp.xml")) //MDS specific search
+ .thenThrow(new RuntimeException("This request is not needed any more"));
+
+ mockWebServer.enqueue(new MockResponse().setResponseCode(200)
+ .setBody("{}")
+ .setHeader("Content-Type", "application/json;charset=utf-8"));
+ mockWebServer.enqueue(new MockResponse().setResponseCode(200) //MDS specific search
+ .setBody("{}")
+ .setHeader("Content-Type", "application/json;charset=utf-8"));
+
+ // execute test
+ task.execute(pendingReq, executionContext);
+
+ // validate state
+ checkIntermediateResult(1);
+
+ // validate request
+ assertEquals("wrong number of req.", 2, zmrReq.getAllValues().size());
+ checkBasicRequestParameters(zmrReq.getAllValues().get(0), ZmrClientTest.PROCESS_TASK_SEARCH, null, "jUnit123456");
+ checkBasicRequestParameters(zmrReq.getAllValues().get(1), ZmrClientTest.PROCESS_TASK_SEARCH, processId, "jUnit123456");
+
+ }
+
+ /**
+ * Find one match with MDS search in ZMR.
+ */
+ @Test
+ @DirtiesContext
+ @SneakyThrows
+ public void resultByMdsSearch_Zmr_Second() throws TaskExecutionException, EidasSAuthenticationException {
+ //inject eIDAS data
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession(
+ Constants.DATA_FULL_EIDAS_RESPONSE,
+ buildDummyAuthResponse("XXXClaus - Maria", "XXXvon Brandenburg",
+ "DE/AT/7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit_with_New_ID", "1994-12-31",
+ null, "Hintergigritzpotschn", "XXXvon Heuburg"));
+
+ final ArgumentCaptor<RequestType> zmrReq = ArgumentCaptor.forClass(RequestType.class);
+ BigInteger processId = new BigInteger("367100000000079");
+
+ // inject response
+ when(zmrMock.service(zmrReq.capture(), any()))
+ .thenReturn(loadResponseFromFile("/data/zmr/empty_zmr_result.xml")) //personalId search
+ .thenReturn(loadResponseFromFile("/data/zmr/empty_zmr_result.xml")) //CC-specific search
+ .thenReturn(loadResponseFromFile("/data/zmr/search_with_personalId_only_resp_moreThanOne.xml")) //MDS specific search
+ .thenThrow(new RuntimeException("This request is not needed any more"));
+
+
+ mockWebServer.enqueue(new MockResponse().setResponseCode(200)
+ .setBody("{}")
+ .setHeader("Content-Type", "application/json;charset=utf-8"));
+ mockWebServer.enqueue(new MockResponse().setResponseCode(200) //CC specific search
+ .setBody("{}")
+ .setHeader("Content-Type", "application/json;charset=utf-8"));
+ mockWebServer.enqueue(new MockResponse().setResponseCode(200) //MDS specific search
+ .setBody(IOUtils.toString(
+ ErnpRestClientTest.class.getResourceAsStream("/data/ernp/3_search_with_mds_resp.json"), "UTF-8"))
+ .setHeader("Content-Type", "application/json;charset=utf-8"));
+
+
+ // execute test
+ task.execute(pendingReq, executionContext);
+
+ // validate state
+ checkIntermediateResult(3);
+
+ // validate request
+ assertEquals("wrong number of req.", 3, zmrReq.getAllValues().size());
+ checkBasicRequestParameters(zmrReq.getAllValues().get(0), ZmrClientTest.PROCESS_TASK_SEARCH, null, "jUnit123456");
+ checkBasicRequestParameters(zmrReq.getAllValues().get(1), ZmrClientTest.PROCESS_TASK_SEARCH, processId, "jUnit123456");
+ checkBasicRequestParameters(zmrReq.getAllValues().get(2), ZmrClientTest.PROCESS_TASK_SEARCH, processId, "jUnit123456");
+
+ }
+
+
+
+ @NotNull
+ private ICcSpecificEidProcessingService createEidPostProcessor() {
+ return new ICcSpecificEidProcessingService() {
+
+ private final GenericEidProcessor genericEidProcessor = new GenericEidProcessor();
+
+ @Override
+ public SimpleEidasData postProcess(Map<String, Object> eidasAttrMap) throws EidPostProcessingException, EidasAttributeException {
+ return genericEidProcessor.postProcess(eidasAttrMap);
+ }
+
+ @Override
+ public void preProcess(String selectedCC, IRequest pendingReq, LightRequest.Builder authnRequestBuilder) {
+ genericEidProcessor.preProcess(pendingReq, authnRequestBuilder);
+ }
+ };
+ }
+
+ @NotNull
+ private ZmrRegisterResult zmrRegisterResult(RegisterResult registerResult, BigInteger processId) {
+ return new ZmrRegisterResult(Collections.singletonList(registerResult), processId);
+ }
+
+ @NotNull
+ private ZmrRegisterResult zmrRegisterResult(RegisterResult registerResult) {
+ return zmrRegisterResult(registerResult, generateRandomProcessId());
+ }
+
+
+ private BigInteger generateRandomProcessId() {
+ return new BigInteger(RandomStringUtils.randomNumeric(10));
+
+ }
+
+ private void checkMatchingSuccessState(IRequest pendingReq, String bpk, String familyName, String givenName,
+ String birhday, String countryCode) {
+ assertNull("Find intermediate matching data but matching should be finished",
+ MatchingTaskUtils.getIntermediateMatchingResult(pendingReq));
+ assertNotNull("find no eIDAS inbut data", MatchingTaskUtils.getInitialEidasData(pendingReq));
+
+ MatchedPersonResult personInfo = MatchingTaskUtils.getFinalMatchingResult(pendingReq);
+ assertNotNull("no final matching result", personInfo);
+ assertEquals("wrong bpk", bpk, personInfo.getBpk());
+ assertEquals("wrong givenName", givenName, personInfo.getGivenName());
+ assertEquals("wrong familyName", familyName, personInfo.getFamilyName());
+ assertEquals("wrong dateOfBirth", birhday, personInfo.getDateOfBirth());
+ assertEquals("wrong countryCode", countryCode, personInfo.getCountryCode());
+
+ }
+
+ private void checkIntermediateResult(int resultSize) {
+ Boolean transitionGUI = (Boolean) executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK);
+ Assert.assertTrue("Wrong transition", transitionGUI);
+ Boolean transitionErnb = (Boolean) executionContext.get(Constants.TRANSITION_TO_CREATE_NEW_ERNP_ENTRY_TASK);
+ Assert.assertNull("Wrong transition", transitionErnb);
+
+ assertNotNull("find no eIDAS inbut data", MatchingTaskUtils.getInitialEidasData(pendingReq));
+ assertNull("Find final matching data but no match sould be found",
+ MatchingTaskUtils.getFinalMatchingResult(pendingReq));
+
+ RegisterStatusResults result = MatchingTaskUtils.getIntermediateMatchingResult(pendingReq);
+ assertNotNull("Find no intermediate matching data", result);
+ assertEquals("wrong intermediate result size", resultSize, result.getResultCount());
+
+ }
+
+ @NotNull
+ private AuthenticationResponse buildDummyAuthResponse(String givenName, String familyName, String identifier,
+ String dateOfBirth) throws URISyntaxException {
+ return buildDummyAuthResponse(givenName, familyName, identifier, dateOfBirth, null, null, null);
+ }
+
+ @NotNull
+ private AuthenticationResponse buildDummyAuthResponseDE(String givenName, String familyName, String identifier,
+ String dateOfBirth, String placeOfBirth,
+ String birthName) throws URISyntaxException {
+ return buildDummyAuthResponse(givenName, familyName, identifier, dateOfBirth, null, placeOfBirth, birthName);
+ }
+
+ @NotNull
+ private AuthenticationResponse buildDummyAuthResponse(String givenName, String familyName, String identifier,
+ String dateOfBirth, String taxNumber, String placeOfBirth,
+ String birthName) throws URISyntaxException {
+ ImmutableAttributeMap.Builder builder = ImmutableAttributeMap.builder()
+ .put(generateStringAttribute(Constants.eIDAS_ATTR_PERSONALIDENTIFIER,
+ randomAlphabetic(2), randomAlphabetic(2)), identifier)
+ .put(generateStringAttribute(Constants.eIDAS_ATTR_CURRENTFAMILYNAME,
+ randomAlphabetic(3), randomAlphabetic(3)), familyName)
+ .put(generateStringAttribute(Constants.eIDAS_ATTR_CURRENTGIVENNAME,
+ randomAlphabetic(4), randomAlphabetic(4)), givenName)
+ .put(generateDateTimeAttribute(Constants.eIDAS_ATTR_DATEOFBIRTH,
+ randomAlphabetic(5), randomAlphabetic(5)), dateOfBirth);
+ if (taxNumber != null) {
+ builder.put(generateStringAttribute(Constants.eIDAS_ATTR_TAXREFERENCE,
+ randomAlphabetic(6), randomAlphabetic(6)), taxNumber);
+ }
+ if (birthName != null) {
+ builder.put(generateStringAttribute(Constants.eIDAS_ATTR_BIRTHNAME,
+ randomAlphabetic(7), randomAlphabetic(7)), birthName);
+ }
+ if (placeOfBirth != null) {
+ builder.put(generateStringAttribute(Constants.eIDAS_ATTR_PLACEOFBIRTH,
+ randomAlphabetic(8), randomAlphabetic(8)), placeOfBirth);
+ }
+ final ImmutableAttributeMap attributeMap = builder.build();
+
+ return new AuthenticationResponse.Builder().id(randomAlphabetic(5))
+ .issuer(randomAlphabetic(5)).subject(randomAlphabetic(5)).statusCode("200")
+ .inResponseTo(randomAlphabetic(5)).subjectNameIdFormat(randomAlphabetic(5))
+ .attributes(attributeMap).build();
+ }
+
+ private AttributeDefinition<Object> generateStringAttribute(String friendlyName, String fragment, String prefix)
+ throws URISyntaxException {
+ return generateAttribute(friendlyName, fragment, prefix, "eu.eidas.auth.commons.attribute.impl" +
+ ".LiteralStringAttributeValueMarshaller");
+ }
+
+ @SuppressWarnings("SameParameterValue")
+ private AttributeDefinition<Object> generateDateTimeAttribute(String friendlyName, String fragment, String prefix)
+ throws URISyntaxException {
+ return generateAttribute(friendlyName, fragment, prefix, "eu.eidas.auth.commons.attribute.impl" +
+ ".DateTimeAttributeValueMarshaller");
+ }
+
+ private AttributeDefinition<Object> generateAttribute(String friendlyName, String fragment, String prefix,
+ String marshaller) throws URISyntaxException {
+ return AttributeDefinition.builder()
+ .friendlyName(friendlyName).nameUri(new URI("ad", "sd", fragment))
+ .personType(PersonType.LEGAL_PERSON).xmlType(new QName("http://saf", "as", prefix))
+ .attributeValueMarshaller(marshaller).build();
+ }
+
+ private ResponseType loadResponseFromFile(String filepath) throws JAXBException {
+ final Unmarshaller unmarshaller = jaxbContext.createUnmarshaller();
+ JAXBElement<?> resp = (JAXBElement<?>) unmarshaller.unmarshal(ZmrClientTest.class.getResourceAsStream(
+ filepath));
+ return (ResponseType) resp.getValue();
+
+ }
+
+ private void checkBasicRequestParameters(RequestType requestType, String vorgangName, BigInteger processId,
+ String behoerdennummer) {
+ assertNotNull("no workflow infos", requestType.getWorkflowInfoClient());
+ assertEquals("processName", ZmrClientTest.PROCESS_GENERAL, requestType.getWorkflowInfoClient().getProzessName());
+ assertEquals("vorgangsName", vorgangName, requestType.getWorkflowInfoClient().getVorgangName());
+
+ if (processId != null) {
+ assertEquals("processId", processId, requestType.getWorkflowInfoClient().getProzessInstanzID());
+ } else {
+ assertNull("processId", requestType.getWorkflowInfoClient().getProzessInstanzID());
+ }
+
+ assertNotNull("no client infos", requestType.getClientInfo());
+ assertEquals("behoerdennummer", behoerdennummer, requestType.getClientInfo().getOrganisation()
+ .getBehoerdenNr());
+ }
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAustrianResidenceGuiResponseTaskRegisterTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAustrianResidenceGuiResponseTaskRegisterTest.java
new file mode 100644
index 00000000..8d52baf3
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAustrianResidenceGuiResponseTaskRegisterTest.java
@@ -0,0 +1,339 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertThrows;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.when;
+
+import java.math.BigInteger;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBElement;
+import javax.xml.bind.JAXBException;
+import javax.xml.bind.Unmarshaller;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.jetbrains.annotations.NotNull;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.i18n.LocaleContextHolder;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import com.github.skjolber.mockito.soap.SoapServiceRule;
+import com.google.common.collect.Lists;
+
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.controller.AdresssucheController;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.controller.AdresssucheController.AdresssucheOutput;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService.RegisterOperationStatus;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService.RegisterStatusResults;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveAustrianResidenceGuiResponseTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.clients.ZmrClientTest;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.MatchingTaskUtils;
+import at.gv.bmi.namespace.zmr_su.base._20040201.ResponseType;
+import at.gv.bmi.namespace.zmr_su.base._20040201_.ServicePort;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import lombok.SneakyThrows;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml"
+})
+public class ReceiveAustrianResidenceGuiResponseTaskRegisterTest {
+
+ @Autowired
+ protected MsConnectorDummyConfigMap authConfig;
+
+ @Autowired
+ private RegisterSearchService registerSearchService;
+
+ @Rule
+ public SoapServiceRule soap = SoapServiceRule.newInstance();
+ private ServicePort zmrMock = null;
+ private static JAXBContext jaxbContext;
+
+ private ReceiveAustrianResidenceGuiResponseTask task;
+ private ExecutionContext executionContext;
+ private MockHttpServletRequest httpReq;
+ private MockHttpServletResponse httpResp;
+ private TestRequestImpl pendingReq;
+
+
+ /**
+ * Initialize jUnit class.
+ */
+ @BeforeClass
+ @SneakyThrows
+ public static void classInitializer() {
+ jaxbContext = JAXBContext.newInstance(
+ at.gv.bmi.namespace.zmr_su.zmr._20040201.ObjectFactory.class,
+ at.gv.bmi.namespace.zmr_su.gis._20070725.ObjectFactory.class,
+ at.gv.bmi.namespace.zmr_su.base._20040201.ObjectFactory.class);
+
+ }
+
+ /**
+ * jUnit test set-up.
+ *
+ * @throws Exception In case of an set-up error
+ */
+ @Before
+ public void setUp() throws Exception {
+ if (zmrMock == null) {
+ zmrMock = soap.mock(ServicePort.class, "http://localhost:1234/demozmr");
+
+ }
+
+ executionContext = new ExecutionContextImpl();
+ task = new ReceiveAustrianResidenceGuiResponseTask(registerSearchService);
+
+ httpReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector");
+ httpResp = new MockHttpServletResponse();
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+ pendingReq = new TestRequestImpl();
+ pendingReq.setAuthUrl("https://localhost/ms_connector");
+ pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10));
+
+ LocaleContextHolder.resetLocaleContext();
+ }
+
+ @Test
+ public void canceledByUser() throws Exception {
+ RegisterStatusResults registerSearchResult = buildEmptyResult();
+ MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerSearchResult);
+ httpReq.setParameter(ReceiveAustrianResidenceGuiResponseTask.HTTP_PARAM_NO_RESIDENCE, "true");
+
+ task.execute(pendingReq, executionContext);
+
+ assertEquals("Transition To RequestInserErnp", true,
+ executionContext.get(Constants.TRANSITION_TO_REQUESTING_NEW_ERNP_ENTRY_TASK));
+ assertEquals("Transition To AddressSearchForm", false,
+ executionContext.get(Constants.TRANSITION_TO_GENERATE_GUI_QUERY_AUSTRIAN_RESIDENCE_TASK));
+ assertNull("matching failed flag", executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED));
+ assertNull("no final matching result", MatchingTaskUtils.getFinalMatchingResult(pendingReq));
+
+ }
+
+ @Test
+ public void noRegisterResult() throws Exception {
+ setupUserInput();
+ setupEidasData();
+ RegisterStatusResults registerSearchResult = buildEmptyResult();
+ MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerSearchResult);
+
+ // inject ZMR response
+ when(zmrMock.service(any(), any()))
+ .thenReturn(loadResponseFromFile("/data/zmr/empty_zmr_result.xml"));
+
+ // execute task
+ task.execute(pendingReq, executionContext);
+
+ // validate state
+ assertEquals("Transition To RequestInserErnp", false, executionContext.get(Constants.TRANSITION_TO_REQUESTING_NEW_ERNP_ENTRY_TASK));
+ assertEquals("Transition To AddressSearchForm", true,
+ executionContext.get(Constants.TRANSITION_TO_GENERATE_GUI_QUERY_AUSTRIAN_RESIDENCE_TASK));
+ assertEquals("matching failed flag", true, executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED));
+ assertEquals("failed reason", "module.eidasauth.matching.22", executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED_REASON));
+ assertNull("no final matching result", MatchingTaskUtils.getFinalMatchingResult(pendingReq));
+
+ }
+
+ @Test
+ public void exactlyOneRegisterResult_Update() throws Exception {
+ setupUserInput();
+ SimpleEidasData eidasData = setupEidasData();
+ RegisterStatusResults registerSearchResult = buildResultWithOneMatch(buildMatchingRegisterResult(eidasData));
+ MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerSearchResult);
+
+ // inject ZMR response
+ when(zmrMock.service(any(), any()))
+ .thenReturn(loadResponseFromFile("/data/zmr/search_with_personalId_only_resp.xml"))
+ .thenReturn(loadResponseFromFile("/data/zmr/seq_3-4_kitt_get_latest_version_resp.xml"))
+ .thenReturn(loadResponseFromFile("/data/zmr/seq_3-6_kitt_update_resp.xml"));
+
+ task.execute(pendingReq, executionContext);
+
+ // validate state
+ assertNull("Transition To S9", executionContext.get(Constants.TRANSITION_TO_CREATE_NEW_ERNP_ENTRY_TASK));
+ MatchedPersonResult matchingResult = MatchingTaskUtils.getFinalMatchingResult(pendingReq);
+ assertNotNull("no final matching result", matchingResult);
+
+ }
+
+ @Test
+ public void exactlyOneRegisterResult_UpdateFailedByZmrError() throws Exception {
+ setupUserInput();
+ SimpleEidasData eidasData = setupEidasData();
+ RegisterStatusResults registerSearchResult = buildResultWithOneMatch(buildMatchingRegisterResult(eidasData));
+ MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerSearchResult);
+
+ // inject ZMR response
+ when(zmrMock.service(any(), any()))
+ .thenReturn(loadResponseFromFile("/data/zmr/search_with_personalId_only_resp.xml"))
+ .thenReturn(loadResponseFromFile("/data/zmr/seq_3-4_kitt_get_latest_version_resp.xml"))
+ .thenThrow(new RuntimeException("ZMR update should fail for that test"));
+
+ TaskExecutionException error = assertThrows("wrong exception", TaskExecutionException.class,
+ () -> task.execute(pendingReq, executionContext));
+
+ assertEquals("wrong errorId", "module.eidasauth.matching.04", ((EaafException) error.getOriginalException()).getErrorId());
+
+ }
+
+ @Test
+ public void zmrError() throws Exception {
+ setupUserInput();
+ setupEidasData();
+ RegisterStatusResults registerSearchResult = buildResultWithTwoMatches();
+ MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerSearchResult);
+
+ TaskExecutionException error = assertThrows("wrong exception", TaskExecutionException.class,
+ () -> task.execute(pendingReq, executionContext));
+
+ assertEquals("wrong errorId", "module.eidasauth.matching.03", ((EaafException) error.getOriginalException()).getErrorId());
+
+ }
+
+ @SneakyThrows
+ private void validateMatchedPerson(MatchedPersonResult current,
+ RegisterStatusResults registerUpdateResult) {
+ RegisterResult expected = registerUpdateResult.getResult();
+ assertEquals("familyName", expected.getFamilyName(), current.getFamilyName());
+ assertEquals("givenName", expected.getGivenName(), current.getGivenName());
+ assertEquals("birthday", expected.getDateOfBirth(), current.getDateOfBirth());
+ assertEquals("bpk", expected.getBpk(), current.getBpk());
+
+ }
+
+ @NotNull
+ private RegisterStatusResults buildEmptyResult() {
+ return new RegisterStatusResults(new RegisterOperationStatus(generateRandomProcessId()),
+ Collections.emptyList(), Collections.emptyList());
+
+ }
+
+ private BigInteger generateRandomProcessId() {
+ return new BigInteger(RandomStringUtils.randomNumeric(10));
+
+ }
+
+ @NotNull
+ private RegisterStatusResults buildResultWithOneMatch(RegisterResult registerResult) {
+ return new RegisterStatusResults(new RegisterOperationStatus(generateRandomProcessId()),
+ Collections.singletonList(registerResult), Collections.emptyList());
+
+ }
+
+ @NotNull
+ private RegisterStatusResults buildResultWithTwoMatches() {
+ List<RegisterResult> results = Lists.newArrayList(buildRandomRegisterResult(), buildRandomRegisterResult());
+ return new RegisterStatusResults(new RegisterOperationStatus(generateRandomProcessId()),
+ results, Collections.emptyList());
+
+ }
+
+ @NotNull
+ private RegisterResult buildRandomRegisterResult() {
+ return RegisterResult.builder()
+ .pseudonym(Arrays.asList(RandomStringUtils.randomAlphabetic(8)))
+ .givenName(RandomStringUtils.randomAlphabetic(8))
+ .familyName(RandomStringUtils.randomAlphabetic(8))
+ .dateOfBirth(RandomStringUtils.randomAlphabetic(8))
+ .bpk(RandomStringUtils.randomAlphabetic(8))
+ .build();
+
+ }
+
+ private RegisterResult buildMatchingRegisterResult(SimpleEidasData eidData) {
+ return RegisterResult.builder()
+ .pseudonym(Arrays.asList(eidData.getPseudonym()))
+ .givenName(eidData.getGivenName())
+ .familyName(eidData.getFamilyName())
+ .dateOfBirth(eidData.getDateOfBirth())
+ .bpk(RandomStringUtils.randomAlphabetic(8))
+ .build();
+
+ }
+
+ private RegisterResult buildNotMatchingRegisterResult(SimpleEidasData eidData) {
+ return RegisterResult.builder()
+ .pseudonym(Arrays.asList(eidData.getPseudonym() + RandomStringUtils.randomAlphabetic(8)))
+ .givenName(eidData.getGivenName())
+ .familyName(eidData.getFamilyName())
+ .dateOfBirth(eidData.getDateOfBirth())
+ .bpk(RandomStringUtils.randomAlphabetic(8))
+ .build();
+
+ }
+
+ private void setHttpParameters(AdresssucheOutput input) {
+ httpReq.setParameter(AdresssucheController.PARAM_STREET, input.getStreet());
+ httpReq.setParameter(AdresssucheController.PARAM_MUNIPICALITY, input.getMunicipality());
+ httpReq.setParameter(AdresssucheController.PARAM_NUMBER, input.getNumber());
+ httpReq.setParameter(AdresssucheController.PARAM_VILLAGE, input.getVillage());
+ httpReq.setParameter(AdresssucheController.PARAM_POSTLEITZAHL, input.getPostleitzahl());
+
+ }
+
+ @NotNull
+ private SimpleEidasData setupEidasData() throws EaafStorageException {
+ SimpleEidasData result = SimpleEidasData.builder()
+ .pseudonym(RandomStringUtils.randomAlphabetic(8))
+ .familyName(RandomStringUtils.randomAlphabetic(8))
+ .givenName(RandomStringUtils.randomAlphabetic(8))
+ .dateOfBirth("1970-01-01")
+ .build();
+ AuthProcessDataWrapper authProcessDataWrapper = pendingReq.getSessionData(AuthProcessDataWrapper.class);
+ authProcessDataWrapper.setGenericDataToSession(Constants.DATA_SIMPLE_EIDAS, result);
+ return result;
+ }
+
+ @NotNull
+ private AdresssucheOutput setupUserInput() {
+ AdresssucheOutput result = new AdresssucheOutput(
+ RandomStringUtils.randomAlphabetic(8),
+ RandomStringUtils.randomAlphabetic(8),
+ RandomStringUtils.randomAlphabetic(8),
+ RandomStringUtils.randomAlphabetic(8),
+ RandomStringUtils.randomAlphabetic(8));
+ setHttpParameters(result);
+ return result;
+ }
+
+ private ResponseType loadResponseFromFile(String filepath) throws JAXBException {
+ final Unmarshaller unmarshaller = jaxbContext.createUnmarshaller();
+ JAXBElement<?> resp = (JAXBElement<?>) unmarshaller.unmarshal(ZmrClientTest.class.getResourceAsStream(
+ filepath));
+ return (ResponseType) resp.getValue();
+
+ }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAustrianResidenceGuiResponseTaskTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAustrianResidenceGuiResponseTaskTest.java
new file mode 100644
index 00000000..d7c0acc4
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAustrianResidenceGuiResponseTaskTest.java
@@ -0,0 +1,320 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.mockito.ArgumentMatchers.eq;
+
+import java.math.BigInteger;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.jetbrains.annotations.NotNull;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.Mockito;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.mock.mockito.MockBean;
+import org.springframework.context.i18n.LocaleContextHolder;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import com.google.common.collect.Lists;
+
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.controller.AdresssucheController;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.controller.AdresssucheController.AdresssucheOutput;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService.RegisterOperationStatus;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService.RegisterStatusResults;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveAustrianResidenceGuiResponseTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.MatchingTaskUtils;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import lombok.SneakyThrows;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml"
+})
+public class ReceiveAustrianResidenceGuiResponseTaskTest {
+
+ @Autowired
+ protected MsConnectorDummyConfigMap authConfig;
+
+ @MockBean
+ private RegisterSearchService registerSearchService;
+
+ private ReceiveAustrianResidenceGuiResponseTask task;
+
+ private ExecutionContext executionContext;
+ private MockHttpServletRequest httpReq;
+ private MockHttpServletResponse httpResp;
+ private TestRequestImpl pendingReq;
+
+ /**
+ * jUnit test set-up.
+ *
+ * @throws Exception In case of an set-up error
+ */
+ @Before
+ public void setUp() throws Exception {
+ executionContext = new ExecutionContextImpl();
+ task = new ReceiveAustrianResidenceGuiResponseTask(registerSearchService);
+
+ httpReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector");
+ httpResp = new MockHttpServletResponse();
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+ pendingReq = new TestRequestImpl();
+ pendingReq.setAuthUrl("https://localhost/ms_connector");
+ pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10));
+
+ LocaleContextHolder.resetLocaleContext();
+ }
+
+ @Test
+ public void canceledByUser() throws Exception {
+ AdresssucheOutput userInput = setupUserInput();
+ SimpleEidasData eidasData = setupEidasData();
+ RegisterStatusResults registerSearchResult = buildEmptyResult();
+ mockRegisterSearch(userInput, registerSearchResult, eidasData);
+ MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerSearchResult);
+ httpReq.setParameter(ReceiveAustrianResidenceGuiResponseTask.HTTP_PARAM_NO_RESIDENCE, "true");
+
+ task.execute(pendingReq, executionContext);
+
+ assertEquals("Transition To RequestInserErnp", true,
+ executionContext.get(Constants.TRANSITION_TO_REQUESTING_NEW_ERNP_ENTRY_TASK));
+ assertEquals("Transition To AddressSearchForm", false,
+ executionContext.get(Constants.TRANSITION_TO_GENERATE_GUI_QUERY_AUSTRIAN_RESIDENCE_TASK));
+ assertNull("matching failed flag", executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED));
+ assertNull("no final matching result", MatchingTaskUtils.getFinalMatchingResult(pendingReq));
+
+ }
+
+ @Test
+ public void noInputData() throws Exception {
+ RegisterStatusResults registerSearchResult = buildEmptyResult();
+ MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerSearchResult);
+
+ task.execute(pendingReq, executionContext);
+
+ assertEquals("Transition To RequestInserErnp", false, executionContext.get(Constants.TRANSITION_TO_REQUESTING_NEW_ERNP_ENTRY_TASK));
+ assertEquals("Transition To AddressSearchForm", true,
+ executionContext.get(Constants.TRANSITION_TO_GENERATE_GUI_QUERY_AUSTRIAN_RESIDENCE_TASK));
+ assertEquals("matching failed flag", true, executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED));
+ assertEquals("failed reason", "module.eidasauth.matching.21", executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED_REASON));
+ assertNull("no final matching result", MatchingTaskUtils.getFinalMatchingResult(pendingReq));
+
+ }
+
+ @Test
+ public void noRegisterResult() throws Exception {
+ AdresssucheOutput userInput = setupUserInput();
+ SimpleEidasData eidasData = setupEidasData();
+ RegisterStatusResults registerSearchResult = buildEmptyResult();
+ mockRegisterSearch(userInput, registerSearchResult, eidasData);
+ MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerSearchResult);
+
+ task.execute(pendingReq, executionContext);
+
+ assertEquals("Transition To RequestInserErnp", false, executionContext.get(Constants.TRANSITION_TO_REQUESTING_NEW_ERNP_ENTRY_TASK));
+ assertEquals("Transition To AddressSearchForm", true,
+ executionContext.get(Constants.TRANSITION_TO_GENERATE_GUI_QUERY_AUSTRIAN_RESIDENCE_TASK));
+ assertEquals("matching failed flag", true, executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED));
+ assertEquals("failed reason", "module.eidasauth.matching.22", executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED_REASON));
+ assertNull("no final matching result", MatchingTaskUtils.getFinalMatchingResult(pendingReq));
+
+ }
+
+ @Test
+ public void exactlyOneRegisterResult_NoUpdate() throws Exception {
+ AdresssucheOutput userInput = setupUserInput();
+ SimpleEidasData eidasData = setupEidasData();
+ RegisterStatusResults registerSearchResult = buildResultWithOneMatch(buildMatchingRegisterResult(eidasData));
+ MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerSearchResult);
+ mockRegisterSearch(userInput, registerSearchResult, eidasData);
+
+ task.execute(pendingReq, executionContext);
+
+ // validate state
+ assertNull("Transition To S9", executionContext.get(Constants.TRANSITION_TO_CREATE_NEW_ERNP_ENTRY_TASK));
+ MatchedPersonResult matchingResult = MatchingTaskUtils.getFinalMatchingResult(pendingReq);
+ assertNotNull("no final matching result", matchingResult);
+ validateMatchedPerson(matchingResult, registerSearchResult);
+
+ }
+
+ @Test
+ public void exactlyOneRegisterResult_UpdateRequired() throws Exception {
+ AdresssucheOutput userInput = setupUserInput();
+ SimpleEidasData eidasData = setupEidasData();
+ RegisterStatusResults registerSearchResult = buildResultWithOneMatch(buildNotMatchingRegisterResult(eidasData));
+ RegisterStatusResults registerUpdateResult = buildResultWithOneMatch(buildRandomRegisterResult());
+ MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerSearchResult);
+ mockRegisterSearch(userInput, registerSearchResult, eidasData);
+ Mockito.when(registerSearchService.step7aKittProcess(eq(registerSearchResult), eq(eidasData)))
+ .thenReturn(registerUpdateResult);
+
+ // perform test
+ task.execute(pendingReq, executionContext);
+
+ // validate state
+ assertNull("Transition To S9", executionContext.get(Constants.TRANSITION_TO_CREATE_NEW_ERNP_ENTRY_TASK));
+
+ MatchedPersonResult matchingResult = MatchingTaskUtils.getFinalMatchingResult(pendingReq);
+ assertNotNull("no final matching result", matchingResult);
+ validateMatchedPerson(matchingResult, registerUpdateResult);
+
+ }
+
+ @Test
+ public void moreThanOneRegisterResult() throws Exception {
+ AdresssucheOutput userInput = setupUserInput();
+ SimpleEidasData eidasData = setupEidasData();
+ RegisterStatusResults registerSearchResult = buildResultWithTwoMatches();
+ MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerSearchResult);
+ mockRegisterSearch(userInput, registerSearchResult, eidasData);
+
+ task.execute(pendingReq, executionContext);
+
+ assertEquals("Transition To RequestInserErnp", false, executionContext.get(Constants.TRANSITION_TO_REQUESTING_NEW_ERNP_ENTRY_TASK));
+ assertEquals("Transition To AddressSearchForm", true,
+ executionContext.get(Constants.TRANSITION_TO_GENERATE_GUI_QUERY_AUSTRIAN_RESIDENCE_TASK));
+ assertEquals("matching failed flag", true, executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED));
+ assertEquals("failed reason", "module.eidasauth.matching.22", executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED_REASON));
+ assertNull("no final matching result", MatchingTaskUtils.getFinalMatchingResult(pendingReq));
+
+ }
+
+ @SneakyThrows
+ private void validateMatchedPerson(MatchedPersonResult current,
+ RegisterStatusResults registerUpdateResult) {
+ RegisterResult expected = registerUpdateResult.getResult();
+ assertEquals("familyName", expected.getFamilyName(), current.getFamilyName());
+ assertEquals("givenName", expected.getGivenName(), current.getGivenName());
+ assertEquals("birthday", expected.getDateOfBirth(), current.getDateOfBirth());
+ assertEquals("bpk", expected.getBpk(), current.getBpk());
+
+ }
+
+ @SneakyThrows
+ private void mockRegisterSearch(AdresssucheOutput userInput, RegisterStatusResults registerSearchResult, SimpleEidasData eidasData ) {
+ Mockito.when(registerSearchService.searchWithResidence(eq(registerSearchResult.getOperationStatus()), eq(eidasData),
+ eq(userInput))).thenReturn(registerSearchResult);
+ }
+
+ @NotNull
+ private RegisterStatusResults buildEmptyResult() {
+ return new RegisterStatusResults(new RegisterOperationStatus(generateRandomProcessId()),
+ Collections.emptyList(), Collections.emptyList());
+
+ }
+
+ private BigInteger generateRandomProcessId() {
+ return new BigInteger(RandomStringUtils.randomNumeric(10));
+
+ }
+
+ @NotNull
+ private RegisterStatusResults buildResultWithOneMatch(RegisterResult registerResult) {
+ return new RegisterStatusResults(new RegisterOperationStatus(generateRandomProcessId()),
+ Collections.singletonList(registerResult), Collections.emptyList());
+
+ }
+
+ @NotNull
+ private RegisterStatusResults buildResultWithTwoMatches() {
+ List<RegisterResult> results = Lists.newArrayList(buildRandomRegisterResult(), buildRandomRegisterResult());
+ return new RegisterStatusResults(new RegisterOperationStatus(generateRandomProcessId()),
+ results, Collections.emptyList());
+
+ }
+
+ @NotNull
+ private RegisterResult buildRandomRegisterResult() {
+ return RegisterResult.builder()
+ .pseudonym(Arrays.asList(RandomStringUtils.randomAlphabetic(8)))
+ .givenName(RandomStringUtils.randomAlphabetic(8))
+ .familyName(RandomStringUtils.randomAlphabetic(8))
+ .dateOfBirth(RandomStringUtils.randomAlphabetic(8))
+ .bpk(RandomStringUtils.randomAlphabetic(8))
+ .build();
+
+ }
+
+ private RegisterResult buildMatchingRegisterResult(SimpleEidasData eidData) {
+ return RegisterResult.builder()
+ .pseudonym(Arrays.asList(eidData.getPseudonym()))
+ .givenName(eidData.getGivenName())
+ .familyName(eidData.getFamilyName())
+ .dateOfBirth(eidData.getDateOfBirth())
+ .bpk(RandomStringUtils.randomAlphabetic(8))
+ .build();
+
+ }
+
+ private RegisterResult buildNotMatchingRegisterResult(SimpleEidasData eidData) {
+ return RegisterResult.builder()
+ .pseudonym(Arrays.asList(eidData.getPseudonym() + RandomStringUtils.randomAlphabetic(8)))
+ .givenName(eidData.getGivenName())
+ .familyName(eidData.getFamilyName())
+ .dateOfBirth(eidData.getDateOfBirth())
+ .bpk(RandomStringUtils.randomAlphabetic(8))
+ .build();
+
+ }
+
+ private void setHttpParameters(AdresssucheOutput input) {
+ httpReq.setParameter(AdresssucheController.PARAM_STREET, input.getStreet());
+ httpReq.setParameter(AdresssucheController.PARAM_MUNIPICALITY, input.getMunicipality());
+ httpReq.setParameter(AdresssucheController.PARAM_NUMBER, input.getNumber());
+ httpReq.setParameter(AdresssucheController.PARAM_VILLAGE, input.getVillage());
+ httpReq.setParameter(AdresssucheController.PARAM_POSTLEITZAHL, input.getPostleitzahl());
+
+ }
+
+ @NotNull
+ private SimpleEidasData setupEidasData() throws EaafStorageException {
+ SimpleEidasData result = SimpleEidasData.builder()
+ .pseudonym(RandomStringUtils.randomAlphabetic(8))
+ .familyName(RandomStringUtils.randomAlphabetic(8))
+ .givenName(RandomStringUtils.randomAlphabetic(8))
+ .dateOfBirth("1970-01-01")
+ .build();
+ AuthProcessDataWrapper authProcessDataWrapper = pendingReq.getSessionData(AuthProcessDataWrapper.class);
+ authProcessDataWrapper.setGenericDataToSession(Constants.DATA_SIMPLE_EIDAS, result);
+ return result;
+ }
+
+ @NotNull
+ private AdresssucheOutput setupUserInput() {
+ AdresssucheOutput result = new AdresssucheOutput(
+ RandomStringUtils.randomAlphabetic(8),
+ RandomStringUtils.randomAlphabetic(8),
+ RandomStringUtils.randomAlphabetic(8),
+ RandomStringUtils.randomAlphabetic(8),
+ RandomStringUtils.randomAlphabetic(8));
+ setHttpParameters(result);
+ return result;
+ }
+
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAuthnResponseTaskTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAuthnResponseTaskTest.java
new file mode 100644
index 00000000..842c8bf7
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAuthnResponseTaskTest.java
@@ -0,0 +1,254 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
+
+import static at.asitplus.eidas.specific.core.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE;
+
+import java.net.URISyntaxException;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.annotation.Nonnull;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import at.asitplus.eidas.specific.core.MsEidasNodeConstants;
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummySpConfiguration;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveAuthnResponseTask;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.IRequestStorage;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.EidAuthProcessDataWrapper;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import at.gv.egiz.eaaf.core.impl.utils.Random;
+import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
+import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse;
+import lombok.val;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml"})
+public class ReceiveAuthnResponseTaskTest {
+
+ @Autowired(required = true)
+ private ReceiveAuthnResponseTask task;
+
+ @Autowired(required = true)
+ private MsConnectorDummyConfigMap basicConfig;
+ @Autowired
+ protected EidasAttributeRegistry attrRegistry;
+
+ @Autowired private IRequestStorage storage;
+
+ final ExecutionContext executionContext = new ExecutionContextImpl();
+ private MockHttpServletRequest httpReq;
+ private MockHttpServletResponse httpResp;
+ private TestRequestImpl pendingReq;
+ private MsConnectorDummySpConfiguration oaParam;
+
+ /**
+ * jUnit test set-up.
+ */
+ @Before
+ public void setUp() throws EaafStorageException, URISyntaxException {
+
+ httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+ httpResp = new MockHttpServletResponse();
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.eid.testidentity.default", "false");
+
+ final Map<String, String> spConfig = new HashMap<>();
+ spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
+ spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
+ spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "true");
+ oaParam = new MsConnectorDummySpConfiguration(spConfig, basicConfig);
+ oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH));
+ pendingReq = new TestRequestImpl();
+
+ pendingReq.setSpConfig(oaParam);
+ pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
+ pendingReq.setAuthUrl("http://test.com/");
+ pendingReq.setTransactionId("avaasbav");
+ pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10));
+
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU");
+ executionContext.put(EaafConstants.PROCESS_ENGINE_REQUIRES_NO_POSTAUTH_REDIRECT, true);
+
+ }
+
+ @Test
+ public void missingEidasResponse() {
+ try {
+ task.execute(pendingReq, executionContext);
+ Assert.fail("No eIDAS response not detected");
+
+ } catch (TaskExecutionException e) {
+ Assert.assertEquals("ErrorId", "eidas.01",
+ ((EaafException) e.getOriginalException()).getErrorId());
+
+ }
+ }
+
+ @Test
+ public void notSuccessEidasResponse() throws URISyntaxException {
+ String statusCode = RandomStringUtils.randomAlphabetic(10);
+ httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE,
+ buildDummyAuthResponse(statusCode));
+
+
+ try {
+ task.execute(pendingReq, executionContext);
+ Assert.fail("No eIDAS response not detected");
+
+ } catch (TaskExecutionException e) {
+ Assert.assertEquals("ErrorId", "eidas.02",
+ ((EaafException) e.getOriginalException()).getErrorId());
+ Assert.assertEquals("wrong parameter size", 2, ((EaafException) e.getOriginalException())
+ .getParams().length);
+ Assert.assertEquals("wrong errorMsg", statusCode, ((EaafException) e
+ .getOriginalException()).getParams()[0]);
+
+ }
+ }
+
+ @Test
+ public void successAndForward() throws URISyntaxException, TaskExecutionException,
+ PendingReqIdValidationException, EaafStorageException {
+
+ AuthenticationResponse eidasResponse = buildDummyAuthResponse(Constants.SUCCESS_URI);
+ httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse);
+
+ String alternativReturnEndpoint = "http://ms-connector.alternative/" + RandomStringUtils.randomAlphabetic(10);
+ pendingReq.setRawDataToTransaction(
+ MsEidasNodeConstants.EXECCONTEXT_PARAM_MSCONNECTOR_STAGING, alternativReturnEndpoint);
+
+ //execute test
+ task.execute(pendingReq, executionContext);
+
+ //validate state
+ Assert.assertEquals("msConnectorStage", true,
+ (Boolean) executionContext.get(MsEidasNodeConstants.EXECCONTEXT_PARAM_MSCONNECTOR_STAGING));
+
+ IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId());
+ Assert.assertNotNull("pendingReq not stored", storedReq);
+ Assert.assertNull("staging info is not null", storedReq.getRawData(
+ MsEidasNodeConstants.EXECCONTEXT_PARAM_MSCONNECTOR_STAGING, String.class));
+
+ //validate state
+ Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
+ Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location"));
+ Assert.assertTrue("Wrong redirect endpoint",
+ ((String) httpResp.getHeaderValue("Location")).startsWith(alternativReturnEndpoint));
+
+
+ }
+
+ public void success() throws URISyntaxException, TaskExecutionException, PendingReqIdValidationException {
+ @Nonnull
+ AuthenticationResponse eidasResponse = buildDummyAuthResponse(Constants.SUCCESS_URI);
+ httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse);
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU");
+
+ //execute test
+ task.execute(pendingReq, executionContext);
+
+ //validate state
+ IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId());
+ Assert.assertNotNull("pendingReq not stored", storedReq);
+ final EidAuthProcessDataWrapper authProcessData = storedReq.getSessionData(EidAuthProcessDataWrapper.class);
+ Assert.assertEquals("LoA", eidasResponse.getLevelOfAssurance(), authProcessData.getQaaLevel());
+ Assert.assertNotNull("eIDAS response",
+ authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE));
+ Assert.assertEquals("eIDAS response", eidasResponse,
+ authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE));
+
+ Assert.assertFalse("testIdentity flag", authProcessData.isTestIdentity());
+
+ Assert.assertEquals("msConnectorStage", false,
+ (Boolean) executionContext.get(MsEidasNodeConstants.EXECCONTEXT_PARAM_MSCONNECTOR_STAGING));
+ }
+
+ @Test
+ public void successWithTestIdentity() throws URISyntaxException, TaskExecutionException, PendingReqIdValidationException {
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.eid.testidentity.default", "true");
+
+ @Nonnull
+ AuthenticationResponse eidasResponse = buildDummyAuthResponse(Constants.SUCCESS_URI);
+ httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse);
+ executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU");
+
+ //execute test
+ task.execute(pendingReq, executionContext);
+
+ //validate state
+ IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId());
+ Assert.assertNotNull("pendingReq not stored", storedReq);
+
+ final EidAuthProcessDataWrapper authProcessData = storedReq.getSessionData(EidAuthProcessDataWrapper.class);
+ Assert.assertEquals("LoA", eidasResponse.getLevelOfAssurance(), authProcessData.getQaaLevel());
+ Assert.assertNotNull("eIDAS response",
+ authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE));
+ Assert.assertEquals("eIDAS response", eidasResponse,
+ authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE));
+ Assert.assertTrue("testIdentity flag", authProcessData.isTestIdentity());
+
+ }
+
+
+
+ @Nonnull
+ private AuthenticationResponse buildDummyAuthResponse(String statusCode) throws URISyntaxException {
+ final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first();
+ final AttributeDefinition attributeDef2 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ Constants.eIDAS_ATTR_CURRENTFAMILYNAME).first();
+ final AttributeDefinition attributeDef3 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ Constants.eIDAS_ATTR_CURRENTGIVENNAME).first();
+ final AttributeDefinition attributeDef4 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ Constants.eIDAS_ATTR_DATEOFBIRTH).first();
+
+ final ImmutableAttributeMap attributeMap = ImmutableAttributeMap.builder()
+ .put(attributeDef, "LU/AT/" + RandomStringUtils.randomNumeric(64))
+ .put(attributeDef2, RandomStringUtils.randomAlphabetic(10))
+ .put(attributeDef3, RandomStringUtils.randomAlphabetic(10)).put(attributeDef4, "2001-01-01").build();
+
+ val b = new AuthenticationResponse.Builder();
+ return b.id("_".concat(Random.nextHexRandom16()))
+ .issuer(RandomStringUtils.randomAlphabetic(10))
+ .subject(RandomStringUtils.randomAlphabetic(10))
+ .statusCode(statusCode)
+ .inResponseTo("_".concat(Random.nextHexRandom16()))
+ .subjectNameIdFormat("afaf")
+ .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+ .attributes(attributeMap)
+ .build();
+ }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java
index 3fa66aa8..4148b138 100644
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java
@@ -14,7 +14,6 @@ import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
-import org.powermock.core.classloader.annotations.PrepareForTest;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
@@ -29,8 +28,7 @@ import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigM
import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummySpConfiguration;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveAuthnResponseTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveAuthnResponseAlternativeTask;
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.IRequestStorage;
import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
@@ -50,7 +48,6 @@ import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse;
import lombok.val;
@RunWith(SpringJUnit4ClassRunner.class)
-@PrepareForTest(CreateIdentityLinkTask.class)
@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)
@ContextConfiguration(locations = {
"/SpringTest-context_tasks_test.xml",
@@ -58,21 +55,21 @@ import lombok.val;
public class ReceiveEidasResponseTaskTest {
@Autowired(required = true)
- private ReceiveAuthnResponseTask task;
+ private ReceiveAuthnResponseAlternativeTask task;
@Autowired(required = true)
private MsConnectorDummyConfigMap basicConfig;
@Autowired
protected EidasAttributeRegistry attrRegistry;
-
+
@Autowired private IRequestStorage storage;
-
+
final ExecutionContext executionContext = new ExecutionContextImpl();
private MockHttpServletRequest httpReq;
private MockHttpServletResponse httpResp;
private TestRequestImpl pendingReq;
private MsConnectorDummySpConfiguration oaParam;
-
+
/**
* jUnit test set-up.
