diff options
Diffstat (limited to 'modules/eidas_proxy-sevice/src/test')
14 files changed, 3069 insertions, 0 deletions
diff --git a/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/EidasProxyMessageSourceTest.java b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/EidasProxyMessageSourceTest.java new file mode 100644 index 00000000..fc4ad2b6 --- /dev/null +++ b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/EidasProxyMessageSourceTest.java @@ -0,0 +1,50 @@ +package at.asitplus.eidas.specific.modules.msproxyservice.test; + +import java.util.List; + +import org.junit.Assert; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.core.io.Resource; +import org.springframework.core.io.ResourceLoader; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + +import at.asitplus.eidas.specific.modules.msproxyservice.EidasProxyMessageSource; +import at.gv.egiz.eaaf.core.api.logging.IMessageSourceLocation; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration(locations = { + "/spring/SpringTest-context_basic_test.xml", + "/spring/SpringTest-context_basic_mapConfig.xml", + }) +public class EidasProxyMessageSourceTest { + + @Autowired + private ResourceLoader loader; + @Autowired(required = false) + private List<IMessageSourceLocation> messageSources; + + @Test + public void checkMessageSources() { + Assert.assertNotNull("No messageSource", messageSources); + Assert.assertFalse("No message source", messageSources.isEmpty()); + + boolean found = false; + + for (final IMessageSourceLocation messageSource : messageSources) { + found = found ? found : messageSource instanceof EidasProxyMessageSource; + + Assert.assertNotNull("No sourcePath", messageSource.getMessageSourceLocation()); + for (final String el : messageSource.getMessageSourceLocation()) { + final Resource messages = loader.getResource(el + ".properties"); + Assert.assertTrue("Source not exist", messages.exists()); + + } + } + + Assert.assertTrue("Internal messagesource not found", found); + + } +} diff --git a/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/MsProxyServiceSpringResourceProviderTest.java b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/MsProxyServiceSpringResourceProviderTest.java new file mode 100644 index 00000000..9a690664 --- /dev/null +++ b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/MsProxyServiceSpringResourceProviderTest.java @@ -0,0 +1,56 @@ +package at.asitplus.eidas.specific.modules.msproxyservice.test; + +import java.io.IOException; +import java.io.InputStream; + +import org.apache.commons.io.IOUtils; +import org.junit.Assert; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.BlockJUnit4ClassRunner; +import org.springframework.core.io.Resource; + +import at.asitplus.eidas.specific.modules.msproxyservice.MsProxyServiceSpringResourceProvider; +import at.gv.egiz.eaaf.core.test.TestConstants; + + + +@RunWith(BlockJUnit4ClassRunner.class) +public class MsProxyServiceSpringResourceProviderTest { + + @Test + public void testSpringConfig() { + final MsProxyServiceSpringResourceProvider test = + new MsProxyServiceSpringResourceProvider(); + for (final Resource el : test.getResourcesToLoad()) { + try { + IOUtils.toByteArray(el.getInputStream()); + + } catch (final IOException e) { + Assert.fail("Ressouce: " + el.getFilename() + " not found"); + } + + } + + Assert.assertNotNull("no Name", test.getName()); + Assert.assertNull("Find package definitions", test.getPackagesToScan()); + + } + + @Test + public void testSpILoaderConfig() { + final InputStream el = this.getClass().getResourceAsStream(TestConstants.TEST_SPI_LOADER_PATH); + try { + final String spiFile = IOUtils.toString(el, "UTF-8"); + + Assert.assertEquals("Wrong classpath in SPI file", + MsProxyServiceSpringResourceProvider.class.getName(), spiFile); + + + } catch (final IOException e) { + Assert.fail("Ressouce: " + TestConstants.TEST_SPI_LOADER_PATH + " not found"); + + } + } + +} diff --git a/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/EidasProxyServiceControllerBorisTest.java b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/EidasProxyServiceControllerBorisTest.java new file mode 100644 index 00000000..dfa4e264 --- /dev/null +++ b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/EidasProxyServiceControllerBorisTest.java @@ -0,0 +1,197 @@ +package at.asitplus.eidas.specific.modules.msproxyservice.test.protocol; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNotNull; + +import java.io.IOException; +import java.net.URISyntaxException; +import java.util.Arrays; +import java.util.List; +import java.util.UUID; + +import org.apache.commons.lang3.RandomStringUtils; +import org.apache.commons.lang3.StringUtils; +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.ApplicationContext; +import org.springframework.mock.web.MockHttpServletRequest; +import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; +import org.springframework.web.servlet.config.annotation.EnableWebMvc; + +import at.asitplus.eidas.specific.core.config.ServiceProviderConfiguration; +import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap; +import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants; +import at.asitplus.eidas.specific.modules.core.eidas.service.EidasAttributeRegistry; +import at.asitplus.eidas.specific.modules.core.eidas.test.dummy.DummySpecificCommunicationService; +import at.asitplus.eidas.specific.modules.msproxyservice.MsProxyServiceConstants; +import at.asitplus.eidas.specific.modules.msproxyservice.protocol.EidasProxyServiceController; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; +import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions.SpMandateModes; +import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; +import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyProtocolAuthService; +import eu.eidas.auth.commons.EidasParameterKeys; +import eu.eidas.auth.commons.attribute.ImmutableAttributeMap; +import eu.eidas.auth.commons.light.impl.LightRequest; +import eu.eidas.specificcommunication.SpecificCommunicationDefinitionBeanNames; +import eu.eidas.specificcommunication.protocol.SpecificCommunicationService; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration(locations = { + "/spring/SpringTest-context_basic_test.xml", + "/spring/SpringTest-context_basic_mapConfig2.xml", + }) +@EnableWebMvc +public class EidasProxyServiceControllerBorisTest { + + @Autowired private EidasProxyServiceController controller; + + @Autowired private DummySpecificCommunicationService proxyService; + @Autowired private DummyProtocolAuthService authService; + @Autowired private EidasAttributeRegistry