diff options
Diffstat (limited to 'modules/core_common_webapp/src')
2 files changed, 31 insertions, 429 deletions
diff --git a/modules/core_common_webapp/src/main/java/at/asitplus/eidas/specific/core/builder/AuthenticationDataBuilder.java b/modules/core_common_webapp/src/main/java/at/asitplus/eidas/specific/core/builder/AuthenticationDataBuilder.java index e5937b99..9580a62f 100644 --- a/modules/core_common_webapp/src/main/java/at/asitplus/eidas/specific/core/builder/AuthenticationDataBuilder.java +++ b/modules/core_common_webapp/src/main/java/at/asitplus/eidas/specific/core/builder/AuthenticationDataBuilder.java @@ -24,28 +24,19 @@ package at.asitplus.eidas.specific.core.builder; import java.util.Date; -import java.util.Optional; -import java.util.Set; -import java.util.stream.Collectors; import org.springframework.stereotype.Service; -import com.google.common.collect.Streams; - import at.asitplus.eidas.specific.core.MsEidasNodeConstants; import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions; -import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions.EidIdentityStatusLevelValues; import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.api.idp.auth.data.IAuthProcessDataContainer; -import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException; import at.gv.egiz.eaaf.core.exceptions.EaafBuilderException; import at.gv.egiz.eaaf.core.exceptions.EaafException; -import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; import at.gv.egiz.eaaf.core.impl.data.Pair; -import at.gv.egiz.eaaf.core.impl.data.Triple; import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData; import at.gv.egiz.eaaf.core.impl.idp.EidAuthenticationData; import at.gv.egiz.eaaf.core.impl.idp.auth.builder.AbstractAuthenticationDataBuilder; @@ -55,59 +46,52 @@ import lombok.extern.slf4j.Slf4j; @Service("AuthenticationDataBuilder") @Slf4j public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder { - - private static final String ERROR_B11 = "builder.11"; @Override - protected IAuthData buildDeprecatedAuthData(IRequest pendingReq) throws EaafException { + protected IAuthData buildDeprecatedAuthData(IRequest pendingReq) throws EaafException { final EidAuthProcessDataWrapper authProcessData = - pendingReq.getSessionData(EidAuthProcessDataWrapper.class); - final EidAuthenticationData authData = new EidAuthenticationData(); - - // set basis infos + pendingReq.getSessionData(EidAuthProcessDataWrapper.class); + EidAuthenticationData authData = new EidAuthenticationData(); + + //set basis infos super.generateDeprecatedBasicAuthData(authData, pendingReq, authProcessData); - + // set specific informations authData.setSsoSessionValidTo( new Date(new Date().getTime() + MsEidasNodeConstants.DEFAULT_PVP_ASSERTION_VALIDITY * 60 * 1000)); - - authData.setEidStatus(authProcessData.isTestIdentity() - ? EidIdentityStatusLevelValues.TESTIDENTITY - : EidIdentityStatusLevelValues.IDENTITY); - + + authData.setEidStatus(authProcessData.isTestIdentity() + ? EidIdentityStatusLevelValues.TESTIDENTITY : EidIdentityStatusLevelValues.IDENTITY); + return authData; } @Override - protected void buildServiceSpecificAuthenticationData(IAuthData authData, IRequest pendingReq) + protected void buildServiceSpecificAuthenticationData(IAuthData authData, IRequest pendingReq) throws EaafException { if (authData instanceof EidAuthenticationData) { - ((EidAuthenticationData) authData).setGenericData( - ExtendedPvpAttributeDefinitions.EID_PII_TRANSACTION_ID_NAME, + ((EidAuthenticationData)authData).setGenericData( + ExtendedPvpAttributeDefinitions.EID_PII_TRANSACTION_ID_NAME, pendingReq.getUniquePiiTransactionIdentifier()); log.trace("Inject piiTransactionId: {} into AuthData", pendingReq.getUniquePiiTransactionIdentifier()); - + // set specific informations - ((EidAuthenticationData) authData).setSsoSessionValidTo( + ((EidAuthenticationData)authData).setSsoSessionValidTo( new Date(new Date().getTime() + MsEidasNodeConstants.DEFAULT_PVP_ASSERTION_VALIDITY * 60 * 1000)); - // set E-ID status-level + //set E-ID status-level final EidAuthProcessDataWrapper authProcessData = - pendingReq.getSessionData(EidAuthProcessDataWrapper.class); - ((EidAuthenticationData) authData).setEidStatus(authProcessData.isTestIdentity() - ? EidIdentityStatusLevelValues.TESTIDENTITY - : EidIdentityStatusLevelValues.IDENTITY); - - // handle mandate informations - buildMandateInformation((EidAuthenticationData) authData, pendingReq, authProcessData); - + pendingReq.getSessionData(EidAuthProcessDataWrapper.class); + ((EidAuthenticationData)authData).setEidStatus(authProcessData.isTestIdentity() + ? EidIdentityStatusLevelValues.TESTIDENTITY : EidIdentityStatusLevelValues.IDENTITY); + } else { - throw new RuntimeException("Can not inject PiiTransactionId because AuthData is of unknown type: " + throw new RuntimeException("Can not inject PiiTransactionId because AuthData is of unknown type: " + authData.getClass().getName()); - + } - + } @Override @@ -136,120 +120,4 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder } - private void buildMandateInformation(EidAuthenticationData authData, IRequest pendingReq, - EidAuthProcessDataWrapper authProcessData) throws EaafAuthenticationException, EaafBuilderException, - EaafStorageException { - authData.setUseMandate(authProcessData.isMandateUsed()); - if (authProcessData.isMandateUsed()) { - log.debug("Build mandate-releated authentication data ... "); - if (authProcessData.isForeigner()) { - buildMandateInformationForEidasIncoming(); - - } else { - buildMandateInformationForEidasOutgoing(authData, pendingReq, authProcessData); - - } - - // inject mandate information into authdata - final Set<String> mandateAttributes = Streams.concat( - MsEidasNodeConstants.DEFAULT_REQUIRED_MANDATE_NAT_PVP_ATTRIBUTES.stream(), - MsEidasNodeConstants.DEFAULT_REQUIRED_MANDATE_JUR_PVP_ATTRIBUTES.stream()) - .map(el -> el.getFirst()) - .collect(Collectors.toSet()); - - authProcessData.getGenericSessionDataStream() - .filter(el -> mandateAttributes.contains(el.getKey())) - .forEach(el -> { - try { - authData.setGenericData(el.getKey(), el.getValue()); - - } catch (final EaafStorageException e) { - log.error("Can not store attribute: {} into session.", el.getKey(), e); - throw new RuntimeException(e); - - } - }); - } - } - - private void buildMandateInformationForEidasIncoming() { - log.debug("Find eIDAS incoming process. Generated mandate-information for ID-Austria system ... "); - - // TODO: implement IDA specific processing of foreign mandate - - } - - private void buildMandateInformationForEidasOutgoing(EidAuthenticationData authData, IRequest pendingReq, - EidAuthProcessDataWrapper authProcessData) throws EaafAuthenticationException, EaafBuilderException, - EaafStorageException { - log.debug("Find eIDAS outgoing process. Generated mandate-information for other country ... "); - if (authProcessData.getGenericDataFromSession( - PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME) != null) { - final Optional<Triple<String, String, Boolean>> missingAttribute = - MsEidasNodeConstants.DEFAULT_REQUIRED_MANDATE_NAT_PVP_ATTRIBUTES.stream() - .filter(el -> authProcessData.getGenericDataFromSession(el.getFirst()) == null) - .findFirst(); - if (missingAttribute.isPresent()) { - log.error("ID-Austria response contains not all attributes for nat. person mandator. Missing: {}", - missingAttribute.get().getFirst()); - throw new EaafAuthenticationException(ERROR_B11, new Object[] { "Nat. person mandate" }); - - } else { - log.trace("Find nat. person mandate. Mandate can be used as it is "); - authData.setGenericData(MsEidasNodeConstants.ATTR_EIDAS_NAT_MANDATOR_PERSONAL_IDENTIFIER, - extractBpkFromResponse(authProcessData.getGenericDataFromSession( - PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME, String.class))); - - } - - } else { - final Optional<Triple<String, String, Boolean>> missingAttribute = - MsEidasNodeConstants.DEFAULT_REQUIRED_MANDATE_JUR_PVP_ATTRIBUTES.stream() - .filter(el -> authProcessData.getGenericDataFromSession(el.getFirst()) == null) - .findFirst(); - if (missingAttribute.isPresent()) { - log.error("ID-Austria response contains not all attributes for legal. person mandator. Missing: {}", - missingAttribute.get().getFirst()); - throw new EaafAuthenticationException(ERROR_B11, new Object[] { "Legal. person mandate" }); - - } else { - log.trace( - "Find jur. person mandate. Generate eIDAS identifier from legal-person sourcePin and type ... "); - final String sourcePin = authProcessData.getGenericDataFromSession( - PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME, String.class); - final String sourcePinType = authProcessData.getGenericDataFromSession( - PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME, String.class); - - // build leagl-person identifier for eIDAS out-going - final String[] splittedTarget = - pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier().split("\\+"); - StringBuilder sb = new StringBuilder(); - sb.append(splittedTarget[1]) - .append("/") - .append(splittedTarget[2]) - .append("/") - .append(sourcePinType) - .append("+") - .append(sourcePin); - - log.debug("Use legal-person eIDAS identifer: {} from baseId: {} and baseIdType: {}", - sb.toString(), sourcePin, sourcePinType); - authData.setGenericData(MsEidasNodeConstants.ATTR_EIDAS_JUR_MANDATOR_PERSONAL_IDENTIFIER, sb.toString()); - - } - } - } - - private String extractBpkFromResponse(String pvpBpkAttrValue) { - final String[] split = pvpBpkAttrValue.split(":", 2); - if (split.length == 2) { - return split[1]; - - } else { - log.warn("PVP bPK attribute: {} has wrong format. Use it as it is.", pvpBpkAttrValue); - return pvpBpkAttrValue; - - } - } - } diff --git a/modules/core_common_webapp/src/test/java/at/asitplus/eidas/specific/core/test/utils/AuthenticationDataBuilderTest.java b/modules/core_common_webapp/src/test/java/at/asitplus/eidas/specific/core/test/utils/AuthenticationDataBuilderTest.java index 586749cb..12936a59 100644 --- a/modules/core_common_webapp/src/test/java/at/asitplus/eidas/specific/core/test/utils/AuthenticationDataBuilderTest.java +++ b/modules/core_common_webapp/src/test/java/at/asitplus/eidas/specific/core/test/utils/AuthenticationDataBuilderTest.java @@ -1,10 +1,6 @@ package at.asitplus.eidas.specific.core.test.utils; import static at.asitplus.eidas.specific.core.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE; -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertFalse; -import static org.junit.Assert.assertThrows; -import static org.junit.Assert.assertTrue; import java.io.IOException; import java.security.PublicKey; @@ -76,7 +72,6 @@ public class AuthenticationDataBuilderTest { private TestRequestImpl pendingReq; private DummySpConfiguration oaParam; - private Map<String, String> spConfig; private String eidasBind; private String authBlock; @@ -97,7 +92,7 @@ public class AuthenticationDataBuilderTest { RequestContextHolder.resetRequestAttributes(); RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); - spConfig = new HashMap<>(); + final Map<String, String> spConfig = new HashMap<>(); spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp"); spConfig.put("target", "urn:publicid:gv.at:cdid+XX"); spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "true"); @@ -111,250 +106,27 @@ public class AuthenticationDataBuilderTest { authBlock = RandomStringUtils.randomAlphanumeric(20); eidasBind = RandomStringUtils.randomAlphanumeric(20); pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, authBlock); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, eidasBind); + pendingReq.getSessionData(AuthProcessDataWrapper.class) .setQaaLevel(EaafConstants.EIDAS_LOA_PREFIX + RandomStringUtils.randomAlphabetic(5)); pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, - RandomStringUtils.randomAlphabetic(2).toUpperCase()); + RandomStringUtils.randomAlphabetic(2)); LocaleContextHolder.resetLocaleContext(); } @Test - public void eidasProxyMode() throws EaafAuthenticationException, EaafStorageException { + public void eidMode() throws EaafAuthenticationException { // initialize state boolean isTestIdentity = RandomUtils.nextBoolean(); - pendingReq.getSessionData(EidAuthProcessDataWrapper.class).setTestIdentity(isTestIdentity); pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(true); - - String givenName = RandomStringUtils.randomAlphabetic(10); - String familyName = RandomStringUtils.randomAlphabetic(10); - String dateOfBirth = "1956-12-08"; - String bpk = RandomStringUtils.randomAlphanumeric(10); - String cc = pendingReq.getSessionData(AuthProcessDataWrapper.class) - .getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class); - String spC = RandomStringUtils.randomAlphabetic(2).toUpperCase(); - - spConfig.put("target", EaafConstants.URN_PREFIX_EIDAS + cc + "+" + spC); - - pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(true); - pendingReq.getSessionData(AuthProcessDataWrapper.class).setForeigner(false); - pendingReq.getSessionData(AuthProcessDataWrapper.class) - .setGenericDataToSession(PvpAttributeDefinitions.GIVEN_NAME_NAME, givenName); - pendingReq.getSessionData(AuthProcessDataWrapper.class) - .setGenericDataToSession(PvpAttributeDefinitions.PRINCIPAL_NAME_NAME, familyName); - pendingReq.getSessionData(AuthProcessDataWrapper.class) - .setGenericDataToSession(PvpAttributeDefinitions.BIRTHDATE_NAME, dateOfBirth); - pendingReq.getSessionData(AuthProcessDataWrapper.class) - .setGenericDataToSession(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER, bpk); - - //set LoA level attribute instead of explicit session-data - pendingReq.getSessionData(AuthProcessDataWrapper.class) - .setGenericDataToSession(PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME, - pendingReq.getSessionData(AuthProcessDataWrapper.class).getQaaLevel()); - pendingReq.getSessionData(AuthProcessDataWrapper.class).setQaaLevel(null); - - - - // execute test - IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq); - - - // validate state - Assert.assertNotNull("AuthData null", authData); - Assert.assertNull("authBlock null", authData.getGenericData(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, String.class)); - Assert.assertNull("eidasBind null", authData.getGenericData(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, String.class)); - - Assert.assertEquals("LoA", pendingReq.getSessionData(AuthProcessDataWrapper.class) - .getGenericDataFromSession(PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME, String.class), - authData.getEidasQaaLevel()); - Assert.assertEquals("CitizenCountry", cc, authData.getCiticenCountryCode()); - Assert.assertEquals("familyName", familyName, authData.getFamilyName()); - Assert.assertEquals("givenName", givenName, authData.getGivenName()); - Assert.assertEquals("DateOfBirth", dateOfBirth, authData.getDateOfBirth()); - - Assert.assertEquals("bPK", pendingReq.getSessionData(AuthProcessDataWrapper.class) - .getGenericDataFromSession(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER, String.class), - authData.getGenericData(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER, String.class)); - - Assert.assertEquals("testIdentity flag", - isTestIdentity ? EidIdentityStatusLevelValues.TESTIDENTITY : EidIdentityStatusLevelValues.IDENTITY, - ((EidAuthenticationData)authData).getEidStatus()); - assertFalse("mandate flag", ((EidAuthenticationData)authData).isUseMandate()); - - } - - @Test - public void eidasProxyModeWithJurMandate() throws EaafAuthenticationException, EaafStorageException { - // initialize state - injectRepresentativeInfosIntoSession(); - - String commonMandate = RandomStringUtils.randomAlphabetic(10); - - // set constant country-code and sourcePin to check hashed eIDAS identifier - String sourcePinMandate = "asfdsadfsadfsafsdafsadfasr"; - spConfig.put("target", EaafConstants.URN_PREFIX_EIDAS + "AT+EE"); - - // set nat. person mandate information - pendingReq.getSessionData(AuthProcessDataWrapper.class).setUseMandates(true); - pendingReq.getSessionData(AuthProcessDataWrapper.class) - .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME, commonMandate); - pendingReq.getSessionData(AuthProcessDataWrapper.class) - .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME, sourcePinMandate); - pendingReq.getSessionData(AuthProcessDataWrapper.class) - .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME, - EaafConstants.URN_PREFIX_BASEID + "+XFN"); - - // execute test - IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq); - - - // validate state - Assert.assertNotNull("AuthData null", authData); - assertTrue("mandate flag", ((EidAuthenticationData)authData).isUseMandate()); - - //check mandate informations - checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME, commonMandate); - checkGenericAttribute(authData, MsEidasNodeConstants.ATTR_EIDAS_JUR_MANDATOR_PERSONAL_IDENTIFIER, - "AT/EE/urn:publicid:gv.at:baseid+XFN+asfdsadfsadfsafsdafsadfasr"); - - } - - @Test - public void eidasProxyModeWithJurMandateMissingAttribute() throws EaafAuthenticationException, EaafStorageException { - // initialize state - injectRepresentativeInfosIntoSession(); - - // set constant country-code and sourcePin to check hashed eIDAS identifier - String sourcePinMandate = "asfdsadfsadfsafsdafsadfasr"; - spConfig.put("target", EaafConstants.URN_PREFIX_EIDAS + "AT+EE"); - - // set nat. person mandate information - pendingReq.getSessionData(AuthProcessDataWrapper.class).setUseMandates(true); - pendingReq.getSessionData(AuthProcessDataWrapper.class) - .