*/
@@ -84,7 +81,6 @@ public class ReceiveEidasResponseTaskTest {
RequestContextHolder.resetRequestAttributes();
RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
- basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
basicConfig.putConfigValue("eidas.ms.auth.eIDAS.eid.testidentity.default", "false");
final Map<String, String> spConfig = new HashMap<>();
@@ -100,54 +96,53 @@ public class ReceiveEidasResponseTaskTest {
pendingReq.setAuthUrl("http://test.com/");
pendingReq.setTransactionId("avaasbav");
pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10));
-
+
executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU");
executionContext.put(EaafConstants.PROCESS_ENGINE_REQUIRES_NO_POSTAUTH_REDIRECT, true);
}
-
+
@Test
- public void missingEidasResponse() {
+ public void missingEidasResponse() {
try {
task.execute(pendingReq, executionContext);
Assert.fail("No eIDAS response not detected");
-
+
} catch (TaskExecutionException e) {
- Assert.assertEquals("ErrorId", "eidas.01",
+ Assert.assertEquals("ErrorId", "eidas.01",
((EaafException) e.getOriginalException()).getErrorId());
-
- }
+
+ }
}
-
+
@Test
- public void notSuccessEidasResponse() throws URISyntaxException {
+ public void notSuccessEidasResponse() throws URISyntaxException {
String statusCode = RandomStringUtils.randomAlphabetic(10);
- httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE,
+ httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE,
buildDummyAuthResponse(statusCode));
-
-
+
+
try {
task.execute(pendingReq, executionContext);
Assert.fail("No eIDAS response not detected");
-
+
} catch (TaskExecutionException e) {
- Assert.assertEquals("ErrorId", "eidas.02",
+ Assert.assertEquals("ErrorId", "eidas.02",
((EaafException) e.getOriginalException()).getErrorId());
Assert.assertEquals("wrong parameter size", 2, ((EaafException) e.getOriginalException())
.getParams().length);
Assert.assertEquals("wrong errorMsg", statusCode, ((EaafException) e
.getOriginalException()).getParams()[0]);
- }
+ }
}
-
+
@Test
public void successAndForward() throws URISyntaxException, TaskExecutionException,
PendingReqIdValidationException, EaafStorageException {
AuthenticationResponse eidasResponse = buildDummyAuthResponse(Constants.SUCCESS_URI);
httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse);
- executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU");
String alternativReturnEndpoint = "http://ms-connector.alternative/" + RandomStringUtils.randomAlphabetic(10);
pendingReq.setRawDataToTransaction(
@@ -174,25 +169,24 @@ public class ReceiveEidasResponseTaskTest {
}
- @Test
- public void success() throws URISyntaxException, TaskExecutionException, PendingReqIdValidationException {
+ public void success() throws URISyntaxException, TaskExecutionException, PendingReqIdValidationException {
@Nonnull
AuthenticationResponse eidasResponse = buildDummyAuthResponse(Constants.SUCCESS_URI);
httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse);
-
+
//execute test
task.execute(pendingReq, executionContext);
-
+
//validate state
IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId());
Assert.assertNotNull("pendingReq not stored", storedReq);
-
final EidAuthProcessDataWrapper authProcessData = storedReq.getSessionData(EidAuthProcessDataWrapper.class);
Assert.assertEquals("LoA", eidasResponse.getLevelOfAssurance(), authProcessData.getQaaLevel());
- Assert.assertNotNull("eIDAS response",
+ Assert.assertNotNull("eIDAS response",
authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE));
- Assert.assertEquals("eIDAS response", eidasResponse,
+ Assert.assertEquals("eIDAS response", eidasResponse,
authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE));
+
Assert.assertFalse("testIdentity flag", authProcessData.isTestIdentity());
Assert.assertEquals("msConnectorStage", false,
@@ -206,7 +200,6 @@ public class ReceiveEidasResponseTaskTest {
@Nonnull
AuthenticationResponse eidasResponse = buildDummyAuthResponse(Constants.SUCCESS_URI);
httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse);
- executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU");
//execute test
task.execute(pendingReq, executionContext);
@@ -218,9 +211,9 @@ public class ReceiveEidasResponseTaskTest {
final EidAuthProcessDataWrapper authProcessData = storedReq.getSessionData(EidAuthProcessDataWrapper.class);
Assert.assertEquals("LoA", eidasResponse.getLevelOfAssurance(), authProcessData.getQaaLevel());
Assert.assertNotNull("eIDAS response",
- authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE));
+ authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE));
Assert.assertEquals("eIDAS response", eidasResponse,
- authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE));
+ authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE));
Assert.assertTrue("testIdentity flag", authProcessData.isTestIdentity());
}
@@ -237,7 +230,7 @@ public class ReceiveEidasResponseTaskTest {
Constants.eIDAS_ATTR_CURRENTGIVENNAME).first();
final AttributeDefinition attributeDef4 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
Constants.eIDAS_ATTR_DATEOFBIRTH).first();
-
+
final ImmutableAttributeMap attributeMap = ImmutableAttributeMap.builder()
.put(attributeDef, "LU/AT/" + RandomStringUtils.randomNumeric(64))
.put(attributeDef2, RandomStringUtils.randomAlphabetic(10))
@@ -254,5 +247,5 @@ public class ReceiveEidasResponseTaskTest {
.attributes(attributeMap)
.build();
}
-
+
}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveMobilePhoneSignatureResponseTaskTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveMobilePhoneSignatureResponseTaskTest.java
new file mode 100644
index 00000000..034f06d1
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveMobilePhoneSignatureResponseTaskTest.java
@@ -0,0 +1,502 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertThrows;
+import static org.springframework.util.Assert.isInstanceOf;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.math.BigInteger;
+import java.nio.charset.StandardCharsets;
+import java.time.Instant;
+import java.util.Arrays;
+import java.util.Base64;
+import java.util.Collections;
+import java.util.List;
+import java.util.Objects;
+
+import javax.xml.transform.TransformerException;
+
+import org.apache.commons.io.IOUtils;
+import org.apache.commons.lang3.RandomStringUtils;
+import org.jetbrains.annotations.NotNull;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Ignore;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
+import org.opensaml.core.xml.io.MarshallingException;
+import org.opensaml.core.xml.util.XMLObjectSupport;
+import org.opensaml.saml.saml2.core.Issuer;
+import org.opensaml.saml.saml2.core.Response;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.mock.mockito.MockBean;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import com.google.common.collect.Lists;
+
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.ManualFixNecessaryException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustriaClientAuthConstants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.provider.IdAustriaClientAuthCredentialProvider;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.provider.IdAustriaClientAuthMetadataProvider;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService.RegisterOperationStatus;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService.RegisterStatusResults;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveMobilePhoneSignatureResponseTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummyOA;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummyPendingRequest;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.MatchingTaskUtils;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import at.gv.egiz.eaaf.core.impl.utils.DomUtils;
+import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException;
+import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.PvpMetadataResolverFactory;
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer;
+import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
+import at.gv.egiz.eaaf.modules.pvp2.sp.exception.AuthnResponseValidationException;
+import net.shibboleth.utilities.java.support.xml.ParserPool;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml"
+})
+public class ReceiveMobilePhoneSignatureResponseTaskTest {
+
+ private static final String METADATA_PATH = "classpath:/data/idp_metadata_classpath_entity.xml";
+ private static final String BPK_FROM_ID_AUSTRIA = "QVGm48cqcM4UcyhDTNGYmVdrIoY=";
+
+ @Autowired
+ protected MsConnectorDummyConfigMap authConfig;
+ @Autowired
+ private IdAustriaClientAuthMetadataProvider metadataProvider;
+ @Autowired
+ private IdAustriaClientAuthCredentialProvider credentialProvider;
+ @Autowired
+ private PvpMetadataResolverFactory metadataFactory;
+ @Autowired
+ private ReceiveMobilePhoneSignatureResponseTask task;
+ @MockBean
+ private RegisterSearchService registerSearchService;
+
+ private final ExecutionContext executionContext = new ExecutionContextImpl();
+ private MockHttpServletRequest httpReq;
+ private MockHttpServletResponse httpResp;
+ private DummyPendingRequest pendingReq;
+
+ /**
+ * JUnit class initializer.
+ *
+ * @throws Exception In case of an OpenSAML3 initialization error
+ */
+ @BeforeClass
+ public static void initialize() throws Exception {
+ EaafOpenSaml3xInitializer.eaafInitialize();
+ }
+
+ /**
+ * jUnit test set-up.
+ *
+ * @throws Exception In case of an set-up error
+ */
+ @Before
+ public void setUp() throws Exception {
+ httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+ httpReq.setScheme("https");
+ httpReq.setServerPort(443);
+ httpReq.setContextPath("/authhandler");
+ httpResp = new MockHttpServletResponse();
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+ authConfig.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_ID_AUSTRIA_ENTITYID, METADATA_PATH);
+
+ DummyOA oaParam = new DummyOA();
+ oaParam.setUniqueAppId("http://test.com/test");
+ oaParam.setTargetIdentifier(EaafConstants.URN_PREFIX_CDID + RandomStringUtils.randomAlphabetic(2));
+
+ pendingReq = new DummyPendingRequest();
+ pendingReq.initialize(httpReq, authConfig);
+ pendingReq.setPendingRequestId(RandomStringUtils.randomAlphanumeric(10));
+ pendingReq.setOnlineApplicationConfiguration(oaParam);
+
+ metadataProvider.fullyDestroy();
+ }
+
+ @Test
+ public void unsupportedHttpMethod() {
+ httpReq = new MockHttpServletRequest("PUT", "https://localhost/authhandler");
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+ TaskExecutionException e = assertThrows(TaskExecutionException.class,
+ () -> task.execute(pendingReq, executionContext));
+
+ assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
+ isInstanceOf(AuthnResponseValidationException.class, e.getOriginalException());
+ assertEquals("sp.pvp2.03", ((AuthnResponseValidationException) e.getOriginalException()).getErrorId());
+ }
+
+ @Test
+ public void httpGetNoMessage() {
+ httpReq = new MockHttpServletRequest("GET", "https://localhost/authhandler");
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+ TaskExecutionException e = assertThrows(TaskExecutionException.class,
+ () -> task.execute(pendingReq, executionContext));
+
+ assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
+ isInstanceOf(AuthnResponseValidationException.class, e.getOriginalException());
+ assertEquals("sp.pvp2.12", ((AuthnResponseValidationException) e.getOriginalException()).getErrorId());
+
+ }
+
+ @Test
+ public void httpPostNoMessage() {
+ httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+ TaskExecutionException e = assertThrows(TaskExecutionException.class,
+ () -> task.execute(pendingReq, executionContext));
+
+ assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
+ isInstanceOf(AuthnResponseValidationException.class, e.getOriginalException());
+ assertEquals("sp.pvp2.12", ((AuthnResponseValidationException) e.getOriginalException()).getErrorId());
+ }
+
+ @Test
+ public void httpPostMessageNotSigned() throws IOException {
+ byte[] bytes = IOUtils.toByteArray(ReceiveMobilePhoneSignatureResponseTask.class
+ .getResourceAsStream("/data/Response_without_sig_classpath_entityid.xml"));
+ httpReq.addParameter("SAMLResponse", Base64.getEncoder().encodeToString(bytes));
+
+ TaskExecutionException e = assertThrows(TaskExecutionException.class,
+ () -> task.execute(pendingReq, executionContext));
+
+ assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
+ isInstanceOf(AuthnResponseValidationException.class, e.getOriginalException());
+ assertEquals("sp.pvp2.12", ((AuthnResponseValidationException) e.getOriginalException()).getErrorId());
+
+ }
+
+ @Test
+ public void httpPostMessageWrongDestinationEndpoint() throws Exception {
+ initResponse("/data/Response_with_wrong_destination_endpoint.xml", true);
+
+ TaskExecutionException e = assertThrows(TaskExecutionException.class,
+ () -> task.execute(pendingReq, executionContext));
+
+ assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
+ isInstanceOf(AuthnResponseValidationException.class, e.getOriginalException());
+ assertEquals("sp.pvp2.12", ((AuthnResponseValidationException) e.getOriginalException()).getErrorId());
+
+ }
+
+ @Test
+ public void httpPostValidSignedNoMetadata() throws Exception {
+ initResponse("/data/Response_without_sig_classpath_entityid.xml", true);
+
+ TaskExecutionException e = assertThrows(TaskExecutionException.class,
+ () -> task.execute(pendingReq, executionContext));
+
+ assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
+ isInstanceOf(AuthnResponseValidationException.class, e.getOriginalException());
+ assertEquals("sp.pvp2.11", ((EaafException) e.getOriginalException()).getErrorId());
+ }
+
+ @Test
+ public void httpPostValidSignedAssertionOutDated() throws Exception {
+ setupMetadataResolver();
+ initResponse("/data/Response_without_sig_classpath_entityid.xml", false);
+
+ TaskExecutionException e = assertThrows(TaskExecutionException.class,
+ () -> task.execute(pendingReq, executionContext));
+
+ assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
+ isInstanceOf(AuthnResponseValidationException.class, e.getOriginalException());
+ assertEquals("sp.pvp2.12", ((EaafException) e.getOriginalException()).getErrorId());
+ }
+
+ @Test
+ public void httpPostValidSignedAssertionFromWrongIdp() throws Exception {
+ authConfig.putConfigValue(IdAustriaClientAuthConstants.CONFIG_PROPS_ID_AUSTRIA_ENTITYID,
+ "http://wrong.idp/" + RandomStringUtils.randomAlphabetic(5));
+ setupMetadataResolver();
+ initResponse("/data/Response_without_sig_classpath_entityid.xml", true);
+
+ TaskExecutionException e = assertThrows(TaskExecutionException.class,
+ () -> task.execute(pendingReq, executionContext));
+
+ assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
+ isInstanceOf(AuthnResponseValidationException.class, e.getOriginalException());
+ assertEquals("sp.pvp2.08", ((EaafException) e.getOriginalException()).getErrorId());
+ }
+
+ @Test
+ public void httpPostValidSignedAssertionMissingAttributes() throws Exception {
+ setupMetadataResolver();
+ initResponse("/data/Response_without_sig_classpath_entityid.xml", true);
+
+ TaskExecutionException e = assertThrows(TaskExecutionException.class,
+ () -> task.execute(pendingReq, executionContext));
+
+ assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
+ isInstanceOf(AuthnResponseValidationException.class, e.getOriginalException());
+ assertEquals("sp.pvp2.12", ((EaafException) e.getOriginalException()).getErrorId());
+ }
+
+ @Test
+ public void httpPostValidSignedWithError() throws Exception {
+ setupMetadataResolver();
+ initResponse("/data/Response_without_sig_with_error.xml", true);
+
+ TaskExecutionException e = assertThrows(TaskExecutionException.class,
+ () -> task.execute(pendingReq, executionContext));
+
+ assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
+ isInstanceOf(AuthnResponseValidationException.class, e.getOriginalException());
+ assertEquals("sp.pvp2.05", ((EaafException) e.getOriginalException()).getErrorId());
+ }
+
+ @Test
+ public void httpPostValidSignedWitUserStopErrorCode() throws Exception {
+ setupMetadataResolver();
+ initResponse("/data/Response_without_sig_with_error_userstop.xml", true);
+
+ task.execute(pendingReq, executionContext);
+
+ assertEquals("Transition To S16", true, executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK));
+ assertEquals("matching failed flag", true, executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED));
+ assertEquals("failed reason", "module.eidasauth.matching.23", executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED_REASON));
+ assertNull("no final matching result", MatchingTaskUtils.getFinalMatchingResult(pendingReq));
+
+ }
+
+ @Test
+ public void httpPostValidSignedWithErrorAndNoSubCode() throws Exception {
+ setupMetadataResolver();
+ initResponse("/data/Response_without_sig_with_error_without_subcode.xml", true);
+
+ TaskExecutionException e = assertThrows(TaskExecutionException.class,
+ () -> task.execute(pendingReq, executionContext));
+
+ assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
+ isInstanceOf(AuthnResponseValidationException.class, e.getOriginalException());
+ assertEquals("sp.pvp2.05", ((EaafException) e.getOriginalException()).getErrorId());
+ }
+
+ @Test
+ public void httpPostValidSignedWithErrorAndEmptySubCode() throws Exception {
+ setupMetadataResolver();
+ initResponse("/data/Response_without_sig_with_error_empty_subcode.xml", true);
+
+ TaskExecutionException e = assertThrows(TaskExecutionException.class,
+ () -> task.execute(pendingReq, executionContext));
+
+ assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
+ isInstanceOf(AuthnResponseValidationException.class, e.getOriginalException());
+ assertEquals("sp.pvp2.05", ((EaafException) e.getOriginalException()).getErrorId());
+ }
+
+ @Test
+ public void httpPostValidSignedAssertionEidValidButNameMismatch() throws Exception {
+ setupMetadataResolver();
+ initResponse("/data/Response_with_EID.xml", true);
+ AuthProcessDataWrapper authProcessData = pendingReq.getSessionData(AuthProcessDataWrapper.class);
+ SimpleEidasData eidData = createEidasDataMatchingToSamlResponse()
+ .familyName("notmatching")
+ .build();
+ authProcessData.setGenericDataToSession(Constants.DATA_SIMPLE_EIDAS, eidData);
+
+
+ task.execute(pendingReq, executionContext);
+
+ assertEquals("Next task", true, executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK));
+ assertEquals("matching failed flag", true, executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED));
+ assertEquals("failed reason", "module.eidasauth.matching.24", executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED_REASON));
+ assertNull("no final matching result", MatchingTaskUtils.getFinalMatchingResult(pendingReq));
+
+ }
+
+ //TODO: implement new test that this test makes no sense any more
+ @Ignore
+ @Test
+ public void httpPostValidSignedAssertionEidValid_NoRegisterResult() throws Exception {
+ setupMetadataResolver();
+ initResponse("/data/Response_with_EID.xml", true);
+ AuthProcessDataWrapper authProcessData = pendingReq.getSessionData(AuthProcessDataWrapper.class);
+ SimpleEidasData eidData = createEidasDataMatchingToSamlResponse().build();
+ authProcessData.setGenericDataToSession(Constants.DATA_SIMPLE_EIDAS, eidData);
+ RegisterStatusResults registerSearchResult = new RegisterStatusResults(new RegisterOperationStatus(generateRandomProcessId()),
+ Collections.emptyList(), Collections.emptyList());
+ MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerSearchResult);
+
+ task.execute(pendingReq, executionContext);
+
+ AuthProcessDataWrapper session = pendingReq.getSessionData(AuthProcessDataWrapper.class);
+ assertEquals("LoA", "http://eidas.europa.eu/LoA/low", session.getQaaLevel());
+ assertEquals("IssueInstant", "2014-03-05T06:39:51Z", session.getIssueInstantString());
+ assertEquals("Transition To S16", true, executionContext.get(Constants.TRANSITION_TO_GENERATE_GUI_QUERY_AUSTRIAN_RESIDENCE_TASK));
+ }
+
+ @Test
+ public void httpPostValidSignedAssertionEidValid_ExactlyOneRegisterResult() throws Exception {
+ setupMetadataResolver();
+ initResponse("/data/Response_with_EID.xml", true);
+ AuthProcessDataWrapper authProcessData = pendingReq.getSessionData(AuthProcessDataWrapper.class);
+ SimpleEidasData eidData = createEidasDataMatchingToSamlResponse().build();
+ authProcessData.setGenericDataToSession(Constants.DATA_SIMPLE_EIDAS, eidData);
+ RegisterStatusResults registerSearchResult = buildResultWithOneMatch();
+ MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerSearchResult);
+
+ task.execute(pendingReq, executionContext);
+
+ AuthProcessDataWrapper session = pendingReq.getSessionData(AuthProcessDataWrapper.class);
+ assertEquals("LoA", "http://eidas.europa.eu/LoA/low", session.getQaaLevel());
+ assertEquals("IssueInstant", "2014-03-05T06:39:51Z", session.getIssueInstantString());
+ assertNull("Transition To S16", executionContext.get(Constants.TRANSITION_TO_GENERATE_GUI_QUERY_AUSTRIAN_RESIDENCE_TASK));
+
+ //TODO: update this check because this task selects one result from MDS search result before and creates a new element
+ //Mockito.verify(registerSearchService).step7aKittProcess(eq(registerSearchResult), eq(eidData));
+ }
+
+ @Test
+ public void httpPostValidSignedAssertionEidValid_ExactlyOneRegisterResultDeprecadedBpkEnc() throws Exception {
+ setupMetadataResolver();
+ initResponse("/data/Response_with_EID_deprecated_bpk_encoding.xml", true);
+ AuthProcessDataWrapper authProcessData = pendingReq.getSessionData(AuthProcessDataWrapper.class);
+ SimpleEidasData eidData = createEidasDataMatchingToSamlResponse().build();
+ authProcessData.setGenericDataToSession(Constants.DATA_SIMPLE_EIDAS, eidData);
+ RegisterStatusResults registerSearchResult = buildResultWithOneMatch();
+ MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerSearchResult);
+
+ task.execute(pendingReq, executionContext);
+
+ AuthProcessDataWrapper session = pendingReq.getSessionData(AuthProcessDataWrapper.class);
+ assertEquals("LoA", "http://eidas.europa.eu/LoA/low", session.getQaaLevel());
+ assertEquals("IssueInstant", "2014-03-05T06:39:51Z", session.getIssueInstantString());
+ assertNull("Transition To S16", executionContext.get(Constants.TRANSITION_TO_GENERATE_GUI_QUERY_AUSTRIAN_RESIDENCE_TASK));
+
+ //TODO: update this check because this task selects one result from MDS search result before and creates a new element
+ //Mockito.verify(registerSearchService).step7aKittProcess(eq(registerSearchResult), eq(eidData));
+ }
+
+
+
+ //TODO: implement new test that this test makes no sense any more
+ @Ignore
+ @Test
+ public void httpPostValidSignedAssertionEidValid_MoreThanOneRegisterResult() throws Exception {
+ setupMetadataResolver();
+ initResponse("/data/Response_with_EID.xml", true);
+ AuthProcessDataWrapper authProcessData = pendingReq.getSessionData(AuthProcessDataWrapper.class);
+ SimpleEidasData eidData = createEidasDataMatchingToSamlResponse().build();
+ authProcessData.setGenericDataToSession(Constants.DATA_SIMPLE_EIDAS, eidData);
+
+ TaskExecutionException e = assertThrows(TaskExecutionException.class,
+ () -> task.execute(pendingReq, executionContext));
+
+
+ assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID());
+ isInstanceOf(AuthnResponseValidationException.class, e.getOriginalException());
+ isInstanceOf(ManualFixNecessaryException.class, e.getOriginalException().getCause());
+ assertEquals("sp.pvp2.12", ((AuthnResponseValidationException) e.getOriginalException()).getErrorId());
+
+
+ AuthProcessDataWrapper session = pendingReq.getSessionData(AuthProcessDataWrapper.class);
+ assertNull("Transition To S16", executionContext.get(Constants.TRANSITION_TO_GENERATE_GUI_QUERY_AUSTRIAN_RESIDENCE_TASK));
+ }
+
+ @NotNull
+ private RegisterStatusResults buildResultWithOneMatch() {
+ return new RegisterStatusResults(new RegisterOperationStatus(generateRandomProcessId()),
+ Collections.singletonList(RegisterResult.builder()
+ .bpk(BPK_FROM_ID_AUSTRIA)
+ .pseudonym(Arrays.asList("bar"))
+ .givenName("foo")
+ .familyName("foo")
+ .dateOfBirth("bar")
+ .build()),
+ Collections.emptyList());
+
+ }
+
+ @NotNull
+ private RegisterStatusResults buildResultWithTwoMatches() {
+ List<RegisterResult> results = Lists.newArrayList(
+ RegisterResult.builder()
+ .bpk(BPK_FROM_ID_AUSTRIA)
+ .pseudonym(Arrays.asList("bar"))
+ .givenName("foo")
+ .familyName("foo")
+ .dateOfBirth("bar")
+ .build(),
+ RegisterResult.builder()
+ .bpk("bpk")
+ .pseudonym(Arrays.asList("pseudonym"))
+ .givenName("givenName")
+ .familyName("familyName")
+ .dateOfBirth("dateOfBirth")
+ .build());
+
+ return new RegisterStatusResults(new RegisterOperationStatus(generateRandomProcessId()),
+ results, Collections.emptyList());
+ }
+
+ private BigInteger generateRandomProcessId() {
+ return new BigInteger(RandomStringUtils.randomNumeric(10));
+
+ }
+
+ private SimpleEidasData.SimpleEidasDataBuilder createEidasDataMatchingToSamlResponse() {
+ // data from "/data/Response_with_EID.xml"
+ return SimpleEidasData.builder()
+ .familyName("Mustermann")
+ .givenName("Max")
+ .dateOfBirth("1940-01-01");
+ }
+
+ private void addSamlResponseToHttpReq(Response response) throws TransformerException, IOException, MarshallingException {
+ String node = DomUtils.serializeNode(XMLObjectSupport.getMarshaller(response).marshall(response));
+ String base64encoded = Base64.getEncoder().encodeToString(node.getBytes(StandardCharsets.UTF_8));
+ httpReq.addParameter("SAMLResponse", base64encoded);
+ }
+
+ private void initResponse(String responsePath, boolean validConditions) throws Exception {
+ InputStream inputStream = ReceiveMobilePhoneSignatureResponseTaskTest.class.getResourceAsStream(responsePath);
+ ParserPool parserPool = Objects.requireNonNull(XMLObjectProviderRegistrySupport.getParserPool());
+ Response response = (Response) XMLObjectSupport.unmarshallFromInputStream(parserPool, inputStream);
+ response.setIssueInstant(Instant.now());
+ Issuer issuer = Saml2Utils.createSamlObject(Issuer.class);
+ issuer.setValue("classpath:/data/idp_metadata_classpath_entity.xml");
+ response.setIssuer(issuer);
+ if (validConditions) {
+ response.getAssertions().get(0).getConditions().setNotOnOrAfter(Instant.now().plusSeconds(5*60));
+ }
+ Response signedResponse = Saml2Utils.signSamlObject(response, credentialProvider.getMessageSigningCredential(), true);
+ addSamlResponseToHttpReq(signedResponse);
+ }
+
+ private void setupMetadataResolver() throws Pvp2MetadataException {
+ metadataProvider.addMetadataResolverIntoChain(metadataFactory.createMetadataProvider(
+ METADATA_PATH, null, "jUnit IDP", null));
+ }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveOtherLoginMethodGuiResponseTaskTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveOtherLoginMethodGuiResponseTaskTest.java
new file mode 100644
index 00000000..750a17ce
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveOtherLoginMethodGuiResponseTaskTest.java
@@ -0,0 +1,154 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.i18n.LocaleContextHolder;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.context.ActiveProfiles;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.test.context.web.WebAppConfiguration;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SelectedLoginMethod;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveOtherLoginMethodGuiResponseTask;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+ "/SpringTest-context_tasks_test.xml",
+ "/SpringTest-context_basic_mapConfig.xml"
+})
+@ActiveProfiles(profiles = {"deprecatedConfig"})
+@WebAppConfiguration
+public class ReceiveOtherLoginMethodGuiResponseTaskTest {
+
+ @Autowired
+ private ReceiveOtherLoginMethodGuiResponseTask task;
+
+ private final ExecutionContextImpl executionContext = new ExecutionContextImpl();
+ private TestRequestImpl pendingReq;
+ private MockHttpServletRequest httpReq;
+ private MockHttpServletResponse httpResp;
+
+ /**
+ * jUnit class initializer.
+ */
+ @BeforeClass
+ public static void classInitializer() {
+ final String current = new java.io.File(".").toURI().toString();
+ System.setProperty("eidas.ms.configuration", current + "src/test/resources/config/junit_config_1.properties");
+ }
+
+ /**
+ * jUnit test set-up.
+ */
+ @Before
+ public void initialize() {
+ httpReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector");
+ httpResp = new MockHttpServletResponse();
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+ pendingReq = new TestRequestImpl();
+ pendingReq.setAuthUrl("https://localhost/ms_connector");
+ pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10));
+
+ LocaleContextHolder.resetLocaleContext();
+ }
+
+ @Test
+ public void withMobileSignatureSelection() throws TaskExecutionException {
+ testTransition(SelectedLoginMethod.MOBILE_PHONE_SIGNATURE_LOGIN, Constants.TRANSITION_TO_GENERATE_MOBILE_PHONE_SIGNATURE_REQUEST_TASK);
+ assertEquals("return to selection", false, executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK));
+
+ }
+
+ @Test
+ public void withEidasSelection() throws TaskExecutionException {
+ testTransition(SelectedLoginMethod.EIDAS_LOGIN, Constants.TRANSITION_TO_GENERATE_EIDAS_LOGIN);
+ assertEquals("return to selection", false, executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK));
+
+ }
+
+ @Test
+ public void withNoOtherLoginSelection() throws TaskExecutionException {
+ testTransition(SelectedLoginMethod.NO_OTHER_LOGIN, Constants.TRANSITION_TO_GENERATE_GUI_QUERY_AUSTRIAN_RESIDENCE_TASK);
+ assertEquals("return to selection", false, executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK));
+
+ }
+
+ @Test
+ public void withAddMeAsNewSelection() throws TaskExecutionException {
+ testTransition(SelectedLoginMethod.ADD_ME_AS_NEW, Constants.TRANSITION_TO_CREATE_NEW_ERNP_ENTRY_TASK);
+ assertEquals("return to selection", false, executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK));
+
+ }
+
+ public void testTransition(SelectedLoginMethod loginMethod, String expectedTransition) throws TaskExecutionException {
+ httpReq.setParameter(Constants.REQ_SELECTED_LOGIN_METHOD_PARAMETER, loginMethod.name());
+ executionContext.put(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED, true);
+
+ task.execute(pendingReq, executionContext);
+
+ assertFalse("wrong pendingReq auth flag", pendingReq.isAuthenticated());
+ assertFalse("wrong process-cancelled flag", executionContext.isProcessCancelled());
+ assertNotNull("no login-selection found", executionContext.get(Constants.REQ_SELECTED_LOGIN_METHOD_PARAMETER));
+ assertEquals("Wrong login-selection found", loginMethod.name(), executionContext.get(Constants.REQ_SELECTED_LOGIN_METHOD_PARAMETER));
+ assertEquals("Next task", true, executionContext.get(expectedTransition));
+ assertNull("find advancedMatchingError flag", executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED));
+
+ }
+
+ public void withInvalidSelection() throws TaskExecutionException {
+ httpReq.setParameter(Constants.REQ_SELECTED_LOGIN_METHOD_PARAMETER, RandomStringUtils.randomAlphabetic(2));
+
+ task.execute(pendingReq, executionContext);
+
+ assertEquals("Next task", true, executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK));
+ assertEquals("advancedMatchingError flag", true, executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED));
+ }
+
+ @Test
+ public void withNullSelection() throws TaskExecutionException {
+ httpReq.setParameter(Constants.REQ_SELECTED_LOGIN_METHOD_PARAMETER, "null");
+
+ task.execute(pendingReq, executionContext);
+
+ assertEquals("Next task", true, executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK));
+ assertEquals("advancedMatchingError flag", true, executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED));
+ }
+
+ @Test
+ public void withEmptySelection() throws TaskExecutionException {
+ httpReq.setParameter(Constants.REQ_SELECTED_LOGIN_METHOD_PARAMETER, "");
+
+ task.execute(pendingReq, executionContext);
+
+ assertEquals("Next task", true, executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK));
+ assertEquals("advancedMatchingError flag", true, executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED));
+ }
+
+ @Test
+ public void withoutLoginMethodSelection() throws TaskExecutionException {
+
+ task.execute(pendingReq, executionContext);
+
+ assertEquals("Next task", true, executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK));
+ assertEquals("advancedMatchingError flag", true, executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED));
+ }
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/utils/JoseUtilsTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/utils/JoseUtilsTest.java
index ad38e371..4da03622 100644
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/utils/JoseUtilsTest.java
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/utils/JoseUtilsTest.java
@@ -17,13 +17,11 @@ import org.jose4j.lang.JoseException;
import org.junit.Assert;
import org.junit.Test;
import org.junit.runner.RunWith;
-import org.powermock.core.classloader.annotations.PrepareForTest;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.test.annotation.DirtiesContext;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils.JwsResult;
import at.gv.egiz.eaaf.core.exceptions.EaafException;
@@ -34,15 +32,14 @@ import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration.KeyStoreType;
import at.gv.egiz.eaaf.core.impl.data.Pair;
@RunWith(SpringJUnit4ClassRunner.class)
-@PrepareForTest(CreateIdentityLinkTask.class)
@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)
@ContextConfiguration(locations = {
"/SpringTest-context_tasks_test.xml",
"/SpringTest-context_basic_mapConfig.xml"})
public class JoseUtilsTest {
-
+
@Autowired private EaafKeyStoreFactory keyStoreFactory;
-
+
private static final List<String> AUTH_ALGORITHM_WHITELIST_SIGNING = Collections.unmodifiableList(
Arrays.asList(
AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256,
@@ -50,48 +47,48 @@ public class JoseUtilsTest {
AlgorithmIdentifiers.RSA_PSS_USING_SHA256,
AlgorithmIdentifiers.RSA_PSS_USING_SHA512));
-
+
@Test
public void missingKey() throws EaafException, JoseException, KeyStoreException, IOException {
-
+
KeyStoreConfiguration config = new KeyStoreConfiguration();
config.setFriendlyName("jUnittest");
config.setKeyStoreType(KeyStoreType.JKS);
config.setSoftKeyStoreFilePath("../data/junit.jks");
config.setSoftKeyStorePassword("password");
-
+
Pair<KeyStore, Provider> keyStore = keyStoreFactory.buildNewKeyStore(config);
String payLoad = RandomStringUtils.randomAlphanumeric(100);
-
+
//check signing
try {
JoseUtils.createSignature(keyStore, "notExist", "password".toCharArray(), payLoad , true, "jUnitTest");
Assert.fail("missing Key not detected");
-
- } catch (EaafException e) {
+
+ } catch (EaafException e) {
Assert.assertEquals("ErrorId", "internal.keystore.09", e.getErrorId());
-
+
}
}
-
+
@Test
public void createRsaSignature() throws EaafException, JoseException, KeyStoreException, IOException {
-
+
KeyStoreConfiguration config = new KeyStoreConfiguration();
config.setFriendlyName("jUnittest");
config.setKeyStoreType(KeyStoreType.JKS);
config.setSoftKeyStoreFilePath("../data/junit.jks");
config.setSoftKeyStorePassword("password");
-
+
Pair<KeyStore, Provider> keyStore = keyStoreFactory.buildNewKeyStore(config);
String payLoad = RandomStringUtils.randomAlphanumeric(100);
-
+
//check signing
String result = JoseUtils.createSignature(keyStore, "meta", "password".toCharArray(), payLoad , true, "jUnitTest");
-
+
Assert.assertNotNull("signed message", result);
Assert.assertFalse("signed msg empty", result.isEmpty());
-
+
//validate
List<X509Certificate> trustedCerts = EaafKeyStoreUtils.readCertsFromKeyStore(keyStore.getFirst());
@@ -99,30 +96,30 @@ public class JoseUtilsTest {
AUTH_ALGORITHM_WHITELIST_SIGNING
.toArray(new String[AUTH_ALGORITHM_WHITELIST_SIGNING.size()]));
JwsResult verify = JoseUtils.validateSignature(result, trustedCerts, constraints);
-
+
Assert.assertTrue("sig. verify", verify.isValid());
Assert.assertEquals("payload", payLoad, verify.getPayLoad());
-
+
}
-
+
@Test
public void createEccSignature() throws EaafException, JoseException, KeyStoreException, IOException {
-
+
KeyStoreConfiguration config = new KeyStoreConfiguration();
config.setFriendlyName("jUnittest");
config.setKeyStoreType(KeyStoreType.JKS);
config.setSoftKeyStoreFilePath("../data/junit.jks");
config.setSoftKeyStorePassword("password");
-
+
Pair<KeyStore, Provider> keyStore = keyStoreFactory.buildNewKeyStore(config);
String payLoad = RandomStringUtils.randomAlphanumeric(100);
-
+
//check signing
String result = JoseUtils.createSignature(keyStore, "sig", "password".toCharArray(), payLoad , true, "jUnitTest");
-
+
Assert.assertNotNull("signed message", result);
Assert.assertFalse("signed msg empty", result.isEmpty());
-
+
//validate
List<X509Certificate> trustedCerts = EaafKeyStoreUtils.readCertsFromKeyStore(keyStore.getFirst());
@@ -130,10 +127,10 @@ public class JoseUtilsTest {
AUTH_ALGORITHM_WHITELIST_SIGNING
.toArray(new String[AUTH_ALGORITHM_WHITELIST_SIGNING.size()]));
JwsResult verify = JoseUtils.validateSignature(result, trustedCerts, constraints);
-
+
Assert.assertTrue("sig. verify", verify.isValid());
Assert.assertEquals("payload", payLoad, verify.getPayLoad());
-
+
}
-
+
}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasAttributePostProcessingTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasAttributePostProcessingTest.java
index 9bb51cd9..0a4ab851 100644
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasAttributePostProcessingTest.java
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasAttributePostProcessingTest.java
@@ -30,7 +30,7 @@ import java.text.SimpleDateFormat;
import java.util.HashMap;
import java.util.Map;
-import org.joda.time.DateTime;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
import org.junit.BeforeClass;
import org.junit.Test;
import org.junit.runner.RunWith;
@@ -41,7 +41,6 @@ import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.CcSpecificEidProcessingService;
@RunWith(SpringJUnit4ClassRunner.class)
@@ -59,7 +58,7 @@ public class EidasAttributePostProcessingTest {
"DE/AT/532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25";
private static final String P1_GIVENNAME = "Max";
private static final String P1_FAMILYNAME = "Mustermann";
- private static final DateTime P1_DATEOFBIRTH = DateTime.now();
+ private static final String P1_DATEOFBIRTH = "2020-01-04";
private static final String P1_PLACEOFBIRTH = "Nirgendwo";
private static final String P1_BIRTHNAME = "Musterkind";
@@ -68,7 +67,7 @@ public class EidasAttributePostProcessingTest {
"DE/AT/532eaabd9574880dbf76b9b8cc00832c20A6ec113d682299550d7a6e0f345e25";
private static final String P3_GIVENNAME = "Max";
private static final String P3_FAMILYNAME = "Mustermann";
- private static final DateTime P3_DATEOFBIRTH = DateTime.now();
+ private static final String P3_DATEOFBIRTH = "2020-01-03";
private static final String P3_PLACEOFBIRTH = "Nirgendwo";
private static final String P3_BIRTHNAME = "Musterkind";
@@ -77,7 +76,7 @@ public class EidasAttributePostProcessingTest {
"DE/AT/532EAABD9574880DBF76B9B8CC00832C20A6EC113D682299550D7A6E0F345E25";
private static final String P4_GIVENNAME = "Max";
private static final String P4_FAMILYNAME = "Mustermann";
- private static final DateTime P4_DATEOFBIRTH = DateTime.now();
+ private static final String P4_DATEOFBIRTH = "2020-01-05";
private static final String P4_PLACEOFBIRTH = "Nirgendwo";
private static final String P4_BIRTHNAME = "Musterkind";
@@ -86,7 +85,7 @@ public class EidasAttributePostProcessingTest {
"DE/AT/532EAABD9574880DBF76B9B8CC00832C20A6EC113D682299550D7A6E0F345E251";
private static final String P5_GIVENNAME = "Max";
private static final String P5_FAMILYNAME = "Mustermann";
- private static final DateTime P5_DATEOFBIRTH = DateTime.now();
+ private static final String P5_DATEOFBIRTH = "2020-01-06";
private static final String P5_PLACEOFBIRTH = "Nirgendwo";
private static final String P5_BIRTHNAME = "Musterkind";
@@ -94,7 +93,7 @@ public class EidasAttributePostProcessingTest {
private static final String P6_eIDASID = "DE/AT/532EAABD9574880DBF76B9B8CC00832C20A6EC113D682299550D7A6E0F";
private static final String P6_GIVENNAME = "Max";
private static final String P6_FAMILYNAME = "Mustermann";
- private static final DateTime P6_DATEOFBIRTH = DateTime.now();
+ private static final String P6_DATEOFBIRTH = "2020-01-08";
private static final String P6_PLACEOFBIRTH = "Nirgendwo";
private static final String P6_BIRTHNAME = "Musterkind";
@@ -102,7 +101,7 @@ public class EidasAttributePostProcessingTest {
private static final String P7_eIDASID = "DE/AT/532EAABD9574880DBF76B9B8CC00832C20A6EC113D682299550D7A6E0F";
private static final String P7_GIVENNAME = "Max";
private static final String P7_FAMILYNAME = "Mustermann";
- private static final DateTime P7_DATEOFBIRTH = DateTime.now();
+ private static final String P7_DATEOFBIRTH = "2020-01-09";
private static final String P7_PLACEOFBIRTH = "Nirgendwo";
private static final String P7_BIRTHNAME = "Musterkind";
@@ -110,13 +109,13 @@ public class EidasAttributePostProcessingTest {
"EE/AT/asfasfasdfasdfasdfasdfasdfasvafasdfasdfasdfasdfasdfasvascasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasd";
private static final String P2_GIVENNAME = "Max";
private static final String P2_FAMILYNAME = "Mustermann";
- private static final DateTime P2_DATEOFBIRTH = DateTime.now();
+ private static final String P2_DATEOFBIRTH = "2020-01-10";
private static final String P2_PLACEOFBIRTH = "Nirgendwo";
private static final String P2_BIRTHNAME = "Musterkind";
/**
* jUnit class initializer.