attrRegistry; + @Autowired private ApplicationContext context; + + @Autowired MsConnectorDummyConfigMap config; + + private MockHttpServletRequest httpReq; + private MockHttpServletResponse httpResp; + + private SpecificCommunicationService springManagedSpecificConnectorCommunicationService; + + /** + * jUnit test set-up. + */ + @Before + public void setUp() throws EaafStorageException, URISyntaxException { + httpReq = new MockHttpServletRequest("POST", "http://localhost/ms_connector/eidas/light/idp/redirect"); + httpResp = new MockHttpServletResponse(); + RequestContextHolder.resetRequestAttributes(); + RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); + + proxyService.setiLightRequest(null); + proxyService.setError(null); + + config.putConfigValue("eidas.ms.auth.eIDAS.node_v2.proxy.forward.endpoint", + "http://eidas.proxy/endpoint"); + + springManagedSpecificConnectorCommunicationService = + (SpecificCommunicationService) context.getBean( + SpecificCommunicationDefinitionBeanNames.SPECIFIC_PROXYSERVICE_COMMUNICATION_SERVICE + .toString()); + + } + + @Test + public void validAuthnRequestWithBorisAttributeLegal() throws IOException, EaafException { + //initialize state + httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10)); + String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase(); + String issuer = RandomStringUtils.randomAlphabetic(10); + LightRequest.Builder authnReqBuilder = LightRequest.builder() + .id(UUID.randomUUID().toString()) + .issuer(issuer) + .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) + .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH) + .spCountryCode(spCountryCode) + .spType("public") + .requestedAttributes(ImmutableAttributeMap.builder() + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + EidasConstants.eIDAS_ATTR_LEGALNAME).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + "eJusticeLegalPersonRole").first()) + .build()); + + proxyService.setiLightRequest(authnReqBuilder.build()); + + + // set default mandate configuration + List<String> mandateProfilesNat = + Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)); + List<String> mandateProfilesJur = + Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)); + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true"); + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, + StringUtils.join(mandateProfilesNat, ",")); + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL, + StringUtils.join(mandateProfilesJur, ",")); + + + //execute + controller.receiveEidasAuthnRequest(httpReq, httpResp); + + //validate state + ServiceProviderConfiguration spConfig = + authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class); + assertNotNull("mandateprofiles", spConfig.getMandateProfiles()); + assertFalse("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty()); + assertEquals("mandateprofile size", 1, spConfig.getMandateProfiles().size()); + assertEquals("mandateprofile", "MUST_BE_UPDATED", spConfig.getMandateProfiles().get(0)); + assertEquals("MandateMode", SpMandateModes.LEGAL, spConfig.getMandateMode()); + + assertEquals("requested IDA attributes", 10, spConfig.getRequestedAttributes().size()); + + } + + @Test + public void validAuthnRequestWithBorisAttributeNat() throws IOException, EaafException { + //initialize state + httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10)); + String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase(); + String issuer = RandomStringUtils.randomAlphabetic(10); + LightRequest.Builder authnReqBuilder = LightRequest.builder() + .id(UUID.randomUUID().toString()) + .issuer(issuer) + .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) + .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH) + .spCountryCode(spCountryCode) + .spType("public") + .requestedAttributes(ImmutableAttributeMap.builder() + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + "eJusticeNaturalPersonRole").first()) + .build()); + + proxyService.setiLightRequest(authnReqBuilder.build()); + + + // set default mandate configuration + List<String> mandateProfilesNat = + Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)); + List<String> mandateProfilesJur = + Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)); + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true"); + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, + StringUtils.join(mandateProfilesNat, ",")); + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL, + StringUtils.join(mandateProfilesJur, ",")); + + + //execute + controller.receiveEidasAuthnRequest(httpReq, httpResp); + + //validate state + ServiceProviderConfiguration spConfig = + authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class); + assertNotNull("mandateprofiles", spConfig.getMandateProfiles()); + assertFalse("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty()); + assertEquals("mandateprofile size", 1, spConfig.getMandateProfiles().size()); + assertEquals("mandateprofile", "MUST_BE_UPDATED", spConfig.getMandateProfiles().get(0)); + assertEquals("MandateMode", SpMandateModes.LEGAL, spConfig.getMandateMode()); + + assertEquals("requested IDA attributes", 6, spConfig.getRequestedAttributes().size()); + + } + +} + + diff --git a/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/EidasProxyServiceControllerTest.java b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/EidasProxyServiceControllerTest.java new file mode 100644 index 00000000..5894ea45 --- /dev/null +++ b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/EidasProxyServiceControllerTest.java @@ -0,0 +1,852 @@ +package at.asitplus.eidas.specific.modules.msproxyservice.test.protocol; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertThrows; +import static org.junit.Assert.assertTrue; + +import java.io.IOException; +import java.net.URISyntaxException; +import java.net.URLDecoder; +import java.text.MessageFormat; +import java.util.Arrays; +import java.util.List; +import java.util.UUID; + +import org.apache.commons.lang3.RandomStringUtils; +import org.apache.commons.lang3.StringUtils; +import org.junit.Assert; +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.opensaml.saml.saml2.core.NameIDType; +import org.opensaml.saml.saml2.core.StatusCode; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.ApplicationContext; +import org.springframework.mock.web.MockHttpServletRequest; +import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; +import org.springframework.web.servlet.config.annotation.EnableWebMvc; + +import com.google.common.collect.ImmutableSortedSet; + +import