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME, sourcePinMandate); - pendingReq.getSessionData(AuthProcessDataWrapper.class) - .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME, - EaafConstants.URN_PREFIX_BASEID + "+XFN"); - - // execute test - // execute test - EaafAuthenticationException error = assertThrows(EaafAuthenticationException.class, - () -> authenticationDataBuilder.buildAuthenticationData(pendingReq)); - Assert.assertEquals("wrong errorId", "builder.11", error.getErrorId()); - - } - - @Test - public void eidasProxyModeWithNatMandate() throws EaafAuthenticationException, EaafStorageException { - // initialize state - injectRepresentativeInfosIntoSession(); - - String givenNameMandate = RandomStringUtils.randomAlphabetic(10); - String familyNameMandate = RandomStringUtils.randomAlphabetic(10); - String dateOfBirthMandate = "1957-09-15"; - String bpkMandate = RandomStringUtils.randomAlphanumeric(10); - - // set nat. person mandate information - pendingReq.getSessionData(AuthProcessDataWrapper.class).setUseMandates(true); - pendingReq.getSessionData(AuthProcessDataWrapper.class) - .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME, givenNameMandate); - pendingReq.getSessionData(AuthProcessDataWrapper.class) - .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME, familyNameMandate); - pendingReq.getSessionData(AuthProcessDataWrapper.class) - .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME, dateOfBirthMandate); - pendingReq.getSessionData(AuthProcessDataWrapper.class) - .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME, "AT+XX:" + bpkMandate); - - // execute test - IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq); - - - // validate state - Assert.assertNotNull("AuthData null", authData); - assertTrue("mandate flag", ((EidAuthenticationData)authData).isUseMandate()); - - //check mandate informations - checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME, givenNameMandate); - checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME, familyNameMandate); - checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME, "1957-09-15"); - checkGenericAttribute(authData, MsEidasNodeConstants.ATTR_EIDAS_NAT_MANDATOR_PERSONAL_IDENTIFIER, bpkMandate); - - } - - @Test - public void eidasProxyModeWithNatMandateWrongBpkFormat() throws EaafAuthenticationException, EaafStorageException { - // initialize state - injectRepresentativeInfosIntoSession(); - - String givenNameMandate = RandomStringUtils.randomAlphabetic(10); - String familyNameMandate = RandomStringUtils.randomAlphabetic(10); - String dateOfBirthMandate = "1957-09-15"; - String bpkMandate = RandomStringUtils.randomAlphanumeric(10); - - // set nat. person mandate information - pendingReq.getSessionData(AuthProcessDataWrapper.class).setUseMandates(true); - pendingReq.getSessionData(AuthProcessDataWrapper.class) - .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME, givenNameMandate); - pendingReq.getSessionData(AuthProcessDataWrapper.class) - .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME, familyNameMandate); - pendingReq.getSessionData(AuthProcessDataWrapper.class) - .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME, dateOfBirthMandate); - pendingReq.getSessionData(AuthProcessDataWrapper.class) - .