- *
+ *
* @throws IOException In case of an error
*/
@BeforeClass
@@ -129,7 +128,7 @@ public class EidasAttributePostProcessingTest {
@Test
public void deWithHexLowerCase() throws Exception {
try {
- final ErnbEidData result = postProcessor.postProcess(
+ final SimpleEidasData result = postProcessor.postProcess(
generateInputData(
P1_eIDASID,
P1_FAMILYNAME,
@@ -156,7 +155,7 @@ public class EidasAttributePostProcessingTest {
@Test
public void deWithHexMixedCase() throws Exception {
try {
- final ErnbEidData result = postProcessor.postProcess(
+ final SimpleEidasData result = postProcessor.postProcess(
generateInputData(
P3_eIDASID,
P3_FAMILYNAME,
@@ -183,7 +182,7 @@ public class EidasAttributePostProcessingTest {
@Test
public void deWithHexUpperCase() throws Exception {
try {
- final ErnbEidData result = postProcessor.postProcess(
+ final SimpleEidasData result = postProcessor.postProcess(
generateInputData(
P4_eIDASID,
P4_FAMILYNAME,
@@ -270,7 +269,7 @@ public class EidasAttributePostProcessingTest {
@Test
public void eeTestCase() throws Exception {
try {
- final ErnbEidData result = postProcessor.postProcess(
+ final SimpleEidasData result = postProcessor.postProcess(
generateInputData(
P2_eIDASID,
P2_FAMILYNAME,
@@ -297,7 +296,7 @@ public class EidasAttributePostProcessingTest {
@Test
public void eeTestFamilyNameMissingCase() throws Exception {
try {
- final ErnbEidData result = postProcessor.postProcess(
+ final SimpleEidasData result = postProcessor.postProcess(
generateInputData(
P2_eIDASID,
null,
@@ -326,7 +325,7 @@ public class EidasAttributePostProcessingTest {
@Test
public void eeTestGivenNameMissingCase() throws Exception {
try {
- final ErnbEidData result = postProcessor.postProcess(
+ final SimpleEidasData result = postProcessor.postProcess(
generateInputData(
P2_eIDASID,
P2_FAMILYNAME,
@@ -355,7 +354,7 @@ public class EidasAttributePostProcessingTest {
@Test
public void eeTestDateOfBirthMissingCase() throws Exception {
try {
- final ErnbEidData result = postProcessor.postProcess(
+ final SimpleEidasData result = postProcessor.postProcess(
generateInputData(
P2_eIDASID,
P2_FAMILYNAME,
@@ -384,7 +383,7 @@ public class EidasAttributePostProcessingTest {
@Test
public void eeTestIdMissingCase() throws Exception {
try {
- final ErnbEidData result = postProcessor.postProcess(
+ final SimpleEidasData result = postProcessor.postProcess(
generateInputData(
null,
P2_FAMILYNAME,
@@ -411,7 +410,7 @@ public class EidasAttributePostProcessingTest {
}
private Map<String, Object> generateInputData(String id, String familyName, String givenName,
- DateTime dateOfBirth, String placeOfBirth, String birthName) {
+ String dateOfBirth, String placeOfBirth, String birthName) {
final Map<String, Object> result = new HashMap<>();
result.put(Constants.eIDAS_ATTR_PERSONALIDENTIFIER, id);
result.put(Constants.eIDAS_ATTR_CURRENTGIVENNAME, givenName);
@@ -423,8 +422,8 @@ public class EidasAttributePostProcessingTest {
}
- private void validate(ErnbEidData result, String id, String familyName, String givenName,
- DateTime dateOfBirth, String placeOfBirth, String birthName) {
+ private void validate(SimpleEidasData result, String id, String familyName, String givenName,
+ String dateOfBirth, String placeOfBirth, String birthName) {
if (!result.getPseudonym().equals(id)) {
fail(result.getPseudonym() + "is not equal to " + id);
}
@@ -441,12 +440,6 @@ public class EidasAttributePostProcessingTest {
fail(result.getDateOfBirth() + "is not equal to " + dateOfBirth);
}
- if (!result.getFormatedDateOfBirth().equals(new SimpleDateFormat("yyyy-MM-dd").format(dateOfBirth
- .toDate()))) {
- fail(result.getDateOfBirth() + "is not equal to " + new SimpleDateFormat("yyyy-MM-dd").format(
- dateOfBirth.toDate()));
- }
-
if (!result.getPlaceOfBirth().equals(placeOfBirth)) {
fail(result.getPlaceOfBirth() + "is not equal to " + placeOfBirth);
}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java
index 610801a6..ca292d4c 100644
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java
@@ -54,8 +54,11 @@ import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration(locations = {
"/SpringTest-context_tasks_test.xml",
- "/SpringTest-context_basic_realConfig.xml"})
-@TestPropertySource(locations = {"classpath:/config/junit_config_de_attributes.properties"})
+ "/SpringTest-context_basic_realConfig.xml",
+ //"/SpringTest-context_basic_mapConfig.xml"
+ })
+@TestPropertySource(locations = {"classpath:/config/junit_config_de_attributes.properties", "classpath:/config" +
+ "/junit_config_1_springboot.properties"})
@DirtiesContext(classMode = ClassMode.AFTER_CLASS)
public class EidasRequestPreProcessingFirstTest {
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java
index 9ee38296..9b061b55 100644
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java
@@ -103,7 +103,7 @@ public class EidasRequestPreProcessingSecondTest {
final LightRequest lightReq = authnRequestBuilder.build();
- Assert.assertEquals("ProviderName is not Static", "myNode", lightReq.getProviderName());
+ Assert.assertEquals("ProviderName is not Static", "myNode", lightReq.getProviderName());//Fixme "myNode"
Assert.assertEquals("no PublicSP", "public", lightReq.getSpType());
Assert.assertEquals("Requested attribute size not match", 8, lightReq.getRequestedAttributes().size());
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java
index b1f1b164..bbba56e2 100644
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java
@@ -12,7 +12,6 @@ import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
-import org.powermock.core.classloader.annotations.PrepareForTest;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.test.annotation.DirtiesContext;
import org.springframework.test.context.ContextConfiguration;
@@ -25,7 +24,6 @@ import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummySpConfi
import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasValidationException;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.validator.EidasResponseValidator;
import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
import at.gv.egiz.eaaf.core.api.data.EaafConstants;
@@ -41,7 +39,6 @@ import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse;
import lombok.val;
@RunWith(SpringJUnit4ClassRunner.class)
-@PrepareForTest(CreateIdentityLinkTask.class)
@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)
@ContextConfiguration(locations = {
"/SpringTest-context_tasks_test.xml",
@@ -50,17 +47,17 @@ public class EidasResponseValidatorTest {
@Autowired private MsConnectorDummyConfigMap basicConfig;
@Autowired protected EidasAttributeRegistry attrRegistry;
-
+
private TestRequestImpl pendingReq;
private MsConnectorDummySpConfiguration oaParam;
-
-
+
+
/**
* jUnit test set-up.
*/
@Before
public void setUp() throws EaafStorageException, URISyntaxException {
-
+
final Map<String, String> spConfig = new HashMap<>();
spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
@@ -74,250 +71,250 @@ public class EidasResponseValidatorTest {
pendingReq.setAuthUrl("http://test.com/");
pendingReq.setTransactionId("avaasbav");
pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10));
-
+
}
-
-
+
+
@Test
public void loaFromResponseToLow() throws URISyntaxException {
//set-up
- ILightResponse eidasResponse = buildDummyAuthResponse(
- "LU/AT/" + RandomStringUtils.randomNumeric(10),
+ ILightResponse eidasResponse = buildDummyAuthResponse(
+ "LU/AT/" + RandomStringUtils.randomNumeric(10),
EaafConstants.EIDAS_LOA_LOW,
false);
String spCountry = "AT";
String citizenCountryCode = "XX";
-
+
//execute test
try {
EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);
Assert.fail("Wrong eIDAS response not detected");
-
+
} catch (EidasValidationException e) {
- Assert.assertEquals("ErrorId", "eidas.06", e.getErrorId());
+ Assert.assertEquals("ErrorId", "eidas.06", e.getErrorId());
Assert.assertEquals("wrong parameter size", 1, e.getParams().length);
- Assert.assertEquals("wrong errorMsg", "http://eidas.europa.eu/LoA/low",
+ Assert.assertEquals("wrong errorMsg", "http://eidas.europa.eu/LoA/low",
e.getParams()[0]);
-
- }
+
+ }
}
-
+
@Test
public void noEidasSpCountry() throws URISyntaxException {
//set-up
- ILightResponse eidasResponse = buildDummyAuthResponse(
- "LU/AT/" + RandomStringUtils.randomNumeric(10),
+ ILightResponse eidasResponse = buildDummyAuthResponse(
+ "LU/AT/" + RandomStringUtils.randomNumeric(10),
EaafConstants.EIDAS_LOA_SUBSTANTIAL,
false);
String spCountry = null;
String citizenCountryCode = "LU";
-
+
oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL));
-
-
+
+
//execute test
try {
EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);
Assert.fail("Wrong eIDAS response not detected");
-
+
} catch (EidasValidationException e) {
- Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId());
+ Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId());
Assert.assertEquals("wrong parameter size", 2, e.getParams().length);
- Assert.assertEquals("wrong errorMsg", "PersonIdentifier",
+ Assert.assertEquals("wrong errorMsg", "PersonIdentifier",
e.getParams()[0]);
- Assert.assertEquals("wrong errorMsg",
- "Destination country does not match to SP country",
+ Assert.assertEquals("wrong errorMsg",
+ "Destination country does not match to SP country",
e.getParams()[1]);
-
- }
+
+ }
}
-
+
@Test
public void noEidasResponseCountry() throws URISyntaxException {
//set-up
- ILightResponse eidasResponse = buildDummyAuthResponse(
- "LU/AT/" + RandomStringUtils.randomNumeric(10),
+ ILightResponse eidasResponse = buildDummyAuthResponse(
+ "LU/AT/" + RandomStringUtils.randomNumeric(10),
EaafConstants.EIDAS_LOA_SUBSTANTIAL,
false);
String spCountry = "AT";
String citizenCountryCode = null;
-
+
oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL));
-
-
+
+
//execute test
try {
EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);
Assert.fail("Wrong eIDAS response not detected");
-
+
} catch (EidasValidationException e) {
- Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId());
+ Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId());
Assert.assertEquals("wrong parameter size", 2, e.getParams().length);
- Assert.assertEquals("wrong errorMsg", "PersonIdentifier",
+ Assert.assertEquals("wrong errorMsg", "PersonIdentifier",
e.getParams()[0]);
- Assert.assertEquals("wrong errorMsg",
- "Citizen country does not match to eIDAS-node country that generates the response",
+ Assert.assertEquals("wrong errorMsg",
+ "Citizen country does not match to eIDAS-node country that generates the response",
e.getParams()[1]);
-
- }
+
+ }
}
-
+
@Test
public void wrongEidasResponseCountry() throws URISyntaxException {
//set-up
- ILightResponse eidasResponse = buildDummyAuthResponse(
- "LU/AT/" + RandomStringUtils.randomNumeric(10),
+ ILightResponse eidasResponse = buildDummyAuthResponse(
+ "LU/AT/" + RandomStringUtils.randomNumeric(10),
EaafConstants.EIDAS_LOA_SUBSTANTIAL,
false);
String spCountry = "AT";
String citizenCountryCode = "XX";
-
+
oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL));
-
-
+
+
//execute test
try {
EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);
Assert.fail("Wrong eIDAS response not detected");
-
+
} catch (EidasValidationException e) {
- Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId());
+ Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId());
Assert.assertEquals("wrong parameter size", 2, e.getParams().length);
- Assert.assertEquals("wrong errorMsg", "PersonIdentifier",
+ Assert.assertEquals("wrong errorMsg", "PersonIdentifier",
e.getParams()[0]);
- Assert.assertEquals("wrong errorMsg",
- "Citizen country does not match to eIDAS-node country that generates the response",
+ Assert.assertEquals("wrong errorMsg",
+ "Citizen country does not match to eIDAS-node country that generates the response",
e.getParams()[1]);
-
- }
+
+ }
}
-
+
@Test
public void missingPersonalIdentifier() throws URISyntaxException {
//set-up
- ILightResponse eidasResponse = buildDummyAuthResponse(
- null,
+ ILightResponse eidasResponse = buildDummyAuthResponse(
+ null,
EaafConstants.EIDAS_LOA_SUBSTANTIAL,
false);
String spCountry = "AT";
String citizenCountryCode = "LU";
-
+
oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL));
-
-
+
+
//execute test
try {
EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);
Assert.fail("Wrong eIDAS response not detected");
-
+
} catch (EidasValidationException e) {
- Assert.assertEquals("ErrorId", "eidas.05", e.getErrorId());
+ Assert.assertEquals("ErrorId", "eidas.05", e.getErrorId());
Assert.assertEquals("wrong parameter size", 1, e.getParams().length);
- Assert.assertEquals("wrong errorMsg", "NO 'PersonalIdentifier' attriubte",
+ Assert.assertEquals("wrong errorMsg", "NO 'PersonalIdentifier' attriubte",
e.getParams()[0]);
-
- }
+
+ }
}
-
+
@Test
public void moreThanOnePersonalIdentifier() throws URISyntaxException {
//set-up
- ILightResponse eidasResponse = buildDummyAuthResponse(
- null,
+ ILightResponse eidasResponse = buildDummyAuthResponse(
+ null,
EaafConstants.EIDAS_LOA_SUBSTANTIAL,
true);
String spCountry = "AT";
String citizenCountryCode = "LU";
-
+
oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL));
-
-
+
+
//execute test
try {
EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);
Assert.fail("Wrong eIDAS response not detected");
-
+
} catch (EidasValidationException e) {
- Assert.assertEquals("ErrorId", "eidas.05", e.getErrorId());
+ Assert.assertEquals("ErrorId", "eidas.05", e.getErrorId());
Assert.assertEquals("wrong parameter size", 1, e.getParams().length);
- Assert.assertEquals("wrong errorMsg", "NO 'PersonalIdentifier' attriubte",
+ Assert.assertEquals("wrong errorMsg", "NO 'PersonalIdentifier' attriubte",
e.getParams()[0]);
-
- }
+
+ }
}
-
+
@Test
public void emptyPersonalIdentifier() throws URISyntaxException {
//set-up
- ILightResponse eidasResponse = buildDummyAuthResponse(
- "",
+ ILightResponse eidasResponse = buildDummyAuthResponse(
+ "",
EaafConstants.EIDAS_LOA_SUBSTANTIAL,
false);
String spCountry = "AT";
String citizenCountryCode = "LU";
-
+
oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL));
-
-
+
+
//execute test
try {
EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);
Assert.fail("Wrong eIDAS response not detected");
-
+
} catch (EidasValidationException e) {
- Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId());
+ Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId());
Assert.assertEquals("wrong parameter size", 2, e.getParams().length);
- Assert.assertEquals("wrong errorMsg", "PersonIdentifier",
+ Assert.assertEquals("wrong errorMsg", "PersonIdentifier",
e.getParams()[0]);
- Assert.assertEquals("wrong errorMsg",
- "Wrong identifier format",
+ Assert.assertEquals("wrong errorMsg",
+ "Wrong identifier format",
e.getParams()[1]);
-
- }
+
+ }
}
-
+
@Test
public void validResponse() throws URISyntaxException, EidasValidationException {
//set-up
-
+
String spCountry = RandomStringUtils.randomAlphabetic(2).toUpperCase();
String cCountry = RandomStringUtils.randomAlphabetic(2).toUpperCase();
-
- ILightResponse eidasResponse = buildDummyAuthResponse(
- cCountry + "/" + spCountry + "/" + RandomStringUtils.randomAlphanumeric(20),
+
+ ILightResponse eidasResponse = buildDummyAuthResponse(
+ cCountry + "/" + spCountry + "/" + RandomStringUtils.randomAlphanumeric(20),
EaafConstants.EIDAS_LOA_SUBSTANTIAL,
false);
-
+
oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL));
-
-
+
+
//execute test
EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, cCountry, attrRegistry);
-
+
}
-
-
- private AuthenticationResponse buildDummyAuthResponse(String personalId, String loa, boolean moreThanOnePersonalId)
+
+
+ private AuthenticationResponse buildDummyAuthResponse(String personalId, String loa, boolean moreThanOnePersonalId)
throws URISyntaxException {
-
-
+
+
final AttributeDefinition personIdattributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first();
final Builder attributeMap = ImmutableAttributeMap.builder();
if (personalId != null) {
if (moreThanOnePersonalId) {
- ImmutableSet values = ImmutableSet.of(new StringAttributeValue(personalId),
+ ImmutableSet values = ImmutableSet.of(new StringAttributeValue(personalId),
new StringAttributeValue("XX/YY/" + RandomStringUtils.randomAlphanumeric(10)));
- attributeMap.put(personIdattributeDef, values);
-
+ attributeMap.put(personIdattributeDef, values);
+
} else {
attributeMap.put(personIdattributeDef, personalId);
-
- }
+
+ }
}
-
+
val b = new AuthenticationResponse.Builder();
return b.id("_".concat(Random.nextHexRandom16()))
.issuer(RandomStringUtils.randomAlphabetic(10))
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_lazy.xml b/modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_lazy.xml
new file mode 100644
index 00000000..a567ecba
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_lazy.xml
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xmlns:tx="http://www.springframework.org/schema/tx"
+ xmlns:aop="http://www.springframework.org/schema/aop"
+ xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+ http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd" >
+
+ <context:annotation-config />
+
+ <import resource="classpath:/spring/eaaf_utils.beans.xml"/>
+
+ <bean id="idAustriaAuthCredentialProvider"
+ class="at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.provider.IdAustriaClientAuthCredentialProvider"
+ lazy-init="true" />
+
+ <bean id="dummyPvpConfig"
+ class="at.gv.egiz.eaaf.modules.pvp2.idp.test.dummy.DummyPvpConfiguration"
+ lazy-init="true" />
+
+</beans>
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml b/modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml
index f31e5063..c843c40c 100644
--- a/modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml
@@ -12,6 +12,9 @@
<context:annotation-config />
+
+ <bean id="eidasConnectorMessageSource"
+ class="at.asitplus.eidas.specific.modules.auth.eidas.v2.config.EidasConnectorMessageSource"/>
<bean id="SZRClientForeIDAS"
class="at.asitplus.eidas.specific.modules.auth.eidas.v2.szr.SzrClient" />
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_ccSearchProcessor_test.xml b/modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_ccSearchProcessor_test.xml
new file mode 100644
index 00000000..6f071b38
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_ccSearchProcessor_test.xml
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xmlns:tx="http://www.springframework.org/schema/tx"
+ xmlns:aop="http://www.springframework.org/schema/aop"
+ xmlns:mvc="http://www.springframework.org/schema/mvc"
+ xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+ http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd
+ http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd">
+
+ <bean id="deMatchingHandler"
+ class="at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.DeSpecificDetailSearchProcessor" />
+
+</beans> \ No newline at end of file
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_tasks_test.xml b/modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_tasks_test.xml
index 6d6bb51e..0afa0d7d 100644
--- a/modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_tasks_test.xml
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_tasks_test.xml
@@ -18,6 +18,8 @@
<import resource="SpringTest-context_authManager.xml" />
<import resource="SpringTest-context_basic_test.xml" />
+ <import resource="classpath:/eidas_v2_auth.beans.xml"/>
+ <import resource="classpath:/eaaf_pvp.beans.xml" />
<bean id="mvcGUIBuilderImpl"
class="at.gv.egiz.eaaf.core.impl.gui.builder.SpringMvcGuiFormBuilderImpl" />
@@ -25,6 +27,15 @@
<bean id="springManagedSpecificConnectorCommunicationService"
class="at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummySpecificCommunicationService" />
+ <bean id="dummyPvpConfig"
+ class="at.gv.egiz.eaaf.modules.pvp2.idp.test.dummy.DummyPvpConfiguration" />
+
+ <bean id="dummyGuiConfigFactory"
+ class="at.gv.egiz.eaaf.core.impl.idp.module.gui.DummyGuiBuilderConfigurationFactory" />
+
+ <bean id="dummyVelocityBuilder"
+ class="at.gv.egiz.eaaf.core.impl.idp.module.gui.DummyVelocityGuiFormBuilder" />
+
<bean id="specificConnectorAttributesFileWithPath"
class="java.lang.String">
<constructor-arg
@@ -37,31 +48,5 @@
value="src/test/resources/config/additional-attributes.xml" />
</bean>
- <bean id="attributeRegistry"
- class="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry">
- <property name="eidasAttributesFile"
- ref="specificConnectorAttributesFileWithPath" />
- <property name="additionalAttributesFile"
- ref="specificConnectorAdditionalAttributesFileWithPath" />
- </bean>
-
- <bean id="authBlockSigningService"
- class="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.AuthBlockSigningService" />
-
- <bean id="EidasSignalServlet"
- class="at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasSignalServlet" />
-
- <!-- Authentication Process Tasks -->
- <bean id="ConnecteIDASNodeTask"
- class="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateAuthnRequestTask"
- scope="prototype" />
-
- <bean id="ReceiveResponseFromeIDASNodeTask"
- class="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveAuthnResponseTask"
- scope="prototype" />
-
- <bean id="CreateIdentityLinkTask"
- class="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask"
- scope="prototype" />
</beans> \ No newline at end of file
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1.properties b/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1.properties
index a662379c..6d97513a 100644
--- a/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1.properties
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1.properties
@@ -8,15 +8,20 @@ eidas.ms.context.use.clustermode=true
eidas.ms.monitoring.eIDASNode.metadata.url=
+eidas.ms.client.http.connection.timeout.socket=5
+eidas.ms.client.http.connection.timeout.connection=5
+eidas.ms.client.http.connection.timeout.request=5
+
+
##Specific logger configuration
eidas.ms.technicallog.write.MDS.into.techlog=true
eidas.ms.revisionlog.write.MDS.into.revisionlog=true
eidas.ms.revisionlog.logIPAddressOfUser=true
##Directory for static Web content
-eidas.ms.webcontent.static.directory=webcontent/
-eidas.ms.webcontent.templates=templates/
-eidas.ms.webcontent.properties=properties/messages
+eidas.ms.webcontent.static.directory=../../../../../../basicConfig/webcontent/
+eidas.ms.webcontent.templates=../../../../../../basicConfig/templates/
+eidas.ms.webcontent.properties=../../../../../../basicConfig/properties/messages
## extended validation of pending-request Id's
eidas.ms.core.pendingrequestid.maxlifetime=300
@@ -88,6 +93,26 @@ eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.4=LegalPerson,tr
eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.5=LegalName,true
+#### matching######
+# ZMR communication
+eidas.ms.auth.eIDAS.zmrclient.endpoint=http://localhost:1234/demozmr
+eidas.ms.auth.eIDAS.zmrclient.req.organisation.behoerdennr=jUnit123456
+eidas.ms.auth.eIDAS.zmrclient.req.update.reason.code=EIDAS-KITT
+
+
+
+# ERnP communication
+eidas.ms.auth.eIDAS.ernpclient.endpoint=http://localhost:1718/demoernp
+eidas.ms.auth.eIDAS.ernpclient.req.organisation.behoerdennr=jUnit123456
+eidas.ms.auth.eIDAS.ernpclient.ssl.keyStore.type=jks
+eidas.ms.auth.eIDAS.ernpclient.ssl.keyStore.path=../keystore/junit_test.jks
+eidas.ms.auth.eIDAS.ernpclient.ssl.keyStore.password=password
+eidas.ms.auth.eIDAS.ernpclient.ssl.key.alias=meta
+eidas.ms.auth.eIDAS.ernpclient.ssl.key.password=password
+
+
+
+#### SP End-Points #####
## PVP2 S-Profile end-point configuration
eidas.ms.pvp2.keystore.path=keys/.....
eidas.ms.pvp2.keystore.password=
@@ -114,4 +139,28 @@ eidas.ms.configuration.sp.disableRegistrationRequirement=
eidas.ms.configuration.restrictions.baseID.spTransmission=
eidas.ms.configuration.auth.default.countrycode=
eidas.ms.configuration.pvp.scheme.validation=
-eidas.ms.configuration.pvp.enable.entitycategories= \ No newline at end of file
+eidas.ms.configuration.pvp.enable.entitycategories=
+
+
+
+
+## PVP2 S-Profile ID Austria client configuration
+
+eidas.ms.modules.idaustriaclient.keystore.path=../keystore/junit_test.jks
+eidas.ms.modules.idaustriaclient.keystore.password=password
+eidas.ms.modules.idaustriaclient.keystore.type=jks
+
+eidas.ms.modules.idaustriaclient.metadata.sign.alias=meta
+eidas.ms.modules.idaustriaclient.metadata.sign.password=password
+eidas.ms.modules.idaustriaclient.request.sign.alias=sig
+eidas.ms.modules.idaustriaclient.request.sign.password=password
+eidas.ms.modules.idaustriaclient.response.encryption.alias=enc
+eidas.ms.modules.idaustriaclient.response.encryption.password=password
+
+eidas.ms.modules.idaustriaclient.truststore.path=../keystore/junit_test.jks
+eidas.ms.modules.idaustriaclient.truststore.password=password
+eidas.ms.modules.idaustriaclient.truststore.type=jks
+
+eidas.ms.modules.idaustriaclient.idaustria.idp.entityId=
+eidas.ms.modules.idaustriaclient.idaustria.idp.metadataUrl=
+
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1_springboot.properties b/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1_springboot.properties
new file mode 100644
index 00000000..22003513
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1_springboot.properties
@@ -0,0 +1,143 @@
+## embbeded Tomcat
+tomcat.workingdir=./target/work
+tomcat.ajp.enabled=true
+tomcat.ajp.port=8009
+tomcat.ajp.networkAddress=127.0.0.1
+tomcat.ajp.additionalAttributes.secretrequired=true
+tomcat.ajp.additionalAttributes.secret=junit
+
+## Basic service configuration
+eidas.ms.context.url.prefix=http://localhost
+eidas.ms.core.configRootDir=file:./src/test/resources/config/
+
+eidas.ms.context.use.clustermode=true
+
+##Monitoring
+eidas.ms.monitoring.eIDASNode.metadata.url=http://localhost:40900/mockup
+
+## extended validation of pending-request Id's
+eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret
+
+## eIDAS Ref. Implementation connector ###
+eidas.ms.auth.eIDAS.node_v2.forward.endpoint=http://eidas.node/junit
+
+eidas.ms.auth.eIDAS.szrclient.useTestService=true
+eidas.ms.auth.eIDAS.szrclient.endpoint.prod=
+eidas.ms.auth.eIDAS.szrclient.endpoint.test=http://localhost:1234/demoszr
+eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.type=jks
+eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.path=keys/junit.jks
+eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.password=password
+eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.path=
+eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.password=
+
+#tech. AuthBlock signing for E-ID process
+eidas.ms.auth.eIDAS.authblock.keystore.password=f/+saJBc3a}*/T^s
+eidas.ms.auth.eIDAS.authblock.keystore.friendlyName=connectorkeypair
+eidas.ms.auth.eIDAS.authblock.keystore.path=keys/teststore.jks
+eidas.ms.auth.eIDAS.authblock.keystore.type=jks
+eidas.ms.auth.eIDAS.authblock.key.alias=connectorkeypair
+eidas.ms.auth.eIDAS.authblock.key.password=f/+saJBc3a}*/T^s
+
+
+#Raw eIDAS Id data storage
+eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=true
+eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=false
+
+
+#### matching######
+# ZMR communication
+eidas.ms.auth.eIDAS.zmrclient.endpoint=http://localhost:1234/demoszr
+eidas.ms.auth.eIDAS.zmrclient.ssl.keyStore.type=jks
+eidas.ms.auth.eIDAS.zmrclient.ssl.keyStore.path=keys/junit.jks
+eidas.ms.auth.eIDAS.zmrclient.ssl.keyStore.password=password
+eidas.ms.auth.eIDAS.zmrclient.ssl.trustStore.path=
+eidas.ms.auth.eIDAS.zmrclient.ssl.trustStore.password=
+
+eidas.ms.auth.eIDAS.zmrclient.req.organisation.behoerdennr=jUnit123456
+eidas.ms.auth.eIDAS.zmrclient.req.update.reason.code=EIDAS-KITT
+eidas.ms.auth.eIDAS.zmrclient.req.update.reason.text=KITT for eIDAS Matching
+
+# ERnP communication
+eidas.ms.auth.eIDAS.ernpclient.endpoint=http://localhost:1718/demoernp
+eidas.ms.auth.eIDAS.ernpclient.req.organisation.behoerdennr=jUnit123456
+eidas.ms.auth.eIDAS.ernpclient.ssl.keyStore.type=jks
+eidas.ms.auth.eIDAS.ernpclient.ssl.keyStore.path=../keystore/junit_test.jks
+eidas.ms.auth.eIDAS.ernpclient.ssl.keyStore.password=password
+eidas.ms.auth.eIDAS.ernpclient.ssl.key.alias=meta
+eidas.ms.auth.eIDAS.ernpclient.ssl.key.password=password
+
+
+
+#### SP End-Points #####
+## PVP2 S-Profile end-point configuration
+eidas.ms.pvp2.keystore.type=jks
+eidas.ms.pvp2.keystore.path=keys/junit.jks
+eidas.ms.pvp2.keystore.password=password
+eidas.ms.pvp2.key.metadata.alias=meta
+eidas.ms.pvp2.key.metadata.password=password
+eidas.ms.pvp2.key.signing.alias=sig
+eidas.ms.pvp2.key.signing.password=password
+eidas.ms.pvp2.metadata.validity=24
+
+eidas.ms.pvp2.metadata.organisation.name=JUnit
+eidas.ms.pvp2.metadata.organisation.friendyname=For testing with jUnit
+eidas.ms.pvp2.metadata.organisation.url=http://junit.test
+eidas.ms.pvp2.metadata.contact.givenname=Max
+eidas.ms.pvp2.metadata.contact.surname=Mustermann
+eidas.ms.pvp2.metadata.contact.email=max@junit.test
+
+## Service Provider configuration
+eidas.ms.sp.0.uniqueID=https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata
+eidas.ms.sp.0.pvp2.metadata.truststore=keys/junit.jks
+eidas.ms.sp.0.pvp2.metadata.truststore.password=password
+eidas.ms.sp.0.friendlyName=jUnit test
+eidas.ms.sp.0.newEidMode=true
+
+#eidas.ms.sp.0.pvp2.metadata.url=
+#eidas.ms.sp.0.policy.allowed.requested.targets=.*
+#eidas.ms.sp.0.policy.hasBaseIdTransferRestriction=false
+
+## Service Provider configuration
+eidas.ms.sp.1.uniqueID=https://demo.egiz.gv.at/junit_test
+eidas.ms.sp.1.pvp2.metadata.truststore=keys/junit.jks
+eidas.ms.sp.1.pvp2.metadata.truststore.password=password
+eidas.ms.sp.1.friendlyName=jUnit test
+eidas.ms.sp.1.pvp2.metadata.url=http://junit.test/metadata
+eidas.ms.sp.1.policy.allowed.requested.targets=test
+eidas.ms.sp.1.policy.hasBaseIdTransferRestriction=true
+
+## PVP2 S-Profile client configuration
+#eidas.ms.modules.idaustriaclient.keystore.type=jks
+#eidas.ms.modules.idaustriaclient.keystore.path=keys/junit.jks1
+#eidas.ms.modules.idaustriaclient.keystore.password=password
+#eidas.ms.modules.idaustriaclient.key.metadata.alias=meta
+#eidas.ms.modules.idaustriaclient.key.metadata.password=password
+#eidas.ms.modules.idaustriaclient.key.signing.alias=sig
+#eidas.ms.modules.idaustriaclient.key.signing.password=password
+#eidas.ms.modules.idaustriaclient.metadata.validity=24
+
+eidas.ms.modules.idaustriaclient.keystore.path=keys/junit_test.jks
+eidas.ms.modules.idaustriaclient.keystore.password=password
+eidas.ms.modules.idaustriaclient.keystore.type=jks
+
+eidas.ms.modules.idaustriaclient.metadata.sign.alias=meta
+eidas.ms.modules.idaustriaclient.metadata.sign.password=password
+eidas.ms.modules.idaustriaclient.request.sign.alias=sig
+eidas.ms.modules.idaustriaclient.request.sign.password=password
+eidas.ms.modules.idaustriaclient.response.encryption.alias=enc
+eidas.ms.modules.idaustriaclient.response.encryption.password=password
+
+eidas.ms.modules.idaustriaclient.truststore.path=keys/junit_test.jks
+eidas.ms.modules.idaustriaclient.truststore.password=password
+eidas.ms.modules.idaustriaclient.truststore.type=jks
+
+eidas.ms.modules.idaustriaclient.idaustria.idp.entityId=
+eidas.ms.modules.idaustriaclient.idaustria.idp.metadataUrl=
+
+eidas.ms.modules.idaustriaclient.metadata.organisation.name=JUnit
+eidas.ms.modules.idaustriaclient.metadata.organisation.friendyname=For testing with jUnit
+eidas.ms.modules.idaustriaclient.metadata.organisation.url=http://junit.test
+eidas.ms.modules.idaustriaclient.metadata.contact.givenname=Max
+eidas.ms.modules.idaustriaclient.metadata.contact.surname=Mustermann
+eidas.ms.modules.idaustriaclient.metadata.contact.email=max@junit.test
+
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_2.properties b/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_2.properties
index 7c5e5a40..f07f86f6 100644
--- a/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_2.properties
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_2.properties
@@ -86,6 +86,13 @@ eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.4=LegalPerson,tr
eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.5=LegalName,true
+#### matching######
+# ZMR communication
+eidas.ms.auth.eIDAS.zmrclient.endpoint=http://localhost:1234/demoszr
+eidas.ms.auth.eIDAS.zmrclient.req.organisation.behoerdennr=jUnit123456
+eidas.ms.auth.eIDAS.zmrclient.req.update.reason.code=EIDAS-KITT
+
+
## PVP2 S-Profile end-point configuration
eidas.ms.pvp2.keystore.path=keys/.....
eidas.ms.pvp2.keystore.password=
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_3.properties b/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_3.properties
index c830d447..7b975752 100644
--- a/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_3.properties
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_3.properties
@@ -88,6 +88,13 @@ eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.4=LegalPerson,tr
eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.5=LegalName,true
+#### matching######
+# ZMR communication
+eidas.ms.auth.eIDAS.zmrclient.endpoint=http://localhost:1234/demoszr
+eidas.ms.auth.eIDAS.zmrclient.req.organisation.behoerdennr=jUnit123456
+eidas.ms.auth.eIDAS.zmrclient.req.update.reason.code=EIDAS-KITT
+
+
## PVP2 S-Profile end-point configuration
eidas.ms.pvp2.keystore.path=keys/.....
eidas.ms.pvp2.keystore.password=
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_4.properties b/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_4.properties
index 01e72069..7fda2871 100644
--- a/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_4.properties
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_4.properties
@@ -86,6 +86,13 @@ eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.4=LegalPerson,tr
eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.5=LegalName,true
+#### matching######
+# ZMR communication
+eidas.ms.auth.eIDAS.zmrclient.endpoint=http://localhost:1234/demoszr
+eidas.ms.auth.eIDAS.zmrclient.req.organisation.behoerdennr=jUnit123456
+eidas.ms.auth.eIDAS.zmrclient.req.update.reason.code=EIDAS-KITT
+
+
## PVP2 S-Profile end-point configuration
eidas.ms.pvp2.keystore.path=keys/.....
eidas.ms.pvp2.keystore.password=
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_de_attributes.properties b/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_de_attributes.properties
index 6b235667..0cdb4459 100644
--- a/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_de_attributes.properties
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_de_attributes.properties
@@ -88,6 +88,13 @@ eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.4=LegalPerson,tr
eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.5=LegalName,true
+#### matching######
+# ZMR communication
+eidas.ms.auth.eIDAS.zmrclient.endpoint=http://localhost:1234/demoszr
+eidas.ms.auth.eIDAS.zmrclient.req.organisation.behoerdennr=jUnit123456
+eidas.ms.auth.eIDAS.zmrclient.req.update.reason.code=EIDAS-KITT
+
+
## PVP2 S-Profile end-point configuration
eidas.ms.pvp2.keystore.path=keys/.....