at.asitplus.eidas.specific.core.config.ServiceProviderConfiguration; +import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap; +import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants; +import at.asitplus.eidas.specific.modules.core.eidas.service.EidasAttributeRegistry; +import at.asitplus.eidas.specific.modules.core.eidas.test.dummy.DummySpecificCommunicationService; +import at.asitplus.eidas.specific.modules.msproxyservice.MsProxyServiceConstants; +import at.asitplus.eidas.specific.modules.msproxyservice.exception.EidasProxyServiceException; +import at.asitplus.eidas.specific.modules.msproxyservice.protocol.EidasProxyServiceController; +import at.asitplus.eidas.specific.modules.msproxyservice.protocol.ProxyServicePendingRequest; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; +import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions.SpMandateModes; +import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; +import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyProtocolAuthService; +import eu.eidas.auth.commons.EidasParameterKeys; +import eu.eidas.auth.commons.attribute.ImmutableAttributeMap; +import eu.eidas.auth.commons.light.ILightResponse; +import eu.eidas.auth.commons.light.impl.LightRequest; +import eu.eidas.specificcommunication.SpecificCommunicationDefinitionBeanNames; +import eu.eidas.specificcommunication.exception.SpecificCommunicationException; +import eu.eidas.specificcommunication.protocol.SpecificCommunicationService; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration(locations = { + "/spring/SpringTest-context_basic_test.xml", + "/spring/SpringTest-context_basic_mapConfig.xml", + }) +@EnableWebMvc +public class EidasProxyServiceControllerTest { + + @Autowired private EidasProxyServiceController controller; + + @Autowired private DummySpecificCommunicationService proxyService; + @Autowired private DummyProtocolAuthService authService; + @Autowired private EidasAttributeRegistry attrRegistry; + @Autowired private ApplicationContext context; + + @Autowired MsConnectorDummyConfigMap config; + + private MockHttpServletRequest httpReq; + private MockHttpServletResponse httpResp; + + private SpecificCommunicationService springManagedSpecificConnectorCommunicationService; + + /** + * jUnit test set-up. + */ + @Before + public void setUp() throws EaafStorageException, URISyntaxException { + httpReq = new MockHttpServletRequest("POST", "http://localhost/ms_connector/eidas/light/idp/redirect"); + httpResp = new MockHttpServletResponse(); + RequestContextHolder.resetRequestAttributes(); + RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); + + proxyService.setiLightRequest(null); + proxyService.setError(null); + + config.putConfigValue("eidas.ms.auth.eIDAS.node_v2.proxy.forward.endpoint", + "http://eidas.proxy/endpoint"); + + springManagedSpecificConnectorCommunicationService = + (SpecificCommunicationService) context.getBean( + SpecificCommunicationDefinitionBeanNames.SPECIFIC_PROXYSERVICE_COMMUNICATION_SERVICE + .toString()); + + } + + @Test + public void generateErrorResponseWrongPendingReq() throws Throwable { + Assert.assertFalse("wrong statusCode", controller.generateErrorMessage( + new EaafException("1000"), + httpReq, httpResp, null)); + + } + + @Test + public void generateErrorResponse() throws Throwable { + ProxyServicePendingRequest pendingReq = new ProxyServicePendingRequest(); + pendingReq.initialize(httpReq, config); + + LightRequest.Builder eidasRequestBuilder = LightRequest.builder() + .id(UUID.randomUUID().toString()) + .issuer(RandomStringUtils.randomAlphabetic(10)) + .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) + .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH) + .spCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) + .spType("public") + .requesterId(RandomStringUtils.randomAlphanumeric(10)) + .providerName(RandomStringUtils.randomAlphanumeric(10)); + pendingReq.setEidasRequest(eidasRequestBuilder.build()); + + + // execute test + Assert.assertTrue("wrong statusCode", controller.generateErrorMessage( + new EaafException("1000"), + httpReq, httpResp, + pendingReq)); + + // validate state + assertNotNull("not redirct Header", httpResp.getHeader("Location")); + assertTrue("wrong redirect URL", httpResp.getHeader("Location").startsWith("http://eidas.proxy/endpoint?token=")); + String token = httpResp.getHeader("Location").substring("http://eidas.proxy/endpoint?token=".length()); + + ILightResponse resp = springManagedSpecificConnectorCommunicationService.getAndRemoveResponse(URLDecoder.decode(token, "UTF-8"), + ImmutableSortedSet.copyOf(attrRegistry.getCoreAttributeRegistry().getAttributes())); + + assertNotNull("responseId", resp.getId()); + assertEquals("inResponseTo", pendingReq.getEidasRequest().getId(), resp.getInResponseToId()); + assertEquals("relayState", pendingReq.getEidasRequest().getRelayState(), resp.getRelayState()); + + assertNotNull("subjectNameId", resp.getSubject()); + assertEquals("subjectNameIdFormat", NameIDType.TRANSIENT, resp.getSubjectNameIdFormat()); + assertTrue("not attributes", resp.getAttributes().isEmpty()); + + assertEquals("StatusCode", StatusCode.RESPONDER, resp.getStatus().getStatusCode()); + //assertEquals("SubStatusCode", "", resp.getStatus().getSubStatusCode()); + //assertEquals("StatusMsg", "", resp.getStatus().getStatusMessage()); + + } + + @Test + public void missingEidasToken() { + EidasProxyServiceException exception = assertThrows(EidasProxyServiceException.class, + () -> controller.receiveEidasAuthnRequest(httpReq, httpResp)); + Assert.assertEquals("wrong errorCode", "eidas.proxyservice.02", exception.getErrorId()); + + } + + @Test + public void wrongEidasTokenWithNullpointerException() { + //initialize state + httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10)); + + //validate state + EidasProxyServiceException exception = assertThrows(EidasProxyServiceException.class, + () -> controller.receiveEidasAuthnRequest(httpReq, httpResp)); + Assert.assertEquals("wrong errorCode", "eidas.proxyservice.11", exception.getErrorId()); + + } + + @Test + public void wrongEidasTokenCacheCommunicationError() { + //initialize state + httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10)); + proxyService.setError(new SpecificCommunicationException(RandomStringUtils.randomAlphanumeric(10))); + + //validate state + EidasProxyServiceException exception = assertThrows(EidasProxyServiceException.class, + () -> controller.receiveEidasAuthnRequest(httpReq, httpResp)); + Assert.assertEquals("wrong errorCode", "eidas.proxyservice.03", exception.getErrorId()); + Assert.assertTrue("Wrong exception", (exception.getCause() instanceof SpecificCommunicationException)); + + } + + @Test + public void missingServiceProviderCountry() { + //initialize state + httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10)); + LightRequest.Builder authnReqBuilder = LightRequest.builder() + .id(UUID.randomUUID().toString()) + .issuer(RandomStringUtils.randomAlphabetic(10)) + .