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME, bpkMandate); - - // execute test - IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq); - - // validate state - Assert.assertNotNull("AuthData null", authData); - assertTrue("mandate flag", ((EidAuthenticationData)authData).isUseMandate()); - - //check mandate informations - checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME, givenNameMandate); - checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME, familyNameMandate); - checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME, "1957-09-15"); - checkGenericAttribute(authData, MsEidasNodeConstants.ATTR_EIDAS_NAT_MANDATOR_PERSONAL_IDENTIFIER, bpkMandate); - - } - - @Test - public void eidasProxyModeWithNatMandateMissingAttribute() throws EaafAuthenticationException, EaafStorageException { - // initialize state - injectRepresentativeInfosIntoSession(); - - String familyNameMandate = RandomStringUtils.randomAlphabetic(10); - String dateOfBirthMandate = "1957-09-15"; - String bpkMandate = RandomStringUtils.randomAlphanumeric(10); - - // set nat. person mandate information - pendingReq.getSessionData(AuthProcessDataWrapper.class).setUseMandates(true); - pendingReq.getSessionData(AuthProcessDataWrapper.class) - .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME, familyNameMandate); - pendingReq.getSessionData(AuthProcessDataWrapper.class) - .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME, dateOfBirthMandate); - pendingReq.getSessionData(AuthProcessDataWrapper.class) - .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME, bpkMandate); - - // execute test - EaafAuthenticationException error = assertThrows(EaafAuthenticationException.class, - () -> authenticationDataBuilder.buildAuthenticationData(pendingReq)); - Assert.assertEquals("wrong errorId", "builder.11", error.getErrorId()); - - } - - @Test - public void eidMode() throws EaafAuthenticationException, EaafStorageException { - // initialize state - boolean isTestIdentity = RandomUtils.nextBoolean(); pendingReq.getSessionData(EidAuthProcessDataWrapper.class).setTestIdentity(isTestIdentity); - pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(true); - pendingReq.getSessionData(AuthProcessDataWrapper.class) - .setGenericDataToSession(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, authBlock); - pendingReq.getSessionData(AuthProcessDataWrapper.class) - .setGenericDataToSession(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, eidasBind); - + // execute IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq); @@ -439,44 +211,6 @@ public class AuthenticationDataBuilderTest { } - private void injectRepresentativeInfosIntoSession() throws EaafStorageException { - boolean isTestIdentity = RandomUtils.nextBoolean(); - pendingReq.getSessionData(EidAuthProcessDataWrapper.class).setTestIdentity(isTestIdentity); - pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(true); - - String givenName = RandomStringUtils.randomAlphabetic(10); - String familyName = RandomStringUtils.randomAlphabetic(10); - String dateOfBirth = "1956-12-08"; - String bpk = RandomStringUtils.randomAlphanumeric(10); - String cc = pendingReq.getSessionData(AuthProcessDataWrapper.class) - .getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class); - String spC = RandomStringUtils.randomAlphabetic(2).toUpperCase(); - spConfig.put("target", EaafConstants.URN_PREFIX_EIDAS + cc + "+" + spC); - - pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(true); - pendingReq.getSessionData(AuthProcessDataWrapper.class).setForeigner(false); - pendingReq.getSessionData(AuthProcessDataWrapper.class) - .setGenericDataToSession(PvpAttributeDefinitions.GIVEN_NAME_NAME, givenName); - pendingReq.getSessionData(AuthProcessDataWrapper.class) - .setGenericDataToSession(PvpAttributeDefinitions.PRINCIPAL_NAME_NAME, familyName); - pendingReq.getSessionData(AuthProcessDataWrapper.class) - .setGenericDataToSession(PvpAttributeDefinitions.BIRTHDATE_NAME, dateOfBirth); - pendingReq.getSessionData(AuthProcessDataWrapper.class) - .setGenericDataToSession(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER, bpk); - - //set LoA level attribute instead of explicit session-data - pendingReq.getSessionData(AuthProcessDataWrapper.class) - .setGenericDataToSession(PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME, - pendingReq.getSessionData(AuthProcessDataWrapper.class).getQaaLevel()); - pendingReq.getSessionData(AuthProcessDataWrapper.class).setQaaLevel(null); - - } - - private void checkGenericAttribute(IAuthData authData, String attrName, String expected) { - assertEquals("Wrong: " + attrName, expected, authData.getGenericData(attrName, String.class)); - - } - private IIdentityLink buildDummyIdl() { return new IIdentityLink() { |