eidas.ms.pvp2.keystore.password=
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/config/keys/junit_test.jks b/modules/authmodule-eIDAS-v2/src/test/resources/config/keys/junit_test.jks
new file mode 100644
index 00000000..ee6254a9
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/config/keys/junit_test.jks
Binary files differ
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/config/keys/teststore.jks b/modules/authmodule-eIDAS-v2/src/test/resources/config/keys/teststore.jks
new file mode 100644
index 00000000..fcc6400c
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/config/keys/teststore.jks
Binary files differ
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/Response_with_EID.xml b/modules/authmodule-eIDAS-v2/src/test/resources/data/Response_with_EID.xml
new file mode 100644
index 00000000..10701c29
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/Response_with_EID.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" Destination="https://localhost/authhandler/sp/idaustria/post" InResponseTo="_aeebfae3ce681fe3ddcaf213a42f01d3" IssueInstant="2014-03-05T06:39:51.017Z" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+ <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">classpath:/data/idp_metadata_classpath_entity.xml</saml2:Issuer>
+ <saml2p:Status>
+ <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+ </saml2p:Status>
+ <saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" ID="_602c3236bffaf71ac3ac88674e76ff9f" IssueInstant="2014-03-05T06:39:51.017Z" Version="2.0">
+ <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/demoportal_moaid-2.0/pvp/metadata</saml2:Issuer>
+ <saml2:Subject>
+ <saml2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" NameQualifier="urn:publicid:gv.at:cdid+BF">QVGm48cqcM4UcyhDTNGYmVdrIoY=</saml2:NameID>
+ <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+ <saml2:SubjectConfirmationData InResponseTo="_aeebfae3ce681fe3ddcaf213a42f01d3" NotOnOrAfter="2014-03-05T06:44:51.017Z" Recipient="https://localhost/authhandler/sp/idaustria/post"/>
+ </saml2:SubjectConfirmation>
+ </saml2:Subject>
+ <saml2:Conditions NotBefore="2014-03-05T06:39:51.017Z" NotOnOrAfter="2014-03-05T06:44:51.017Z">
+ <saml2:AudienceRestriction>
+ <saml2:Audience>https://localhost/authhandler/sp/idaustria/metadata</saml2:Audience>
+ </saml2:AudienceRestriction>
+ </saml2:Conditions>
+ <saml2:AuthnStatement AuthnInstant="2014-03-05T06:39:51.017Z" SessionIndex="_c0c683509a8ff6ac372a9cf9c5c5a406">
+ <saml2:AuthnContext>
+ <saml2:AuthnContextClassRef>http://eidas.europa.eu/LoA/high</saml2:AuthnContextClassRef>
+ </saml2:AuthnContext>
+ </saml2:AuthnStatement>
+ <saml2:AttributeStatement>
+ <saml2:Attribute FriendlyName="PRINCIPAL-NAME" Name="urn:oid:1.2.40.0.10.2.1.1.261.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">Mustermann</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="PVP-VERSION" Name="urn:oid:1.2.40.0.10.2.1.1.261.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">2.1</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="EID-CITIZEN-QAA-EIDAS-LEVEL" Name="urn:oid:1.2.40.0.10.2.1.1.261.108" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">http://eidas.europa.eu/LoA/low</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="EID-ISSUING-NATION" Name="urn:oid:1.2.40.0.10.2.1.1.261.32" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">IT</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="GIVEN-NAME" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">Max</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="BIRTHDATE" Name="urn:oid:1.2.40.0.10.2.1.1.55" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">1940-01-01</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="BPK" Name="urn:oid:1.2.40.0.10.2.1.1.149" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">BF:QVGm48cqcM4UcyhDTNGYmVdrIoY=</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="userAuthBlock" Name="urn:eidgvat:attributes.authblock.signed" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">MIIBbjCCARSgAwIBAgIEXh7TNzAKBggqhkjOPQQDAjA/MQswCQYDVQQGEwJBVDENMAsGA1UECgwERUdJWjEOMAwGA1UECwwFalVuaXQxETAPBgNVBAMMCG1ldGFkYXRhMB4XDTIwMDExNTA4NTQxNVoXDTMwMDExNDA4NTQxNVowPzELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVHSVoxDjAMBgNVBAsMBWpVbml0MREwDwYDVQQDDAhtZXRhZGF0YTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBdBkaxt31p++aZeP3SmlWITj9SYO4McV2ccXFsH4X4QMHuKAMUvjxPm1kdU01eTOWdiQX0GpDIBspYMZh8ZKcwwCgYIKoZIzj0EAwIDSAAwRQIhAJ3QKlk9cd90s+i8y62fvmGF6LtfNO+JvkWqDUBeQImnAiA2KwFtzO7STAp9MEwQGe0vt0F8mO1ttrLE+rr6YxdwGA==</saml2:AttributeValue>
+ </saml2:Attribute>
+ </saml2:AttributeStatement>
+ </saml2:Assertion>
+</saml2p:Response>
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/Response_with_EID_deprecated_bpk_encoding.xml b/modules/authmodule-eIDAS-v2/src/test/resources/data/Response_with_EID_deprecated_bpk_encoding.xml
new file mode 100644
index 00000000..92ace06c
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/Response_with_EID_deprecated_bpk_encoding.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" Destination="https://localhost/authhandler/sp/idaustria/post" InResponseTo="_aeebfae3ce681fe3ddcaf213a42f01d3" IssueInstant="2014-03-05T06:39:51.017Z" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+ <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">classpath:/data/idp_metadata_classpath_entity.xml</saml2:Issuer>
+ <saml2p:Status>
+ <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+ </saml2p:Status>
+ <saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" ID="_602c3236bffaf71ac3ac88674e76ff9f" IssueInstant="2014-03-05T06:39:51.017Z" Version="2.0">
+ <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/demoportal_moaid-2.0/pvp/metadata</saml2:Issuer>
+ <saml2:Subject>
+ <saml2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" NameQualifier="urn:publicid:gv.at:cdid+BF">QVGm48cqcM4UcyhDTNGYmVdrIoY=</saml2:NameID>
+ <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+ <saml2:SubjectConfirmationData InResponseTo="_aeebfae3ce681fe3ddcaf213a42f01d3" NotOnOrAfter="2014-03-05T06:44:51.017Z" Recipient="https://localhost/authhandler/sp/idaustria/post"/>
+ </saml2:SubjectConfirmation>
+ </saml2:Subject>
+ <saml2:Conditions NotBefore="2014-03-05T06:39:51.017Z" NotOnOrAfter="2014-03-05T06:44:51.017Z">
+ <saml2:AudienceRestriction>
+ <saml2:Audience>https://localhost/authhandler/sp/idaustria/metadata</saml2:Audience>
+ </saml2:AudienceRestriction>
+ </saml2:Conditions>
+ <saml2:AuthnStatement AuthnInstant="2014-03-05T06:39:51.017Z" SessionIndex="_c0c683509a8ff6ac372a9cf9c5c5a406">
+ <saml2:AuthnContext>
+ <saml2:AuthnContextClassRef>http://eidas.europa.eu/LoA/high</saml2:AuthnContextClassRef>
+ </saml2:AuthnContext>
+ </saml2:AuthnStatement>
+ <saml2:AttributeStatement>
+ <saml2:Attribute FriendlyName="PRINCIPAL-NAME" Name="urn:oid:1.2.40.0.10.2.1.1.261.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">Mustermann</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="PVP-VERSION" Name="urn:oid:1.2.40.0.10.2.1.1.261.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">2.1</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="EID-CITIZEN-QAA-EIDAS-LEVEL" Name="urn:oid:1.2.40.0.10.2.1.1.261.108" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">http://eidas.europa.eu/LoA/low</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="EID-ISSUING-NATION" Name="urn:oid:1.2.40.0.10.2.1.1.261.32" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">IT</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="GIVEN-NAME" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">Max</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="BIRTHDATE" Name="urn:oid:1.2.40.0.10.2.1.1.55" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">1940-01-01</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="BPK" Name="urn:oid:1.2.40.0.10.2.1.1.149" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">QVGm48cqcM4UcyhDTNGYmVdrIoY=</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="userAuthBlock" Name="urn:eidgvat:attributes.authblock.signed" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">MIIBbjCCARSgAwIBAgIEXh7TNzAKBggqhkjOPQQDAjA/MQswCQYDVQQGEwJBVDENMAsGA1UECgwERUdJWjEOMAwGA1UECwwFalVuaXQxETAPBgNVBAMMCG1ldGFkYXRhMB4XDTIwMDExNTA4NTQxNVoXDTMwMDExNDA4NTQxNVowPzELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVHSVoxDjAMBgNVBAsMBWpVbml0MREwDwYDVQQDDAhtZXRhZGF0YTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBdBkaxt31p++aZeP3SmlWITj9SYO4McV2ccXFsH4X4QMHuKAMUvjxPm1kdU01eTOWdiQX0GpDIBspYMZh8ZKcwwCgYIKoZIzj0EAwIDSAAwRQIhAJ3QKlk9cd90s+i8y62fvmGF6LtfNO+JvkWqDUBeQImnAiA2KwFtzO7STAp9MEwQGe0vt0F8mO1ttrLE+rr6YxdwGA==</saml2:AttributeValue>
+ </saml2:Attribute>
+ </saml2:AttributeStatement>
+ </saml2:Assertion>
+</saml2p:Response>
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/Response_with_wrong_destination_endpoint.xml b/modules/authmodule-eIDAS-v2/src/test/resources/data/Response_with_wrong_destination_endpoint.xml
new file mode 100644
index 00000000..c21381d9
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/Response_with_wrong_destination_endpoint.xml
@@ -0,0 +1,56 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"
+ Destination="https://localhost/authhandler/idAustriaSp1/post"
+ InResponseTo="_aeebfae3ce681fe3ddcaf213a42f01d3" IssueInstant="2014-03-05T06:39:51.017Z" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+ <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">classpath:/data/idp_metadata_classpath_entity.xml</saml2:Issuer>
+ <saml2p:Status>
+ <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+ </saml2p:Status>
+ <saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" ID="_602c3236bffaf71ac3ac88674e76ff9f" IssueInstant="2014-03-05T06:39:51.017Z" Version="2.0">
+ <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/demoportal_moaid-2.0/pvp/metadata</saml2:Issuer>
+ <saml2:Subject>
+ <saml2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" NameQualifier="urn:publicid:gv.at:cdid+BF">QVGm48cqcM4UcyhDTNGYmVdrIoY=</saml2:NameID>
+ <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+ <saml2:SubjectConfirmationData InResponseTo="_aeebfae3ce681fe3ddcaf213a42f01d3"
+ NotOnOrAfter="2014-03-05T06:44:51.017Z"
+ Recipient="https://localhost/authhandler/idAustriaSp1/post"/>
+ </saml2:SubjectConfirmation>
+ </saml2:Subject>
+ <saml2:Conditions NotBefore="2014-03-05T06:39:51.017Z" NotOnOrAfter="2014-03-05T06:44:51.017Z">
+ <saml2:AudienceRestriction>
+ <saml2:Audience>https://demo.egiz.gv.at/demoportal_demologin/</saml2:Audience>
+ </saml2:AudienceRestriction>
+ </saml2:Conditions>
+ <saml2:AuthnStatement AuthnInstant="2014-03-05T06:39:51.017Z" SessionIndex="_c0c683509a8ff6ac372a9cf9c5c5a406">
+ <saml2:AuthnContext>
+ <saml2:AuthnContextClassRef>http://www.stork.gov.eu/1.0/citizenQAALevel/4</saml2:AuthnContextClassRef>
+ </saml2:AuthnContext>
+ </saml2:AuthnStatement>
+ <saml2:AttributeStatement>
+ <saml2:Attribute FriendlyName="PVP-VERSION" Name="urn:oid:1.2.40.0.10.2.1.1.261.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">2.1</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="PRINCIPAL-NAME" Name="urn:oid:1.2.40.0.10.2.1.1.261.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">Mustermann</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="GIVEN-NAME" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">Max</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="BIRTHDATE" Name="urn:oid:1.2.40.0.10.2.1.1.55" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">1940-01-01</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="BPK" Name="urn:oid:1.2.40.0.10.2.1.1.149" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">BF:QVGm48cqcM4UcyhDTNGYmVdrIoY=</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="EID-CITIZEN-QAA-LEVEL" Name="urn:oid:1.2.40.0.10.2.1.1.261.94" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:integer">4</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="EID-ISSUING-NATION" Name="urn:oid:1.2.40.0.10.2.1.1.261.32" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">AT</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="EID-SECTOR-FOR-IDENTIFIER" Name="urn:oid:1.2.40.0.10.2.1.1.261.34" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">urn:publicid:gv.at:cdid+BF</saml2:AttributeValue>
+ </saml2:Attribute>
+ </saml2:AttributeStatement>
+ </saml2:Assertion>
+</saml2p:Response>
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/Response_without_sig_classpath_entityid.xml b/modules/authmodule-eIDAS-v2/src/test/resources/data/Response_without_sig_classpath_entityid.xml
new file mode 100644
index 00000000..1c3bd357
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/Response_without_sig_classpath_entityid.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" Destination="https://localhost/authhandler/sp/idaustria/post" InResponseTo="_aeebfae3ce681fe3ddcaf213a42f01d3" IssueInstant="2014-03-05T06:39:51.017Z" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+ <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">classpath:/data/idp_metadata_classpath_entity.xml</saml2:Issuer>
+ <saml2p:Status>
+ <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+ </saml2p:Status>
+ <saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" ID="_602c3236bffaf71ac3ac88674e76ff9f" IssueInstant="2014-03-05T06:39:51.017Z" Version="2.0">
+ <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/demoportal_moaid-2.0/pvp/metadata</saml2:Issuer>
+ <saml2:Subject>
+ <saml2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" NameQualifier="urn:publicid:gv.at:cdid+BF">QVGm48cqcM4UcyhDTNGYmVdrIoY=</saml2:NameID>
+ <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+ <saml2:SubjectConfirmationData InResponseTo="_aeebfae3ce681fe3ddcaf213a42f01d3" NotOnOrAfter="2014-03-05T06:44:51.017Z" Recipient="https://localhost/authhandler/sp/idaustria/post"/>
+ </saml2:SubjectConfirmation>
+ </saml2:Subject>
+ <saml2:Conditions NotBefore="2014-03-05T06:39:51.017Z" NotOnOrAfter="2014-03-05T06:44:51.017Z">
+ <saml2:AudienceRestriction>
+ <saml2:Audience>https://localhost/authhandler/sp/idaustria/metadata</saml2:Audience>
+ </saml2:AudienceRestriction>
+ </saml2:Conditions>
+ <saml2:AuthnStatement AuthnInstant="2014-03-05T06:39:51.017Z" SessionIndex="_c0c683509a8ff6ac372a9cf9c5c5a406">
+ <saml2:AuthnContext>
+ <saml2:AuthnContextClassRef>http://eidas.europa.eu/LoA/high</saml2:AuthnContextClassRef>
+ </saml2:AuthnContext>
+ </saml2:AuthnStatement>
+ <saml2:AttributeStatement>
+ <saml2:Attribute FriendlyName="PVP-VERSION" Name="urn:oid:1.2.40.0.10.2.1.1.261.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">2.1</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="PRINCIPAL-NAME" Name="urn:oid:1.2.40.0.10.2.1.1.261.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">Mustermann</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="GIVEN-NAME" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">Max</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="BIRTHDATE" Name="urn:oid:1.2.40.0.10.2.1.1.55" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">1940-01-01</saml2:AttributeValue>
+ </saml2:Attribute>
+
+ <saml2:Attribute FriendlyName="EID-CITIZEN-QAA- EIDAS-LEVEL" Name="urn:oid:1.2.40.0.10.2.1.1.261.108" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">http://eidas.europa.eu/LoA/high</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="EID-ISSUING-NATION" Name="urn:oid:1.2.40.0.10.2.1.1.261.32" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">IT</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="EID-SECTOR-FOR-IDENTIFIER" Name="urn:oid:1.2.40.0.10.2.1.1.261.34" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">urn:publicid:gv.at:cdid+BF</saml2:AttributeValue>
+ </saml2:Attribute>
+ </saml2:AttributeStatement>
+ </saml2:Assertion>
+</saml2p:Response>
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/Response_without_sig_with_error.xml b/modules/authmodule-eIDAS-v2/src/test/resources/data/Response_without_sig_with_error.xml
new file mode 100644
index 00000000..2d7020ac
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/Response_without_sig_with_error.xml
@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" Destination="https://localhost/authhandler/sp/idaustria/post" InResponseTo="_aeebfae3ce681fe3ddcaf213a42f01d3" IssueInstant="2014-03-05T06:39:51.017Z" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+ <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">classpath:/data/idp_metadata_classpath_entity.xml</saml2:Issuer>
+ <saml2p:Status>
+ <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Responder">
+ <saml2p:StatusCode Value="9199"/>
+ </saml2p:StatusCode>
+ <saml2p:StatusMessage>Der Anmeldevorgang wurde durch den Benutzer abgebrochen.</saml2p:StatusMessage>
+ </saml2p:Status>
+ <saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" ID="_602c3236bffaf71ac3ac88674e76ff9f" IssueInstant="2014-03-05T06:39:51.017Z" Version="2.0">
+ <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/demoportal_moaid-2.0/pvp/metadata</saml2:Issuer>
+ <saml2:Subject>
+ <saml2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" NameQualifier="urn:publicid:gv.at:cdid+BF">QVGm48cqcM4UcyhDTNGYmVdrIoY=</saml2:NameID>
+ <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+ <saml2:SubjectConfirmationData InResponseTo="_aeebfae3ce681fe3ddcaf213a42f01d3" NotOnOrAfter="2014-03-05T06:44:51.017Z" Recipient="https://localhost/authhandler/sp/idaustria/post"/>
+ </saml2:SubjectConfirmation>
+ </saml2:Subject>
+ <saml2:Conditions NotBefore="2014-03-05T06:39:51.017Z" NotOnOrAfter="2014-03-05T06:44:51.017Z">
+ <saml2:AudienceRestriction>
+ <saml2:Audience>https://localhost/authhandler/sp/idaustria/metadata</saml2:Audience>
+ </saml2:AudienceRestriction>
+ </saml2:Conditions>
+ <saml2:AuthnStatement AuthnInstant="2014-03-05T06:39:51.017Z" SessionIndex="_c0c683509a8ff6ac372a9cf9c5c5a406">
+ <saml2:AuthnContext>
+ <saml2:AuthnContextClassRef>http://eidas.europa.eu/LoA/high</saml2:AuthnContextClassRef>
+ </saml2:AuthnContext>
+ </saml2:AuthnStatement>
+ <saml2:AttributeStatement>
+ <saml2:Attribute FriendlyName="PVP-VERSION" Name="urn:oid:1.2.40.0.10.2.1.1.261.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">2.1</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="EID-CITIZEN-QAA-EIDAS-LEVEL" Name="urn:oid:1.2.40.0.10.2.1.1.261.108" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">http://eidas.europa.eu/LoA/low</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="EID-ISSUING-NATION" Name="urn:oid:1.2.40.0.10.2.1.1.261.32" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">IT</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="eidBind" Name="urn:eidgvat:attributes.eidbind" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">aabbccddeeffgghh</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="userConsent" Name="urn:eidgvat:attributes.consent.signed" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">MIIBbjCCARSgAwIBAgIEXh7TNzAKBggqhkjOPQQDAjA/MQswCQYDVQQGEwJBVDENMAsGA1UECgwERUdJWjEOMAwGA1UECwwFalVuaXQxETAPBgNVBAMMCG1ldGFkYXRhMB4XDTIwMDExNTA4NTQxNVoXDTMwMDExNDA4NTQxNVowPzELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVHSVoxDjAMBgNVBAsMBWpVbml0MREwDwYDVQQDDAhtZXRhZGF0YTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBdBkaxt31p++aZeP3SmlWITj9SYO4McV2ccXFsH4X4QMHuKAMUvjxPm1kdU01eTOWdiQX0GpDIBspYMZh8ZKcwwCgYIKoZIzj0EAwIDSAAwRQIhAJ3QKlk9cd90s+i8y62fvmGF6LtfNO+JvkWqDUBeQImnAiA2KwFtzO7STAp9MEwQGe0vt0F8mO1ttrLE+rr6YxdwGA==</saml2:AttributeValue>
+ </saml2:Attribute>
+ </saml2:AttributeStatement>
+ </saml2:Assertion>
+</saml2p:Response>
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/Response_without_sig_with_error_empty_subcode.xml b/modules/authmodule-eIDAS-v2/src/test/resources/data/Response_without_sig_with_error_empty_subcode.xml
new file mode 100644
index 00000000..36fd9c11
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/Response_without_sig_with_error_empty_subcode.xml
@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" Destination="https://localhost/authhandler/sp/idaustria/post" InResponseTo="_aeebfae3ce681fe3ddcaf213a42f01d3" IssueInstant="2014-03-05T06:39:51.017Z" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+ <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">classpath:/data/idp_metadata_classpath_entity.xml</saml2:Issuer>
+ <saml2p:Status>
+ <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Responder">
+ <saml2p:StatusCode Value=""/>
+ </saml2p:StatusCode>
+ <saml2p:StatusMessage>Der Anmeldevorgang wurde durch den Benutzer abgebrochen.</saml2p:StatusMessage>
+ </saml2p:Status>
+ <saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" ID="_602c3236bffaf71ac3ac88674e76ff9f" IssueInstant="2014-03-05T06:39:51.017Z" Version="2.0">
+ <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/demoportal_moaid-2.0/pvp/metadata</saml2:Issuer>
+ <saml2:Subject>
+ <saml2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" NameQualifier="urn:publicid:gv.at:cdid+BF">QVGm48cqcM4UcyhDTNGYmVdrIoY=</saml2:NameID>
+ <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+ <saml2:SubjectConfirmationData InResponseTo="_aeebfae3ce681fe3ddcaf213a42f01d3" NotOnOrAfter="2014-03-05T06:44:51.017Z" Recipient="https://localhost/authhandler/sp/idaustria/post"/>
+ </saml2:SubjectConfirmation>
+ </saml2:Subject>
+ <saml2:Conditions NotBefore="2014-03-05T06:39:51.017Z" NotOnOrAfter="2014-03-05T06:44:51.017Z">
+ <saml2:AudienceRestriction>
+ <saml2:Audience>https://localhost/authhandler/sp/idaustria/metadata</saml2:Audience>
+ </saml2:AudienceRestriction>
+ </saml2:Conditions>
+ <saml2:AuthnStatement AuthnInstant="2014-03-05T06:39:51.017Z" SessionIndex="_c0c683509a8ff6ac372a9cf9c5c5a406">
+ <saml2:AuthnContext>
+ <saml2:AuthnContextClassRef>http://eidas.europa.eu/LoA/high</saml2:AuthnContextClassRef>
+ </saml2:AuthnContext>
+ </saml2:AuthnStatement>
+ <saml2:AttributeStatement>
+ <saml2:Attribute FriendlyName="PVP-VERSION" Name="urn:oid:1.2.40.0.10.2.1.1.261.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">2.1</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="EID-CITIZEN-QAA-EIDAS-LEVEL" Name="urn:oid:1.2.40.0.10.2.1.1.261.108" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">http://eidas.europa.eu/LoA/low</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="EID-ISSUING-NATION" Name="urn:oid:1.2.40.0.10.2.1.1.261.32" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">IT</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="eidBind" Name="urn:eidgvat:attributes.eidbind" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">aabbccddeeffgghh</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="userConsent" Name="urn:eidgvat:attributes.consent.signed" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">MIIBbjCCARSgAwIBAgIEXh7TNzAKBggqhkjOPQQDAjA/MQswCQYDVQQGEwJBVDENMAsGA1UECgwERUdJWjEOMAwGA1UECwwFalVuaXQxETAPBgNVBAMMCG1ldGFkYXRhMB4XDTIwMDExNTA4NTQxNVoXDTMwMDExNDA4NTQxNVowPzELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVHSVoxDjAMBgNVBAsMBWpVbml0MREwDwYDVQQDDAhtZXRhZGF0YTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBdBkaxt31p++aZeP3SmlWITj9SYO4McV2ccXFsH4X4QMHuKAMUvjxPm1kdU01eTOWdiQX0GpDIBspYMZh8ZKcwwCgYIKoZIzj0EAwIDSAAwRQIhAJ3QKlk9cd90s+i8y62fvmGF6LtfNO+JvkWqDUBeQImnAiA2KwFtzO7STAp9MEwQGe0vt0F8mO1ttrLE+rr6YxdwGA==</saml2:AttributeValue>
+ </saml2:Attribute>
+ </saml2:AttributeStatement>
+ </saml2:Assertion>
+</saml2p:Response>
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/Response_without_sig_with_error_userstop.xml b/modules/authmodule-eIDAS-v2/src/test/resources/data/Response_without_sig_with_error_userstop.xml
new file mode 100644
index 00000000..989d3053
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/Response_without_sig_with_error_userstop.xml
@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" Destination="https://localhost/authhandler/sp/idaustria/post" InResponseTo="_aeebfae3ce681fe3ddcaf213a42f01d3" IssueInstant="2014-03-05T06:39:51.017Z" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+ <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">classpath:/data/idp_metadata_classpath_entity.xml</saml2:Issuer>
+ <saml2p:Status>
+ <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Responder">
+ <saml2p:StatusCode Value="1005"/>
+ </saml2p:StatusCode>
+ <saml2p:StatusMessage>Der Anmeldevorgang wurde durch den Benutzer abgebrochen.</saml2p:StatusMessage>
+ </saml2p:Status>
+ <saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" ID="_602c3236bffaf71ac3ac88674e76ff9f" IssueInstant="2014-03-05T06:39:51.017Z" Version="2.0">
+ <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/demoportal_moaid-2.0/pvp/metadata</saml2:Issuer>
+ <saml2:Subject>
+ <saml2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" NameQualifier="urn:publicid:gv.at:cdid+BF">QVGm48cqcM4UcyhDTNGYmVdrIoY=</saml2:NameID>
+ <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+ <saml2:SubjectConfirmationData InResponseTo="_aeebfae3ce681fe3ddcaf213a42f01d3" NotOnOrAfter="2014-03-05T06:44:51.017Z" Recipient="https://localhost/authhandler/sp/idaustria/post"/>
+ </saml2:SubjectConfirmation>
+ </saml2:Subject>
+ <saml2:Conditions NotBefore="2014-03-05T06:39:51.017Z" NotOnOrAfter="2014-03-05T06:44:51.017Z">
+ <saml2:AudienceRestriction>
+ <saml2:Audience>https://localhost/authhandler/sp/idaustria/metadata</saml2:Audience>
+ </saml2:AudienceRestriction>
+ </saml2:Conditions>
+ <saml2:AuthnStatement AuthnInstant="2014-03-05T06:39:51.017Z" SessionIndex="_c0c683509a8ff6ac372a9cf9c5c5a406">
+ <saml2:AuthnContext>
+ <saml2:AuthnContextClassRef>http://eidas.europa.eu/LoA/high</saml2:AuthnContextClassRef>
+ </saml2:AuthnContext>
+ </saml2:AuthnStatement>
+ <saml2:AttributeStatement>
+ <saml2:Attribute FriendlyName="PVP-VERSION" Name="urn:oid:1.2.40.0.10.2.1.1.261.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">2.1</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="EID-CITIZEN-QAA-EIDAS-LEVEL" Name="urn:oid:1.2.40.0.10.2.1.1.261.108" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">http://eidas.europa.eu/LoA/low</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="EID-ISSUING-NATION" Name="urn:oid:1.2.40.0.10.2.1.1.261.32" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">IT</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="eidBind" Name="urn:eidgvat:attributes.eidbind" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">aabbccddeeffgghh</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="userConsent" Name="urn:eidgvat:attributes.consent.signed" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">MIIBbjCCARSgAwIBAgIEXh7TNzAKBggqhkjOPQQDAjA/MQswCQYDVQQGEwJBVDENMAsGA1UECgwERUdJWjEOMAwGA1UECwwFalVuaXQxETAPBgNVBAMMCG1ldGFkYXRhMB4XDTIwMDExNTA4NTQxNVoXDTMwMDExNDA4NTQxNVowPzELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVHSVoxDjAMBgNVBAsMBWpVbml0MREwDwYDVQQDDAhtZXRhZGF0YTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBdBkaxt31p++aZeP3SmlWITj9SYO4McV2ccXFsH4X4QMHuKAMUvjxPm1kdU01eTOWdiQX0GpDIBspYMZh8ZKcwwCgYIKoZIzj0EAwIDSAAwRQIhAJ3QKlk9cd90s+i8y62fvmGF6LtfNO+JvkWqDUBeQImnAiA2KwFtzO7STAp9MEwQGe0vt0F8mO1ttrLE+rr6YxdwGA==</saml2:AttributeValue>
+ </saml2:Attribute>
+ </saml2:AttributeStatement>
+ </saml2:Assertion>
+</saml2p:Response>
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/Response_without_sig_with_error_without_subcode.xml b/modules/authmodule-eIDAS-v2/src/test/resources/data/Response_without_sig_with_error_without_subcode.xml
new file mode 100644
index 00000000..c85cb655
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/Response_without_sig_with_error_without_subcode.xml
@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" Destination="https://localhost/authhandler/sp/idaustria/post" InResponseTo="_aeebfae3ce681fe3ddcaf213a42f01d3" IssueInstant="2014-03-05T06:39:51.017Z" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+ <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">classpath:/data/idp_metadata_classpath_entity.xml</saml2:Issuer>
+ <saml2p:Status>
+ <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Responder">
+ </saml2p:StatusCode>
+ <saml2p:StatusMessage>Der Anmeldevorgang wurde durch den Benutzer abgebrochen.</saml2p:StatusMessage>
+ </saml2p:Status>
+ <saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" ID="_602c3236bffaf71ac3ac88674e76ff9f" IssueInstant="2014-03-05T06:39:51.017Z" Version="2.0">
+ <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/demoportal_moaid-2.0/pvp/metadata</saml2:Issuer>
+ <saml2:Subject>
+ <saml2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" NameQualifier="urn:publicid:gv.at:cdid+BF">QVGm48cqcM4UcyhDTNGYmVdrIoY=</saml2:NameID>
+ <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+ <saml2:SubjectConfirmationData InResponseTo="_aeebfae3ce681fe3ddcaf213a42f01d3" NotOnOrAfter="2014-03-05T06:44:51.017Z" Recipient="https://localhost/authhandler/sp/idaustria/post"/>
+ </saml2:SubjectConfirmation>
+ </saml2:Subject>
+ <saml2:Conditions NotBefore="2014-03-05T06:39:51.017Z" NotOnOrAfter="2014-03-05T06:44:51.017Z">
+ <saml2:AudienceRestriction>
+ <saml2:Audience>https://localhost/authhandler/sp/idaustria/metadata</saml2:Audience>
+ </saml2:AudienceRestriction>
+ </saml2:Conditions>
+ <saml2:AuthnStatement AuthnInstant="2014-03-05T06:39:51.017Z" SessionIndex="_c0c683509a8ff6ac372a9cf9c5c5a406">
+ <saml2:AuthnContext>
+ <saml2:AuthnContextClassRef>http://eidas.europa.eu/LoA/high</saml2:AuthnContextClassRef>
+ </saml2:AuthnContext>
+ </saml2:AuthnStatement>
+ <saml2:AttributeStatement>
+ <saml2:Attribute FriendlyName="PVP-VERSION" Name="urn:oid:1.2.40.0.10.2.1.1.261.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">2.1</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="EID-CITIZEN-QAA-EIDAS-LEVEL" Name="urn:oid:1.2.40.0.10.2.1.1.261.108" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">http://eidas.europa.eu/LoA/low</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="EID-ISSUING-NATION" Name="urn:oid:1.2.40.0.10.2.1.1.261.32" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">IT</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="eidBind" Name="urn:eidgvat:attributes.eidbind" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">aabbccddeeffgghh</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="userConsent" Name="urn:eidgvat:attributes.consent.signed" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">MIIBbjCCARSgAwIBAgIEXh7TNzAKBggqhkjOPQQDAjA/MQswCQYDVQQGEwJBVDENMAsGA1UECgwERUdJWjEOMAwGA1UECwwFalVuaXQxETAPBgNVBAMMCG1ldGFkYXRhMB4XDTIwMDExNTA4NTQxNVoXDTMwMDExNDA4NTQxNVowPzELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVHSVoxDjAMBgNVBAsMBWpVbml0MREwDwYDVQQDDAhtZXRhZGF0YTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBdBkaxt31p++aZeP3SmlWITj9SYO4McV2ccXFsH4X4QMHuKAMUvjxPm1kdU01eTOWdiQX0GpDIBspYMZh8ZKcwwCgYIKoZIzj0EAwIDSAAwRQIhAJ3QKlk9cd90s+i8y62fvmGF6LtfNO+JvkWqDUBeQImnAiA2KwFtzO7STAp9MEwQGe0vt0F8mO1ttrLE+rr6YxdwGA==</saml2:AttributeValue>
+ </saml2:Attribute>
+ </saml2:AttributeStatement>
+ </saml2:Assertion>
+</saml2p:Response>
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_add_req.json b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_add_req.json
new file mode 100644
index 00000000..4f823c60
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_add_req.json
@@ -0,0 +1,30 @@
+{
+ "begruendung": "Add new person",
+ "personendaten": {
+ "familienname": "CtKKrtUe",
+ "vorname": "dUeYzUFg",
+ "geburtsdatum": {
+ "jahr": 1985,
+ "monat": 5,
+ "tag": 5
+ }
+ },
+ "anschrift": null,
+ "eidas": [
+ {
+ "art": "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier",
+ "wert": "Y8ADWaeh0h",
+ "staatscode2": "DE"
+ },
+ {
+ "art": "http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth",
+ "wert": "hrFevCfP",
+ "staatscode2": "DE"
+ },
+ {
+ "art": "http://eidas.europa.eu/attributes/naturalperson/BirthName",
+ "wert": "sNUEAhEr",
+ "staatscode2": "DE"
+ }
+ ]
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_add_resp.json b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_add_resp.json
new file mode 100644
index 00000000..139483cf
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_add_resp.json
@@ -0,0 +1,60 @@
+{
+ "person": {
+ "type": "Person",
+ "eidas": [
+ {
+ "ablaufDatum": "9999-12-31T00:00:00.000+01:00",
+ "art": "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier",
+ "ausstellDatum": "9999-12-31T00:00:00.000+01:00",
+ "entityId": "1933000000000486",
+ "gueltigAb": "2022-03-03T11:07:28.885+01:00",
+ "staatscode2": "DE",
+ "wert": "Y8ADWaeh0h"
+ },
+ {
+ "ablaufDatum": "9999-12-31T00:00:00.000+01:00",
+ "art": "http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth",
+ "ausstellDatum": "9999-12-31T00:00:00.000+01:00",
+ "entityId": "1933000000000488",
+ "gueltigAb": "2022-03-03T11:07:28.885+01:00",
+ "staatscode2": "DE",
+ "wert": "hrFevCfP"
+ },
+ {
+ "ablaufDatum": "9999-12-31T00:00:00.000+01:00",
+ "art": "http://eidas.europa.eu/attributes/naturalperson/BirthName",
+ "ausstellDatum": "9999-12-31T00:00:00.000+01:00",
+ "entityId": "1933000000000490",
+ "gueltigAb": "2022-03-03T11:07:28.885+01:00",
+ "staatscode2": "DE",
+ "wert": "sNUEAhEr"
+ }
+ ],
+ "entityId": "1933000000000475",
+ "gueltigAb": "2022-03-03T11:07:28.885+01:00",
+ "letzteOperation": {
+ "begruendung": "Add new person",
+ "durchgefuehrtVon": {
+ "behoerdenkennzeichen": "380630",
+ "benutzer": "eidtapp@bmi.gv.at"
+ },
+ "vorgang": "PersonAnlegen",
+ "zeitpunkt": "2022-03-03T11:07:28.885+01:00"
+ },
+ "personendaten": {
+ "basiszahl": "000482591530",
+ "bpkZp": "+OQnljn0Son1W2rkM73nP/VMsvc=",
+ "entityId": "1933000000000475",
+ "familienname": "CtKKrtUe",
+ "geburtsdatum": {
+ "jahr": 1985,
+ "monat": 5,
+ "tag": 5
+ },
+ "geprueft": false,
+ "gueltigAb": "2022-03-03T11:07:28.885+01:00",
+ "vorname": "dUeYzUFg"
+ },
+ "version": "2022-03-03T11:07:28.885+01:00"
+ }
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_kitt_search_latest_req.json b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_kitt_search_latest_req.json
new file mode 100644
index 00000000..2538ebac
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_kitt_search_latest_req.json
@@ -0,0 +1,19 @@
+{
+ "begruendung": "KITT get-latest-version",
+ "suchoptionen": {
+ "historisch": "AktuellUndHistorisch",
+ "sucheMitNamensteilen": false,
+ "suchwizard": false,
+ "zmr": false
+ },
+ "suchdaten": {
+ "bpkZp": "+OQnljn0Son1W2rkM73nP/VMsvc=",
+ "familienname": "CtKKrtUe",
+ "vorname": "dUeYzUFg",
+ "geburtsdatum": {
+ "jahr": 1985,
+ "monat": 5,
+ "tag": 5
+ }
+ }
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_kitt_search_latest_resp.json b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_kitt_search_latest_resp.json
new file mode 100644
index 00000000..588153cd
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_kitt_search_latest_resp.json
@@ -0,0 +1,62 @@
+{
+ "person": [
+ {
+ "type": "Person",
+ "eidas": [
+ {
+ "ablaufDatum": "9999-12-31T00:00:00.000+01:00",
+ "art": "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier",
+ "ausstellDatum": "9999-12-31T00:00:00.000+01:00",
+ "entityId": "1933000000000486",
+ "gueltigAb": "2022-03-03T11:07:28.885+01:00",
+ "staatscode2": "DE",
+ "wert": "Y8ADWaeh0h"
+ },
+ {
+ "ablaufDatum": "9999-12-31T00:00:00.000+01:00",
+ "art": "http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth",
+ "ausstellDatum": "9999-12-31T00:00:00.000+01:00",
+ "entityId": "1933000000000488",
+ "gueltigAb": "2022-03-03T11:07:28.885+01:00",
+ "staatscode2": "DE",
+ "wert": "hrFevCfP"
+ },
+ {
+ "ablaufDatum": "9999-12-31T00:00:00.000+01:00",
+ "art": "http://eidas.europa.eu/attributes/naturalperson/BirthName",
+ "ausstellDatum": "9999-12-31T00:00:00.000+01:00",
+ "entityId": "1933000000000490",
+ "gueltigAb": "2022-03-03T11:07:28.885+01:00",
+ "staatscode2": "DE",
+ "wert": "sNUEAhEr"
+ }
+ ],
+ "entityId": "1933000000000475",
+ "gueltigAb": "2022-03-03T11:07:28.885+01:00",
+ "letzteOperation": {
+ "begruendung": "Add new person",
+ "durchgefuehrtVon": {
+ "behoerdenkennzeichen": "380630",
+ "benutzer": "eidtapp@bmi.gv.at"
+ },
+ "vorgang": "PersonAnlegen",
+ "zeitpunkt": "2022-03-03T11:07:28.885+01:00"
+ },
+ "personendaten": {
+ "basiszahl": "000482591530",
+ "bpkZp": "+OQnljn0Son1W2rkM73nP/VMsvc=",
+ "entityId": "1933000000000475",
+ "familienname": "CtKKrtUe",
+ "geburtsdatum": {
+ "jahr": 1985,
+ "monat": 5,
+ "tag": 5
+ },
+ "geprueft": false,
+ "gueltigAb": "2022-03-03T11:07:28.885+01:00",
+ "vorname": "dUeYzUFg"
+ },
+ "version": "2022-03-03T11:07:28.885+01:00"
+ }
+ ]
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_kitt_update_req.json b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_kitt_update_req.json
new file mode 100644
index 00000000..194fba1d
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_kitt_update_req.json
@@ -0,0 +1,17 @@
+{
+ "begruendung": "KITT update dataset",
+ "aendern": {
+ "personendaten": {
+ "entityId": "1933000000000475",
+ "familienname": "mVzTMpig6r",
+ "vorname": "Jb2vj1Xpql",
+ "geburtsdatum": {
+ "jahr": 1985,
+ "monat": 5,
+ "tag": 5
+ }
+ }
+ },
+ "entityId": "1933000000000475",
+ "version": "2022-03-03T10:07:28.885Z"
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_kitt_update_resp.json b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_kitt_update_resp.json
new file mode 100644
index 00000000..7fe9210a
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_kitt_update_resp.json
@@ -0,0 +1,60 @@
+{
+ "person": {
+ "type": "Person",
+ "eidas": [
+ {
+ "ablaufDatum": "9999-12-31T00:00:00.000+01:00",
+ "art": "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier",
+ "ausstellDatum": "9999-12-31T00:00:00.000+01:00",
+ "entityId": "1933000000000486",
+ "gueltigAb": "2022-03-03T11:07:28.885+01:00",
+ "staatscode2": "DE",
+ "wert": "Y8ADWaeh0h"
+ },
+ {
+ "ablaufDatum": "9999-12-31T00:00:00.000+01:00",
+ "art": "http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth",
+ "ausstellDatum": "9999-12-31T00:00:00.000+01:00",
+ "entityId": "1933000000000488",
+ "gueltigAb": "2022-03-03T11:07:28.885+01:00",
+ "staatscode2": "DE",
+ "wert": "hrFevCfP"
+ },
+ {
+ "ablaufDatum": "9999-12-31T00:00:00.000+01:00",
+ "art": "http://eidas.europa.eu/attributes/naturalperson/BirthName",
+ "ausstellDatum": "9999-12-31T00:00:00.000+01:00",
+ "entityId": "1933000000000490",
+ "gueltigAb": "2022-03-03T11:07:28.885+01:00",
+ "staatscode2": "DE",
+ "wert": "sNUEAhEr"
+ }
+ ],
+ "entityId": "1933000000000475",
+ "gueltigAb": "2022-03-03T11:07:29.751+01:00",
+ "letzteOperation": {
+ "begruendung": "KITT update dataset",
+ "durchgefuehrtVon": {
+ "behoerdenkennzeichen": "380630",
+ "benutzer": "eidtapp@bmi.gv.at"
+ },
+ "vorgang": "PersonAendern",
+ "zeitpunkt": "2022-03-03T11:07:29.751+01:00"
+ },
+ "personendaten": {
+ "basiszahl": "000482591530",
+ "bpkZp": "+OQnljn0Son1W2rkM73nP/VMsvc=",
+ "entityId": "1933000000000475",
+ "familienname": "mVzTMpig6r",
+ "geburtsdatum": {
+ "jahr": 1985,
+ "monat": 5,
+ "tag": 5
+ },
+ "geprueft": false,
+ "gueltigAb": "2022-03-03T11:07:29.751+01:00",
+ "vorname": "Jb2vj1Xpql"
+ },
+ "version": "2022-03-03T11:07:29.751+01:00"
+ }
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_search_with_personalId_req.json b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_search_with_personalId_req.json
new file mode 100644
index 00000000..d7344f08
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_search_with_personalId_req.json
@@ -0,0 +1,20 @@
+{
+ "begruendung": "Searching PersonIdentifier",
+ "suchoptionen": {
+ "historisch": "AktuellUndHistorisch",
+ "sucheMitNamensteilen": false,
+ "suchwizard": false,
+ "zmr": false
+ },
+ "suchdaten": {
+ "familienname": null,
+ "vorname": null,
+ "eidas": [
+ {
+ "art": "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier",
+ "wert": "Y8ADWaeh0h",
+ "staatscode2": "DE"