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) + .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH); + + proxyService.setiLightRequest(authnReqBuilder.build()); + + //validate state + EidasProxyServiceException exception = assertThrows(EidasProxyServiceException.class, + () -> controller.receiveEidasAuthnRequest(httpReq, httpResp)); + Assert.assertEquals("wrong errorCode", "eidas.proxyservice.07", exception.getErrorId()); + + } + + @Test + public void requestingLegalAndNaturalPerson() { + //initialize state + httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10)); + LightRequest.Builder authnReqBuilder = LightRequest.builder() + .id(UUID.randomUUID().toString()) + .issuer(RandomStringUtils.randomAlphabetic(10)) + .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) + .spCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) + .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH) + .requestedAttributes(ImmutableAttributeMap.builder() + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()) + .build()); + + proxyService.setiLightRequest(authnReqBuilder.build()); + + //validate state + EidasProxyServiceException exception = assertThrows(EidasProxyServiceException.class, + () -> controller.receiveEidasAuthnRequest(httpReq, httpResp)); + Assert.assertEquals("wrong errorCode", "eidas.proxyservice.08", exception.getErrorId()); + + } + + @Test + public void requestLegalPersonButNoMandates() throws IOException, EaafException { + //initialize state + httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10)); + String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase(); + LightRequest.Builder authnReqBuilder = LightRequest.builder() + .id(UUID.randomUUID().toString()) + .issuer(RandomStringUtils.randomAlphabetic(10)) + .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) + .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH) + .spCountryCode(spCountryCode) + .spType("public") + .requestedAttributes(ImmutableAttributeMap.builder() + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()).build()); + + proxyService.setiLightRequest(authnReqBuilder.build()); + + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "false"); + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, + StringUtils.join(Arrays.asList( + RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ",")); + + //validate state + EidasProxyServiceException exception = assertThrows(EidasProxyServiceException.class, + () -> controller.receiveEidasAuthnRequest(httpReq, httpResp)); + Assert.assertEquals("wrong errorCode", "eidas.proxyservice.09", exception.getErrorId()); + + } + + @Test + public void validAuthnRequest() throws IOException, EaafException { + //initialize state + httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10)); + String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase(); + LightRequest.Builder authnReqBuilder = LightRequest.builder() + .id(UUID.randomUUID().toString()) + .issuer(RandomStringUtils.randomAlphabetic(10)) + .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) + .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH) + .spCountryCode(spCountryCode) + .spType("public") + .requestedAttributes(ImmutableAttributeMap.builder() + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + EidasConstants.eIDAS_ATTR_BIRTHNAME).first()) + .build()); + + proxyService.setiLightRequest(authnReqBuilder.build()); + + + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "false"); + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, + StringUtils.join(Arrays.asList( + RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ",")); + + + //execute + controller.receiveEidasAuthnRequest(httpReq, httpResp); + + //validate state + Assert.assertNotNull("pendingRequest", authService.getPendingReq()); + Assert.assertTrue("wrong pendingRequest", authService.getPendingReq() instanceof ProxyServicePendingRequest); + ProxyServicePendingRequest pendingReq = (ProxyServicePendingRequest) authService.getPendingReq(); + Assert.assertNotNull("missing uniqueSpId", pendingReq.getSpEntityId()); + Assert.assertNotNull("missing eidasReq", pendingReq.getEidasRequest()); + + Assert.assertFalse("isPassive", pendingReq.isPassiv()); + Assert.assertTrue("isPassive", pendingReq.forceAuth()); + Assert.assertFalse("isPassive", pendingReq.isAuthenticated()); + Assert.assertFalse("isPassive", pendingReq.isAbortedByUser()); + Assert.assertTrue("isPassive", pendingReq.isNeedAuthentication()); + + Assert.assertNotNull("missing spConfig", pendingReq.getServiceProviderConfiguration()); + ServiceProviderConfiguration spConfig = + pendingReq.getServiceProviderConfiguration(ServiceProviderConfiguration.class); + Assert.assertNotNull("uniqueId", spConfig.getUniqueIdentifier()); + Assert.assertEquals("uniqueId wrong pattern", + authnReqBuilder.build().getIssuer(), + spConfig.getUniqueIdentifier()); + Assert.assertEquals("friendlyName wrong pattern", + MessageFormat.format(MsProxyServiceConstants.TEMPLATE_SP_UNIQUE_ID, spCountryCode, "public"), + spConfig.getFriendlyName()); + + Assert.assertEquals("uniqueId not match to pendingReq", + pendingReq.getSpEntityId(), spConfig.getUniqueIdentifier()); + Assert.assertNotNull("bpkTarget", spConfig.getAreaSpecificTargetIdentifier()); + Assert.assertEquals("wrong bPK Target", + EaafConstants.URN_PREFIX_EIDAS + "AT+" + spCountryCode, + spConfig.getAreaSpecificTargetIdentifier()); + + assertNotNull("mandateprofiles", spConfig.getMandateProfiles()); + assertTrue("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty()); + assertEquals("MandateMode", SpMandateModes.NONE, spConfig.getMandateMode()); + + assertEquals("requested IDA attributes", 4, spConfig.getRequestedAttributes().size()); + + + } + + @Test + public void validAuthnRequestWithMandatesDefaultProfilesNat() throws IOException, EaafException { + //initialize state + httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10)); + String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase(); + LightRequest.Builder authnReqBuilder = LightRequest.builder() + .id(UUID.randomUUID().toString()) + .issuer(RandomStringUtils.randomAlphabetic(10)) + .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) + .