+ }
+ ]
+ }
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_search_with_personalId_resp.json b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_search_with_personalId_resp.json
new file mode 100644
index 00000000..588153cd
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/1_search_with_personalId_resp.json
@@ -0,0 +1,62 @@
+{
+ "person": [
+ {
+ "type": "Person",
+ "eidas": [
+ {
+ "ablaufDatum": "9999-12-31T00:00:00.000+01:00",
+ "art": "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier",
+ "ausstellDatum": "9999-12-31T00:00:00.000+01:00",
+ "entityId": "1933000000000486",
+ "gueltigAb": "2022-03-03T11:07:28.885+01:00",
+ "staatscode2": "DE",
+ "wert": "Y8ADWaeh0h"
+ },
+ {
+ "ablaufDatum": "9999-12-31T00:00:00.000+01:00",
+ "art": "http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth",
+ "ausstellDatum": "9999-12-31T00:00:00.000+01:00",
+ "entityId": "1933000000000488",
+ "gueltigAb": "2022-03-03T11:07:28.885+01:00",
+ "staatscode2": "DE",
+ "wert": "hrFevCfP"
+ },
+ {
+ "ablaufDatum": "9999-12-31T00:00:00.000+01:00",
+ "art": "http://eidas.europa.eu/attributes/naturalperson/BirthName",
+ "ausstellDatum": "9999-12-31T00:00:00.000+01:00",
+ "entityId": "1933000000000490",
+ "gueltigAb": "2022-03-03T11:07:28.885+01:00",
+ "staatscode2": "DE",
+ "wert": "sNUEAhEr"
+ }
+ ],
+ "entityId": "1933000000000475",
+ "gueltigAb": "2022-03-03T11:07:28.885+01:00",
+ "letzteOperation": {
+ "begruendung": "Add new person",
+ "durchgefuehrtVon": {
+ "behoerdenkennzeichen": "380630",
+ "benutzer": "eidtapp@bmi.gv.at"
+ },
+ "vorgang": "PersonAnlegen",
+ "zeitpunkt": "2022-03-03T11:07:28.885+01:00"
+ },
+ "personendaten": {
+ "basiszahl": "000482591530",
+ "bpkZp": "+OQnljn0Son1W2rkM73nP/VMsvc=",
+ "entityId": "1933000000000475",
+ "familienname": "CtKKrtUe",
+ "geburtsdatum": {
+ "jahr": 1985,
+ "monat": 5,
+ "tag": 5
+ },
+ "geprueft": false,
+ "gueltigAb": "2022-03-03T11:07:28.885+01:00",
+ "vorname": "dUeYzUFg"
+ },
+ "version": "2022-03-03T11:07:28.885+01:00"
+ }
+ ]
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/2_add_req.json b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/2_add_req.json
new file mode 100644
index 00000000..35e52c10
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/2_add_req.json
@@ -0,0 +1,30 @@
+{
+ "begruendung": "Add new person",
+ "personendaten": {
+ "familienname": "mRjMKAQc",
+ "vorname": "vdqZZIaA",
+ "geburtsdatum": {
+ "jahr": 1996,
+ "monat": 1,
+ "tag": 1
+ }
+ },
+ "anschrift": null,
+ "eidas": [
+ {
+ "art": "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier",
+ "wert": "88hvWzUaIX",
+ "staatscode2": "DE"
+ },
+ {
+ "art": "http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth",
+ "wert": "VRNCAylF",
+ "staatscode2": "DE"
+ },
+ {
+ "art": "http://eidas.europa.eu/attributes/naturalperson/BirthName",
+ "wert": "miEklFHC",
+ "staatscode2": "DE"
+ }
+ ]
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/2_add_resp.json b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/2_add_resp.json
new file mode 100644
index 00000000..7f85a143
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/2_add_resp.json
@@ -0,0 +1,60 @@
+{
+ "person": {
+ "type": "Person",
+ "eidas": [
+ {
+ "ablaufDatum": "9999-12-31T00:00:00.000+01:00",
+ "art": "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier",
+ "ausstellDatum": "9999-12-31T00:00:00.000+01:00",
+ "entityId": "1933000000000509",
+ "gueltigAb": "2022-03-03T11:14:59.712+01:00",
+ "staatscode2": "DE",
+ "wert": "88hvWzUaIX"
+ },
+ {
+ "ablaufDatum": "9999-12-31T00:00:00.000+01:00",
+ "art": "http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth",
+ "ausstellDatum": "9999-12-31T00:00:00.000+01:00",
+ "entityId": "1933000000000511",
+ "gueltigAb": "2022-03-03T11:14:59.712+01:00",
+ "staatscode2": "DE",
+ "wert": "VRNCAylF"
+ },
+ {
+ "ablaufDatum": "9999-12-31T00:00:00.000+01:00",
+ "art": "http://eidas.europa.eu/attributes/naturalperson/BirthName",
+ "ausstellDatum": "9999-12-31T00:00:00.000+01:00",
+ "entityId": "1933000000000513",
+ "gueltigAb": "2022-03-03T11:14:59.712+01:00",
+ "staatscode2": "DE",
+ "wert": "miEklFHC"
+ }
+ ],
+ "entityId": "1933000000000498",
+ "gueltigAb": "2022-03-03T11:14:59.712+01:00",
+ "letzteOperation": {
+ "begruendung": "Add new person",
+ "durchgefuehrtVon": {
+ "behoerdenkennzeichen": "380630",
+ "benutzer": "eidtapp@bmi.gv.at"
+ },
+ "vorgang": "PersonAnlegen",
+ "zeitpunkt": "2022-03-03T11:14:59.712+01:00"
+ },
+ "personendaten": {
+ "basiszahl": "000951265372",
+ "bpkZp": "TBGoMlirU881e2jMGETa9WLx1+A=",
+ "entityId": "1933000000000498",
+ "familienname": "mRjMKAQc",
+ "geburtsdatum": {
+ "jahr": 1996,
+ "monat": 1,
+ "tag": 1
+ },
+ "geprueft": false,
+ "gueltigAb": "2022-03-03T11:14:59.712+01:00",
+ "vorname": "vdqZZIaA"
+ },
+ "version": "2022-03-03T11:14:59.712+01:00"
+ }
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/2_kitt_search_latest_req.json b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/2_kitt_search_latest_req.json
new file mode 100644
index 00000000..d3dd0658
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/2_kitt_search_latest_req.json
@@ -0,0 +1,19 @@
+{
+ "begruendung": "KITT get-latest-version",
+ "suchoptionen": {
+ "historisch": "AktuellUndHistorisch",
+ "sucheMitNamensteilen": false,
+ "suchwizard": false,
+ "zmr": false
+ },
+ "suchdaten": {
+ "bpkZp": "TBGoMlirU881e2jMGETa9WLx1+A=",
+ "familienname": "mRjMKAQc",
+ "vorname": "vdqZZIaA",
+ "geburtsdatum": {
+ "jahr": 1996,
+ "monat": 1,
+ "tag": 1
+ }
+ }
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/2_kitt_search_latest_resp.json b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/2_kitt_search_latest_resp.json
new file mode 100644
index 00000000..24009e64
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/2_kitt_search_latest_resp.json
@@ -0,0 +1,62 @@
+{
+ "person": [
+ {
+ "type": "Person",
+ "eidas": [
+ {
+ "ablaufDatum": "9999-12-31T00:00:00.000+01:00",
+ "art": "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier",
+ "ausstellDatum": "9999-12-31T00:00:00.000+01:00",
+ "entityId": "1933000000000509",
+ "gueltigAb": "2022-03-03T11:14:59.712+01:00",
+ "staatscode2": "DE",
+ "wert": "88hvWzUaIX"
+ },
+ {
+ "ablaufDatum": "9999-12-31T00:00:00.000+01:00",
+ "art": "http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth",
+ "ausstellDatum": "9999-12-31T00:00:00.000+01:00",
+ "entityId": "1933000000000511",
+ "gueltigAb": "2022-03-03T11:14:59.712+01:00",
+ "staatscode2": "DE",
+ "wert": "VRNCAylF"
+ },
+ {
+ "ablaufDatum": "9999-12-31T00:00:00.000+01:00",
+ "art": "http://eidas.europa.eu/attributes/naturalperson/BirthName",
+ "ausstellDatum": "9999-12-31T00:00:00.000+01:00",
+ "entityId": "1933000000000513",
+ "gueltigAb": "2022-03-03T11:14:59.712+01:00",
+ "staatscode2": "DE",
+ "wert": "miEklFHC"
+ }
+ ],
+ "entityId": "1933000000000498",
+ "gueltigAb": "2022-03-03T11:14:59.712+01:00",
+ "letzteOperation": {
+ "begruendung": "Add new person",
+ "durchgefuehrtVon": {
+ "behoerdenkennzeichen": "380630",
+ "benutzer": "eidtapp@bmi.gv.at"
+ },
+ "vorgang": "PersonAnlegen",
+ "zeitpunkt": "2022-03-03T11:14:59.712+01:00"
+ },
+ "personendaten": {
+ "basiszahl": "000951265372",
+ "bpkZp": "TBGoMlirU881e2jMGETa9WLx1+A=",
+ "entityId": "1933000000000498",
+ "familienname": "mRjMKAQc",
+ "geburtsdatum": {
+ "jahr": 1996,
+ "monat": 1,
+ "tag": 1
+ },
+ "geprueft": false,
+ "gueltigAb": "2022-03-03T11:14:59.712+01:00",
+ "vorname": "vdqZZIaA"
+ },
+ "version": "2022-03-03T11:14:59.712+01:00"
+ }
+ ]
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/2_kitt_update_req.json b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/2_kitt_update_req.json
new file mode 100644
index 00000000..0e4a9b21
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/2_kitt_update_req.json
@@ -0,0 +1,14 @@
+{
+ "begruendung": "KITT update dataset",
+ "anlegen": {
+ "eidas": [
+ {
+ "art": "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier",
+ "wert": "nj1m79jm9z",
+ "staatscode2": "DE"
+ }
+ ]
+ },
+ "entityId": "1933000000000498",
+ "version": "2022-03-03T10:14:59.712Z"
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/2_kitt_update_resp.json b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/2_kitt_update_resp.json
new file mode 100644
index 00000000..23dc74f3
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/2_kitt_update_resp.json
@@ -0,0 +1,69 @@
+{
+ "person": {
+ "type": "Person",
+ "eidas": [
+ {
+ "ablaufDatum": "9999-12-31T00:00:00.000+01:00",
+ "art": "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier",
+ "ausstellDatum": "9999-12-31T00:00:00.000+01:00",
+ "entityId": "1933000000000509",
+ "gueltigAb": "2022-03-03T11:14:59.712+01:00",
+ "staatscode2": "DE",
+ "wert": "88hvWzUaIX"
+ },
+ {
+ "ablaufDatum": "9999-12-31T00:00:00.000+01:00",
+ "art": "http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth",
+ "ausstellDatum": "9999-12-31T00:00:00.000+01:00",
+ "entityId": "1933000000000511",
+ "gueltigAb": "2022-03-03T11:14:59.712+01:00",
+ "staatscode2": "DE",
+ "wert": "VRNCAylF"
+ },
+ {
+ "ablaufDatum": "9999-12-31T00:00:00.000+01:00",
+ "art": "http://eidas.europa.eu/attributes/naturalperson/BirthName",
+ "ausstellDatum": "9999-12-31T00:00:00.000+01:00",
+ "entityId": "1933000000000513",
+ "gueltigAb": "2022-03-03T11:14:59.712+01:00",
+ "staatscode2": "DE",
+ "wert": "miEklFHC"
+ },
+ {
+ "ablaufDatum": "9999-12-31T00:00:00.000+01:00",
+ "art": "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier",
+ "ausstellDatum": "9999-12-31T00:00:00.000+01:00",
+ "entityId": "1933100000000607",
+ "gueltigAb": "2022-03-03T11:15:00.762+01:00",
+ "staatscode2": "DE",
+ "wert": "nj1m79jm9z"
+ }
+ ],
+ "entityId": "1933000000000498",
+ "gueltigAb": "2022-03-03T11:15:00.762+01:00",
+ "letzteOperation": {
+ "begruendung": "KITT update dataset",
+ "durchgefuehrtVon": {
+ "behoerdenkennzeichen": "380630",
+ "benutzer": "eidtapp@bmi.gv.at"
+ },
+ "vorgang": "PersonAendern",
+ "zeitpunkt": "2022-03-03T11:15:00.762+01:00"
+ },
+ "personendaten": {
+ "basiszahl": "000951265372",
+ "bpkZp": "TBGoMlirU881e2jMGETa9WLx1+A=",
+ "entityId": "1933000000000498",
+ "familienname": "mRjMKAQc",
+ "geburtsdatum": {
+ "jahr": 1996,
+ "monat": 1,
+ "tag": 1
+ },
+ "geprueft": false,
+ "gueltigAb": "2022-03-03T11:14:59.712+01:00",
+ "vorname": "vdqZZIaA"
+ },
+ "version": "2022-03-03T11:15:00.762+01:00"
+ }
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/2_search_with_cc_specific_req.json b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/2_search_with_cc_specific_req.json
new file mode 100644
index 00000000..d80b0d2e
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/2_search_with_cc_specific_req.json
@@ -0,0 +1,30 @@
+{
+ "begruendung": "Searching DE specific",
+ "suchoptionen": {
+ "historisch": "AktuellUndHistorisch",
+ "sucheMitNamensteilen": false,
+ "suchwizard": false,
+ "zmr": false
+ },
+ "suchdaten": {
+ "familienname": "mRjMKAQc",
+ "vorname": "vdqZZIaA",
+ "geburtsdatum": {
+ "jahr": 1996,
+ "monat": 1,
+ "tag": 1
+ },
+ "eidas": [
+ {
+ "art": "http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth",
+ "wert": "VRNCAylF",
+ "staatscode2": "DE"
+ },
+ {
+ "art": "http://eidas.europa.eu/attributes/naturalperson/BirthName",
+ "wert": "miEklFHC",
+ "staatscode2": "DE"
+ }
+ ]
+ }
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/2_search_with_cc_specific_resp.json b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/2_search_with_cc_specific_resp.json
new file mode 100644
index 00000000..24009e64
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/2_search_with_cc_specific_resp.json
@@ -0,0 +1,62 @@
+{
+ "person": [
+ {
+ "type": "Person",
+ "eidas": [
+ {
+ "ablaufDatum": "9999-12-31T00:00:00.000+01:00",
+ "art": "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier",
+ "ausstellDatum": "9999-12-31T00:00:00.000+01:00",
+ "entityId": "1933000000000509",
+ "gueltigAb": "2022-03-03T11:14:59.712+01:00",
+ "staatscode2": "DE",
+ "wert": "88hvWzUaIX"
+ },
+ {
+ "ablaufDatum": "9999-12-31T00:00:00.000+01:00",
+ "art": "http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth",
+ "ausstellDatum": "9999-12-31T00:00:00.000+01:00",
+ "entityId": "1933000000000511",
+ "gueltigAb": "2022-03-03T11:14:59.712+01:00",
+ "staatscode2": "DE",
+ "wert": "VRNCAylF"
+ },
+ {
+ "ablaufDatum": "9999-12-31T00:00:00.000+01:00",
+ "art": "http://eidas.europa.eu/attributes/naturalperson/BirthName",
+ "ausstellDatum": "9999-12-31T00:00:00.000+01:00",
+ "entityId": "1933000000000513",
+ "gueltigAb": "2022-03-03T11:14:59.712+01:00",
+ "staatscode2": "DE",
+ "wert": "miEklFHC"
+ }
+ ],
+ "entityId": "1933000000000498",
+ "gueltigAb": "2022-03-03T11:14:59.712+01:00",
+ "letzteOperation": {
+ "begruendung": "Add new person",
+ "durchgefuehrtVon": {
+ "behoerdenkennzeichen": "380630",
+ "benutzer": "eidtapp@bmi.gv.at"
+ },
+ "vorgang": "PersonAnlegen",
+ "zeitpunkt": "2022-03-03T11:14:59.712+01:00"
+ },
+ "personendaten": {
+ "basiszahl": "000951265372",
+ "bpkZp": "TBGoMlirU881e2jMGETa9WLx1+A=",
+ "entityId": "1933000000000498",
+ "familienname": "mRjMKAQc",
+ "geburtsdatum": {
+ "jahr": 1996,
+ "monat": 1,
+ "tag": 1
+ },
+ "geprueft": false,
+ "gueltigAb": "2022-03-03T11:14:59.712+01:00",
+ "vorname": "vdqZZIaA"
+ },
+ "version": "2022-03-03T11:14:59.712+01:00"
+ }
+ ]
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/3_search_with_mds_req.json b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/3_search_with_mds_req.json
new file mode 100644
index 00000000..eb382bc0
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/3_search_with_mds_req.json
@@ -0,0 +1,18 @@
+{
+ "begruendung": "Searching with MDS only",
+ "suchoptionen": {
+ "historisch": "AktuellUndHistorisch",
+ "sucheMitNamensteilen": false,
+ "suchwizard": false,
+ "zmr": false
+ },
+ "suchdaten": {
+ "familienname": "DOPISN[0xc3][0x8d]",
+ "vorname": "DANA",
+ "geburtsdatum": {
+ "jahr": 1996,
+ "monat": 1,
+ "tag": 1
+ }
+ }
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/3_search_with_mds_resp.json b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/3_search_with_mds_resp.json
new file mode 100644
index 00000000..87be362d
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/3_search_with_mds_resp.json
@@ -0,0 +1,44 @@
+{
+ "person": [
+ {
+ "type": "Person",
+ "eidas": [
+ {
+ "ablaufDatum": "9999-12-31T00:00:00.000+01:00",
+ "art": "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier",
+ "ausstellDatum": "9999-12-31T00:00:00.000+01:00",
+ "entityId": "1933000000000058",
+ "gueltigAb": "2022-03-02T16:23:32.743+01:00",
+ "staatscode2": "CZ",
+ "wert": "7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit"
+ }
+ ],
+ "entityId": "1933000000000047",
+ "gueltigAb": "2022-03-02T16:23:32.743+01:00",
+ "letzteOperation": {
+ "begruendung": "Add new person",
+ "durchgefuehrtVon": {
+ "behoerdenkennzeichen": "380630",
+ "benutzer": "eidtapp@bmi.gv.at"
+ },
+ "vorgang": "PersonAnlegen",
+ "zeitpunkt": "2022-03-02T16:23:32.743+01:00"
+ },
+ "personendaten": {
+ "basiszahl": "000501189333",
+ "bpkZp": "vypyCkyczK7i+cgPWlJasuJphIA=",
+ "entityId": "1933000000000047",
+ "familienname": "DOPISNÍ",
+ "geburtsdatum": {
+ "jahr": 1996,
+ "monat": 1,
+ "tag": 1
+ },
+ "geprueft": false,
+ "gueltigAb": "2022-03-02T16:23:32.743+01:00",
+ "vorname": "DANA"
+ },
+ "version": "2022-03-02T16:23:32.743+01:00"
+ }
+ ]
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/4_search_with_mds_multi_resp.json b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/4_search_with_mds_multi_resp.json
new file mode 100644
index 00000000..87a23647
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/4_search_with_mds_multi_resp.json
@@ -0,0 +1,84 @@
+{
+ "person": [
+ {
+ "type": "Person",
+ "eidas": [
+ {
+ "ablaufDatum": "9999-12-31T00:00:00.000+01:00",
+ "art": "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier",
+ "ausstellDatum": "9999-12-31T00:00:00.000+01:00",
+ "entityId": "1933000000000653",
+ "gueltigAb": "2022-03-03T11:27:57.651+01:00",
+ "staatscode2": "XZ",
+ "wert": "ybgLmbYGxU"
+ }
+ ],
+ "entityId": "1933000000000642",
+ "gueltigAb": "2022-03-03T11:27:57.651+01:00",
+ "letzteOperation": {
+ "begruendung": "Add new person",
+ "durchgefuehrtVon": {
+ "behoerdenkennzeichen": "380630",
+ "benutzer": "eidtapp@bmi.gv.at"
+ },
+ "vorgang": "PersonAnlegen",
+ "zeitpunkt": "2022-03-03T11:27:57.651+01:00"
+ },
+ "personendaten": {
+ "basiszahl": "000693812023",
+ "bpkZp": "QJ/5YLEbOCfRhG5R0KKHNnmeMYo=",
+ "entityId": "1933000000000642",
+ "familienname": "HjecFKGu",
+ "geburtsdatum": {
+ "jahr": 1996,
+ "monat": 1,
+ "tag": 1
+ },
+ "geprueft": false,
+ "gueltigAb": "2022-03-03T11:27:57.651+01:00",
+ "vorname": "QwnAMXsJ"
+ },
+ "version": "2022-03-03T11:27:57.651+01:00"
+ },
+ {
+ "type": "Person",
+ "eidas": [
+ {
+ "ablaufDatum": "9999-12-31T00:00:00.000+01:00",
+ "art": "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier",
+ "ausstellDatum": "9999-12-31T00:00:00.000+01:00",
+ "entityId": "1933100000000762",
+ "gueltigAb": "2022-03-03T11:27:57.885+01:00",
+ "staatscode2": "XZ",
+ "wert": "rEhBYWgiSx"
+ }
+ ],
+ "entityId": "1933100000000751",
+ "gueltigAb": "2022-03-03T11:27:57.885+01:00",
+ "letzteOperation": {
+ "begruendung": "Add new person",
+ "durchgefuehrtVon": {
+ "behoerdenkennzeichen": "380630",
+ "benutzer": "eidtapp@bmi.gv.at"
+ },
+ "vorgang": "PersonAnlegen",
+ "zeitpunkt": "2022-03-03T11:27:57.885+01:00"
+ },
+ "personendaten": {
+ "basiszahl": "000803465934",
+ "bpkZp": "ZaJ2Yvx0u/z8VqNyCJ8zKT8XQa0=",
+ "entityId": "1933100000000751",
+ "familienname": "HjecFKGu",
+ "geburtsdatum": {
+ "jahr": 1996,
+ "monat": 1,
+ "tag": 1
+ },
+ "geprueft": false,
+ "gueltigAb": "2022-03-03T11:27:57.885+01:00",
+ "vorname": "QwnAMXsJ"
+ },
+ "version": "2022-03-03T11:27:57.885+01:00"
+ }
+ ]
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/4_search_with_mds_req.json b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/4_search_with_mds_req.json
new file mode 100644
index 00000000..01c3c3f9
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/4_search_with_mds_req.json
@@ -0,0 +1,18 @@
+{
+ "begruendung": "Searching with MDS only",
+ "suchoptionen": {
+ "historisch": "AktuellUndHistorisch",
+ "sucheMitNamensteilen": false,
+ "suchwizard": false,
+ "zmr": false
+ },
+ "suchdaten": {
+ "familienname": "HjecFKGu",
+ "vorname": "QwnAMXsJ",
+ "geburtsdatum": {
+ "jahr": 1996,
+ "monat": 1,
+ "tag": 1
+ }
+ }
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/ernp_empty_resp.json b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/ernp_empty_resp.json
new file mode 100644
index 00000000..0967ef42
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/ernp_empty_resp.json
@@ -0,0 +1 @@
+{}
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/ernp_handbook_example.json b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/ernp_handbook_example.json
new file mode 100644
index 00000000..f4485ff7
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/ernp_handbook_example.json
@@ -0,0 +1,85 @@
+{
+ "person": [
+ {
+ "type": "Person",
+ "anschrift": {
+ "type": "AnschriftInland",
+ "adressstatus": "XXXXXXXXX",
+ "codes": {
+ "gemeindekennziffer": "09988",
+ "strassenkennziffer": "T80001"
+ },
+ "entityId": 33069800000171092,
+ "gemeinde": "Testgemeinde",
+ "gueltigAb": "2011-09-06T11:23:55.306+02:00",
+ "hausnummer": "99",
+ "postleitzahl": "0077",
+ "postort": "Testpostort 77 mit maximalmögl. Längen",
+ "staat": {
+ "isoCode3": "AUT",
+ "name": "Österreich"
+ },
+ "strasse": "Testgasse"
+ },
+ "entityId": 33069800000171080,
+ "gueltigAb": "2011-09-06T11:23:55.306+02:00",
+ "letzteOperation": {
+ "begruendung": "Testperson",
+ "durchgefuehrtVon": {
+ "behoerdenkennzeichen": "346743",
+ "benutzer": "xlechne@bmi.gv.at"
+ },
+ "vorgang": "PERSON_ANLEGEN",
+ "zeitpunkt": "2011-09-06T11:23:55.306+02:00"
+ },
+ "personendaten": {
+ "basiszahl": "000766083209",
+ "bpkZp": "BC1ifQanMKaDQG0yLBPbQ9AHgb4=",
+ "entityId": 33069800000171080,
+ "familienname": "XXXSZR",
+ "geburtsbundesland": "Wien",
+ "geburtsdatum": {
+ "jahr": 1985,
+ "monat": 1,
+ "tag": 1
+ },
+ "geburtsort": "Wien",
+ "geburtsstaat": {
+ "isoCode3": "AUT",
+ "name": "Österreich"
+ },
+ "geprueft": true,
+ "geschlecht": "Männlich",
+ "gueltigAb": "2011-09-06T11:23:55.306+02:00",
+ "vorname": "XXXTest"
+ },
+ "reisedokument": [
+ {
+ "art": "Personalausweis",
+ "ausgestelltVon": {
+ "behoerde": "Wien",
+ "datum": "1985-01-01T00:00:00.000+01:00",
+ "staat": {
+ "isoCode3": "AUT",
+ "name": "Österreich"
+ }
+ },
+ "entityId": 33069800000171090,
+ "gueltigAb": "2011-09-06T11:23:55.306+02:00",
+ "nummer": "123456789"
+ }
+ ],
+ "staatsangehoerigkeit": [
+ {
+ "entityId": 33069800000171084,
+ "gueltigAb": "2011-09-06T11:23:55.306+02:00",
+ "staat": {
+ "isoCode3": "AUT",
+ "name": "Österreich"
+ }
+ }
+ ],
+ "version": "2011-09-06T11:23:55.306+02:00"
+ }
+ ]
+} \ No newline at end of file
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/error_resp.json b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/error_resp.json
new file mode 100644
index 00000000..76e3e7ba
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/ernp/error_resp.json
@@ -0,0 +1,12 @@
+{
+ "faultDetails": {
+ "fault": [
+ {
+ "key": "suchdaten",
+ "message": "Mindestsuchkriterien sind: Vorname & Familienname & Geburtsdatum (statt Familienname kann auch Name vor Ehe angegeben werden) oder mindestens ein Eidas Attribut (Art & Wert & Staat)"
+ }
+ ],
+ "faultNumber": 100
+ },
+ "message": "Validierungsfehler"
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/idp_metadata_classpath_entity.xml b/modules/authmodule-eIDAS-v2/src/test/resources/data/idp_metadata_classpath_entity.xml
new file mode 100644
index 00000000..080a189f
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/idp_metadata_classpath_entity.xml
@@ -0,0 +1,146 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor
+ xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
+ ID="_1a48ec3432f2f3ba6222724a5b06f873"
+ entityID="classpath:/data/idp_metadata_classpath_entity.xml"
+ validUntil="2045-02-06T08:47:26.211Z">
+ <md:IDPSSODescriptor
+ WantAuthnRequestsSigned="true"
+ protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo
+ xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDMzCCAhsCBFtIcPowDQYJKoZIhvcNAQELBQAwXjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH
+ SVoxJDAiBgNVBAsMG2NlbnRyYWwgbmF0aW9uYWwgZUlEQVMgbm9kZTEaMBgGA1UEAwwRQXNzZXJ0
+ aW9uIHNpZ25pbmcwHhcNMTgwNzEzMDkyOTMwWhcNMjEwNDA3MDkyOTMwWjBeMQswCQYDVQQGEwJB
+ VDENMAsGA1UECgwERUdJWjEkMCIGA1UECwwbY2VudHJhbCBuYXRpb25hbCBlSURBUyBub2RlMRow
+ GAYDVQQDDBFBc3NlcnRpb24gc2lnbmluZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
+ AJ5zDYxMPRcz6AHaev1tS46Tq8sdgbGFM56uxk6c7LmMDC+HTzNX/3Q5S/YwSzgL3ue5TSw1ltOf
+ yMXMZ6D0+buWWcsxGEkQ8M3adKRFdQrEwafzwTA7pguq5WiHOkr4qwR7dLMome9z5cc3LRcwdOPP
+ gq7ahb5jM3hRqc5xkMWIuvql0NFXPzlHrjDLwy5nIWPOhL5abhVt4YsXbpbjXxFSGkDEAZ32K3EU
+ LNBr9FSUmJfbrVX9AU2T+BKIwiqXP8e/3UJHgPHQ0l5ljWp5P6u5+tvM21o8sUM4eArRa8BkdRsP
+ C92GVuASSUz2ZJ3JhAK1cSM8bnvaZVLQtTvPMAcCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAAp7z
+ TubWXW6YMpyLSvWBdZiiQ3X66XpSZLZJDIAkoPzEY0DSBp8I5YASIx4JTR5XJt+6MI9acgNIAYW8
+ DhtRwUMVaRWEtuCrfKhGLWm5KSxnhPcD3lzRZhY4ZcA7dUlirjf6hnqo2TFEmJ9fkM+rxwy1GkDD
+ 7j2YDSOFmSq9/Ud9/IbIfSnRu/lO0dh7iRrmg3y0Y/+plPxYmp4AHqehP11OchTz2FGGHVsSC2Vs
+ IVBQI6ANZYyOlicgfEEFHA06jP9OnA0EwEFr2P+di9caZg8vfibyzxMGeuf6CY0c0eLHokBCn2W8
+ vkzvWiER3pozRvCmXFjCVZfRjUunaJf2ow==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIC+DCCAeCgAwIBAgIEXh7TbTANBgkqhkiG9w0BAQsFADA+MQswCQYDVQQGEwJB
+ VDENMAsGA1UECgwERUdJWjEOMAwGA1UECwwFalVuaXQxEDAOBgNVBAMMB3NpZ25p
+ bmcwHhcNMjAwMTE1MDg1NTA5WhcNMjkwMTE0MDg1NTA5WjA+MQswCQYDVQQGEwJB
+ VDENMAsGA1UECgwERUdJWjEOMAwGA1UECwwFalVuaXQxEDAOBgNVBAMMB3NpZ25p
+ bmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUSiRjnDvPafZfhJ+L
+ 1wM86FKJX3VIAV/8TD9qJ6HOBkn5WwYfpheyCfRb6XVDyIGpO8qnMWAgC17Ngbmh
+ zj8d8HXNQ2l3uppMv24oUTfXyYhQfZWAghx0sTlRIx/ZmlnduJilx2S53Sa7ruJw
+ lQcBFXj9h9B8dtyegc86Sx6D9BumP1xU7+mEBk8Gv9rR5Khg0Y7qGfZWB0t4aikg
+ aupWveVwiGifOOSfR8czqIg9qUpMYfZiTEBTSRmN6sPiNWhd4J0GyAI9Rn5C9jz/
+ sSlQrxpN+4DXzsqSU5F6gzq3yRux6wyOzDlt2birf21VPQ9HIy4YCjZXwgDWG7AO
+ 821pAgMBAAEwDQYJKoZIhvcNAQELBQADggEBADnwdaxUtQU6SIpYwIb2c0ljTmQi
+ 7ryUcUpNHtK0M0E5Mw5Ex8zwrWbNQZ2sUyc4r07M66iOIqHsYZUQlRYvVKHifDpA
+ r8TCgD7iGGdB3By8Ou0RaNW+03w1fwmi98CufbHCGvpv0o2KxlejoHZminNdQ79i
+ bN+01nhocezJQATEQlnwHLiQSjilXpZeLYDk8HbrcUXNRxezN4ChdH+uU54vf+Ux
+ qcj9QHcmBe1+BM8EXfqS1DbTwZl+NTCnh5OYl8fvIFSOHMBxwFrI4pyY0faxg9Uc
+ rCogn/oQ+mV1gnVUDaDhvvEnVGZQtrlt7heVId2BeNellVgsrcmdW8j4U9U=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIBbjCCARSgAwIBAgIEXh7TNzAKBggqhkjOPQQDAjA/MQswCQYDVQQGEwJBVDEN
+ MAsGA1UECgwERUdJWjEOMAwGA1UECwwFalVuaXQxETAPBgNVBAMMCG1ldGFkYXRh
+ MB4XDTIwMDExNTA4NTQxNVoXDTMwMDExNDA4NTQxNVowPzELMAkGA1UEBhMCQVQx
+ DTALBgNVBAoMBEVHSVoxDjAMBgNVBAsMBWpVbml0MREwDwYDVQQDDAhtZXRhZGF0
+ YTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBdBkaxt31p++aZeP3SmlWITj9SY
+ O4McV2ccXFsH4X4QMHuKAMUvjxPm1kdU01eTOWdiQX0GpDIBspYMZh8ZKcwwCgYI
+ KoZIzj0EAwIDSAAwRQIhAJ3QKlk9cd90s+i8y62fvmGF6LtfNO+JvkWqDUBeQImn
+ AiA2KwFtzO7STAp9MEwQGe0vt0F8mO1ttrLE+rr6YxdwGA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
+ </md:NameIDFormat>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient
+ </md:NameIDFormat>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
+ </md:NameIDFormat>
+ <md:SingleSignOnService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="https://vidp.gv.at/ms_connector/pvp/post" />
+ <md:SingleSignOnService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+ Location="https://vidp.gv.at/ms_connector/pvp/redirect" />
+ <saml2:Attribute
+ xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
+ FriendlyName="BPK" Name="urn:oid:1.2.40.0.10.2.1.1.149"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" />
+ <saml2:Attribute
+ xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
+ FriendlyName="BIRTHDATE" Name="urn:oid:1.2.40.0.10.2.1.1.55"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" />
+ <saml2:Attribute
+ xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
+ FriendlyName="PRINCIPAL-NAME"
+ Name="urn:oid:1.2.40.0.10.2.1.1.261.20"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" />
+ <saml2:Attribute
+ xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
+ FriendlyName="EID-CCS-URL" Name="urn:oid:1.2.40.0.10.2.1.1.261.64"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" />
+ <saml2:Attribute
+ xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
+ FriendlyName="EID-ISSUING-NATION"
+ Name="urn:oid:1.2.40.0.10.2.1.1.261.32"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" />
+ <saml2:Attribute
+ xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
+ FriendlyName="PVP-VERSION" Name="urn:oid:1.2.40.0.10.2.1.1.261.10"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" />
+ <saml2:Attribute
+ xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
+ FriendlyName="EID-SOURCE-PIN"
+ Name="urn:oid:1.2.40.0.10.2.1.1.261.36"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" />
+ <saml2:Attribute
+ xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
+ FriendlyName="GIVEN-NAME" Name="urn:oid:2.5.4.42"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" />
+ <saml2:Attribute
+ xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
+ FriendlyName="EID-SIGNER-CERTIFICATE"
+ Name="urn:oid:1.2.40.0.10.2.1.1.261.66"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" />
+ <saml2:Attribute
+ xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
+ FriendlyName="EID-SECTOR-FOR-IDENTIFIER"
+ Name="urn:oid:1.2.40.0.10.2.1.1.261.34"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" />
+ <saml2:Attribute
+ xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
+ FriendlyName="EID-SOURCE-PIN-TYPE"
+ Name="urn:oid:1.2.40.0.10.2.1.1.261.104"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" />
+ <saml2:Attribute
+ xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
+ FriendlyName="EID-E-ID-TOKEN"
+ Name="urn:oid:1.2.40.0.10.2.1.1.261.39"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" />
+ <saml2:Attribute
+ xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
+ FriendlyName="EID-IDENTITY-LINK"
+ Name="urn:oid:1.2.40.0.10.2.1.1.261.38"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" />
+ <saml2:Attribute
+ xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
+ FriendlyName="EID-CITIZEN-QAA-EIDAS-LEVEL"
+ Name="urn:oid:1.2.40.0.10.2.1.1.261.108"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" />
+ <saml2:Attribute
+ xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
+ FriendlyName="EID-IDENTITY-STATUS-LEVEL"
+ Name="urn:oid:1.2.40.0.10.2.1.1.261.109"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" />
+ </md:IDPSSODescriptor>
+</md:EntityDescriptor>
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/idp_metadata_no_sig.xml b/modules/authmodule-eIDAS-v2/src/test/resources/data/idp_metadata_no_sig.xml
new file mode 100644
index 00000000..bc55fe62
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/idp_metadata_no_sig.xml
@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" ID="_1a48ec3432f2f3ba6222724a5b06f873" entityID="https://vidp.gv.at/ms_connector/pvp/metadata" validUntil="2045-02-06T08:47:26.211Z">
+ <md:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDMzCCAhsCBFtIcPowDQYJKoZIhvcNAQELBQAwXjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH
+SVoxJDAiBgNVBAsMG2NlbnRyYWwgbmF0aW9uYWwgZUlEQVMgbm9kZTEaMBgGA1UEAwwRQXNzZXJ0
+aW9uIHNpZ25pbmcwHhcNMTgwNzEzMDkyOTMwWhcNMjEwNDA3MDkyOTMwWjBeMQswCQYDVQQGEwJB
+VDENMAsGA1UECgwERUdJWjEkMCIGA1UECwwbY2VudHJhbCBuYXRpb25hbCBlSURBUyBub2RlMRow
+GAYDVQQDDBFBc3NlcnRpb24gc2lnbmluZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
+AJ5zDYxMPRcz6AHaev1tS46Tq8sdgbGFM56uxk6c7LmMDC+HTzNX/3Q5S/YwSzgL3ue5TSw1ltOf
+yMXMZ6D0+buWWcsxGEkQ8M3adKRFdQrEwafzwTA7pguq5WiHOkr4qwR7dLMome9z5cc3LRcwdOPP
+gq7ahb5jM3hRqc5xkMWIuvql0NFXPzlHrjDLwy5nIWPOhL5abhVt4YsXbpbjXxFSGkDEAZ32K3EU
+LNBr9FSUmJfbrVX9AU2T+BKIwiqXP8e/3UJHgPHQ0l5ljWp5P6u5+tvM21o8sUM4eArRa8BkdRsP
+C92GVuASSUz2ZJ3JhAK1cSM8bnvaZVLQtTvPMAcCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAAp7z
+TubWXW6YMpyLSvWBdZiiQ3X66XpSZLZJDIAkoPzEY0DSBp8I5YASIx4JTR5XJt+6MI9acgNIAYW8
+DhtRwUMVaRWEtuCrfKhGLWm5KSxnhPcD3lzRZhY4ZcA7dUlirjf6hnqo2TFEmJ9fkM+rxwy1GkDD
+7j2YDSOFmSq9/Ud9/IbIfSnRu/lO0dh7iRrmg3y0Y/+plPxYmp4AHqehP11OchTz2FGGHVsSC2Vs
+IVBQI6ANZYyOlicgfEEFHA06jP9OnA0EwEFr2P+di9caZg8vfibyzxMGeuf6CY0c0eLHokBCn2W8
+vkzvWiER3pozRvCmXFjCVZfRjUunaJf2ow==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>
+ <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://vidp.gv.at/ms_connector/pvp/post"/>
+ <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://vidp.gv.at/ms_connector/pvp/redirect"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="BPK" Name="urn:oid:1.2.40.0.10.2.1.1.149" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="BIRTHDATE" Name="urn:oid:1.2.40.0.10.2.1.1.55" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="PRINCIPAL-NAME" Name="urn:oid:1.2.40.0.10.2.1.1.261.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-CCS-URL" Name="urn:oid:1.2.40.0.10.2.1.1.261.64" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-ISSUING-NATION" Name="urn:oid:1.2.40.0.10.2.1.1.261.32" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="PVP-VERSION" Name="urn:oid:1.2.40.0.10.2.1.1.261.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-SOURCE-PIN" Name="urn:oid:1.2.40.0.10.2.1.1.261.36" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="GIVEN-NAME" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-SIGNER-CERTIFICATE" Name="urn:oid:1.2.40.0.10.2.1.1.261.66" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-SECTOR-FOR-IDENTIFIER" Name="urn:oid:1.2.40.0.10.2.1.1.261.34" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-SOURCE-PIN-TYPE" Name="urn:oid:1.2.40.0.10.2.1.1.261.104" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-E-ID-TOKEN" Name="urn:oid:1.2.40.0.10.2.1.1.261.39" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-IDENTITY-LINK" Name="urn:oid:1.2.40.0.10.2.1.1.261.38" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-CITIZEN-QAA-EIDAS-LEVEL" Name="urn:oid:1.2.40.0.10.2.1.1.261.108" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-IDENTITY-STATUS-LEVEL" Name="urn:oid:1.2.40.0.10.2.1.1.261.109" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ </md:IDPSSODescriptor>
+</md:EntityDescriptor>
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/idp_metadata_no_sig2.xml b/modules/authmodule-eIDAS-v2/src/test/resources/data/idp_metadata_no_sig2.xml
new file mode 100644
index 00000000..bdc176a0
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/idp_metadata_no_sig2.xml
@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" ID="_1a48ec3432f2f3ba6222724a5b06f873" entityID="classpath:/data/idp_metadata_no_sig2.xml" validUntil="2045-02-06T08:47:26.211Z">
+ <md:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDMzCCAhsCBFtIcPowDQYJKoZIhvcNAQELBQAwXjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH
+SVoxJDAiBgNVBAsMG2NlbnRyYWwgbmF0aW9uYWwgZUlEQVMgbm9kZTEaMBgGA1UEAwwRQXNzZXJ0
+aW9uIHNpZ25pbmcwHhcNMTgwNzEzMDkyOTMwWhcNMjEwNDA3MDkyOTMwWjBeMQswCQYDVQQGEwJB
+VDENMAsGA1UECgwERUdJWjEkMCIGA1UECwwbY2VudHJhbCBuYXRpb25hbCBlSURBUyBub2RlMRow
+GAYDVQQDDBFBc3NlcnRpb24gc2lnbmluZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
+AJ5zDYxMPRcz6AHaev1tS46Tq8sdgbGFM56uxk6c7LmMDC+HTzNX/3Q5S/YwSzgL3ue5TSw1ltOf
+yMXMZ6D0+buWWcsxGEkQ8M3adKRFdQrEwafzwTA7pguq5WiHOkr4qwR7dLMome9z5cc3LRcwdOPP
+gq7ahb5jM3hRqc5xkMWIuvql0NFXPzlHrjDLwy5nIWPOhL5abhVt4YsXbpbjXxFSGkDEAZ32K3EU
+LNBr9FSUmJfbrVX9AU2T+BKIwiqXP8e/3UJHgPHQ0l5ljWp5P6u5+tvM21o8sUM4eArRa8BkdRsP
+C92GVuASSUz2ZJ3JhAK1cSM8bnvaZVLQtTvPMAcCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAAp7z
+TubWXW6YMpyLSvWBdZiiQ3X66XpSZLZJDIAkoPzEY0DSBp8I5YASIx4JTR5XJt+6MI9acgNIAYW8
+DhtRwUMVaRWEtuCrfKhGLWm5KSxnhPcD3lzRZhY4ZcA7dUlirjf6hnqo2TFEmJ9fkM+rxwy1GkDD
+7j2YDSOFmSq9/Ud9/IbIfSnRu/lO0dh7iRrmg3y0Y/+plPxYmp4AHqehP11OchTz2FGGHVsSC2Vs
+IVBQI6ANZYyOlicgfEEFHA06jP9OnA0EwEFr2P+di9caZg8vfibyzxMGeuf6CY0c0eLHokBCn2W8
+vkzvWiER3pozRvCmXFjCVZfRjUunaJf2ow==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>
+ <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://vidp.gv.at/ms_connector/pvp/post"/>
+ <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://vidp.gv.at/ms_connector/pvp/redirect"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="BPK" Name="urn:oid:1.2.40.0.10.2.1.1.149" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="BIRTHDATE" Name="urn:oid:1.2.40.0.10.2.1.1.55" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="PRINCIPAL-NAME" Name="urn:oid:1.2.40.0.10.2.1.1.261.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-CCS-URL" Name="urn:oid:1.2.40.0.10.2.1.1.261.64" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-ISSUING-NATION" Name="urn:oid:1.2.40.0.10.2.1.1.261.32" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="PVP-VERSION" Name="urn:oid:1.2.40.0.10.2.1.1.261.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-SOURCE-PIN" Name="urn:oid:1.2.40.0.10.2.1.1.261.36" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="GIVEN-NAME" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-SIGNER-CERTIFICATE" Name="urn:oid:1.2.40.0.10.2.1.1.261.66" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-SECTOR-FOR-IDENTIFIER" Name="urn:oid:1.2.40.0.10.2.1.1.261.34" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-SOURCE-PIN-TYPE" Name="urn:oid:1.2.40.0.10.2.1.1.261.104" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-E-ID-TOKEN" Name="urn:oid:1.2.40.0.10.2.1.1.261.39" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-IDENTITY-LINK" Name="urn:oid:1.2.40.0.10.2.1.1.261.38" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-CITIZEN-QAA-EIDAS-LEVEL" Name="urn:oid:1.2.40.0.10.2.1.1.261.108" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-IDENTITY-STATUS-LEVEL" Name="urn:oid:1.2.40.0.10.2.1.1.261.109" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ </md:IDPSSODescriptor>
+</md:EntityDescriptor>
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/idp_metadata_sig_notvalid.xml b/modules/authmodule-eIDAS-v2/src/test/resources/data/idp_metadata_sig_notvalid.xml
new file mode 100644
index 00000000..86665a9c
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/idp_metadata_sig_notvalid.xml
@@ -0,0 +1,84 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" ID="_1a48ec3432f2f3ba6222724a5b06f873" entityID="https://localEntity" validUntil="2045-02-06T08:47:26.211Z">
+ <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:SignedInfo>
+ <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+ <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+ <ds:Reference URI="#_1a48ec3432f2f3ba6222724a5b06f873">
+ <ds:Transforms>
+ <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+ <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+ </ds:Transforms>
+ <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+ <ds:DigestValue>e6DiHa9scuvxJFBUipZ8PQcD4kAkmSIDZgZV+0/7glg=</ds:DigestValue>
+ </ds:Reference>
+ </ds:SignedInfo>
+ <ds:SignatureValue>Czr2EwhK/0ZUZ5blQpJfNoOFEscLlxlmHPjmOJUIsxlB2pUn+ApULrjVpR1ViUcGZ0PVi2KChSNoSn09YKjtgPFBiSY010VYdaACgqluxUt6AwESObaqcyHVBzMDUr/g6jkRFEJV4vqnZQQDdDfTH4MXNqunORegS1saBHw4nJSOX4YfoVmIuT5uOlRrxvoG7srnGShvF7DmvIHBUBF5Tq9FyeSgwTM8udxl8Yl9FB2pREuR83CcbgjPrYKtzi6TiSfrWkcD0L5BvmMxN/BdaGDAorxYOnk41sWDJjrkY8C2SC1YDy6XT4SM06uFwstUrRn8QPg1hfbLHAyQNoaR8ecgapk5DkxmbATMcGY+SM4yQWkBdYT7GtufNmF8sIVaL6JOOTKAE9qqX/1N6N4zOPmm8rpIqVEQZtQ5usN/ubxbxLxUoTdDeo8RwkktW6zQ3Zv9+Iyf0DASYmK1IxN+fMw/qyeVy9r6o15ITHTqTmT/7BidKZ58m4HxIK52E3DU</ds:SignatureValue>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEFTCCAn0CBFtIcMwwDQYJKoZIhvcNAQELBQAwTzELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH
+SVoxMTAvBgNVBAMMKG5hdGlvbmFsIGNlbnRyYWwgZUlEQVMgbm9kZSAtIHRlc3RzeXN0ZW0wHhcN
+MTgwNzEzMDkyODQ0WhcNMjEwNDA3MDkyODQ0WjBPMQswCQYDVQQGEwJBVDENMAsGA1UECgwERUdJ
+WjExMC8GA1UEAwwobmF0aW9uYWwgY2VudHJhbCBlSURBUyBub2RlIC0gdGVzdHN5c3RlbTCCAaIw
+DQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBALK4bdf5OremKkj0+xCjU0eN7RUd1A2VqoGnvFUs
+t7xjLQ1PspHiDf9Pm2cwOIJabSnuZ01hYAGz9X+lU3Z3fwhVc+tEsuzsaAml/LPw3i3+ppoSTJDM
+iDvhCoUKTzJ8HBQj2gTvXNlqPljyGneuCJ+uBMr7Okq/XjMTJj2xzvutrHS3qIO+/w+OkY967QLV
+RXh0bdFqYqnyAnlYcWJPIwjanOJtE2difPYqers7ZW1F9djP0+IZRoyaook5rpLYvuQTHuvulgIE
+3zGlTuOx3sk8zMyInMndqi75Eh+ROnndSZE7gN3u5CfFpuO5pxFa2jj1h/AnR39Tg8/sU+Se+AwH
+rNvee3IWhxk5LkelYevfeCQos7Dv2ASE9XMCCs7FoE47w8fDalECh09MFKDiotpklbq3OrPg9NQ4
+D//k0GXlW5jYUKP/Wq/+suAI6mfhSnNkjOGMcMlzNTmwxGD/v7Py6OVA+YcJQsqYalLrqbvT2tXV
+mYBVO3oqafg+kfevfwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBgQCioM8k0EEBFtY4QyxOYFufPDLw
+9PNPct01ltnTVjNEEt/L6/8zYlDwrDeULEkJS7mV9zV3657NPQ5IPT/Ib93Uk/RPi0iOA2CGWIMa
+DQIODN3BUYr+zPUqhbKS6OWOhTgV8GiRCUbxrT1uc1AiacP63pga3TJX8k8WFnfW+Dqm2MfWWlxr
+4X2YB9VUW55X5sBNy035jYhEpp8NCK/fTAhoEQNCG+rm3T9qhT6YyOnbW2kXU747+ZwXT2qA5o4y
+a/9+6dDc+LUlHCEm4X7c6bcGvCfNezB4k56FzbAJlOLf2VDGzvEQBf0hsB+kElezm1VBlEkZ4Mjz
+pBpHBMoR21SwTpcvrbR4ig0Bk1eEHNK44sw0F32K5yww3gnJftMIZtPhjhk8UdG2/H6vs9s/to2V
+j4V6wN4o79RTULoQ8RjL6MPWEWzwOvOZXJAo2XJEECvDivSjIJvNC0lfrK3zI3LH3c1JR6q2EfeC
+Z50wTJMFoChSaqunJQXKo81g6wNhP00=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </ds:Signature>
+ <md:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDMzCCAhsCBFtIcPowDQYJKoZIhvcNAQELBQAwXjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH
+SVoxJDAiBgNVBAsMG2NlbnRyYWwgbmF0aW9uYWwgZUlEQVMgbm9kZTEaMBgGA1UEAwwRQXNzZXJ0
+aW9uIHNpZ25pbmcwHhcNMTgwNzEzMDkyOTMwWhcNMjEwNDA3MDkyOTMwWjBeMQswCQYDVQQGEwJB
+VDENMAsGA1UECgwERUdJWjEkMCIGA1UECwwbY2VudHJhbCBuYXRpb25hbCBlSURBUyBub2RlMRow
+GAYDVQQDDBFBc3NlcnRpb24gc2lnbmluZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