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH) + .spCountryCode(spCountryCode) + .spType("public") + .requestedAttributes(ImmutableAttributeMap.builder() + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first()).build()); + + + proxyService.setiLightRequest(authnReqBuilder.build()); + + List<String> mandateProfilesNat = + Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)); + List<String> mandateProfilesJur = + Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)); + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true"); + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, + StringUtils.join(mandateProfilesNat, ",")); + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL, + StringUtils.join(mandateProfilesJur, ",")); + + //execute + controller.receiveEidasAuthnRequest(httpReq, httpResp); + + //validate state + ServiceProviderConfiguration spConfig = + authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class); + assertNotNull("mandateprofiles", spConfig.getMandateProfiles()); + assertFalse("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty()); + assertEquals("mandateprofile size", mandateProfilesNat.size(), spConfig.getMandateProfiles().size()); + spConfig.getMandateProfiles().stream() + .forEach(el -> assertTrue("missing mandateProfile: " + el, mandateProfilesNat.contains(el))); + assertEquals("MandateMode", SpMandateModes.NATURAL, spConfig.getMandateMode()); + + assertEquals("requested IDA attributes", 6, spConfig.getRequestedAttributes().size()); + + } + + @Test + public void validAuthnRequestWithMandatesDefaultProfilesJur() throws IOException, EaafException { + //initialize state + httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10)); + String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase(); + LightRequest.Builder authnReqBuilder = LightRequest.builder() + .id(UUID.randomUUID().toString()) + .issuer(RandomStringUtils.randomAlphabetic(10)) + .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) + .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH) + .spCountryCode(spCountryCode) + .spType("public") + .requestedAttributes(ImmutableAttributeMap.builder() + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()).build()); + + + proxyService.setiLightRequest(authnReqBuilder.build()); + + List<String> mandateProfilesNat = + Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)); + List<String> mandateProfilesJur = + Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)); + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true"); + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, + StringUtils.join(mandateProfilesNat, ",")); + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL, + StringUtils.join(mandateProfilesJur, ",")); + + //execute + controller.receiveEidasAuthnRequest(httpReq, httpResp); + + //validate state + ServiceProviderConfiguration spConfig = + authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class); + assertNotNull("mandateprofiles", spConfig.getMandateProfiles()); + assertFalse("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty()); + assertEquals("mandateprofile size", mandateProfilesJur.size(), spConfig.getMandateProfiles().size()); + spConfig.getMandateProfiles().stream() + .forEach(el -> assertTrue("missing mandateProfile: " + el, mandateProfilesJur.contains(el))); + assertEquals("MandateMode", SpMandateModes.LEGAL_FORCE, spConfig.getMandateMode()); + + assertEquals("requested IDA attributes", 9, spConfig.getRequestedAttributes().size()); + + } + + @Test + public void validAuthnRequestWithMandatesDefaultNoJurProfiles() throws IOException, EaafException { + //initialize state + httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10)); + String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase(); + LightRequest.Builder authnReqBuilder = LightRequest.builder() + .id(UUID.randomUUID().toString()) + .issuer(RandomStringUtils.randomAlphabetic(10)) + .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) + .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH) + .spCountryCode(spCountryCode) + .spType("public") + .requestedAttributes(ImmutableAttributeMap.builder() + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()).build()); + + + proxyService.setiLightRequest(authnReqBuilder.build()); + + List<String> mandateProfilesNat = + Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)); + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true"); + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, + StringUtils.join(mandateProfilesNat, ",")); + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL, ""); + + //validate state + EidasProxyServiceException exception = assertThrows(EidasProxyServiceException.class, + () -> controller.receiveEidasAuthnRequest(httpReq, httpResp)); + Assert.assertEquals("wrong errorCode", "eidas.proxyservice.10", exception.getErrorId()); + + } + + @Test + public void validAuthnRequestWithMandatesDefaultNoNatProfiles() throws IOException, EaafException { + //initialize state + httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10)); + String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase(); + LightRequest.Builder authnReqBuilder = LightRequest.builder() + .id(UUID.randomUUID().toString()) + .issuer(RandomStringUtils.randomAlphabetic(10)) + .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) + .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH) + .spCountryCode(spCountryCode) + .spType("public") + .requestedAttributes(ImmutableAttributeMap.builder() + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first()).build()); + + + proxyService.setiLightRequest(authnReqBuilder.build()); + + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true"); + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, ""); + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL, ""); + + //execute + controller.receiveEidasAuthnRequest(httpReq, httpResp); + + //validate state + ServiceProviderConfiguration spConfig = + authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class); + assertNotNull("mandateprofiles", spConfig.getMandateProfiles()); + assertTrue("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty()); + assertEquals("MandateMode", SpMandateModes.NONE, spConfig.getMandateMode()); + + assertEquals("requested IDA attributes", 3, spConfig.getRequestedAttributes().size()); + + } + + @Test + public void validAuthnRequestIssueSpecificNoMandates() throws IOException, EaafException { + //initialize state + httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10)); + + String issuer = RandomStringUtils.randomAlphabetic(10); + LightRequest.Builder authnReqBuilder = LightRequest.builder() + .id(UUID.randomUUID().toString()) + .issuer(issuer) + .