+AJ5zDYxMPRcz6AHaev1tS46Tq8sdgbGFM56uxk6c7LmMDC+HTzNX/3Q5S/YwSzgL3ue5TSw1ltOf
+yMXMZ6D0+buWWcsxGEkQ8M3adKRFdQrEwafzwTA7pguq5WiHOkr4qwR7dLMome9z5cc3LRcwdOPP
+gq7ahb5jM3hRqc5xkMWIuvql0NFXPzlHrjDLwy5nIWPOhL5abhVt4YsXbpbjXxFSGkDEAZ32K3EU
+LNBr9FSUmJfbrVX9AU2T+BKIwiqXP8e/3UJHgPHQ0l5ljWp5P6u5+tvM21o8sUM4eArRa8BkdRsP
+C92GVuASSUz2ZJ3JhAK1cSM8bnvaZVLQtTvPMAcCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAAp7z
+TubWXW6YMpyLSvWBdZiiQ3X66XpSZLZJDIAkoPzEY0DSBp8I5YASIx4JTR5XJt+6MI9acgNIAYW8
+DhtRwUMVaRWEtuCrfKhGLWm5KSxnhPcD3lzRZhY4ZcA7dUlirjf6hnqo2TFEmJ9fkM+rxwy1GkDD
+7j2YDSOFmSq9/Ud9/IbIfSnRu/lO0dh7iRrmg3y0Y/+plPxYmp4AHqehP11OchTz2FGGHVsSC2Vs
+IVBQI6ANZYyOlicgfEEFHA06jP9OnA0EwEFr2P+di9caZg8vfibyzxMGeuf6CY0c0eLHokBCn2W8
+vkzvWiER3pozRvCmXFjCVZfRjUunaJf2ow==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>
+ <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://vidp.gv.at/ms_connector/pvp/post"/>
+ <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://vidp.gv.at/ms_connector/pvp/redirect"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="BPK" Name="urn:oid:1.2.40.0.10.2.1.1.149" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="BIRTHDATE" Name="urn:oid:1.2.40.0.10.2.1.1.55" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="PRINCIPAL-NAME" Name="urn:oid:1.2.40.0.10.2.1.1.261.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-CCS-URL" Name="urn:oid:1.2.40.0.10.2.1.1.261.64" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-ISSUING-NATION" Name="urn:oid:1.2.40.0.10.2.1.1.261.32" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="PVP-VERSION" Name="urn:oid:1.2.40.0.10.2.1.1.261.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-SOURCE-PIN" Name="urn:oid:1.2.40.0.10.2.1.1.261.36" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="GIVEN-NAME" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-SIGNER-CERTIFICATE" Name="urn:oid:1.2.40.0.10.2.1.1.261.66" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-SECTOR-FOR-IDENTIFIER" Name="urn:oid:1.2.40.0.10.2.1.1.261.34" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-SOURCE-PIN-TYPE" Name="urn:oid:1.2.40.0.10.2.1.1.261.104" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-E-ID-TOKEN" Name="urn:oid:1.2.40.0.10.2.1.1.261.39" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-IDENTITY-LINK" Name="urn:oid:1.2.40.0.10.2.1.1.261.38" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-CITIZEN-QAA-EIDAS-LEVEL" Name="urn:oid:1.2.40.0.10.2.1.1.261.108" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-IDENTITY-STATUS-LEVEL" Name="urn:oid:1.2.40.0.10.2.1.1.261.109" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ </md:IDPSSODescriptor>
+</md:EntityDescriptor>
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/idp_metadata_sig_valid_wrong_alg.xml b/modules/authmodule-eIDAS-v2/src/test/resources/data/idp_metadata_sig_valid_wrong_alg.xml
new file mode 100644
index 00000000..2187aa5f
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/idp_metadata_sig_valid_wrong_alg.xml
@@ -0,0 +1,74 @@
+<?xml version="1.0" encoding="UTF-8"?><md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" ID="_1a48ec3432f2f3ba6222724a5b06f873" entityID="https://vidp.gv.at/ms_connector/pvp/metadata" validUntil="2045-02-06T08:47:26.211Z">
+ <dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Id="signature-1-1"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference Id="reference-1-1" URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><dsig:DigestValue>dhkHkgZ1OOHG0nYWiRXrpZhIAx41103CG6DKDbBra8o=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>AkxnEu9g3QgYC0JwuJXMYFrnNn6UMtrbtVn5YzkKBXxyYqZui4pEi/TRSM9r7Gt+
+4UqHrJVkYMbbuoO2kpiDnluPG+vHYzYFvF0agQ+gfGjpVQNRORN0FU7JPX+KPjpr
+sMU8wVZITSPU0GBBccvzrcpq7DQt0VbV5U7/Vq3KM/fop4ytAkUbTltUj/XxvAd1
+XdhB/zyeTTR2dafJ6Z2CKyM7MMmxwXYD1NrPGciPvTJ9ASHAT0lJM1dxrRNbeAja
+KTrNVj78MhSluRm5g7N1pMZzgMSpqN66AUg8pkSTvcRaNImPzYDcMQzHl2Tr362M
+RudjSgaEljK98TbBdgLFTg==</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIEqzCCBBSgAwIBAgIHANux81oNezANBgkqhkiG9w0BAQUFADBAMSIwIAYDVQQD
+ExlJQUlLIFRlc3QgSW50ZXJtZWRpYXRlIENBMQ0wCwYDVQQKEwRJQUlLMQswCQYD
+VQQGEwJBVDAeFw0xMzA5MjcwNTMzMzdaFw0yMzA5MjcwNTMzMzdaMIHkMQswCQYD
+VQQGEwJBVDENMAsGA1UEBxMER3JhejEmMCQGA1UEChMdR3JheiBVbml2ZXJzaXR5
+IG9mIFRlY2hub2xvZ3kxSDBGBgNVBAsTP0luc3RpdHV0ZSBmb3IgQXBwbGllZCBJ
+bmZvcm1hdGlvbiBQcm9jZXNzaW5nIGFuZCBDb21tdW5pY2F0aW9uczEUMBIGA1UE
+BBMLTU9BLVNTIFRlc3QxGDAWBgNVBCoTD0VHSVogVGVzdHBvcnRhbDEkMCIGA1UE
+AxMbRUdJWiBUZXN0cG9ydGFsIE1PQS1TUyBUZXN0MIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEAuDjOyf+mY+oQL2FQzzuaiC8C23vVKbq/n2Zi7BqSibZH
+mtqMJfmj4pT+hWSNHvVvWsaxFcx4KeNqdCMzwnw1r4P3Sf+2o5uFku5KHEMLMokR
+yYQG9VqY/KkB94ye7Pv6zT8gvKqxGFg96UamECep4swPaSZrA8AOER5WAtyGDzKI
+Tz+a5zfFaTXDoba7f98PCWR96yKiFjVOhzp38WVz4VJgz+b8ZSY7Xsv5Kn7DXjOL
+STX4MevFLki3rFPup3+4vGToaMBW3PEj67HXBdqR855Le6+E6rVxORqsXqlVwhsI
+6nuS0CO2LWYmBNR1IB0mXteeYH/HfxvuZc+7yDjdPQIDAQABo4IBhDCCAYAwDgYD
+VR0PAQH/BAQDAgbAMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEmcH6VY4BG1EAGB
+TLoNR9vH/g6yMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jYS5pYWlrLnR1Z3Jh
+ei5hdC9jYXBzby9jcmxzL0lBSUtUZXN0X0ludGVybWVkaWF0ZUNBLmNybDCBqgYI
+KwYBBQUHAQEEgZ0wgZowSgYIKwYBBQUHMAGGPmh0dHA6Ly9jYS5pYWlrLnR1Z3Jh
+ei5hdC9jYXBzby9PQ1NQP2NhPUlBSUtUZXN0X0ludGVybWVkaWF0ZUNBMEwGCCsG
+AQUFBzAChkBodHRwOi8vY2EuaWFpay50dWdyYXouYXQvY2Fwc28vY2VydHMvSUFJ
+S1Rlc3RfSW50ZXJtZWRpYXRlQ0EuY2VyMCEGA1UdEQQaMBiBFnRob21hcy5sZW56
+QGVnaXouZ3YuYXQwHwYDVR0jBBgwFoAUaKJeEdreL4BrRES/jfplNoEkp28wDQYJ
+KoZIhvcNAQEFBQADgYEAlFGjUxXLs7SAT8NtXSrv2WrjlklaRnHTFHLQwyVo8JWb
+gvRkHHDUv2o8ofXUY2R2WJ38dxeDoccgbXrJb/Qhi8IY7YhCwv/TuIZDisyAqo8W
+ORKSip/6HWlGCSR/Vgoet1GtCmF0FoUxFUIGSAuQ2yyt4fIzt5GJrU1X5ujjI1w=</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo></dsig:Signature><md:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDMzCCAhsCBFtIcPowDQYJKoZIhvcNAQELBQAwXjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH
+SVoxJDAiBgNVBAsMG2NlbnRyYWwgbmF0aW9uYWwgZUlEQVMgbm9kZTEaMBgGA1UEAwwRQXNzZXJ0
+aW9uIHNpZ25pbmcwHhcNMTgwNzEzMDkyOTMwWhcNMjEwNDA3MDkyOTMwWjBeMQswCQYDVQQGEwJB
+VDENMAsGA1UECgwERUdJWjEkMCIGA1UECwwbY2VudHJhbCBuYXRpb25hbCBlSURBUyBub2RlMRow
+GAYDVQQDDBFBc3NlcnRpb24gc2lnbmluZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
+AJ5zDYxMPRcz6AHaev1tS46Tq8sdgbGFM56uxk6c7LmMDC+HTzNX/3Q5S/YwSzgL3ue5TSw1ltOf
+yMXMZ6D0+buWWcsxGEkQ8M3adKRFdQrEwafzwTA7pguq5WiHOkr4qwR7dLMome9z5cc3LRcwdOPP
+gq7ahb5jM3hRqc5xkMWIuvql0NFXPzlHrjDLwy5nIWPOhL5abhVt4YsXbpbjXxFSGkDEAZ32K3EU
+LNBr9FSUmJfbrVX9AU2T+BKIwiqXP8e/3UJHgPHQ0l5ljWp5P6u5+tvM21o8sUM4eArRa8BkdRsP
+C92GVuASSUz2ZJ3JhAK1cSM8bnvaZVLQtTvPMAcCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAAp7z
+TubWXW6YMpyLSvWBdZiiQ3X66XpSZLZJDIAkoPzEY0DSBp8I5YASIx4JTR5XJt+6MI9acgNIAYW8
+DhtRwUMVaRWEtuCrfKhGLWm5KSxnhPcD3lzRZhY4ZcA7dUlirjf6hnqo2TFEmJ9fkM+rxwy1GkDD
+7j2YDSOFmSq9/Ud9/IbIfSnRu/lO0dh7iRrmg3y0Y/+plPxYmp4AHqehP11OchTz2FGGHVsSC2Vs
+IVBQI6ANZYyOlicgfEEFHA06jP9OnA0EwEFr2P+di9caZg8vfibyzxMGeuf6CY0c0eLHokBCn2W8
+vkzvWiER3pozRvCmXFjCVZfRjUunaJf2ow==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>
+ <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://vidp.gv.at/ms_connector/pvp/post"/>
+ <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://vidp.gv.at/ms_connector/pvp/redirect"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="BPK" Name="urn:oid:1.2.40.0.10.2.1.1.149" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="BIRTHDATE" Name="urn:oid:1.2.40.0.10.2.1.1.55" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="PRINCIPAL-NAME" Name="urn:oid:1.2.40.0.10.2.1.1.261.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-CCS-URL" Name="urn:oid:1.2.40.0.10.2.1.1.261.64" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-ISSUING-NATION" Name="urn:oid:1.2.40.0.10.2.1.1.261.32" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="PVP-VERSION" Name="urn:oid:1.2.40.0.10.2.1.1.261.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-SOURCE-PIN" Name="urn:oid:1.2.40.0.10.2.1.1.261.36" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="GIVEN-NAME" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-SIGNER-CERTIFICATE" Name="urn:oid:1.2.40.0.10.2.1.1.261.66" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-SECTOR-FOR-IDENTIFIER" Name="urn:oid:1.2.40.0.10.2.1.1.261.34" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-SOURCE-PIN-TYPE" Name="urn:oid:1.2.40.0.10.2.1.1.261.104" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-E-ID-TOKEN" Name="urn:oid:1.2.40.0.10.2.1.1.261.39" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-IDENTITY-LINK" Name="urn:oid:1.2.40.0.10.2.1.1.261.38" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-CITIZEN-QAA-EIDAS-LEVEL" Name="urn:oid:1.2.40.0.10.2.1.1.261.108" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ <saml2:Attribute xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" FriendlyName="EID-IDENTITY-STATUS-LEVEL" Name="urn:oid:1.2.40.0.10.2.1.1.261.109" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ </md:IDPSSODescriptor>
+</md:EntityDescriptor> \ No newline at end of file
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/pvp_postbinding_template.html b/modules/authmodule-eIDAS-v2/src/test/resources/data/pvp_postbinding_template.html
new file mode 100644
index 00000000..68a797e6
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/pvp_postbinding_template.html
@@ -0,0 +1,3 @@
+#if($RelayState)RelayState=${RelayState}#end
+#if($SAMLRequest)SAMLRequest=${SAMLRequest}#end
+#if($SAMLResponse)SAMLResponse=${SAMLResponse}#end
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/sp_metadata_junit.xml b/modules/authmodule-eIDAS-v2/src/test/resources/data/sp_metadata_junit.xml
new file mode 100644
index 00000000..0e25cce4
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/sp_metadata_junit.xml
@@ -0,0 +1,66 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" ID="_1a48ec3432f2f3ba6222724a5b06f873" entityID="https://localhost/authhandler/sp/idaustria/metadata" validUntil="2045-02-06T08:47:26.211Z">
+ <md:SPSSODescriptor AuthnRequestsSigned="true" WantAssertionsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>MIIC+DCCAeCgAwIBAgIEXh7TbTANBgkqhkiG9w0BAQsFADA+MQswCQYDVQQGEwJBVDENMAsGA1UE
+ CgwERUdJWjEOMAwGA1UECwwFalVuaXQxEDAOBgNVBAMMB3NpZ25pbmcwHhcNMjAwMTE1MDg1NTA5
+ WhcNMjkwMTE0MDg1NTA5WjA+MQswCQYDVQQGEwJBVDENMAsGA1UECgwERUdJWjEOMAwGA1UECwwF
+ alVuaXQxEDAOBgNVBAMMB3NpZ25pbmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCU
+ SiRjnDvPafZfhJ+L1wM86FKJX3VIAV/8TD9qJ6HOBkn5WwYfpheyCfRb6XVDyIGpO8qnMWAgC17N
+ gbmhzj8d8HXNQ2l3uppMv24oUTfXyYhQfZWAghx0sTlRIx/ZmlnduJilx2S53Sa7ruJwlQcBFXj9
+ h9B8dtyegc86Sx6D9BumP1xU7+mEBk8Gv9rR5Khg0Y7qGfZWB0t4aikgaupWveVwiGifOOSfR8cz
+ qIg9qUpMYfZiTEBTSRmN6sPiNWhd4J0GyAI9Rn5C9jz/sSlQrxpN+4DXzsqSU5F6gzq3yRux6wyO
+ zDlt2birf21VPQ9HIy4YCjZXwgDWG7AO821pAgMBAAEwDQYJKoZIhvcNAQELBQADggEBADnwdaxU
+ tQU6SIpYwIb2c0ljTmQi7ryUcUpNHtK0M0E5Mw5Ex8zwrWbNQZ2sUyc4r07M66iOIqHsYZUQlRYv
+ VKHifDpAr8TCgD7iGGdB3By8Ou0RaNW+03w1fwmi98CufbHCGvpv0o2KxlejoHZminNdQ79ibN+0
+ 1nhocezJQATEQlnwHLiQSjilXpZeLYDk8HbrcUXNRxezN4ChdH+uU54vf+Uxqcj9QHcmBe1+BM8E
+ XfqS1DbTwZl+NTCnh5OYl8fvIFSOHMBxwFrI4pyY0faxg9UcrCogn/oQ+mV1gnVUDaDhvvEnVGZQ
+ trlt7heVId2BeNellVgsrcmdW8j4U9U=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH
+ SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W
+ ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w
+ CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ
+ RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq
+ UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+
+ M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F
+ Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt
+ 1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq
+ nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC
+ VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq
+ itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc
+ 2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O
+ fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy
+ 4jpXrp77JXFRSDWddb0yePc=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/post" index="0" isDefault="true"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/redirect" index="1"/>
+ <md:AttributeConsumingService index="0" isDefault="true">
+ <md:ServiceName xml:lang="en">Default Service</md:ServiceName>
+ <md:RequestedAttribute FriendlyName="BPK" Name="urn:oid:1.2.40.0.10.2.1.1.149" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
+ <md:RequestedAttribute FriendlyName="PRINCIPAL-NAME" Name="urn:oid:1.2.40.0.10.2.1.1.261.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
+ <md:RequestedAttribute FriendlyName="BIRTHDATE" Name="urn:oid:1.2.40.0.10.2.1.1.55" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
+ <md:RequestedAttribute FriendlyName="PVP-VERSION" Name="urn:oid:1.2.40.0.10.2.1.1.261.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
+ <md:RequestedAttribute FriendlyName="EID-ISSUING-NATION" Name="urn:oid:1.2.40.0.10.2.1.1.261.32" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
+ <md:RequestedAttribute FriendlyName="MANDATOR-LEGAL-PERSON-SOURCE-PIN-TYPE" Name="urn:oid:1.2.40.0.10.2.1.1.261.76" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/>
+ <md:RequestedAttribute FriendlyName="MANDATOR-LEGAL-PERSON-FULL-NAME" Name="urn:oid:1.2.40.0.10.2.1.1.261.84" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/>
+ <md:RequestedAttribute FriendlyName="MANDATE-TYPE" Name="urn:oid:1.2.40.0.10.2.1.1.261.68" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/>
+ <md:RequestedAttribute FriendlyName="MANDATOR-LEGAL-PERSON-SOURCE-PIN" Name="urn:oid:1.2.40.0.10.2.1.1.261.100" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/>
+ <md:RequestedAttribute FriendlyName="GIVEN-NAME" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
+ <md:RequestedAttribute FriendlyName="EID-SECTOR-FOR-IDENTIFIER" Name="urn:oid:1.2.40.0.10.2.1.1.261.34" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
+ <md:RequestedAttribute FriendlyName="MANDATE-TYPE-OID" Name="urn:oid:1.2.40.0.10.2.1.1.261.106" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/>
+ <md:RequestedAttribute FriendlyName="EID-IDENTITY-LINK" Name="urn:oid:1.2.40.0.10.2.1.1.261.38" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/>
+ <md:RequestedAttribute FriendlyName="EID-CITIZEN-QAA-EIDAS-LEVEL" Name="urn:oid:1.2.40.0.10.2.1.1.261.108" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
+ </md:AttributeConsumingService>
+ </md:SPSSODescriptor>
+</md:EntityDescriptor>
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/empty_zmr_result.xml b/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/empty_zmr_result.xml
new file mode 100644
index 00000000..a968fabc
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/empty_zmr_result.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="UTF-8"?>
+ <base:Response xmlns="http://reference.e-government.gv.at/namespace/persondata/de/20040201#" xmlns:base="http://bmi.gv.at/namespace/zmr-su/base/20040201#" xmlns:zmr="http://bmi.gv.at/namespace/zmr-su/zmr/20040201#" xmlns:ns10="http://bmi.gv.at/namespace/zmr-su/ernp/20050901#" xmlns:ns11="http://bmi.gv.at/namespace/zmr-su/gis/20070725#" xmlns:ns12="http://egov.gv.at/pvp1.xsd" xmlns:ns13="http://schemas.xmlsoap.org/ws/2002/04/secext" xmlns:ns8="http://bmi.gv.at/namespace/zmr-su/lmr/20050401#" xmlns:ns9="http://www.w3.org/2000/09/xmldsig#">
+ <base:WorkflowInfoServer>
+ <base:ProzessName>GP_EIDAS</base:ProzessName>
+ <base:ProzessInstanzID>367100000000079</base:ProzessInstanzID>
+ <base:SequenzID>0</base:SequenzID>
+ </base:WorkflowInfoServer>
+ <base:ServerInfo>
+ <base:GeneriertVon>ZMR-Server Version: 5.9.0.0-SNAPSHOT</base:GeneriertVon>
+ <base:GeneriertAm>2021-11-12T08:24:40.985</base:GeneriertAm>
+ <base:ServerTransaktionNr>1877300000000139</base:ServerTransaktionNr>
+ </base:ServerInfo>
+ <zmr:PersonSuchenResponse>
+ <zmr:PersonensucheAnfrage>
+ <zmr:PersonensucheInfo>
+ <base:Bezugsfeld>Searching PersonIdentifier</base:Bezugsfeld>
+ <zmr:Suchkriterien>
+ <base:InclusivHistorie>true</base:InclusivHistorie>
+ <base:Formalisiert>false</base:Formalisiert>
+ </zmr:Suchkriterien>
+ <zmr:Ergebniskriterien>
+ <base:InclusivHistorie>false</base:InclusivHistorie>
+ </zmr:Ergebniskriterien>
+ <base:AnzahlSaetze>10</base:AnzahlSaetze>
+ </zmr:PersonensucheInfo>
+ <NatuerlichePerson/>
+ </zmr:PersonensucheAnfrage>
+ <base:Message>
+ <base:Number>5020</base:Number>
+ <base:Text>Person nicht gefunden.</base:Text>
+ </base:Message>
+ <zmr:Personensuchergebnis>
+ <base:GefundeneSaetze>0</base:GefundeneSaetze>
+ <zmr:GefundeneSaetzeERnP>0</zmr:GefundeneSaetzeERnP>
+ <base:SaetzeVon>0</base:SaetzeVon>
+ <base:SaetzeBis>1</base:SaetzeBis>
+ </zmr:Personensuchergebnis>
+ </zmr:PersonSuchenResponse>
+ </base:Response>
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/no_bpk_zp.xml b/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/no_bpk_zp.xml
new file mode 100644
index 00000000..8104573e
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/no_bpk_zp.xml
@@ -0,0 +1,290 @@
+<?xml version="1.0" encoding="UTF-8"?>
+ <base:Response xmlns="http://reference.e-government.gv.at/namespace/persondata/de/20040201#" xmlns:base="http://bmi.gv.at/namespace/zmr-su/base/20040201#" xmlns:zmr="http://bmi.gv.at/namespace/zmr-su/zmr/20040201#" xmlns:ns10="http://bmi.gv.at/namespace/zmr-su/ernp/20050901#" xmlns:ns11="http://bmi.gv.at/namespace/zmr-su/gis/20070725#" xmlns:ns12="http://egov.gv.at/pvp1.xsd" xmlns:ns13="http://schemas.xmlsoap.org/ws/2002/04/secext" xmlns:ns8="http://bmi.gv.at/namespace/zmr-su/lmr/20050401#" xmlns:ns9="http://www.w3.org/2000/09/xmldsig#">
+ <base:WorkflowInfoServer>
+ <base:ProzessName>GP_EIDAS</base:ProzessName>
+ <base:ProzessInstanzID>367100000000079</base:ProzessInstanzID>
+ <base:SequenzID>0</base:SequenzID>
+ </base:WorkflowInfoServer>
+ <base:ServerInfo>
+ <base:GeneriertVon>ZMR-Server Version: 5.9.0.0-SNAPSHOT</base:GeneriertVon>
+ <base:GeneriertAm>2021-11-12T08:24:40.985</base:GeneriertAm>
+ <base:ServerTransaktionNr>1877300000000139</base:ServerTransaktionNr>
+ </base:ServerInfo>
+ <zmr:PersonSuchenResponse>
+ <zmr:PersonensucheAnfrage>
+ <zmr:PersonensucheInfo>
+ <base:Bezugsfeld>Searching PersonIdentifier</base:Bezugsfeld>
+ <zmr:Suchkriterien>
+ <base:InclusivHistorie>true</base:InclusivHistorie>
+ <base:Formalisiert>false</base:Formalisiert>
+ </zmr:Suchkriterien>
+ <zmr:Ergebniskriterien>
+ <base:InclusivHistorie>false</base:InclusivHistorie>
+ </zmr:Ergebniskriterien>
+ <base:AnzahlSaetze>10</base:AnzahlSaetze>
+ </zmr:PersonensucheInfo>
+ <NatuerlichePerson/>
+ </zmr:PersonensucheAnfrage>
+ <base:Message>
+ <base:Number>5020</base:Number>
+ <base:Text>Person gefunden.</base:Text>
+ </base:Message>
+ <zmr:Personensuchergebnis>
+ <base:GefundeneSaetze>2</base:GefundeneSaetze>
+ <zmr:GefundeneSaetzeERnP>0</zmr:GefundeneSaetzeERnP>
+ <base:SaetzeVon>0</base:SaetzeVon>
+ <base:SaetzeBis>1</base:SaetzeBis>
+ <zmr:PersonErgebnisSatz>
+ <zmr:Personendaten>
+ <zmr:PersonErgebnis>
+ <base:ErgebnissatzInfo>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:ErgebnissatzInfo>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453600000000697</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>SONSTIGES</base:BeginnCode>
+ <base:BeginnText>Sonstiges</base:BeginnText>
+ <base:BeginnFreitext>Testerperson</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <base:ZMRZahl>000430320173</base:ZMRZahl>
+ <zmr:NatuerlichePerson>
+ <Identification>
+ <Value>UgeknNsc26lVuB7U/uYGVmWtnnA=</Value>
+ <Type>urn:publicid:gv.at:cdid+GH</Type>
+ </Identification>
+ <zmr:PersonenName>
+ <Vorname>XXXClaus - Maria</Vorname>
+ <Familienname>XXXvon Brandenburg</Familienname>
+ </zmr:PersonenName>
+ <Familienstand>unbekannt</Familienstand>
+ <Geschlecht>männlich</Geschlecht>
+ <Geburtsdatum>1994-12-31</Geburtsdatum>
+ <Geburtsort>Wien</Geburtsort>
+ <Geburtsbundesland>Wien</Geburtsbundesland>
+ <Geburtsstaat>Österreich</Geburtsstaat>
+ <zmr:Staatsangehoerigkeit>
+ <ISOCode3>AUT</ISOCode3>
+ <StaatsnameDE>Österreich</StaatsnameDE>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453600000000727</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>STAATSANGEH_ANLEGEN</base:BeginnCode>
+ <base:BeginnText>Staatsangehörigkeit anlegen</base:BeginnText>
+ <base:BeginnFreitext>Testerperson</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ </zmr:Staatsangehoerigkeit>
+ </zmr:NatuerlichePerson>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000001</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/BirthName</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>XXXvon Heuburg</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000003</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>Hintergigritzpotschn</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000005</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000005</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier</zmr:EidasArt>
+ <zmr:Staatscode2>EE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>aabbcc_should_not_be_included_for_DE</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000005</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit_second_one</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ </zmr:PersonErgebnis>
+ </zmr:Personendaten>
+ <zmr:Meldedaten>
+ <zmr:MeldungErgebnis>
+ <base:ErgebnissatzInfo>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:ErgebnissatzInfo>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453500000005242</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>WSANM</base:BeginnCode>
+ <base:BeginnText>Wohnsitz anmelden</base:BeginnText>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:Wohnsitz>
+ <zmr:PostAdresse>
+ <Postleitzahl>0088</Postleitzahl>
+ <Gemeinde>Testgemeinde</Gemeinde>
+ <Gemeindekennziffer>09988</Gemeindekennziffer>
+ <Ortschaft>Testort A</Ortschaft>
+ <zmr:Zustelladresse>
+ <Strassenname>Testgasse</Strassenname>
+ <Orientierungsnummer>1a-2b</Orientierungsnummer>
+ <Gebaeude>Stg. 3c-4d</Gebaeude>
+ <Nutzungseinheit>5</Nutzungseinheit>
+ <Wohnsitzqualitaet>H</Wohnsitzqualitaet>
+ <Abgabestelle>false</Abgabestelle>
+ <Nutzungseinheitlaufnummer>0001</Nutzungseinheitlaufnummer>
+ <zmr:AdressRegisterEintrag>
+ <Adresscode>T800001</Adresscode>
+ <Subcode>001</Subcode>
+ <Objektnummer>T800001</Objektnummer>
+ </zmr:AdressRegisterEintrag>
+ </zmr:Zustelladresse>
+ </zmr:PostAdresse>
+ <base:Adressstatus>HST111WWW</base:Adressstatus>
+ <base:Adressschluessel>
+ <base:OKZ>T8001</base:OKZ>
+ <base:SKZ>T80001</base:SKZ>
+ <base:ADRRefkey>T80000000001</base:ADRRefkey>
+ <base:GBRRefkey>T80000000002</base:GBRRefkey>
+ </base:Adressschluessel>
+ <base:HauptIdent>H</base:HauptIdent>
+ <base:Postleitzahlgebiet>Testpostort</base:Postleitzahlgebiet>
+ </zmr:Wohnsitz>
+ <base:GemeldetVon>2020-02-05T13:07:06.311</base:GemeldetVon>
+ <base:PeriodeCode>WSANM</base:PeriodeCode>
+ <base:PeriodeText>Wohnsitz anmelden</base:PeriodeText>
+ <zmr:Auskunftssperre>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453500000005262</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>AUSK_SPERRE_SETZ</base:BeginnCode>
+ <base:BeginnText>Auskunftssperre setzen</base:BeginnText>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:SperreVon>2020-02-05T13:07:06.311</zmr:SperreVon>
+ <zmr:SperreBis>9999-12-31T23:59:59.000</zmr:SperreBis>
+ <zmr:SperrCode>ASMG</zmr:SperrCode>
+ <zmr:SperrText>Auskunftssperre nach § 18 / 2ff MeldeG</zmr:SperrText>
+ <zmr:SperrFreitext>automatische Auskunftssperre</zmr:SperrFreitext>
+ </zmr:Auskunftssperre>
+ </zmr:MeldungErgebnis>
+ </zmr:Meldedaten>
+ </zmr:PersonErgebnisSatz>
+ </zmr:Personensuchergebnis>
+ </zmr:PersonSuchenResponse>
+ </base:Response>
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/search_with_personalId_only_resp.xml b/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/search_with_personalId_only_resp.xml
new file mode 100644
index 00000000..3d63472f
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/search_with_personalId_only_resp.xml
@@ -0,0 +1,290 @@
+<?xml version="1.0" encoding="UTF-8"?>
+ <base:Response xmlns="http://reference.e-government.gv.at/namespace/persondata/de/20040201#" xmlns:base="http://bmi.gv.at/namespace/zmr-su/base/20040201#" xmlns:zmr="http://bmi.gv.at/namespace/zmr-su/zmr/20040201#" xmlns:ns10="http://bmi.gv.at/namespace/zmr-su/ernp/20050901#" xmlns:ns11="http://bmi.gv.at/namespace/zmr-su/gis/20070725#" xmlns:ns12="http://egov.gv.at/pvp1.xsd" xmlns:ns13="http://schemas.xmlsoap.org/ws/2002/04/secext" xmlns:ns8="http://bmi.gv.at/namespace/zmr-su/lmr/20050401#" xmlns:ns9="http://www.w3.org/2000/09/xmldsig#">
+ <base:WorkflowInfoServer>
+ <base:ProzessName>GP_EIDAS</base:ProzessName>
+ <base:ProzessInstanzID>367100000000079</base:ProzessInstanzID>
+ <base:SequenzID>0</base:SequenzID>
+ </base:WorkflowInfoServer>
+ <base:ServerInfo>
+ <base:GeneriertVon>ZMR-Server Version: 5.9.0.0-SNAPSHOT</base:GeneriertVon>
+ <base:GeneriertAm>2021-11-12T08:24:40.985</base:GeneriertAm>
+ <base:ServerTransaktionNr>1877300000000139</base:ServerTransaktionNr>
+ </base:ServerInfo>
+ <zmr:PersonSuchenResponse>
+ <zmr:PersonensucheAnfrage>
+ <zmr:PersonensucheInfo>
+ <base:Bezugsfeld>Searching PersonIdentifier</base:Bezugsfeld>
+ <zmr:Suchkriterien>
+ <base:InclusivHistorie>true</base:InclusivHistorie>
+ <base:Formalisiert>false</base:Formalisiert>
+ </zmr:Suchkriterien>
+ <zmr:Ergebniskriterien>
+ <base:InclusivHistorie>false</base:InclusivHistorie>
+ </zmr:Ergebniskriterien>
+ <base:AnzahlSaetze>10</base:AnzahlSaetze>
+ </zmr:PersonensucheInfo>
+ <NatuerlichePerson/>
+ </zmr:PersonensucheAnfrage>
+ <base:Message>
+ <base:Number>5020</base:Number>
+ <base:Text>Person gefunden.</base:Text>
+ </base:Message>
+ <zmr:Personensuchergebnis>
+ <base:GefundeneSaetze>1</base:GefundeneSaetze>
+ <zmr:GefundeneSaetzeERnP>0</zmr:GefundeneSaetzeERnP>
+ <base:SaetzeVon>0</base:SaetzeVon>
+ <base:SaetzeBis>1</base:SaetzeBis>
+ <zmr:PersonErgebnisSatz>
+ <zmr:Personendaten>
+ <zmr:PersonErgebnis>
+ <base:ErgebnissatzInfo>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:ErgebnissatzInfo>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453600000000697</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>SONSTIGES</base:BeginnCode>
+ <base:BeginnText>Sonstiges</base:BeginnText>
+ <base:BeginnFreitext>Testerperson</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <base:ZMRZahl>000430320173</base:ZMRZahl>
+ <zmr:NatuerlichePerson>
+ <Identification>
+ <Value>UgeknNsc26lVuB7U/uYGVmWtnnA=</Value>
+ <Type>urn:publicid:gv.at:cdid+ZP</Type>
+ </Identification>
+ <zmr:PersonenName>
+ <Vorname>XXXClaus - Maria</Vorname>
+ <Familienname>XXXvon Brandenburg</Familienname>
+ </zmr:PersonenName>
+ <Familienstand>unbekannt</Familienstand>
+ <Geschlecht>männlich</Geschlecht>
+ <Geburtsdatum>1994-12-31</Geburtsdatum>
+ <Geburtsort>Wien</Geburtsort>
+ <Geburtsbundesland>Wien</Geburtsbundesland>
+ <Geburtsstaat>Österreich</Geburtsstaat>
+ <zmr:Staatsangehoerigkeit>
+ <ISOCode3>AUT</ISOCode3>
+ <StaatsnameDE>Österreich</StaatsnameDE>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453600000000727</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>STAATSANGEH_ANLEGEN</base:BeginnCode>
+ <base:BeginnText>Staatsangehörigkeit anlegen</base:BeginnText>
+ <base:BeginnFreitext>Testerperson</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ </zmr:Staatsangehoerigkeit>
+ </zmr:NatuerlichePerson>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000001</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/BirthName</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>XXXvon Heuburg</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000003</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>Hintergigritzpotschn</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000005</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000005</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier</zmr:EidasArt>
+ <zmr:Staatscode2>EE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>aabbcc_should_not_be_included_for_DE</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000005</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit_second_one</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ </zmr:PersonErgebnis>
+ </zmr:Personendaten>
+ <zmr:Meldedaten>
+ <zmr:MeldungErgebnis>
+ <base:ErgebnissatzInfo>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:ErgebnissatzInfo>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453500000005242</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>WSANM</base:BeginnCode>
+ <base:BeginnText>Wohnsitz anmelden</base:BeginnText>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:Wohnsitz>
+ <zmr:PostAdresse>
+ <Postleitzahl>0088</Postleitzahl>
+ <Gemeinde>Testgemeinde</Gemeinde>
+ <Gemeindekennziffer>09988</Gemeindekennziffer>
+ <Ortschaft>Testort A</Ortschaft>
+ <zmr:Zustelladresse>
+ <Strassenname>Testgasse</Strassenname>
+ <Orientierungsnummer>1a-2b</Orientierungsnummer>
+ <Gebaeude>Stg. 3c-4d</Gebaeude>
+ <Nutzungseinheit>5</Nutzungseinheit>
+ <Wohnsitzqualitaet>H</Wohnsitzqualitaet>
+ <Abgabestelle>false</Abgabestelle>
+ <Nutzungseinheitlaufnummer>0001</Nutzungseinheitlaufnummer>
+ <zmr:AdressRegisterEintrag>
+ <Adresscode>T800001</Adresscode>
+ <Subcode>001</Subcode>
+ <Objektnummer>T800001</Objektnummer>
+ </zmr:AdressRegisterEintrag>
+ </zmr:Zustelladresse>
+ </zmr:PostAdresse>
+ <base:Adressstatus>HST111WWW</base:Adressstatus>
+ <base:Adressschluessel>
+ <base:OKZ>T8001</base:OKZ>
+ <base:SKZ>T80001</base:SKZ>
+ <base:ADRRefkey>T80000000001</base:ADRRefkey>
+ <base:GBRRefkey>T80000000002</base:GBRRefkey>
+ </base:Adressschluessel>
+ <base:HauptIdent>H</base:HauptIdent>
+ <base:Postleitzahlgebiet>Testpostort</base:Postleitzahlgebiet>
+ </zmr:Wohnsitz>
+ <base:GemeldetVon>2020-02-05T13:07:06.311</base:GemeldetVon>
+ <base:PeriodeCode>WSANM</base:PeriodeCode>
+ <base:PeriodeText>Wohnsitz anmelden</base:PeriodeText>
+ <zmr:Auskunftssperre>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453500000005262</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>AUSK_SPERRE_SETZ</base:BeginnCode>
+ <base:BeginnText>Auskunftssperre setzen</base:BeginnText>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:SperreVon>2020-02-05T13:07:06.311</zmr:SperreVon>
+ <zmr:SperreBis>9999-12-31T23:59:59.000</zmr:SperreBis>
+ <zmr:SperrCode>ASMG</zmr:SperrCode>
+ <zmr:SperrText>Auskunftssperre nach § 18 / 2ff MeldeG</zmr:SperrText>
+ <zmr:SperrFreitext>automatische Auskunftssperre</zmr:SperrFreitext>
+ </zmr:Auskunftssperre>
+ </zmr:MeldungErgebnis>
+ </zmr:Meldedaten>
+ </zmr:PersonErgebnisSatz>
+ </zmr:Personensuchergebnis>
+ </zmr:PersonSuchenResponse>
+ </base:Response>
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/search_with_personalId_only_resp_historicIncluded.xml b/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/search_with_personalId_only_resp_historicIncluded.xml
new file mode 100644
index 00000000..b8a6fcd0
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/search_with_personalId_only_resp_historicIncluded.xml
@@ -0,0 +1,389 @@
+<?xml version="1.0" encoding="UTF-8"?>
+ <base:Response xmlns="http://reference.e-government.gv.at/namespace/persondata/de/20040201#" xmlns:base="http://bmi.gv.at/namespace/zmr-su/base/20040201#" xmlns:zmr="http://bmi.gv.at/namespace/zmr-su/zmr/20040201#" xmlns:ns10="http://bmi.gv.at/namespace/zmr-su/ernp/20050901#" xmlns:ns11="http://bmi.gv.at/namespace/zmr-su/gis/20070725#" xmlns:ns12="http://egov.gv.at/pvp1.xsd" xmlns:ns13="http://schemas.xmlsoap.org/ws/2002/04/secext" xmlns:ns8="http://bmi.gv.at/namespace/zmr-su/lmr/20050401#" xmlns:ns9="http://www.w3.org/2000/09/xmldsig#">
+ <base:WorkflowInfoServer>
+ <base:ProzessName>GP_EIDAS</base:ProzessName>
+ <base:ProzessInstanzID>367100000000080</base:ProzessInstanzID>
+ <base:SequenzID>0</base:SequenzID>
+ </base:WorkflowInfoServer>
+ <base:ServerInfo>
+ <base:GeneriertVon>ZMR-Server Version: 5.9.0.0-SNAPSHOT</base:GeneriertVon>
+ <base:GeneriertAm>2021-11-12T08:24:40.985</base:GeneriertAm>
+ <base:ServerTransaktionNr>1877300000000139</base:ServerTransaktionNr>
+ </base:ServerInfo>
+ <zmr:PersonSuchenResponse>
+ <zmr:PersonensucheAnfrage>
+ <zmr:PersonensucheInfo>
+ <base:Bezugsfeld>Searching PersonIdentifier</base:Bezugsfeld>
+ <zmr:Suchkriterien>
+ <base:InclusivHistorie>true</base:InclusivHistorie>
+ <base:Formalisiert>false</base:Formalisiert>
+ </zmr:Suchkriterien>
+ <zmr:Ergebniskriterien>
+ <base:InclusivHistorie>false</base:InclusivHistorie>
+ </zmr:Ergebniskriterien>
+ <base:AnzahlSaetze>10</base:AnzahlSaetze>
+ </zmr:PersonensucheInfo>
+ <NatuerlichePerson/>
+ </zmr:PersonensucheAnfrage>
+ <base:Message>
+ <base:Number>5020</base:Number>
+ <base:Text>Person gefunden.</base:Text>
+ </base:Message>
+ <zmr:Personensuchergebnis>
+ <base:GefundeneSaetze>2</base:GefundeneSaetze>
+ <zmr:GefundeneSaetzeERnP>0</zmr:GefundeneSaetzeERnP>
+ <base:SaetzeVon>0</base:SaetzeVon>
+ <base:SaetzeBis>1</base:SaetzeBis>
+ <zmr:PersonErgebnisSatz>
+ <zmr:Personendaten>
+ <zmr:PersonErgebnis>
+ <base:ErgebnissatzInfo>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:ErgebnissatzInfo>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453600000000697</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>SONSTIGES</base:BeginnCode>
+ <base:BeginnText>Sonstiges</base:BeginnText>
+ <base:BeginnFreitext>Testerperson</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <base:ZMRZahl>000430320173</base:ZMRZahl>
+ <zmr:NatuerlichePerson>
+ <Identification>
+ <Value>9/MtsPZgBHQMBpQOD6aOY2TUqcY=</Value>
+ <Type>urn:publicid:gv.at:cdid+ZP</Type>
+ </Identification>
+ <zmr:PersonenName>
+ <Vorname>XXXŐzgür</Vorname>
+ <Familienname>XXXTüzekçi</Familienname>
+ </zmr:PersonenName>
+ <Familienstand>unbekannt</Familienstand>
+ <Geschlecht>männlich</Geschlecht>
+ <Geburtsdatum>1983-06-04</Geburtsdatum>
+ <Geburtsort>Wien</Geburtsort>
+ <Geburtsbundesland>Wien</Geburtsbundesland>
+ <Geburtsstaat>Österreich</Geburtsstaat>
+ <zmr:Staatsangehoerigkeit>
+ <ISOCode3>AUT</ISOCode3>
+ <StaatsnameDE>Österreich</StaatsnameDE>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453600000000727</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>STAATSANGEH_ANLEGEN</base:BeginnCode>
+ <base:BeginnText>Staatsangehörigkeit anlegen</base:BeginnText>
+ <base:BeginnFreitext>Testerperson</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ </zmr:Staatsangehoerigkeit>
+ </zmr:NatuerlichePerson>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000001</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/BirthName</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>XXXvon Heuburg</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000003</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>Hintergigritzpotschn</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000005</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000005</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier</zmr:EidasArt>
+ <zmr:Staatscode2>EE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>aabbcc_should_not_be_included_for_DE</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000005</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit_second_one</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ </zmr:PersonErgebnis>
+
+<zmr:PersonErgebnis>
+ <base:ErgebnissatzInfo>
+ <base:LetzteAenderung>2021-10-21T13:07:39.000</base:LetzteAenderung>
+ </base:ErgebnissatzInfo>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44454000000000811</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:45:52.563</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:45:52.563</base:Von>
+ <base:BeginnCode>SONSTIGES</base:BeginnCode>
+ <base:BeginnText>Sonstiges</base:BeginnText>
+ <base:BeginnFreitext>Testperson</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <base:ZMRZahl>000648035760</base:ZMRZahl>
+ <zmr:NatuerlichePerson>
+ <Identification>
+ <Value>UgeknNsc26lVuB7U/uYGVmWtnnA=</Value>
+ <Type>urn:publicid:gv.at:cdid+ZP</Type>
+ </Identification>
+ <zmr:PersonenName>
+ <Vorname>XXXŐzgür</Vorname>
+ <Familienname>XXXTüzekçi</Familienname>
+ </zmr:PersonenName>
+ <Familienstand>unbekannt</Familienstand>
+ <Geschlecht>weiblich</Geschlecht>
+ <Geburtsdatum>1983-06-04</Geburtsdatum>
+ <Geburtsort>Wien</Geburtsort>
+ <Geburtsbundesland>Wien</Geburtsbundesland>
+ <Geburtsstaat>Österreich</Geburtsstaat>
+ <zmr:Staatsangehoerigkeit>
+ <ISOCode3>TUR</ISOCode3>
+ <StaatsnameDE>Türkei</StaatsnameDE>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44454000000000841</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:45:52.563</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:45:52.563</base:Von>
+ <base:BeginnCode>STAATSANGEH_ANLEGEN</base:BeginnCode>
+ <base:BeginnText>Staatsangehörigkeit anlegen</base:BeginnText>
+ <base:BeginnFreitext>Testperson</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ </zmr:Staatsangehoerigkeit>
+ </zmr:NatuerlichePerson>
+ <zmr:Reisedokument>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44454000000000855</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:45:52.563</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:45:52.563</base:Von>
+ <base:BeginnCode>REISEDOK_ANLEGEN</base:BeginnCode>
+ <base:BeginnText>Reisedokument anlegen</base:BeginnText>
+ <base:BeginnFreitext>Testperson</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <base:DokumentArt>FREMDEROA</base:DokumentArt>
+ </zmr:Reisedokument>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1867900000000716</base:EntityID>
+ <base:LetzteAenderung>2021-10-21T13:07:38.065</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-10-21T13:07:38.065</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier</zmr:EidasArt>
+ <zmr:Staatscode2>EE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>7cEYSvKZasdfsafsaf4CDVzNT4E7cjkU4Vq_first</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ </zmr:PersonErgebnis>
+
+ </zmr:Personendaten>
+ <zmr:Meldedaten>
+ <zmr:MeldungErgebnis>
+ <base:ErgebnissatzInfo>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:ErgebnissatzInfo>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453500000005242</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>WSANM</base:BeginnCode>
+ <base:BeginnText>Wohnsitz anmelden</base:BeginnText>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:Wohnsitz>
+ <zmr:PostAdresse>
+ <Postleitzahl>0088</Postleitzahl>
+ <Gemeinde>Testgemeinde</Gemeinde>
+ <Gemeindekennziffer>09988</Gemeindekennziffer>
+ <Ortschaft>Testort A</Ortschaft>
+ <zmr:Zustelladresse>
+ <Strassenname>Testgasse</Strassenname>
+ <Orientierungsnummer>1a-2b</Orientierungsnummer>
+ <Gebaeude>Stg. 3c-4d</Gebaeude>
+ <Nutzungseinheit>5</Nutzungseinheit>
+ <Wohnsitzqualitaet>H</Wohnsitzqualitaet>
+ <Abgabestelle>false</Abgabestelle>
+ <Nutzungseinheitlaufnummer>0001</Nutzungseinheitlaufnummer>
+ <zmr:AdressRegisterEintrag>
+ <Adresscode>T800001</Adresscode>
+ <Subcode>001</Subcode>
+ <Objektnummer>T800001</Objektnummer>
+ </zmr:AdressRegisterEintrag>
+ </zmr:Zustelladresse>
+ </zmr:PostAdresse>
+ <base:Adressstatus>HST111WWW</base:Adressstatus>
+ <base:Adressschluessel>
+ <base:OKZ>T8001</base:OKZ>
+ <base:SKZ>T80001</base:SKZ>
+ <base:ADRRefkey>T80000000001</base:ADRRefkey>
+ <base:GBRRefkey>T80000000002</base:GBRRefkey>
+ </base:Adressschluessel>
+ <base:HauptIdent>H</base:HauptIdent>
+ <base:Postleitzahlgebiet>Testpostort</base:Postleitzahlgebiet>
+ </zmr:Wohnsitz>
+ <base:GemeldetVon>2020-02-05T13:07:06.311</base:GemeldetVon>
+ <base:PeriodeCode>WSANM</base:PeriodeCode>
+ <base:PeriodeText>Wohnsitz anmelden</base:PeriodeText>
+ <zmr:Auskunftssperre>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453500000005262</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>AUSK_SPERRE_SETZ</base:BeginnCode>