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) + .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH) + .spCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) + .spType("public") + .requestedAttributes(ImmutableAttributeMap.builder() + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first()).build()); + + proxyService.setiLightRequest(authnReqBuilder.build()); + + + // set default mandate configuration + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true"); + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, + StringUtils.join(Arrays.asList( + RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ",")); + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL, + StringUtils.join(Arrays.asList( + RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ",")); + + // set specific mandate configuration + String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase(); + addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_UNIQUEID, issuer); + addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_COUNTRYCODE, spCountryCode); + addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_ENABLED, "false"); + + List<String> mandateProfiles = + Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)); + addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_NATURAL, + StringUtils.join(mandateProfiles, ",")); + addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_LEGAL, + StringUtils.join(Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ",")); + + //execute + controller.receiveEidasAuthnRequest(httpReq, httpResp); + + //validate state + ServiceProviderConfiguration spConfig = + authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class); + assertNotNull("mandateprofiles", spConfig.getMandateProfiles()); + assertTrue("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty()); + assertEquals("MandateMode", SpMandateModes.NONE, spConfig.getMandateMode()); + + } + + @Test + public void validAuthnRequestIssueSpecificMandatesNat() throws IOException, EaafException { + //initialize state + httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10)); + + String issuer = "https://apps.egiz.gv.at/EidasNode//ConnectorMetadata"; + LightRequest.Builder authnReqBuilder = LightRequest.builder() + .id(UUID.randomUUID().toString()) + .issuer(issuer) + .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) + .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH) + .spCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) + .spType("public") + .requestedAttributes(ImmutableAttributeMap.builder() + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first()).build()); + + proxyService.setiLightRequest(authnReqBuilder.build()); + + + // set default mandate configuration + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "false"); + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, + StringUtils.join(Arrays.asList( + RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ",")); + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL, + StringUtils.join(Arrays.asList( + RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ",")); + + // set specific mandate configuration + String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase(); + addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_UNIQUEID, issuer); + addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_COUNTRYCODE, spCountryCode); + addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_ENABLED, "true"); + + List<String> mandateProfiles = + Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)); + addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_NATURAL, + StringUtils.join(mandateProfiles, ",")); + addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_LEGAL, + StringUtils.join(Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ",")); + + //execute + controller.receiveEidasAuthnRequest(httpReq, httpResp); + + //validate state + ServiceProviderConfiguration spConfig = + authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class); + assertNotNull("mandateprofiles", spConfig.getMandateProfiles()); + assertFalse("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty()); + assertEquals("mandateprofile size", mandateProfiles.size(), spConfig.getMandateProfiles().size()); + spConfig.getMandateProfiles().stream() + .forEach(el -> assertTrue("missing mandateProfile: " + el, mandateProfiles.contains(el))); + assertEquals("MandateMode", SpMandateModes.NATURAL, spConfig.getMandateMode()); + + } + + @Test + public void validAuthnRequestIssueSpecificMandatesJur() throws IOException, EaafException { + //initialize state + httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10)); + + String issuer = RandomStringUtils.randomAlphabetic(10); + LightRequest.Builder authnReqBuilder = LightRequest.builder() + .id(UUID.randomUUID().toString()) + .issuer(issuer) + .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) + .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH) + .spCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) + .spType("public") + .requestedAttributes(ImmutableAttributeMap.builder() + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()).build()); + + proxyService.setiLightRequest(authnReqBuilder.build()); + + + // set default mandate configuration + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true"); + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, + StringUtils.join(Arrays.asList( + RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ",")); + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL, + StringUtils.join(Arrays.asList( + RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ",")); + + // set specific mandate configuration + String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase(); + addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_UNIQUEID, issuer); + addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_COUNTRYCODE, spCountryCode); + addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_ENABLED, "true"); + + List<String> mandateProfiles = + Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)); + addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_LEGAL, + StringUtils.join(mandateProfiles, ",")); + addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_NATURAL, + StringUtils.join(Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ",")); + + //execute + controller.receiveEidasAuthnRequest(httpReq, httpResp); + + //validate state + ServiceProviderConfiguration spConfig = + authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class); + assertNotNull("mandateprofiles", spConfig.getMandateProfiles()); + assertFalse("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty()); + assertEquals("mandateprofile size", mandateProfiles.size(), spConfig.getMandateProfiles().size()); + spConfig.getMandateProfiles().stream() + .forEach(el -> assertTrue("missing mandateProfile: " + el, mandateProfiles.contains(el))); + assertEquals("MandateMode", SpMandateModes.LEGAL_FORCE, spConfig.getMandateMode()); + + } + + @Test + public void validAuthnRequestWithMandatesProfilesBoth() throws IOException, EaafException { + //initialize state + httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10)); + String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase(); + String issuer = RandomStringUtils.randomAlphabetic(10); + LightRequest.Builder authnReqBuilder = LightRequest.builder() + .id(UUID.randomUUID().toString()) + .issuer(issuer) + .