+ <base:BeginnText>Auskunftssperre setzen</base:BeginnText>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:SperreVon>2020-02-05T13:07:06.311</zmr:SperreVon>
+ <zmr:SperreBis>9999-12-31T23:59:59.000</zmr:SperreBis>
+ <zmr:SperrCode>ASMG</zmr:SperrCode>
+ <zmr:SperrText>Auskunftssperre nach § 18 / 2ff MeldeG</zmr:SperrText>
+ <zmr:SperrFreitext>automatische Auskunftssperre</zmr:SperrFreitext>
+ </zmr:Auskunftssperre>
+ </zmr:MeldungErgebnis>
+ </zmr:Meldedaten>
+ </zmr:PersonErgebnisSatz>
+ </zmr:Personensuchergebnis>
+ </zmr:PersonSuchenResponse>
+ </base:Response>
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/search_with_personalId_only_resp_moreThanOne.xml b/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/search_with_personalId_only_resp_moreThanOne.xml
new file mode 100644
index 00000000..3259d411
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/search_with_personalId_only_resp_moreThanOne.xml
@@ -0,0 +1,488 @@
+<?xml version="1.0" encoding="UTF-8"?>
+ <base:Response xmlns="http://reference.e-government.gv.at/namespace/persondata/de/20040201#" xmlns:base="http://bmi.gv.at/namespace/zmr-su/base/20040201#" xmlns:zmr="http://bmi.gv.at/namespace/zmr-su/zmr/20040201#" xmlns:ns10="http://bmi.gv.at/namespace/zmr-su/ernp/20050901#" xmlns:ns11="http://bmi.gv.at/namespace/zmr-su/gis/20070725#" xmlns:ns12="http://egov.gv.at/pvp1.xsd" xmlns:ns13="http://schemas.xmlsoap.org/ws/2002/04/secext" xmlns:ns8="http://bmi.gv.at/namespace/zmr-su/lmr/20050401#" xmlns:ns9="http://www.w3.org/2000/09/xmldsig#">
+ <base:WorkflowInfoServer>
+ <base:ProzessName>GP_EIDAS</base:ProzessName>
+ <base:ProzessInstanzID>367100000000079</base:ProzessInstanzID>
+ <base:SequenzID>0</base:SequenzID>
+ </base:WorkflowInfoServer>
+ <base:ServerInfo>
+ <base:GeneriertVon>ZMR-Server Version: 5.9.0.0-SNAPSHOT</base:GeneriertVon>
+ <base:GeneriertAm>2021-11-12T08:24:40.985</base:GeneriertAm>
+ <base:ServerTransaktionNr>1877300000000139</base:ServerTransaktionNr>
+ </base:ServerInfo>
+ <zmr:PersonSuchenResponse>
+ <zmr:PersonensucheAnfrage>
+ <zmr:PersonensucheInfo>
+ <base:Bezugsfeld>Searching PersonIdentifier</base:Bezugsfeld>
+ <zmr:Suchkriterien>
+ <base:InclusivHistorie>true</base:InclusivHistorie>
+ <base:Formalisiert>false</base:Formalisiert>
+ </zmr:Suchkriterien>
+ <zmr:Ergebniskriterien>
+ <base:InclusivHistorie>false</base:InclusivHistorie>
+ </zmr:Ergebniskriterien>
+ <base:AnzahlSaetze>10</base:AnzahlSaetze>
+ </zmr:PersonensucheInfo>
+ <NatuerlichePerson/>
+ </zmr:PersonensucheAnfrage>
+ <base:Message>
+ <base:Number>5020</base:Number>
+ <base:Text>Person gefunden.</base:Text>
+ </base:Message>
+ <zmr:Personensuchergebnis>
+ <base:GefundeneSaetze>2</base:GefundeneSaetze>
+ <zmr:GefundeneSaetzeERnP>0</zmr:GefundeneSaetzeERnP>
+ <base:SaetzeVon>0</base:SaetzeVon>
+ <base:SaetzeBis>1</base:SaetzeBis>
+ <zmr:PersonErgebnisSatz>
+ <zmr:Personendaten>
+ <zmr:PersonErgebnis>
+ <base:ErgebnissatzInfo>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:ErgebnissatzInfo>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453600000000697</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>SONSTIGES</base:BeginnCode>
+ <base:BeginnText>Sonstiges</base:BeginnText>
+ <base:BeginnFreitext>Testerperson</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <base:ZMRZahl>000430320173</base:ZMRZahl>
+ <zmr:NatuerlichePerson>
+ <Identification>
+ <Value>UgeknNsc26lVuB7U/uYGVmWtnnA=</Value>
+ <Type>urn:publicid:gv.at:cdid+ZP</Type>
+ </Identification>
+ <zmr:PersonenName>
+ <Vorname>XXXClaus - Maria</Vorname>
+ <Familienname>XXXvon Brandenburg</Familienname>
+ </zmr:PersonenName>
+ <Familienstand>unbekannt</Familienstand>
+ <Geschlecht>männlich</Geschlecht>
+ <Geburtsdatum>1994-12-31</Geburtsdatum>
+ <Geburtsort>Wien</Geburtsort>
+ <Geburtsbundesland>Wien</Geburtsbundesland>
+ <Geburtsstaat>Österreich</Geburtsstaat>
+ <zmr:Staatsangehoerigkeit>
+ <ISOCode3>AUT</ISOCode3>
+ <StaatsnameDE>Österreich</StaatsnameDE>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453600000000727</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>STAATSANGEH_ANLEGEN</base:BeginnCode>
+ <base:BeginnText>Staatsangehörigkeit anlegen</base:BeginnText>
+ <base:BeginnFreitext>Testerperson</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ </zmr:Staatsangehoerigkeit>
+ </zmr:NatuerlichePerson>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000001</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/BirthName</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>XXXvon Heuburg</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000003</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>Hintergigritzpotschn</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000005</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000005</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier</zmr:EidasArt>
+ <zmr:Staatscode2>EE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>aabbcc_should_not_be_included_for_DE</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000005</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit_second_one</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ </zmr:PersonErgebnis>
+ </zmr:Personendaten>
+ <zmr:Meldedaten>
+ <zmr:MeldungErgebnis>
+ <base:ErgebnissatzInfo>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:ErgebnissatzInfo>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453500000005242</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>WSANM</base:BeginnCode>
+ <base:BeginnText>Wohnsitz anmelden</base:BeginnText>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:Wohnsitz>
+ <zmr:PostAdresse>
+ <Postleitzahl>0088</Postleitzahl>
+ <Gemeinde>Testgemeinde</Gemeinde>
+ <Gemeindekennziffer>09988</Gemeindekennziffer>
+ <Ortschaft>Testort A</Ortschaft>
+ <zmr:Zustelladresse>
+ <Strassenname>Testgasse</Strassenname>
+ <Orientierungsnummer>1a-2b</Orientierungsnummer>
+ <Gebaeude>Stg. 3c-4d</Gebaeude>
+ <Nutzungseinheit>5</Nutzungseinheit>
+ <Wohnsitzqualitaet>H</Wohnsitzqualitaet>
+ <Abgabestelle>false</Abgabestelle>
+ <Nutzungseinheitlaufnummer>0001</Nutzungseinheitlaufnummer>
+ <zmr:AdressRegisterEintrag>
+ <Adresscode>T800001</Adresscode>
+ <Subcode>001</Subcode>
+ <Objektnummer>T800001</Objektnummer>
+ </zmr:AdressRegisterEintrag>
+ </zmr:Zustelladresse>
+ </zmr:PostAdresse>
+ <base:Adressstatus>HST111WWW</base:Adressstatus>
+ <base:Adressschluessel>
+ <base:OKZ>T8001</base:OKZ>
+ <base:SKZ>T80001</base:SKZ>
+ <base:ADRRefkey>T80000000001</base:ADRRefkey>
+ <base:GBRRefkey>T80000000002</base:GBRRefkey>
+ </base:Adressschluessel>
+ <base:HauptIdent>H</base:HauptIdent>
+ <base:Postleitzahlgebiet>Testpostort</base:Postleitzahlgebiet>
+ </zmr:Wohnsitz>
+ <base:GemeldetVon>2020-02-05T13:07:06.311</base:GemeldetVon>
+ <base:PeriodeCode>WSANM</base:PeriodeCode>
+ <base:PeriodeText>Wohnsitz anmelden</base:PeriodeText>
+ <zmr:Auskunftssperre>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453500000005262</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>AUSK_SPERRE_SETZ</base:BeginnCode>
+ <base:BeginnText>Auskunftssperre setzen</base:BeginnText>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:SperreVon>2020-02-05T13:07:06.311</zmr:SperreVon>
+ <zmr:SperreBis>9999-12-31T23:59:59.000</zmr:SperreBis>
+ <zmr:SperrCode>ASMG</zmr:SperrCode>
+ <zmr:SperrText>Auskunftssperre nach § 18 / 2ff MeldeG</zmr:SperrText>
+ <zmr:SperrFreitext>automatische Auskunftssperre</zmr:SperrFreitext>
+ </zmr:Auskunftssperre>
+ </zmr:MeldungErgebnis>
+ </zmr:Meldedaten>
+ </zmr:PersonErgebnisSatz>
+ <zmr:PersonErgebnisSatz>
+ <zmr:Personendaten>
+ <zmr:PersonErgebnis>
+ <base:ErgebnissatzInfo>
+ <base:LetzteAenderung>2021-10-21T13:07:39.000</base:LetzteAenderung>
+ </base:ErgebnissatzInfo>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44454000000000811</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:45:52.563</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:45:52.563</base:Von>
+ <base:BeginnCode>SONSTIGES</base:BeginnCode>
+ <base:BeginnText>Sonstiges</base:BeginnText>
+ <base:BeginnFreitext>Testperson</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <base:ZMRZahl>000648035760</base:ZMRZahl>
+ <zmr:NatuerlichePerson>
+ <Identification>
+ <Value>9/MtsPZgBHQMBpQOD6aOY2TUqcY=</Value>
+ <Type>urn:publicid:gv.at:cdid+ZP</Type>
+ </Identification>
+ <zmr:PersonenName>
+ <Vorname>XXXŐzgür</Vorname>
+ <Familienname>XXXTüzekçi</Familienname>
+ </zmr:PersonenName>
+ <Familienstand>unbekannt</Familienstand>
+ <Geschlecht>weiblich</Geschlecht>
+ <Geburtsdatum>1983-06-04</Geburtsdatum>
+ <Geburtsort>Wien</Geburtsort>
+ <Geburtsbundesland>Wien</Geburtsbundesland>
+ <Geburtsstaat>Österreich</Geburtsstaat>
+ <zmr:Staatsangehoerigkeit>
+ <ISOCode3>TUR</ISOCode3>
+ <StaatsnameDE>Türkei</StaatsnameDE>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44454000000000841</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:45:52.563</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:45:52.563</base:Von>
+ <base:BeginnCode>STAATSANGEH_ANLEGEN</base:BeginnCode>
+ <base:BeginnText>Staatsangehörigkeit anlegen</base:BeginnText>
+ <base:BeginnFreitext>Testperson</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ </zmr:Staatsangehoerigkeit>
+ </zmr:NatuerlichePerson>
+ <zmr:Reisedokument>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44454000000000855</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:45:52.563</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:45:52.563</base:Von>
+ <base:BeginnCode>REISEDOK_ANLEGEN</base:BeginnCode>
+ <base:BeginnText>Reisedokument anlegen</base:BeginnText>
+ <base:BeginnFreitext>Testperson</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <base:DokumentArt>FREMDEROA</base:DokumentArt>
+ </zmr:Reisedokument>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1867900000000716</base:EntityID>
+ <base:LetzteAenderung>2021-10-21T13:07:38.065</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-10-21T13:07:38.065</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier</zmr:EidasArt>
+ <zmr:Staatscode2>EE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>7cEYSvKZasdfsafsaf4CDVzNT4E7cjkU4Vq_first</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1868500000000597</base:EntityID>
+ <base:LetzteAenderung>2021-10-21T13:07:39.000</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-10-21T13:07:39.000</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier</zmr:EidasArt>
+ <zmr:Staatscode2>EE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>7cEYSvKZasdfsafsaf4CDVzNT4E7cjkU4Vq_second</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ </zmr:PersonErgebnis>
+ </zmr:Personendaten>
+ <zmr:Meldedaten>
+ <zmr:MeldungErgebnis>
+ <base:ErgebnissatzInfo>
+ <base:LetzteAenderung>2020-02-05T13:45:52.563</base:LetzteAenderung>
+ </base:ErgebnissatzInfo>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453900000006913</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:45:52.563</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:45:52.563</base:Von>
+ <base:BeginnCode>WSANM</base:BeginnCode>
+ <base:BeginnText>Wohnsitz anmelden</base:BeginnText>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:Wohnsitz>
+ <zmr:PostAdresse>
+ <Postleitzahl>0088</Postleitzahl>
+ <Gemeinde>Testgemeinde</Gemeinde>
+ <Gemeindekennziffer>09988</Gemeindekennziffer>
+ <Ortschaft>Testort A</Ortschaft>
+ <zmr:Zustelladresse>
+ <Strassenname>Testgasse</Strassenname>
+ <Orientierungsnummer>1a-2b</Orientierungsnummer>
+ <Gebaeude>Stg. 3c-4d</Gebaeude>
+ <Wohnsitzqualitaet>H</Wohnsitzqualitaet>
+ <Abgabestelle>false</Abgabestelle>
+ <zmr:AdressRegisterEintrag>
+ <Adresscode>T800001</Adresscode>
+ <Subcode>001</Subcode>
+ <Objektnummer>T800001</Objektnummer>
+ </zmr:AdressRegisterEintrag>
+ </zmr:Zustelladresse>
+ </zmr:PostAdresse>
+ <base:Adressstatus>HSX11XWWX</base:Adressstatus>
+ <base:Adressschluessel>
+ <base:OKZ>T8001</base:OKZ>
+ <base:SKZ>T80001</base:SKZ>
+ <base:ADRRefkey>T80000000001</base:ADRRefkey>
+ <base:GBRRefkey>T80000000002</base:GBRRefkey>
+ </base:Adressschluessel>
+ <base:HauptIdent>H</base:HauptIdent>
+ <base:Postleitzahlgebiet>Testpostort</base:Postleitzahlgebiet>
+ </zmr:Wohnsitz>
+ <base:GemeldetVon>2020-02-05T13:45:52.563</base:GemeldetVon>
+ <base:PeriodeCode>WSANM</base:PeriodeCode>
+ <base:PeriodeText>Wohnsitz anmelden</base:PeriodeText>
+ <zmr:Auskunftssperre>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453900000006933</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:45:52.563</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:45:52.563</base:Von>
+ <base:BeginnCode>AUSK_SPERRE_SETZ</base:BeginnCode>
+ <base:BeginnText>Auskunftssperre setzen</base:BeginnText>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:SperreVon>2020-02-05T13:45:52.563</zmr:SperreVon>
+ <zmr:SperreBis>9999-12-31T23:59:59.000</zmr:SperreBis>
+ <zmr:SperrCode>ASMG</zmr:SperrCode>
+ <zmr:SperrText>Auskunftssperre nach § 18 / 2ff MeldeG</zmr:SperrText>
+ <zmr:SperrFreitext>automatische Auskunftssperre</zmr:SperrFreitext>
+ </zmr:Auskunftssperre>
+ </zmr:MeldungErgebnis>
+ </zmr:Meldedaten>
+ </zmr:PersonErgebnisSatz>
+ </zmr:Personensuchergebnis>
+ </zmr:PersonSuchenResponse>
+ </base:Response>
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/search_with_personalId_only_resp_moreThanOne_2.xml b/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/search_with_personalId_only_resp_moreThanOne_2.xml
new file mode 100644
index 00000000..ba4ad172
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/search_with_personalId_only_resp_moreThanOne_2.xml
@@ -0,0 +1,465 @@
+<?xml version="1.0" encoding="UTF-8"?>
+ <base:Response xmlns="http://reference.e-government.gv.at/namespace/persondata/de/20040201#" xmlns:base="http://bmi.gv.at/namespace/zmr-su/base/20040201#" xmlns:zmr="http://bmi.gv.at/namespace/zmr-su/zmr/20040201#" xmlns:ns10="http://bmi.gv.at/namespace/zmr-su/ernp/20050901#" xmlns:ns11="http://bmi.gv.at/namespace/zmr-su/gis/20070725#" xmlns:ns12="http://egov.gv.at/pvp1.xsd" xmlns:ns13="http://schemas.xmlsoap.org/ws/2002/04/secext" xmlns:ns8="http://bmi.gv.at/namespace/zmr-su/lmr/20050401#" xmlns:ns9="http://www.w3.org/2000/09/xmldsig#">
+ <base:WorkflowInfoServer>
+ <base:ProzessName>GP_EIDAS</base:ProzessName>
+ <base:ProzessInstanzID>367100000000080</base:ProzessInstanzID>
+ <base:SequenzID>0</base:SequenzID>
+ </base:WorkflowInfoServer>
+ <base:ServerInfo>
+ <base:GeneriertVon>ZMR-Server Version: 5.9.0.0-SNAPSHOT</base:GeneriertVon>
+ <base:GeneriertAm>2021-11-12T08:24:40.985</base:GeneriertAm>
+ <base:ServerTransaktionNr>1877300000000139</base:ServerTransaktionNr>
+ </base:ServerInfo>
+ <zmr:PersonSuchenResponse>
+ <zmr:PersonensucheAnfrage>
+ <zmr:PersonensucheInfo>
+ <base:Bezugsfeld>Searching PersonIdentifier</base:Bezugsfeld>
+ <zmr:Suchkriterien>
+ <base:InclusivHistorie>true</base:InclusivHistorie>
+ <base:Formalisiert>false</base:Formalisiert>
+ </zmr:Suchkriterien>
+ <zmr:Ergebniskriterien>
+ <base:InclusivHistorie>false</base:InclusivHistorie>
+ </zmr:Ergebniskriterien>
+ <base:AnzahlSaetze>10</base:AnzahlSaetze>
+ </zmr:PersonensucheInfo>
+ <NatuerlichePerson/>
+ </zmr:PersonensucheAnfrage>
+ <base:Message>
+ <base:Number>5020</base:Number>
+ <base:Text>Person gefunden.</base:Text>
+ </base:Message>
+ <zmr:Personensuchergebnis>
+ <base:GefundeneSaetze>2</base:GefundeneSaetze>
+ <zmr:GefundeneSaetzeERnP>0</zmr:GefundeneSaetzeERnP>
+ <base:SaetzeVon>0</base:SaetzeVon>
+ <base:SaetzeBis>1</base:SaetzeBis>
+ <zmr:PersonErgebnisSatz>
+ <zmr:Personendaten>
+ <zmr:PersonErgebnis>
+ <base:ErgebnissatzInfo>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:ErgebnissatzInfo>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453600000000697</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>SONSTIGES</base:BeginnCode>
+ <base:BeginnText>Sonstiges</base:BeginnText>
+ <base:BeginnFreitext>Testerperson</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <base:ZMRZahl>000430320173</base:ZMRZahl>
+ <zmr:NatuerlichePerson>
+ <Identification>
+ <Value>9/MtsPZgBHQMBpQOD6aOY2TUqcY=</Value>
+ <Type>urn:publicid:gv.at:cdid+ZP</Type>
+ </Identification>
+ <zmr:PersonenName>
+ <Vorname>XXXŐzgür</Vorname>
+ <Familienname>XXXTüzekçi</Familienname>
+ </zmr:PersonenName>
+ <Familienstand>unbekannt</Familienstand>
+ <Geschlecht>männlich</Geschlecht>
+ <Geburtsdatum>1983-06-04</Geburtsdatum>
+ <Geburtsort>Wien</Geburtsort>
+ <Geburtsbundesland>Wien</Geburtsbundesland>
+ <Geburtsstaat>Österreich</Geburtsstaat>
+ <zmr:Staatsangehoerigkeit>
+ <ISOCode3>AUT</ISOCode3>
+ <StaatsnameDE>Österreich</StaatsnameDE>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453600000000727</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>STAATSANGEH_ANLEGEN</base:BeginnCode>
+ <base:BeginnText>Staatsangehörigkeit anlegen</base:BeginnText>
+ <base:BeginnFreitext>Testerperson</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ </zmr:Staatsangehoerigkeit>
+ </zmr:NatuerlichePerson>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000001</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/BirthName</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>XXXvon Heuburg</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000003</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>Hintergigritzpotschn</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000005</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000005</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier</zmr:EidasArt>
+ <zmr:Staatscode2>EE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>aabbcc_should_not_be_included_for_DE</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000005</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit_second_one</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ </zmr:PersonErgebnis>
+ </zmr:Personendaten>
+ <zmr:Meldedaten>
+ <zmr:MeldungErgebnis>
+ <base:ErgebnissatzInfo>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:ErgebnissatzInfo>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453500000005242</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>WSANM</base:BeginnCode>
+ <base:BeginnText>Wohnsitz anmelden</base:BeginnText>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:Wohnsitz>
+ <zmr:PostAdresse>
+ <Postleitzahl>0088</Postleitzahl>
+ <Gemeinde>Testgemeinde</Gemeinde>
+ <Gemeindekennziffer>09988</Gemeindekennziffer>
+ <Ortschaft>Testort A</Ortschaft>
+ <zmr:Zustelladresse>
+ <Strassenname>Testgasse</Strassenname>
+ <Orientierungsnummer>1a-2b</Orientierungsnummer>
+ <Gebaeude>Stg. 3c-4d</Gebaeude>
+ <Nutzungseinheit>5</Nutzungseinheit>
+ <Wohnsitzqualitaet>H</Wohnsitzqualitaet>
+ <Abgabestelle>false</Abgabestelle>
+ <Nutzungseinheitlaufnummer>0001</Nutzungseinheitlaufnummer>
+ <zmr:AdressRegisterEintrag>
+ <Adresscode>T800001</Adresscode>
+ <Subcode>001</Subcode>
+ <Objektnummer>T800001</Objektnummer>
+ </zmr:AdressRegisterEintrag>
+ </zmr:Zustelladresse>
+ </zmr:PostAdresse>
+ <base:Adressstatus>HST111WWW</base:Adressstatus>
+ <base:Adressschluessel>
+ <base:OKZ>T8001</base:OKZ>
+ <base:SKZ>T80001</base:SKZ>
+ <base:ADRRefkey>T80000000001</base:ADRRefkey>
+ <base:GBRRefkey>T80000000002</base:GBRRefkey>
+ </base:Adressschluessel>
+ <base:HauptIdent>H</base:HauptIdent>
+ <base:Postleitzahlgebiet>Testpostort</base:Postleitzahlgebiet>
+ </zmr:Wohnsitz>
+ <base:GemeldetVon>2020-02-05T13:07:06.311</base:GemeldetVon>
+ <base:PeriodeCode>WSANM</base:PeriodeCode>
+ <base:PeriodeText>Wohnsitz anmelden</base:PeriodeText>
+ <zmr:Auskunftssperre>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453500000005262</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>AUSK_SPERRE_SETZ</base:BeginnCode>
+ <base:BeginnText>Auskunftssperre setzen</base:BeginnText>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:SperreVon>2020-02-05T13:07:06.311</zmr:SperreVon>
+ <zmr:SperreBis>9999-12-31T23:59:59.000</zmr:SperreBis>
+ <zmr:SperrCode>ASMG</zmr:SperrCode>
+ <zmr:SperrText>Auskunftssperre nach § 18 / 2ff MeldeG</zmr:SperrText>
+ <zmr:SperrFreitext>automatische Auskunftssperre</zmr:SperrFreitext>
+ </zmr:Auskunftssperre>
+ </zmr:MeldungErgebnis>
+ </zmr:Meldedaten>
+ </zmr:PersonErgebnisSatz>
+ <zmr:PersonErgebnisSatz>
+ <zmr:Personendaten>
+ <zmr:PersonErgebnis>
+ <base:ErgebnissatzInfo>
+ <base:LetzteAenderung>2021-10-21T13:07:39.000</base:LetzteAenderung>
+ </base:ErgebnissatzInfo>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44454000000000811</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:45:52.563</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:45:52.563</base:Von>
+ <base:BeginnCode>SONSTIGES</base:BeginnCode>
+ <base:BeginnText>Sonstiges</base:BeginnText>
+ <base:BeginnFreitext>Testperson</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <base:ZMRZahl>000648035760</base:ZMRZahl>
+ <zmr:NatuerlichePerson>
+ <Identification>
+ <Value>UgeknNsc26lVuB7U/uYGVmWtnnA=</Value>
+ <Type>urn:publicid:gv.at:cdid+ZP</Type>
+ </Identification>
+ <zmr:PersonenName>
+ <Vorname>XXXŐzgür</Vorname>
+ <Familienname>XXXTüzekçi</Familienname>
+ </zmr:PersonenName>
+ <Familienstand>unbekannt</Familienstand>
+ <Geschlecht>weiblich</Geschlecht>
+ <Geburtsdatum>1983-06-04</Geburtsdatum>
+ <Geburtsort>Wien</Geburtsort>
+ <Geburtsbundesland>Wien</Geburtsbundesland>
+ <Geburtsstaat>Österreich</Geburtsstaat>
+ <zmr:Staatsangehoerigkeit>
+ <ISOCode3>TUR</ISOCode3>
+ <StaatsnameDE>Türkei</StaatsnameDE>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44454000000000841</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:45:52.563</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:45:52.563</base:Von>
+ <base:BeginnCode>STAATSANGEH_ANLEGEN</base:BeginnCode>
+ <base:BeginnText>Staatsangehörigkeit anlegen</base:BeginnText>
+ <base:BeginnFreitext>Testperson</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ </zmr:Staatsangehoerigkeit>
+ </zmr:NatuerlichePerson>
+ <zmr:Reisedokument>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44454000000000855</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:45:52.563</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:45:52.563</base:Von>
+ <base:BeginnCode>REISEDOK_ANLEGEN</base:BeginnCode>
+ <base:BeginnText>Reisedokument anlegen</base:BeginnText>
+ <base:BeginnFreitext>Testperson</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <base:DokumentArt>FREMDEROA</base:DokumentArt>
+ </zmr:Reisedokument>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1867900000000716</base:EntityID>
+ <base:LetzteAenderung>2021-10-21T13:07:38.065</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-10-21T13:07:38.065</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier</zmr:EidasArt>
+ <zmr:Staatscode2>EE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>7cEYSvKZasdfsafsaf4CDVzNT4E7cjkU4Vq_first</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ </zmr:PersonErgebnis>
+ </zmr:Personendaten>
+ <zmr:Meldedaten>
+ <zmr:MeldungErgebnis>
+ <base:ErgebnissatzInfo>
+ <base:LetzteAenderung>2020-02-05T13:45:52.563</base:LetzteAenderung>
+ </base:ErgebnissatzInfo>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453900000006913</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:45:52.563</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:45:52.563</base:Von>
+ <base:BeginnCode>WSANM</base:BeginnCode>
+ <base:BeginnText>Wohnsitz anmelden</base:BeginnText>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:Wohnsitz>
+ <zmr:PostAdresse>
+ <Postleitzahl>0088</Postleitzahl>
+ <Gemeinde>Testgemeinde</Gemeinde>
+ <Gemeindekennziffer>09988</Gemeindekennziffer>
+ <Ortschaft>Testort A</Ortschaft>
+ <zmr:Zustelladresse>
+ <Strassenname>Testgasse</Strassenname>
+ <Orientierungsnummer>1a-2b</Orientierungsnummer>
+ <Gebaeude>Stg. 3c-4d</Gebaeude>
+ <Wohnsitzqualitaet>H</Wohnsitzqualitaet>
+ <Abgabestelle>false</Abgabestelle>
+ <zmr:AdressRegisterEintrag>
+ <Adresscode>T800001</Adresscode>
+ <Subcode>001</Subcode>
+ <Objektnummer>T800001</Objektnummer>
+ </zmr:AdressRegisterEintrag>
+ </zmr:Zustelladresse>
+ </zmr:PostAdresse>
+ <base:Adressstatus>HSX11XWWX</base:Adressstatus>
+ <base:Adressschluessel>
+ <base:OKZ>T8001</base:OKZ>
+ <base:SKZ>T80001</base:SKZ>
+ <base:ADRRefkey>T80000000001</base:ADRRefkey>
+ <base:GBRRefkey>T80000000002</base:GBRRefkey>
+ </base:Adressschluessel>
+ <base:HauptIdent>H</base:HauptIdent>
+ <base:Postleitzahlgebiet>Testpostort</base:Postleitzahlgebiet>
+ </zmr:Wohnsitz>
+ <base:GemeldetVon>2020-02-05T13:45:52.563</base:GemeldetVon>
+ <base:PeriodeCode>WSANM</base:PeriodeCode>
+ <base:PeriodeText>Wohnsitz anmelden</base:PeriodeText>
+ <zmr:Auskunftssperre>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453900000006933</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:45:52.563</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:45:52.563</base:Von>
+ <base:BeginnCode>AUSK_SPERRE_SETZ</base:BeginnCode>
+ <base:BeginnText>Auskunftssperre setzen</base:BeginnText>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:SperreVon>2020-02-05T13:45:52.563</zmr:SperreVon>
+ <zmr:SperreBis>9999-12-31T23:59:59.000</zmr:SperreBis>
+ <zmr:SperrCode>ASMG</zmr:SperrCode>
+ <zmr:SperrText>Auskunftssperre nach § 18 / 2ff MeldeG</zmr:SperrText>
+ <zmr:SperrFreitext>automatische Auskunftssperre</zmr:SperrFreitext>
+ </zmr:Auskunftssperre>
+ </zmr:MeldungErgebnis>
+ </zmr:Meldedaten>
+ </zmr:PersonErgebnisSatz>
+ </zmr:Personensuchergebnis>
+ </zmr:PersonSuchenResponse>
+ </base:Response>
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_1-2_search_with_mds_resp.xml b/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_1-2_search_with_mds_resp.xml
new file mode 100644
index 00000000..36d8516c
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_1-2_search_with_mds_resp.xml
@@ -0,0 +1,181 @@
+<?xml version="1.0" encoding="UTF-8"?>
+ <base:Response xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns="http://reference.e-government.gv.at/namespace/persondata/de/20040201#" xmlns:base="http://bmi.gv.at/namespace/zmr-su/base/20040201#" xmlns:smi="http://bmi.gv.at/namespace/zmr-su/smi/20060901#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:zmr="http://bmi.gv.at/namespace/zmr-su/zmr/20040201#" xmlns:ns10="http://bmi.gv.at/namespace/zmr-su/ernp/20050901#" xmlns:ns11="http://bmi.gv.at/namespace/zmr-su/gis/20070725#" xmlns:ns12="http://egov.gv.at/pvp1.xsd" xmlns:ns13="http://schemas.xmlsoap.org/ws/2002/04/secext" xmlns:ns8="http://bmi.gv.at/namespace/zmr-su/lmr/20050401#" xmlns:ns9="http://www.w3.org/2000/09/xmldsig#">
+ <base:WorkflowInfoServer>
+ <base:ProzessName>GP_EIDAS</base:ProzessName>
+ <base:ProzessInstanzID>366200000000081</base:ProzessInstanzID>
+ <base:SequenzID>0</base:SequenzID>
+ </base:WorkflowInfoServer>
+ <base:ServerInfo>
+ <base:GeneriertVon>ZMR-Server Version: 5.9.0.0-SNAPSHOT</base:GeneriertVon>
+ <base:GeneriertAm>2021-11-12T08:24:38.905</base:GeneriertAm>
+ <base:ServerTransaktionNr>1877200000000125</base:ServerTransaktionNr>
+ </base:ServerInfo>
+ <zmr:PersonSuchenResponse>
+ <zmr:PersonensucheAnfrage>
+ <zmr:PersonensucheInfo>
+ <base:Bezugsfeld>Searching with MDS only</base:Bezugsfeld>
+ <zmr:Suchkriterien>
+ <base:InclusivHistorie>true</base:InclusivHistorie>
+ <base:Formalisiert>false</base:Formalisiert>
+ </zmr:Suchkriterien>
+ <zmr:Ergebniskriterien>
+ <base:InclusivHistorie>false</base:InclusivHistorie>
+ </zmr:Ergebniskriterien>
+ <base:AnzahlSaetze>10</base:AnzahlSaetze>
+ </zmr:PersonensucheInfo>
+ <NatuerlichePerson>
+ <PersonenName>
+ <Vorname>XXXClaus - Maria</Vorname>
+ <Familienname>XXXvon Brandenburg</Familienname>
+ </PersonenName>
+ <Geburtsdatum>1994-12-31</Geburtsdatum>
+ </NatuerlichePerson>
+ </zmr:PersonensucheAnfrage>
+ <base:Message>
+ <base:Number>5020</base:Number>
+ <base:Text>Person gefunden.</base:Text>
+ </base:Message>
+ <zmr:Personensuchergebnis>
+ <base:GefundeneSaetze>1</base:GefundeneSaetze>
+ <zmr:GefundeneSaetzeERnP>0</zmr:GefundeneSaetzeERnP>
+ <base:SaetzeVon>0</base:SaetzeVon>
+ <base:SaetzeBis>1</base:SaetzeBis>
+ <zmr:PersonErgebnisSatz>
+ <zmr:Personendaten>
+ <zmr:PersonErgebnis>
+ <base:ErgebnissatzInfo>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:ErgebnissatzInfo>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453600000000697</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>SONSTIGES</base:BeginnCode>
+ <base:BeginnText>Sonstiges</base:BeginnText>
+ <base:BeginnFreitext>Testerperson</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <base:ZMRZahl>000430320173</base:ZMRZahl>
+ <zmr:NatuerlichePerson>
+ <Identification>
+ <Value>UgeknNsc26lVuB7U/uYGVmWtnnA=</Value>
+ <Type>urn:publicid:gv.at:cdid+ZP</Type>
+ </Identification>
+ <zmr:PersonenName>
+ <Vorname>XXXClaus - Maria</Vorname>
+ <Familienname>XXXvon Brandenburg</Familienname>
+ </zmr:PersonenName>
+ <Familienstand>unbekannt</Familienstand>
+ <Geschlecht>männlich</Geschlecht>
+ <Geburtsdatum>1994-12-31</Geburtsdatum>
+ <Geburtsort>Wien</Geburtsort>
+ <Geburtsbundesland>Wien</Geburtsbundesland>
+ <Geburtsstaat>Österreich</Geburtsstaat>
+ <zmr:Staatsangehoerigkeit>
+ <ISOCode3>AUT</ISOCode3>
+ <StaatsnameDE>Österreich</StaatsnameDE>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453600000000727</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>STAATSANGEH_ANLEGEN</base:BeginnCode>
+ <base:BeginnText>Staatsangehörigkeit anlegen</base:BeginnText>
+ <base:BeginnFreitext>Testerperson</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ </zmr:Staatsangehoerigkeit>
+ </zmr:NatuerlichePerson>
+ </zmr:PersonErgebnis>
+ </zmr:Personendaten>
+ <zmr:Meldedaten>
+ <zmr:MeldungErgebnis>
+ <base:ErgebnissatzInfo>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:ErgebnissatzInfo>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453500000005242</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>WSANM</base:BeginnCode>
+ <base:BeginnText>Wohnsitz anmelden</base:BeginnText>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:Wohnsitz>
+ <zmr:PostAdresse>
+ <Postleitzahl>0088</Postleitzahl>
+ <Gemeinde>Testgemeinde</Gemeinde>
+ <Gemeindekennziffer>09988</Gemeindekennziffer>
+ <Ortschaft>Testort A</Ortschaft>
+ <zmr:Zustelladresse>
+ <Strassenname>Testgasse</Strassenname>
+ <Orientierungsnummer>1a-2b</Orientierungsnummer>
+ <Gebaeude>Stg. 3c-4d</Gebaeude>
+ <Nutzungseinheit>5</Nutzungseinheit>
+ <Wohnsitzqualitaet>H</Wohnsitzqualitaet>
+ <Abgabestelle>false</Abgabestelle>
+ <Nutzungseinheitlaufnummer>0001</Nutzungseinheitlaufnummer>
+ <zmr:AdressRegisterEintrag>
+ <Adresscode>T800001</Adresscode>
+ <Subcode>001</Subcode>
+ <Objektnummer>T800001</Objektnummer>
+ </zmr:AdressRegisterEintrag>
+ </zmr:Zustelladresse>
+ </zmr:PostAdresse>
+ <base:Adressstatus>HST111WWW</base:Adressstatus>
+ <base:Adressschluessel>
+ <base:OKZ>T8001</base:OKZ>
+ <base:SKZ>T80001</base:SKZ>
+ <base:ADRRefkey>T80000000001</base:ADRRefkey>
+ <base:GBRRefkey>T80000000002</base:GBRRefkey>
+ </base:Adressschluessel>
+ <base:HauptIdent>H</base:HauptIdent>
+ <base:Postleitzahlgebiet>Testpostort</base:Postleitzahlgebiet>
+ </zmr:Wohnsitz>
+ <base:GemeldetVon>2020-02-05T13:07:06.311</base:GemeldetVon>
+ <base:PeriodeCode>WSANM</base:PeriodeCode>
+ <base:PeriodeText>Wohnsitz anmelden</base:PeriodeText>
+ <zmr:Auskunftssperre>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453500000005262</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>AUSK_SPERRE_SETZ</base:BeginnCode>
+ <base:BeginnText>Auskunftssperre setzen</base:BeginnText>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:SperreVon>2020-02-05T13:07:06.311</zmr:SperreVon>
+ <zmr:SperreBis>9999-12-31T23:59:59.000</zmr:SperreBis>
+ <zmr:SperrCode>ASMG</zmr:SperrCode>
+ <zmr:SperrText>Auskunftssperre nach § 18 / 2ff MeldeG</zmr:SperrText>
+ <zmr:SperrFreitext>automatische Auskunftssperre</zmr:SperrFreitext>
+ </zmr:Auskunftssperre>
+ </zmr:MeldungErgebnis>
+ </zmr:Meldedaten>
+ </zmr:PersonErgebnisSatz>
+ </zmr:Personensuchergebnis>
+ </zmr:PersonSuchenResponse>
+ </base:Response>
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_1-4_kitt_get_latest_version_resp.xml b/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_1-4_kitt_get_latest_version_resp.xml
new file mode 100644
index 00000000..a8b708dd
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_1-4_kitt_get_latest_version_resp.xml
@@ -0,0 +1,185 @@
+<?xml version="1.0" encoding="UTF-8"?>
+ <base:Response xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns="http://reference.e-government.gv.at/namespace/persondata/de/20040201#" xmlns:base="http://bmi.gv.at/namespace/zmr-su/base/20040201#" xmlns:smi="http://bmi.gv.at/namespace/zmr-su/smi/20060901#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:zmr="http://bmi.gv.at/namespace/zmr-su/zmr/20040201#" xmlns:ns10="http://bmi.gv.at/namespace/zmr-su/ernp/20050901#" xmlns:ns11="http://bmi.gv.at/namespace/zmr-su/gis/20070725#" xmlns:ns12="http://egov.gv.at/pvp1.xsd" xmlns:ns13="http://schemas.xmlsoap.org/ws/2002/04/secext" xmlns:ns8="http://bmi.gv.at/namespace/zmr-su/lmr/20050401#" xmlns:ns9="http://www.w3.org/2000/09/xmldsig#">
+ <base:WorkflowInfoServer>
+ <base:ProzessName>GP_EIDAS</base:ProzessName>
+ <base:ProzessInstanzID>366200000000081</base:ProzessInstanzID>
+ <base:SequenzID>0</base:SequenzID>
+ </base:WorkflowInfoServer>
+ <base:ServerInfo>
+ <base:GeneriertVon>ZMR-Server Version: 5.9.0.0-SNAPSHOT</base:GeneriertVon>
+ <base:GeneriertAm>2021-11-12T08:24:39.330</base:GeneriertAm>
+ <base:ServerTransaktionNr>1877300000000133</base:ServerTransaktionNr>
+ </base:ServerInfo>
+ <zmr:PersonSuchenResponse>
+ <zmr:PersonensucheAnfrage>
+ <zmr:PersonensucheInfo>
+ <base:Bezugsfeld>KITT get-latest-version</base:Bezugsfeld>
+ <zmr:Suchkriterien>
+ <base:InclusivHistorie>true</base:InclusivHistorie>
+ <base:Formalisiert>false</base:Formalisiert>
+ </zmr:Suchkriterien>
+ <zmr:Ergebniskriterien>
+ <base:InclusivHistorie>false</base:InclusivHistorie>
+ </zmr:Ergebniskriterien>
+ <base:AnzahlSaetze>10</base:AnzahlSaetze>
+ </zmr:PersonensucheInfo>
+ <NatuerlichePerson>
+ <Identification>
+ <Value>UgeknNsc26lVuB7U/uYGVmWtnnA=</Value>
+ <Type>urn:publicid:gv.at:cdid+ZP</Type>
+ </Identification>
+ <PersonenName>
+ <Vorname>XXXClaus - Maria</Vorname>
+ <Familienname>XXXvon Brandenburg</Familienname>
+ </PersonenName>
+ <Geburtsdatum>1994-12-31</Geburtsdatum>
+ </NatuerlichePerson>
+ </zmr:PersonensucheAnfrage>
+ <base:Message>
+ <base:Number>5020</base:Number>
+ <base:Text>Person gefunden.</base:Text>
+ </base:Message>
+ <zmr:Personensuchergebnis>
+ <base:GefundeneSaetze>1</base:GefundeneSaetze>
+ <zmr:GefundeneSaetzeERnP>0</zmr:GefundeneSaetzeERnP>
+ <base:SaetzeVon>0</base:SaetzeVon>
+ <base:SaetzeBis>1</base:SaetzeBis>
+ <zmr:PersonErgebnisSatz>
+ <zmr:Personendaten>
+ <zmr:PersonErgebnis>
+ <base:ErgebnissatzInfo>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:ErgebnissatzInfo>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453600000000697</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>SONSTIGES</base:BeginnCode>
+ <base:BeginnText>Sonstiges</base:BeginnText>
+ <base:BeginnFreitext>Testerperson</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <base:ZMRZahl>000430320173</base:ZMRZahl>
+ <zmr:NatuerlichePerson>
+ <Identification>
+ <Value>UgeknNsc26lVuB7U/uYGVmWtnnA=</Value>
+ <Type>urn:publicid:gv.at:cdid+ZP</Type>
+ </Identification>
+ <zmr:PersonenName>
+ <Vorname>XXXClaus - Maria</Vorname>
+ <Familienname>XXXvon Brandenburg</Familienname>
+ </zmr:PersonenName>
+ <Familienstand>unbekannt</Familienstand>
+ <Geschlecht>männlich</Geschlecht>
+ <Geburtsdatum>1994-12-31</Geburtsdatum>
+ <Geburtsort>Wien</Geburtsort>
+ <Geburtsbundesland>Wien</Geburtsbundesland>
+ <Geburtsstaat>Österreich</Geburtsstaat>
+ <zmr:Staatsangehoerigkeit>
+ <ISOCode3>AUT</ISOCode3>
+ <StaatsnameDE>Österreich</StaatsnameDE>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453600000000727</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>STAATSANGEH_ANLEGEN</base:BeginnCode>
+ <base:BeginnText>Staatsangehörigkeit anlegen</base:BeginnText>
+ <base:BeginnFreitext>Testerperson</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ </zmr:Staatsangehoerigkeit>
+ </zmr:NatuerlichePerson>
+ </zmr:PersonErgebnis>
+ </zmr:Personendaten>
+ <zmr:Meldedaten>
+ <zmr:MeldungErgebnis>
+ <base:ErgebnissatzInfo>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:ErgebnissatzInfo>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453500000005242</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>WSANM</base:BeginnCode>
+ <base:BeginnText>Wohnsitz anmelden</base:BeginnText>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:Wohnsitz>
+ <zmr:PostAdresse>
+ <Postleitzahl>0088</Postleitzahl>
+ <Gemeinde>Testgemeinde</Gemeinde>
+ <Gemeindekennziffer>09988</Gemeindekennziffer>
+ <Ortschaft>Testort A</Ortschaft>
+ <zmr:Zustelladresse>
+ <Strassenname>Testgasse</Strassenname>
+ <Orientierungsnummer>1a-2b</Orientierungsnummer>
+ <Gebaeude>Stg. 3c-4d</Gebaeude>
+ <Nutzungseinheit>5</Nutzungseinheit>
+ <Wohnsitzqualitaet>H</Wohnsitzqualitaet>
+ <Abgabestelle>false</Abgabestelle>
+ <Nutzungseinheitlaufnummer>0001</Nutzungseinheitlaufnummer>
+ <zmr:AdressRegisterEintrag>
+ <Adresscode>T800001</Adresscode>
+ <Subcode>001</Subcode>
+ <Objektnummer>T800001</Objektnummer>
+ </zmr:AdressRegisterEintrag>
+ </zmr:Zustelladresse>
+ </zmr:PostAdresse>
+ <base:Adressstatus>HST111WWW</base:Adressstatus>
+ <base:Adressschluessel>
+ <base:OKZ>T8001</base:OKZ>
+ <base:SKZ>T80001</base:SKZ>
+ <base:ADRRefkey>T80000000001</base:ADRRefkey>
+ <base:GBRRefkey>T80000000002</base:GBRRefkey>
+ </base:Adressschluessel>
+ <base:HauptIdent>H</base:HauptIdent>
+ <base:Postleitzahlgebiet>Testpostort</base:Postleitzahlgebiet>
+ </zmr:Wohnsitz>
+ <base:GemeldetVon>2020-02-05T13:07:06.311</base:GemeldetVon>
+ <base:PeriodeCode>WSANM</base:PeriodeCode>
+ <base:PeriodeText>Wohnsitz anmelden</base:PeriodeText>
+ <zmr:Auskunftssperre>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453500000005262</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>AUSK_SPERRE_SETZ</base:BeginnCode>
+ <base:BeginnText>Auskunftssperre setzen</base:BeginnText>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:SperreVon>2020-02-05T13:07:06.311</zmr:SperreVon>
+ <zmr:SperreBis>9999-12-31T23:59:59.000</zmr:SperreBis>
+ <zmr:SperrCode>ASMG</zmr:SperrCode>
+ <zmr:SperrText>Auskunftssperre nach § 18 / 2ff MeldeG</zmr:SperrText>
+ <zmr:SperrFreitext>automatische Auskunftssperre</zmr:SperrFreitext>
+ </zmr:Auskunftssperre>
+ </zmr:MeldungErgebnis>
+ </zmr:Meldedaten>
+ </zmr:PersonErgebnisSatz>
+ </zmr:Personensuchergebnis>
+ </zmr:PersonSuchenResponse>
+ </base:Response>
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_1-6_kitt_update_resp.xml b/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_1-6_kitt_update_resp.xml
new file mode 100644
index 00000000..0f8e8dad
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_1-6_kitt_update_resp.xml
@@ -0,0 +1,146 @@
+<?xml version="1.0" encoding="UTF-8"?>
+ <base:Response xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns="http://reference.e-government.gv.at/namespace/persondata/de/20040201#" xmlns:base="http://bmi.gv.at/namespace/zmr-su/base/20040201#" xmlns:smi="http://bmi.gv.at/namespace/zmr-su/smi/20060901#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:zmr="http://bmi.gv.at/namespace/zmr-su/zmr/20040201#" xmlns:ns10="http://bmi.gv.at/namespace/zmr-su/ernp/20050901#" xmlns:ns11="http://bmi.gv.at/namespace/zmr-su/gis/20070725#" xmlns:ns12="http://egov.gv.at/pvp1.xsd" xmlns:ns13="http://schemas.xmlsoap.org/ws/2002/04/secext" xmlns:ns8="http://bmi.gv.at/namespace/zmr-su/lmr/20050401#" xmlns:ns9="http://www.w3.org/2000/09/xmldsig#">
+ <base:WorkflowInfoServer>
+ <base:ProzessName>GP_EIDAS</base:ProzessName>
+ <base:ProzessInstanzID>366200000000082</base:ProzessInstanzID>
+ <base:SequenzID>0</base:SequenzID>
+ </base:WorkflowInfoServer>
+ <base:ServerInfo>
+ <base:GeneriertVon>ZMR-Server Version: 5.9.0.0-SNAPSHOT</base:GeneriertVon>
+ <base:GeneriertAm>2021-11-12T08:24:39.695</base:GeneriertAm>
+ <base:ServerTransaktionNr>1877200000000131</base:ServerTransaktionNr>
+ </base:ServerInfo>
+ <zmr:PersonAendernResponse>
+ <base:Message>
+ <base:Number>4</base:Number>
+ <base:Text>Personenänderung erfolgreich durchgeführt.</base:Text>
+ </base:Message>
+ <zmr:PersonErgebnis>
+ <base:ErgebnissatzInfo>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:ErgebnissatzInfo>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453600000000697</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>PERS_AENDERN</base:BeginnCode>
+ <base:BeginnText>Person ändern</base:BeginnText>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>melch@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <base:ZMRZahl>000430320173</base:ZMRZahl>
+ <zmr:NatuerlichePerson>
+ <Identification>
+ <Value>UgeknNsc26lVuB7U/uYGVmWtnnA=</Value>
+ <Type>urn:publicid:gv.at:cdid+ZP</Type>
+ </Identification>
+ <zmr:PersonenName>
+ <Vorname>XXXClaus - Maria</Vorname>
+ <Familienname>XXXvon Brandenburg</Familienname>
+ </zmr:PersonenName>
+ <Familienstand>unbekannt</Familienstand>
+ <Geschlecht>männlich</Geschlecht>
+ <Geburtsdatum>1994-12-31</Geburtsdatum>
+ <Geburtsort>Wien</Geburtsort>
+ <Geburtsbundesland>Wien</Geburtsbundesland>
+ <Geburtsstaat>Österreich</Geburtsstaat>
+ <zmr:Staatsangehoerigkeit>
+ <ISOCode3>AUT</ISOCode3>
+ <StaatsnameDE>Österreich</StaatsnameDE>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453600000000727</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>STAATSANGEH_ANLEGEN</base:BeginnCode>
+ <base:BeginnText>Staatsangehörigkeit anlegen</base:BeginnText>
+ <base:BeginnFreitext>Testerperson</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>melch@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ </zmr:Staatsangehoerigkeit>
+ </zmr:NatuerlichePerson>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000001</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/BirthName</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>XXXvon Heuburg</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000003</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>Hintergigritzpotschn</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000005</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ </zmr:PersonErgebnis>
+ </zmr:PersonAendernResponse>
+ </base:Response>
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_1-8_search_with_personalId_only_resp.xml b/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_1-8_search_with_personalId_only_resp.xml
new file mode 100644
index 00000000..f21c3698
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_1-8_search_with_personalId_only_resp.xml
@@ -0,0 +1,336 @@
+<?xml version="1.0" encoding="UTF-8"?>
+ <base:Response xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns="http://reference.e-government.gv.at/namespace/persondata/de/20040201#" xmlns:base="http://bmi.gv.at/namespace/zmr-su/base/20040201#" xmlns:smi="http://bmi.gv.at/namespace/zmr-su/smi/20060901#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:zmr="http://bmi.gv.at/namespace/zmr-su/zmr/20040201#" xmlns:ns10="http://bmi.gv.at/namespace/zmr-su/ernp/20050901#" xmlns:ns11="http://bmi.gv.at/namespace/zmr-su/gis/20070725#" xmlns:ns12="http://egov.gv.at/pvp1.xsd" xmlns:ns13="http://schemas.xmlsoap.org/ws/2002/04/secext" xmlns:ns8="http://bmi.gv.at/namespace/zmr-su/lmr/20050401#" xmlns:ns9="http://www.w3.org/2000/09/xmldsig#">
+ <base:WorkflowInfoServer>
+ <base:ProzessName>GP_EIDAS</base:ProzessName>
+ <base:ProzessInstanzID>367100000000079</base:ProzessInstanzID>
+ <base:SequenzID>0</base:SequenzID>
+ </base:WorkflowInfoServer>
+ <base:ServerInfo>
+ <base:GeneriertVon>ZMR-Server Version: 5.9.0.0-SNAPSHOT</base:GeneriertVon>
+ <base:GeneriertAm>2021-11-12T08:24:40.985</base:GeneriertAm>
+ <base:ServerTransaktionNr>1877300000000139</base:ServerTransaktionNr>
+ </base:ServerInfo>
+ <zmr:PersonSuchenResponse>
+ <zmr:PersonensucheAnfrage>
+ <zmr:PersonensucheInfo>
+ <base:Bezugsfeld>Searching PersonIdentifier</base:Bezugsfeld>
+ <zmr:Suchkriterien>
+ <base:InclusivHistorie>true</base:InclusivHistorie>
+ <base:Formalisiert>false</base:Formalisiert>
+ </zmr:Suchkriterien>
+ <zmr:Ergebniskriterien>
+ <base:InclusivHistorie>false</base:InclusivHistorie>
+ </zmr:Ergebniskriterien>
+ <base:AnzahlSaetze>10</base:AnzahlSaetze>
+ </zmr:PersonensucheInfo>
+ <NatuerlichePerson/>
+ </zmr:PersonensucheAnfrage>
+ <base:Message>
+ <base:Number>5020</base:Number>
+ <base:Text>Person gefunden.</base:Text>
+ </base:Message>
+ <zmr:Personensuchergebnis>
+ <base:GefundeneSaetze>1</base:GefundeneSaetze>
+ <zmr:GefundeneSaetzeERnP>0</zmr:GefundeneSaetzeERnP>
+ <base:SaetzeVon>0</base:SaetzeVon>
+ <base:SaetzeBis>1</base:SaetzeBis>
+ <zmr:PersonErgebnisSatz>
+ <zmr:Personendaten>
+ <zmr:PersonErgebnis>
+ <base:ErgebnissatzInfo>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:ErgebnissatzInfo>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453600000000697</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>SONSTIGES</base:BeginnCode>
+ <base:BeginnText>Sonstiges</base:BeginnText>
+ <base:BeginnFreitext>Testerperson</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <base:ZMRZahl>000430320173</base:ZMRZahl>
+ <zmr:NatuerlichePerson>
+ <Identification>
+ <Value>UgeknNsc26lVuB7U/uYGVmWtnnA=</Value>
+ <Type>urn:publicid:gv.at:cdid+ZP</Type>
+ </Identification>
+ <zmr:PersonenName>
+ <Vorname>XXXClaus - Maria</Vorname>
+ <Familienname>XXXvon Brandenburg</Familienname>
+ </zmr:PersonenName>
+ <Familienstand>unbekannt</Familienstand>
+ <Geschlecht>männlich</Geschlecht>
+ <Geburtsdatum>1994-12-31</Geburtsdatum>
+ <Geburtsort>Wien</Geburtsort>
+ <Geburtsbundesland>Wien</Geburtsbundesland>
+ <Geburtsstaat>Österreich</Geburtsstaat>
+ <zmr:Staatsangehoerigkeit>
+ <ISOCode3>AUT</ISOCode3>
+ <StaatsnameDE>Österreich</StaatsnameDE>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453600000000727</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>STAATSANGEH_ANLEGEN</base:BeginnCode>
+ <base:BeginnText>Staatsangehörigkeit anlegen</base:BeginnText>
+ <base:BeginnFreitext>Testerperson</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ </zmr:Staatsangehoerigkeit>
+ </zmr:NatuerlichePerson>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000001</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/BirthName</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>XXXvon Heuburg</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000001</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/BirthName</zmr:EidasArt>
+ <zmr:Staatscode2>ES</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>XXXvon Heuburg</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000003</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>Hintergigritzpotschn</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000005</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000005</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/CurrentFamilyName</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>XXXvon Brandenburg</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000005</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/CurrentGivenName</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>XXXClaus - Maria</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000005</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/DateOfBirth</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>1994-12-31</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ </zmr:PersonErgebnis>
+ </zmr:Personendaten>
+ <zmr:Meldedaten>
+ <zmr:MeldungErgebnis>
+ <base:ErgebnissatzInfo>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:ErgebnissatzInfo>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453500000005242</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>WSANM</base:BeginnCode>
+ <base:BeginnText>Wohnsitz anmelden</base:BeginnText>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:Wohnsitz>
+ <zmr:PostAdresse>
+ <Postleitzahl>0088</Postleitzahl>
+ <Gemeinde>Testgemeinde</Gemeinde>
+ <Gemeindekennziffer>09988</Gemeindekennziffer>
+ <Ortschaft>Testort A</Ortschaft>
+ <zmr:Zustelladresse>
+ <Strassenname>Testgasse</Strassenname>
+ <Orientierungsnummer>1a-2b</Orientierungsnummer>
+ <Gebaeude>Stg. 3c-4d</Gebaeude>
+ <Nutzungseinheit>5</Nutzungseinheit>
+ <Wohnsitzqualitaet>H</Wohnsitzqualitaet>
+ <Abgabestelle>false</Abgabestelle>
+ <Nutzungseinheitlaufnummer>0001</Nutzungseinheitlaufnummer>
+ <zmr:AdressRegisterEintrag>
+ <Adresscode>T800001</Adresscode>
+ <Subcode>001</Subcode>
+ <Objektnummer>T800001</Objektnummer>
+ </zmr:AdressRegisterEintrag>
+ </zmr:Zustelladresse>
+ </zmr:PostAdresse>
+ <base:Adressstatus>HST111WWW</base:Adressstatus>
+ <base:Adressschluessel>
+ <base:OKZ>T8001</base:OKZ>
+ <base:SKZ>T80001</base:SKZ>
+ <base:ADRRefkey>T80000000001</base:ADRRefkey>
+ <base:GBRRefkey>T80000000002</base:GBRRefkey>
+ </base:Adressschluessel>
+ <base:HauptIdent>H</base:HauptIdent>
+ <base:Postleitzahlgebiet>Testpostort</base:Postleitzahlgebiet>
+ </zmr:Wohnsitz>
+ <base:GemeldetVon>2020-02-05T13:07:06.311</base:GemeldetVon>
+ <base:PeriodeCode>WSANM</base:PeriodeCode>
+ <base:PeriodeText>Wohnsitz anmelden</base:PeriodeText>
+ <zmr:Auskunftssperre>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453500000005262</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>AUSK_SPERRE_SETZ</base:BeginnCode>
+ <base:BeginnText>Auskunftssperre setzen</base:BeginnText>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:SperreVon>2020-02-05T13:07:06.311</zmr:SperreVon>
+ <zmr:SperreBis>9999-12-31T23:59:59.000</zmr:SperreBis>
+ <zmr:SperrCode>ASMG</zmr:SperrCode>
+ <zmr:SperrText>Auskunftssperre nach § 18 / 2ff MeldeG</zmr:SperrText>
+ <zmr:SperrFreitext>automatische Auskunftssperre</zmr:SperrFreitext>
+ </zmr:Auskunftssperre>
+ </zmr:MeldungErgebnis>
+ </zmr:Meldedaten>
+ </zmr:PersonErgebnisSatz>
+ </zmr:Personensuchergebnis>
+ </zmr:PersonSuchenResponse>
+ </base:Response>
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_1-8_search_with_personalId_only_resp_no_additional_attributes.xml b/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_1-8_search_with_personalId_only_resp_no_additional_attributes.xml
new file mode 100644
index 00000000..6551cdd3
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_1-8_search_with_personalId_only_resp_no_additional_attributes.xml
@@ -0,0 +1,221 @@
+<?xml version="1.0" encoding="UTF-8"?>
+ <base:Response xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns="http://reference.e-government.gv.at/namespace/persondata/de/20040201#" xmlns:base="http://bmi.gv.at/namespace/zmr-su/base/20040201#" xmlns:smi="http://bmi.gv.at/namespace/zmr-su/smi/20060901#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:zmr="http://bmi.gv.at/namespace/zmr-su/zmr/20040201#" xmlns:ns10="http://bmi.gv.at/namespace/zmr-su/ernp/20050901#" xmlns:ns11="http://bmi.gv.at/namespace/zmr-su/gis/20070725#" xmlns:ns12="http://egov.gv.at/pvp1.xsd" xmlns:ns13="http://schemas.xmlsoap.org/ws/2002/04/secext" xmlns:ns8="http://bmi.gv.at/namespace/zmr-su/lmr/20050401#" xmlns:ns9="http://www.w3.org/2000/09/xmldsig#">
+ <base:WorkflowInfoServer>
+ <base:ProzessName>GP_EIDAS</base:ProzessName>
+ <base:ProzessInstanzID>367100000000079</base:ProzessInstanzID>
+ <base:SequenzID>0</base:SequenzID>
+ </base:WorkflowInfoServer>
+ <base:ServerInfo>
+ <base:GeneriertVon>ZMR-Server Version: 5.9.0.0-SNAPSHOT</base:GeneriertVon>
+ <base:GeneriertAm>2021-11-12T08:24:40.985</base:GeneriertAm>
+ <base:ServerTransaktionNr>1877300000000139</base:ServerTransaktionNr>
+ </base:ServerInfo>
+ <zmr:PersonSuchenResponse>
+ <zmr:PersonensucheAnfrage>
+ <zmr:PersonensucheInfo>
+ <base:Bezugsfeld>Searching PersonIdentifier</base:Bezugsfeld>
+ <zmr:Suchkriterien>
+ <base:InclusivHistorie>true</base:InclusivHistorie>
+ <base:Formalisiert>false</base:Formalisiert>
+ </zmr:Suchkriterien>
+ <zmr:Ergebniskriterien>
+ <base:InclusivHistorie>false</base:InclusivHistorie>
+ </zmr:Ergebniskriterien>
+ <base:AnzahlSaetze>10</base:AnzahlSaetze>
+ </zmr:PersonensucheInfo>
+ <NatuerlichePerson/>
+ </zmr:PersonensucheAnfrage>
+ <base:Message>
+ <base:Number>5020</base:Number>
+ <base:Text>Person gefunden.</base:Text>
+ </base:Message>
+ <zmr:Personensuchergebnis>
+ <base:GefundeneSaetze>1</base:GefundeneSaetze>
+ <zmr:GefundeneSaetzeERnP>0</zmr:GefundeneSaetzeERnP>
+ <base:SaetzeVon>0</base:SaetzeVon>
+ <base:SaetzeBis>1</base:SaetzeBis>
+ <zmr:PersonErgebnisSatz>
+ <zmr:Personendaten>
+ <zmr:PersonErgebnis>
+ <base:ErgebnissatzInfo>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:ErgebnissatzInfo>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453600000000697</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>SONSTIGES</base:BeginnCode>
+ <base:BeginnText>Sonstiges</base:BeginnText>
+ <base:BeginnFreitext>Testerperson</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <base:ZMRZahl>000430320173</base:ZMRZahl>
+ <zmr:NatuerlichePerson>
+ <Identification>
+ <Value>UgeknNsc26lVuB7U/uYGVmWtnnA=</Value>
+ <Type>urn:publicid:gv.at:cdid+ZP</Type>
+ </Identification>
+ <zmr:PersonenName>
+ <Vorname>XXXClaus - Maria</Vorname>
+ <Familienname>XXXvon Brandenburg</Familienname>
+ </zmr:PersonenName>
+ <Familienstand>unbekannt</Familienstand>
+ <Geschlecht>männlich</Geschlecht>
+ <Geburtsdatum>1994-12-31</Geburtsdatum>
+ <Geburtsort>Wien</Geburtsort>
+ <Geburtsbundesland>Wien</Geburtsbundesland>
+ <Geburtsstaat>Österreich</Geburtsstaat>
+ <zmr:Staatsangehoerigkeit>
+ <ISOCode3>AUT</ISOCode3>
+ <StaatsnameDE>Österreich</StaatsnameDE>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453600000000727</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>STAATSANGEH_ANLEGEN</base:BeginnCode>
+ <base:BeginnText>Staatsangehörigkeit anlegen</base:BeginnText>
+ <base:BeginnFreitext>Testerperson</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ </zmr:Staatsangehoerigkeit>
+ </zmr:NatuerlichePerson>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000001</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/BirthName</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>XXXvon Heuburg</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000005</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ </zmr:PersonErgebnis>
+ </zmr:Personendaten>
+ <zmr:Meldedaten>
+ <zmr:MeldungErgebnis>
+ <base:ErgebnissatzInfo>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:ErgebnissatzInfo>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453500000005242</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>WSANM</base:BeginnCode>
+ <base:BeginnText>Wohnsitz anmelden</base:BeginnText>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:Wohnsitz>
+ <zmr:PostAdresse>
+ <Postleitzahl>0088</Postleitzahl>
+ <Gemeinde>Testgemeinde</Gemeinde>
+ <Gemeindekennziffer>09988</Gemeindekennziffer>
+ <Ortschaft>Testort A</Ortschaft>
+ <zmr:Zustelladresse>
+ <Strassenname>Testgasse</Strassenname>
+ <Orientierungsnummer>1a-2b</Orientierungsnummer>
+ <Gebaeude>Stg. 3c-4d</Gebaeude>
+ <Nutzungseinheit>5</Nutzungseinheit>
+ <Wohnsitzqualitaet>H</Wohnsitzqualitaet>
+ <Abgabestelle>false</Abgabestelle>
+ <Nutzungseinheitlaufnummer>0001</Nutzungseinheitlaufnummer>
+ <zmr:AdressRegisterEintrag>
+ <Adresscode>T800001</Adresscode>
+ <Subcode>001</Subcode>
+ <Objektnummer>T800001</Objektnummer>
+ </zmr:AdressRegisterEintrag>
+ </zmr:Zustelladresse>
+ </zmr:PostAdresse>
+ <base:Adressstatus>HST111WWW</base:Adressstatus>
+ <base:Adressschluessel>
+ <base:OKZ>T8001</base:OKZ>
+ <base:SKZ>T80001</base:SKZ>
+ <base:ADRRefkey>T80000000001</base:ADRRefkey>
+ <base:GBRRefkey>T80000000002</base:GBRRefkey>
+ </base:Adressschluessel>
+ <base:HauptIdent>H</base:HauptIdent>
+ <base:Postleitzahlgebiet>Testpostort</base:Postleitzahlgebiet>
+ </zmr:Wohnsitz>
+ <base:GemeldetVon>2020-02-05T13:07:06.311</base:GemeldetVon>
+ <base:PeriodeCode>WSANM</base:PeriodeCode>
+ <base:PeriodeText>Wohnsitz anmelden</base:PeriodeText>
+ <zmr:Auskunftssperre>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453500000005262</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>AUSK_SPERRE_SETZ</base:BeginnCode>
+ <base:BeginnText>Auskunftssperre setzen</base:BeginnText>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:SperreVon>2020-02-05T13:07:06.311</zmr:SperreVon>
+ <zmr:SperreBis>9999-12-31T23:59:59.000</zmr:SperreBis>
+ <zmr:SperrCode>ASMG</zmr:SperrCode>
+ <zmr:SperrText>Auskunftssperre nach § 18 / 2ff MeldeG</zmr:SperrText>
+ <zmr:SperrFreitext>automatische Auskunftssperre</zmr:SperrFreitext>
+ </zmr:Auskunftssperre>
+ </zmr:MeldungErgebnis>
+ </zmr:Meldedaten>
+ </zmr:PersonErgebnisSatz>
+ </zmr:Personensuchergebnis>
+ </zmr:PersonSuchenResponse>
+ </base:Response>
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_3-10_kitt_update_resp.xml b/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_3-10_kitt_update_resp.xml
new file mode 100644
index 00000000..2be8a419
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_3-10_kitt_update_resp.xml
@@ -0,0 +1,123 @@
+<?xml version="1.0" encoding="UTF-8"?>
+ <base:Response xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns="http://reference.e-government.gv.at/namespace/persondata/de/20040201#" xmlns:base="http://bmi.gv.at/namespace/zmr-su/base/20040201#" xmlns:smi="http://bmi.gv.at/namespace/zmr-su/smi/20060901#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:zmr="http://bmi.gv.at/namespace/zmr-su/zmr/20040201#" xmlns:ns10="http://bmi.gv.at/namespace/zmr-su/ernp/20050901#" xmlns:ns11="http://bmi.gv.at/namespace/zmr-su/gis/20070725#" xmlns:ns12="http://egov.gv.at/pvp1.xsd" xmlns:ns13="http://schemas.xmlsoap.org/ws/2002/04/secext" xmlns:ns8="http://bmi.gv.at/namespace/zmr-su/lmr/20050401#" xmlns:ns9="http://www.w3.org/2000/09/xmldsig#">
+ <base:WorkflowInfoServer>
+ <base:ProzessName>GP_EIDAS</base:ProzessName>
+ <base:ProzessInstanzID>366200000000082</base:ProzessInstanzID>
+ <base:SequenzID>0</base:SequenzID>
+ </base:WorkflowInfoServer>
+ <base:ServerInfo>
+ <base:GeneriertVon>ZMR-Server Version: 5.9.0.0-SNAPSHOT</base:GeneriertVon>
+ <base:GeneriertAm>2021-11-12T08:24:39.695</base:GeneriertAm>
+ <base:ServerTransaktionNr>1877200000000131</base:ServerTransaktionNr>
+ </base:ServerInfo>
+ <zmr:PersonAendernResponse>
+ <base:Message>
+ <base:Number>4</base:Number>
+ <base:Text>Personenänderung erfolgreich durchgeführt.</base:Text>
+ </base:Message>
+ <zmr:PersonErgebnis>
+ <base:ErgebnissatzInfo>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:ErgebnissatzInfo>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453600000000697</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>PERS_AENDERN</base:BeginnCode>
+ <base:BeginnText>Person ändern</base:BeginnText>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>melch@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <base:ZMRZahl>000430320173</base:ZMRZahl>
+ <zmr:NatuerlichePerson>
+ <Identification>
+ <Value>UgeknNsc26lVuB7U/uYGVmWtnnA=</Value>
+ <Type>urn:publicid:gv.at:cdid+ZP</Type>
+ </Identification>
+ <zmr:PersonenName>
+ <Vorname>XXXClaus - Maria</Vorname>
+ <Familienname>XXXvon Brandenburg</Familienname>
+ </zmr:PersonenName>
+ <Familienstand>unbekannt</Familienstand>
+ <Geschlecht>männlich</Geschlecht>
+ <Geburtsdatum>1994-12-31</Geburtsdatum>
+ <Geburtsort>Wien</Geburtsort>
+ <Geburtsbundesland>Wien</Geburtsbundesland>
+ <Geburtsstaat>Österreich</Geburtsstaat>
+ <zmr:Staatsangehoerigkeit>
+ <ISOCode3>AUT</ISOCode3>
+ <StaatsnameDE>Österreich</StaatsnameDE>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453600000000727</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>STAATSANGEH_ANLEGEN</base:BeginnCode>
+ <base:BeginnText>Staatsangehörigkeit anlegen</base:BeginnText>
+ <base:BeginnFreitext>Testerperson</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>melch@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ </zmr:Staatsangehoerigkeit>
+ </zmr:NatuerlichePerson>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000005</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000005</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ </zmr:PersonErgebnis>
+ </zmr:PersonAendernResponse>
+ </base:Response>
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_3-4_kitt_get_latest_version_resp.xml b/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_3-4_kitt_get_latest_version_resp.xml
new file mode 100644
index 00000000..01dac890
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_3-4_kitt_get_latest_version_resp.xml
@@ -0,0 +1,208 @@
+<?xml version="1.0" encoding="UTF-8"?>
+ <base:Response xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns="http://reference.e-government.gv.at/namespace/persondata/de/20040201#" xmlns:base="http://bmi.gv.at/namespace/zmr-su/base/20040201#" xmlns:smi="http://bmi.gv.at/namespace/zmr-su/smi/20060901#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:zmr="http://bmi.gv.at/namespace/zmr-su/zmr/20040201#" xmlns:ns10="http://bmi.gv.at/namespace/zmr-su/ernp/20050901#" xmlns:ns11="http://bmi.gv.at/namespace/zmr-su/gis/20070725#" xmlns:ns12="http://egov.gv.at/pvp1.xsd" xmlns:ns13="http://schemas.xmlsoap.org/ws/2002/04/secext" xmlns:ns8="http://bmi.gv.at/namespace/zmr-su/lmr/20050401#" xmlns:ns9="http://www.w3.org/2000/09/xmldsig#">
+ <base:WorkflowInfoServer>
+ <base:ProzessName>GP_EIDAS</base:ProzessName>
+ <base:ProzessInstanzID>366200000000081</base:ProzessInstanzID>
+ <base:SequenzID>0</base:SequenzID>
+ </base:WorkflowInfoServer>
+ <base:ServerInfo>
+ <base:GeneriertVon>ZMR-Server Version: 5.9.0.0-SNAPSHOT</base:GeneriertVon>
+ <base:GeneriertAm>2021-11-12T08:24:39.330</base:GeneriertAm>
+ <base:ServerTransaktionNr>1877300000000133</base:ServerTransaktionNr>
+ </base:ServerInfo>
+ <zmr:PersonSuchenResponse>
+ <zmr:PersonensucheAnfrage>
+ <zmr:PersonensucheInfo>
+ <base:Bezugsfeld>KITT get-latest-version</base:Bezugsfeld>
+ <zmr:Suchkriterien>
+ <base:InclusivHistorie>true</base:InclusivHistorie>
+ <base:Formalisiert>false</base:Formalisiert>
+ </zmr:Suchkriterien>
+ <zmr:Ergebniskriterien>
+ <base:InclusivHistorie>false</base:InclusivHistorie>
+ </zmr:Ergebniskriterien>
+ <base:AnzahlSaetze>10</base:AnzahlSaetze>
+ </zmr:PersonensucheInfo>
+ <NatuerlichePerson>
+ <Identification>
+ <Value>UgeknNsc26lVuB7U/uYGVmWtnnA=</Value>
+ <Type>urn:publicid:gv.at:cdid+ZP</Type>
+ </Identification>
+ <PersonenName>
+ <Vorname>XXXClaus - Maria</Vorname>
+ <Familienname>XXXvon Brandenburg</Familienname>
+ </PersonenName>
+ <Geburtsdatum>1994-12-31</Geburtsdatum>
+ </NatuerlichePerson>
+ </zmr:PersonensucheAnfrage>
+ <base:Message>
+ <base:Number>5020</base:Number>
+ <base:Text>Person gefunden.</base:Text>
+ </base:Message>
+ <zmr:Personensuchergebnis>
+ <base:GefundeneSaetze>1</base:GefundeneSaetze>
+ <zmr:GefundeneSaetzeERnP>0</zmr:GefundeneSaetzeERnP>
+ <base:SaetzeVon>0</base:SaetzeVon>
+ <base:SaetzeBis>1</base:SaetzeBis>
+ <zmr:PersonErgebnisSatz>
+ <zmr:Personendaten>
+ <zmr:PersonErgebnis>
+ <base:ErgebnissatzInfo>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:ErgebnissatzInfo>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453600000000697</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>SONSTIGES</base:BeginnCode>
+ <base:BeginnText>Sonstiges</base:BeginnText>
+ <base:BeginnFreitext>Testerperson</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <base:ZMRZahl>000430320173</base:ZMRZahl>
+ <zmr:NatuerlichePerson>
+ <Identification>
+ <Value>UgeknNsc26lVuB7U/uYGVmWtnnA=</Value>
+ <Type>urn:publicid:gv.at:cdid+ZP</Type>
+ </Identification>
+ <zmr:PersonenName>
+ <Vorname>XXXClaus - Maria</Vorname>
+ <Familienname>XXXvon Brandenburg</Familienname>
+ </zmr:PersonenName>
+ <Familienstand>unbekannt</Familienstand>
+ <Geschlecht>männlich</Geschlecht>
+ <Geburtsdatum>1994-12-31</Geburtsdatum>
+ <Geburtsort>Wien</Geburtsort>7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit
+ <Geburtsbundesland>Wien</Geburtsbundesland>
+ <Geburtsstaat>Österreich</Geburtsstaat>
+ <zmr:Staatsangehoerigkeit>
+ <ISOCode3>AUT</ISOCode3>
+ <StaatsnameDE>Österreich</StaatsnameDE>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453600000000727</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>STAATSANGEH_ANLEGEN</base:BeginnCode>
+ <base:BeginnText>Staatsangehörigkeit anlegen</base:BeginnText>
+ <base:BeginnFreitext>Testerperson</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ </zmr:Staatsangehoerigkeit>
+ </zmr:NatuerlichePerson>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000005</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ </zmr:PersonErgebnis>
+ </zmr:Personendaten>
+ <zmr:Meldedaten>
+ <zmr:MeldungErgebnis>
+ <base:ErgebnissatzInfo>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:ErgebnissatzInfo>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453500000005242</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>WSANM</base:BeginnCode>
+ <base:BeginnText>Wohnsitz anmelden</base:BeginnText>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:Wohnsitz>
+ <zmr:PostAdresse>
+ <Postleitzahl>0088</Postleitzahl>
+ <Gemeinde>Testgemeinde</Gemeinde>
+ <Gemeindekennziffer>09988</Gemeindekennziffer>
+ <Ortschaft>Testort A</Ortschaft>
+ <zmr:Zustelladresse>
+ <Strassenname>Testgasse</Strassenname>
+ <Orientierungsnummer>1a-2b</Orientierungsnummer>
+ <Gebaeude>Stg. 3c-4d</Gebaeude>
+ <Nutzungseinheit>5</Nutzungseinheit>
+ <Wohnsitzqualitaet>H</Wohnsitzqualitaet>
+ <Abgabestelle>false</Abgabestelle>
+ <Nutzungseinheitlaufnummer>0001</Nutzungseinheitlaufnummer>
+ <zmr:AdressRegisterEintrag>
+ <Adresscode>T800001</Adresscode>
+ <Subcode>001</Subcode>
+ <Objektnummer>T800001</Objektnummer>
+ </zmr:AdressRegisterEintrag>
+ </zmr:Zustelladresse>
+ </zmr:PostAdresse>
+ <base:Adressstatus>HST111WWW</base:Adressstatus>
+ <base:Adressschluessel>
+ <base:OKZ>T8001</base:OKZ>
+ <base:SKZ>T80001</base:SKZ>
+ <base:ADRRefkey>T80000000001</base:ADRRefkey>
+ <base:GBRRefkey>T80000000002</base:GBRRefkey>
+ </base:Adressschluessel>
+ <base:HauptIdent>H</base:HauptIdent>
+ <base:Postleitzahlgebiet>Testpostort</base:Postleitzahlgebiet>
+ </zmr:Wohnsitz>
+ <base:GemeldetVon>2020-02-05T13:07:06.311</base:GemeldetVon>
+ <base:PeriodeCode>WSANM</base:PeriodeCode>
+ <base:PeriodeText>Wohnsitz anmelden</base:PeriodeText>
+ <zmr:Auskunftssperre>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453500000005262</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>AUSK_SPERRE_SETZ</base:BeginnCode>
+ <base:BeginnText>Auskunftssperre setzen</base:BeginnText>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:SperreVon>2020-02-05T13:07:06.311</zmr:SperreVon>
+ <zmr:SperreBis>9999-12-31T23:59:59.000</zmr:SperreBis>
+ <zmr:SperrCode>ASMG</zmr:SperrCode>
+ <zmr:SperrText>Auskunftssperre nach § 18 / 2ff MeldeG</zmr:SperrText>
+ <zmr:SperrFreitext>automatische Auskunftssperre</zmr:SperrFreitext>
+ </zmr:Auskunftssperre>
+ </zmr:MeldungErgebnis>
+ </zmr:Meldedaten>
+ </zmr:PersonErgebnisSatz>
+ </zmr:Personensuchergebnis>
+ </zmr:PersonSuchenResponse>
+ </base:Response>
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_3-6_kitt_update_resp.xml b/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_3-6_kitt_update_resp.xml
new file mode 100644
index 00000000..2be8a419
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_3-6_kitt_update_resp.xml
@@ -0,0 +1,123 @@
+<?xml version="1.0" encoding="UTF-8"?>
+ <base:Response xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns="http://reference.e-government.gv.at/namespace/persondata/de/20040201#" xmlns:base="http://bmi.gv.at/namespace/zmr-su/base/20040201#" xmlns:smi="http://bmi.gv.at/namespace/zmr-su/smi/20060901#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:zmr="http://bmi.gv.at/namespace/zmr-su/zmr/20040201#" xmlns:ns10="http://bmi.gv.at/namespace/zmr-su/ernp/20050901#" xmlns:ns11="http://bmi.gv.at/namespace/zmr-su/gis/20070725#" xmlns:ns12="http://egov.gv.at/pvp1.xsd" xmlns:ns13="http://schemas.xmlsoap.org/ws/2002/04/secext" xmlns:ns8="http://bmi.gv.at/namespace/zmr-su/lmr/20050401#" xmlns:ns9="http://www.w3.org/2000/09/xmldsig#">
+ <base:WorkflowInfoServer>
+ <base:ProzessName>GP_EIDAS</base:ProzessName>
+ <base:ProzessInstanzID>366200000000082</base:ProzessInstanzID>
+ <base:SequenzID>0</base:SequenzID>
+ </base:WorkflowInfoServer>
+ <base:ServerInfo>
+ <base:GeneriertVon>ZMR-Server Version: 5.9.0.0-SNAPSHOT</base:GeneriertVon>
+ <base:GeneriertAm>2021-11-12T08:24:39.695</base:GeneriertAm>
+ <base:ServerTransaktionNr>1877200000000131</base:ServerTransaktionNr>
+ </base:ServerInfo>
+ <zmr:PersonAendernResponse>
+ <base:Message>
+ <base:Number>4</base:Number>
+ <base:Text>Personenänderung erfolgreich durchgeführt.</base:Text>
+ </base:Message>
+ <zmr:PersonErgebnis>
+ <base:ErgebnissatzInfo>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:ErgebnissatzInfo>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453600000000697</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>PERS_AENDERN</base:BeginnCode>
+ <base:BeginnText>Person ändern</base:BeginnText>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>melch@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <base:ZMRZahl>000430320173</base:ZMRZahl>
+ <zmr:NatuerlichePerson>
+ <Identification>
+ <Value>UgeknNsc26lVuB7U/uYGVmWtnnA=</Value>
+ <Type>urn:publicid:gv.at:cdid+ZP</Type>
+ </Identification>
+ <zmr:PersonenName>
+ <Vorname>XXXClaus - Maria</Vorname>
+ <Familienname>XXXvon Brandenburg</Familienname>
+ </zmr:PersonenName>
+ <Familienstand>unbekannt</Familienstand>
+ <Geschlecht>männlich</Geschlecht>
+ <Geburtsdatum>1994-12-31</Geburtsdatum>
+ <Geburtsort>Wien</Geburtsort>
+ <Geburtsbundesland>Wien</Geburtsbundesland>
+ <Geburtsstaat>Österreich</Geburtsstaat>
+ <zmr:Staatsangehoerigkeit>
+ <ISOCode3>AUT</ISOCode3>
+ <StaatsnameDE>Österreich</StaatsnameDE>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453600000000727</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>STAATSANGEH_ANLEGEN</base:BeginnCode>
+ <base:BeginnText>Staatsangehörigkeit anlegen</base:BeginnText>
+ <base:BeginnFreitext>Testerperson</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>melch@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ </zmr:Staatsangehoerigkeit>
+ </zmr:NatuerlichePerson>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000005</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000005</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ </zmr:PersonErgebnis>
+ </zmr:PersonAendernResponse>
+ </base:Response>
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_3-8_kitt_get_latest_version_resp.xml b/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_3-8_kitt_get_latest_version_resp.xml
new file mode 100644
index 00000000..656164f2
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_3-8_kitt_get_latest_version_resp.xml
@@ -0,0 +1,300 @@
+<?xml version="1.0" encoding="UTF-8"?>
+ <base:Response xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns="http://reference.e-government.gv.at/namespace/persondata/de/20040201#" xmlns:base="http://bmi.gv.at/namespace/zmr-su/base/20040201#" xmlns:smi="http://bmi.gv.at/namespace/zmr-su/smi/20060901#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:zmr="http://bmi.gv.at/namespace/zmr-su/zmr/20040201#" xmlns:ns10="http://bmi.gv.at/namespace/zmr-su/ernp/20050901#" xmlns:ns11="http://bmi.gv.at/namespace/zmr-su/gis/20070725#" xmlns:ns12="http://egov.gv.at/pvp1.xsd" xmlns:ns13="http://schemas.xmlsoap.org/ws/2002/04/secext" xmlns:ns8="http://bmi.gv.at/namespace/zmr-su/lmr/20050401#" xmlns:ns9="http://www.w3.org/2000/09/xmldsig#">
+ <base:WorkflowInfoServer>
+ <base:ProzessName>GP_EIDAS</base:ProzessName>
+ <base:ProzessInstanzID>366200000000081</base:ProzessInstanzID>
+ <base:SequenzID>0</base:SequenzID>
+ </base:WorkflowInfoServer>
+ <base:ServerInfo>
+ <base:GeneriertVon>ZMR-Server Version: 5.9.0.0-SNAPSHOT</base:GeneriertVon>
+ <base:GeneriertAm>2021-11-12T08:24:39.330</base:GeneriertAm>
+ <base:ServerTransaktionNr>1877300000000133</base:ServerTransaktionNr>
+ </base:ServerInfo>
+ <zmr:PersonSuchenResponse>
+ <zmr:PersonensucheAnfrage>
+ <zmr:PersonensucheInfo>
+ <base:Bezugsfeld>KITT get-latest-version</base:Bezugsfeld>
+ <zmr:Suchkriterien>
+ <base:InclusivHistorie>true</base:InclusivHistorie>
+ <base:Formalisiert>false</base:Formalisiert>
+ </zmr:Suchkriterien>
+ <zmr:Ergebniskriterien>
+ <base:InclusivHistorie>false</base:InclusivHistorie>
+ </zmr:Ergebniskriterien>
+ <base:AnzahlSaetze>10</base:AnzahlSaetze>
+ </zmr:PersonensucheInfo>
+ <NatuerlichePerson>
+ <Identification>
+ <Value>UgeknNsc26lVuB7U/uYGVmWtnnA=</Value>
+ <Type>urn:publicid:gv.at:cdid+ZP</Type>
+ </Identification>
+ <PersonenName>
+ <Vorname>XXXClaus - Maria</Vorname>
+ <Familienname>XXXvon Brandenburg</Familienname>
+ </PersonenName>
+ <Geburtsdatum>1994-12-31</Geburtsdatum>
+ </NatuerlichePerson>
+ </zmr:PersonensucheAnfrage>
+ <base:Message>
+ <base:Number>5020</base:Number>
+ <base:Text>Person gefunden.</base:Text>
+ </base:Message>
+ <zmr:Personensuchergebnis>
+ <base:GefundeneSaetze>1</base:GefundeneSaetze>
+ <zmr:GefundeneSaetzeERnP>0</zmr:GefundeneSaetzeERnP>
+ <base:SaetzeVon>0</base:SaetzeVon>
+ <base:SaetzeBis>1</base:SaetzeBis>
+ <zmr:PersonErgebnisSatz>
+ <zmr:Personendaten>
+ <zmr:PersonErgebnis>
+ <base:ErgebnissatzInfo>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:ErgebnissatzInfo>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453600000000697</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>SONSTIGES</base:BeginnCode>
+ <base:BeginnText>Sonstiges</base:BeginnText>
+ <base:BeginnFreitext>Testerperson</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <base:ZMRZahl>000430320173</base:ZMRZahl>
+ <zmr:NatuerlichePerson>
+ <Identification>
+ <Value>UgeknNsc26lVuB7U/uYGVmWtnnA=</Value>
+ <Type>urn:publicid:gv.at:cdid+ZP</Type>
+ </Identification>
+ <zmr:PersonenName>
+ <Vorname>XXXClaus - Maria</Vorname>
+ <Familienname>XXXvon Brandenburg</Familienname>
+ </zmr:PersonenName>
+ <Familienstand>unbekannt</Familienstand>
+ <Geschlecht>männlich</Geschlecht>
+ <Geburtsdatum>1994-12-31</Geburtsdatum>
+ <Geburtsort>Wien</Geburtsort>7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit
+ <Geburtsbundesland>Wien</Geburtsbundesland>
+ <Geburtsstaat>Österreich</Geburtsstaat>
+ <zmr:Staatsangehoerigkeit>
+ <ISOCode3>AUT</ISOCode3>
+ <StaatsnameDE>Österreich</StaatsnameDE>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453600000000727</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>STAATSANGEH_ANLEGEN</base:BeginnCode>
+ <base:BeginnText>Staatsangehörigkeit anlegen</base:BeginnText>
+ <base:BeginnFreitext>Testerperson</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ </zmr:Staatsangehoerigkeit>
+ </zmr:NatuerlichePerson>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000005</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000005</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000005</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/CurrentFamilyName</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>XXXvon Brandenburg</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000005</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/CurrentGivenName</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>XXXClaus - Maria</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ <zmr:EidasIdentitaet>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>1879000000000005</base:EntityID>
+ <base:LetzteAenderung>2021-11-12T08:24:39.695</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2021-11-12T08:24:39.695</base:Von>
+ <base:BeginnCode>EIDAS_ANLEGEN</base:BeginnCode>
+ <base:BeginnFreitext>KITT for eIDAS Matching</base:BeginnFreitext>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>101179</base:Behoerdenschluessel>
+ </base:Organisation>
+ <base:Benutzer>eidtapp@bmi.gv.at</base:Benutzer>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:EidasArt>http://eidas.europa.eu/attributes/naturalperson/DateOfBirth</zmr:EidasArt>
+ <zmr:Staatscode2>DE</zmr:Staatscode2>
+ <base:AusstellBehoerde/>
+ <zmr:EidasWert>1994-12-31</zmr:EidasWert>
+ <base:AusstellDatum>9999-12-31</base:AusstellDatum>
+ <base:AblaufDatum>9999-12-31</base:AblaufDatum>
+ </zmr:EidasIdentitaet>
+ </zmr:PersonErgebnis>
+ </zmr:Personendaten>
+ <zmr:Meldedaten>
+ <zmr:MeldungErgebnis>
+ <base:ErgebnissatzInfo>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:ErgebnissatzInfo>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453500000005242</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>WSANM</base:BeginnCode>
+ <base:BeginnText>Wohnsitz anmelden</base:BeginnText>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:Wohnsitz>
+ <zmr:PostAdresse>
+ <Postleitzahl>0088</Postleitzahl>
+ <Gemeinde>Testgemeinde</Gemeinde>
+ <Gemeindekennziffer>09988</Gemeindekennziffer>
+ <Ortschaft>Testort A</Ortschaft>
+ <zmr:Zustelladresse>
+ <Strassenname>Testgasse</Strassenname>
+ <Orientierungsnummer>1a-2b</Orientierungsnummer>
+ <Gebaeude>Stg. 3c-4d</Gebaeude>
+ <Nutzungseinheit>5</Nutzungseinheit>
+ <Wohnsitzqualitaet>H</Wohnsitzqualitaet>
+ <Abgabestelle>false</Abgabestelle>
+ <Nutzungseinheitlaufnummer>0001</Nutzungseinheitlaufnummer>
+ <zmr:AdressRegisterEintrag>
+ <Adresscode>T800001</Adresscode>
+ <Subcode>001</Subcode>
+ <Objektnummer>T800001</Objektnummer>
+ </zmr:AdressRegisterEintrag>
+ </zmr:Zustelladresse>
+ </zmr:PostAdresse>
+ <base:Adressstatus>HST111WWW</base:Adressstatus>
+ <base:Adressschluessel>
+ <base:OKZ>T8001</base:OKZ>
+ <base:SKZ>T80001</base:SKZ>
+ <base:ADRRefkey>T80000000001</base:ADRRefkey>
+ <base:GBRRefkey>T80000000002</base:GBRRefkey>
+ </base:Adressschluessel>
+ <base:HauptIdent>H</base:HauptIdent>
+ <base:Postleitzahlgebiet>Testpostort</base:Postleitzahlgebiet>
+ </zmr:Wohnsitz>
+ <base:GemeldetVon>2020-02-05T13:07:06.311</base:GemeldetVon>
+ <base:PeriodeCode>WSANM</base:PeriodeCode>
+ <base:PeriodeText>Wohnsitz anmelden</base:PeriodeText>
+ <zmr:Auskunftssperre>
+ <base:EntityErgebnisReferenz>
+ <base:Technisch>
+ <base:EntityID>44453500000005262</base:EntityID>
+ <base:LetzteAenderung>2020-02-05T13:07:06.311</base:LetzteAenderung>
+ </base:Technisch>
+ <base:Von>2020-02-05T13:07:06.311</base:Von>
+ <base:BeginnCode>AUSK_SPERRE_SETZ</base:BeginnCode>
+ <base:BeginnText>Auskunftssperre setzen</base:BeginnText>
+ <base:DurchgefuehrtVon>
+ <base:Organisation>
+ <base:Behoerdenschluessel>109091</base:Behoerdenschluessel>
+ </base:Organisation>
+ </base:DurchgefuehrtVon>
+ </base:EntityErgebnisReferenz>
+ <zmr:SperreVon>2020-02-05T13:07:06.311</zmr:SperreVon>
+ <zmr:SperreBis>9999-12-31T23:59:59.000</zmr:SperreBis>
+ <zmr:SperrCode>ASMG</zmr:SperrCode>
+ <zmr:SperrText>Auskunftssperre nach § 18 / 2ff MeldeG</zmr:SperrText>
+ <zmr:SperrFreitext>automatische Auskunftssperre</zmr:SperrFreitext>
+ </zmr:Auskunftssperre>
+ </zmr:MeldungErgebnis>
+ </zmr:Meldedaten>
+ </zmr:PersonErgebnisSatz>
+ </zmr:Personensuchergebnis>
+ </zmr:PersonSuchenResponse>
+ </base:Response>
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/keystore/junit_test.jks b/modules/authmodule-eIDAS-v2/src/test/resources/keystore/junit_test.jks
new file mode 100644
index 00000000..ee6254a9
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/keystore/junit_test.jks
Binary files differ
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/keystore/pvp.p12 b/modules/authmodule-eIDAS-v2/src/test/resources/keystore/pvp.p12
new file mode 100644
index 00000000..183342f7
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/keystore/pvp.p12
Binary files differ