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) + .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH) + .spCountryCode(spCountryCode) + .spType("public") + .requestedAttributes(ImmutableAttributeMap.builder() + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()) + .build()); + + + // set default mandate configuration + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true"); + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, + StringUtils.join(Arrays.asList( + RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ",")); + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL, + StringUtils.join(Arrays.asList( + RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ",")); + + + // add custom SP config to allow both MDS in single request + addConnectorConfig(25, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_UNIQUEID, issuer); + addConnectorConfig(25, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_COUNTRYCODE, spCountryCode); + addConnectorConfig(25, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_ENABLED, "true"); + + List<String> mandateProfilesNat = + Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)); + List<String> mandateProfilesJur = + Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)); + addConnectorConfig(25, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_LEGAL, + StringUtils.join(mandateProfilesJur, ",")); + addConnectorConfig(25, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_NATURAL, + StringUtils.join(mandateProfilesNat, ",")); + addConnectorConfig(25, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_VALIDATION_ATTR_MDS, "false"); + + proxyService.setiLightRequest(authnReqBuilder.build()); + + + //execute + controller.receiveEidasAuthnRequest(httpReq, httpResp); + + //validate state + ServiceProviderConfiguration spConfig = + authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class); + assertNotNull("mandateprofiles", spConfig.getMandateProfiles()); + assertFalse("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty()); + assertEquals("mandateprofile size", mandateProfilesNat.size() + mandateProfilesJur.size(), spConfig.getMandateProfiles().size()); + spConfig.getMandateProfiles().stream() + .forEach(el -> assertTrue("missing mandateProfile: " + el, + mandateProfilesNat.contains(el) || mandateProfilesJur.contains(el))); + assertEquals("MandateMode", SpMandateModes.BOTH, spConfig.getMandateMode()); + + assertEquals("requested IDA attributes", 10, spConfig.getRequestedAttributes().size()); + + } + + + @Test + public void validAuthnRequestWithBorisAttributeLegal() throws IOException, EaafException { + //initialize state + httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10)); + String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase(); + String issuer = RandomStringUtils.randomAlphabetic(10); + LightRequest.Builder authnReqBuilder = LightRequest.builder() + .id(UUID.randomUUID().toString()) + .issuer(issuer) + .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) + .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH) + .spCountryCode(spCountryCode) + .spType("public") + .requestedAttributes(ImmutableAttributeMap.builder() + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + EidasConstants.eIDAS_ATTR_LEGALNAME).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + "eJusticeLegalPersonRole").first()) + .build()); + + proxyService.setiLightRequest(authnReqBuilder.build()); + + + // set default mandate configuration + List<String> mandateProfilesNat = + Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)); + List<String> mandateProfilesJur = + Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)); + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true"); + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, + StringUtils.join(mandateProfilesNat, ",")); + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL, + StringUtils.join(mandateProfilesJur, ",")); + + + //execute + controller.receiveEidasAuthnRequest(httpReq, httpResp); + + //validate state + ServiceProviderConfiguration spConfig = + authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class); + assertNotNull("mandateprofiles", spConfig.getMandateProfiles()); + assertFalse("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty()); + assertEquals("mandateprofile size", 1, spConfig.getMandateProfiles().size()); + assertEquals("mandateprofile", "MUST_BE_UPDATED", spConfig.getMandateProfiles().get(0)); + assertEquals("MandateMode", SpMandateModes.LEGAL, spConfig.getMandateMode()); + + assertEquals("requested IDA attributes", 11, spConfig.getRequestedAttributes().size()); + + } + + @Test + public void validAuthnRequestWithBorisAttributeNat() throws IOException, EaafException { + //initialize state + httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10)); + String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase(); + String issuer = RandomStringUtils.randomAlphabetic(10); + LightRequest.Builder authnReqBuilder = LightRequest.builder() + .id(UUID.randomUUID().toString()) + .issuer(issuer) + .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) + .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH) + .spCountryCode(spCountryCode) + .spType("public") + .requestedAttributes(ImmutableAttributeMap.builder() + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + "eJusticeNaturalPersonRole").first()) + .build()); + + proxyService.setiLightRequest(authnReqBuilder.build()); + + + // set default mandate configuration + List<String> mandateProfilesNat = + Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)); + List<String> mandateProfilesJur = + Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)); + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true"); + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, + StringUtils.join(mandateProfilesNat, ",")); + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL, + StringUtils.join(mandateProfilesJur, ",")); + + + //execute + controller.receiveEidasAuthnRequest(httpReq, httpResp); + + //validate state + ServiceProviderConfiguration spConfig = + authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class); + assertNotNull("mandateprofiles", spConfig.getMandateProfiles()); + assertFalse("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty()); + assertEquals("mandateprofile size", 1, spConfig.getMandateProfiles().size()); + assertEquals("mandateprofile", "MUST_BE_UPDATED", spConfig.getMandateProfiles().get(0)); + assertEquals("MandateMode", SpMandateModes.LEGAL, spConfig.getMandateMode()); + + assertEquals("requested IDA attributes", 7, spConfig.getRequestedAttributes().size()); + assertTrue("missing additional attribute", spConfig.getRequestedAttributes().stream() + .filter(el -> el.equals("testAttribute")) + .findFirst() + .isPresent()); + + } + + + private void addConnectorConfig(int i, String key, String value) { + config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_PREFIX + String.valueOf(i) + "." + key, + value); + + } + +} + + diff --git a/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/ProxyServiceAuthenticationActionTest.java b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/ProxyServiceAuthenticationActionTest.java new file mode 100644 index 00000000..d9bc017c --- /dev/null +++ b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/ProxyServiceAuthenticationActionTest.java @@ -0,0 +1,982 @@ +package at.asitplus.eidas.specific.modules.msproxyservice.test.protocol; + +import static at.asitplus.eidas.specific.core.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertNull; +import static org.junit.Assert.assertThrows; +import static org.junit.Assert.assertTrue; + +import java.net.URISyntaxException; +import java.net.URLDecoder; +import java.time.Instant; +import java.util.Arrays; +import java.util.HashMap; +import java.util.Map; +import java.util.UUID; + +import org.apache.commons.lang3.RandomStringUtils; +import org.joda.time.DateTime; +import org.junit.Assert; +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.opensaml.saml.saml2.core.NameIDType; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.ApplicationContext; +import org.springframework.mock.web.MockHttpServletRequest; +import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; + +import com.google.common.collect.ImmutableSortedSet; + +import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap; +import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummySpConfiguration; +import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants; +import at.asitplus.eidas.specific.modules.core.eidas.service.EidasAttributeRegistry; +import at.asitplus.eidas.specific.modules.msproxyservice.protocol.ProxyServiceAuthenticationAction; +import at.asitplus.eidas.specific.modules.msproxyservice.protocol.ProxyServicePendingRequest; +import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; +import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions.EidIdentityStatusLevelValues; +import at.gv.egiz.eaaf.core.api.idp.IAuthData; +import at.gv.egiz.eaaf.core.api.idp.IEidAuthData; +import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink; +import at.gv.egiz.eaaf.core.api.idp.slo.SloInformationInterface; +import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; +import eu.eidas.auth.commons.attribute.AttributeDefinition; +import eu.eidas.auth.commons.attribute.ImmutableAttributeMap; +import eu.eidas.auth.commons.light.ILightResponse; +import eu.eidas.auth.commons.light.impl.LightRequest; +import eu.eidas.auth.commons.light.impl.LightRequest.Builder; +import eu.eidas.specificcommunication.SpecificCommunicationDefinitionBeanNames; +import eu.eidas.specificcommunication.exception.SpecificCommunicationException; +import eu.eidas.specificcommunication.protocol.SpecificCommunicationService; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration(locations = { + "/spring/SpringTest-context_basic_test.xml", + "/spring/SpringTest-context_basic_mapConfig.xml", + }) +public class ProxyServiceAuthenticationActionTest { + + @Autowired private MsConnectorDummyConfigMap basicConfig; + @Autowired private ProxyServiceAuthenticationAction action; + @Autowired private ApplicationContext context; + @Autowired EidasAttributeRegistry attrRegistry; + + private MockHttpServletRequest httpReq; + private MockHttpServletResponse httpResp; + private ProxyServicePendingRequest pendingReq; + private MsConnectorDummySpConfiguration oaParam; + private SpecificCommunicationService springManagedSpecificConnectorCommunicationService; + + + /** + * jUnit test set-up. + * @throws EaafException In case of an error + */ + @Before + public void setUp() throws URISyntaxException, EaafException { + httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler"); + httpResp = new MockHttpServletResponse(); + RequestContextHolder.resetRequestAttributes(); + RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); + + basicConfig.putConfigValue("eidas.ms.auth.eIDAS.node_v2.proxy.forward.endpoint", + "http://eidas.proxy/endpoint"); + basicConfig.putConfigValue("auth.eIDAS.proxy.workaround.mandates.legalperson", + "false"); + + final Map<String, String> spConfig = new HashMap<>(); + spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp"); + spConfig.put("target", "urn:publicid:gv.at:cdid+XX"); + spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "true"); + oaParam = new MsConnectorDummySpConfiguration(spConfig, basicConfig); + oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH)); + + pendingReq = new ProxyServicePendingRequest(); + pendingReq.initialize(httpReq, basicConfig); + pendingReq.setOnlineApplicationConfiguration(oaParam); + + LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest(); + pendingReq.setEidasRequest(eidasRequestBuilder.build()); + + + springManagedSpecificConnectorCommunicationService = + (SpecificCommunicationService) context.getBean( + SpecificCommunicationDefinitionBeanNames.SPECIFIC_PROXYSERVICE_COMMUNICATION_SERVICE + .toString()); + + } + + @Test + public void wrongPendingRequestType() { + IAuthData authData = generateDummyAuthData(); + TestRequestImpl internalPendingReq = new TestRequestImpl(); + + EaafException exception = assertThrows(EaafException.class, + () -> action.processRequest(internalPendingReq, httpReq, httpResp, authData)); + Assert.assertEquals("wrong errorCode", "eidas.proxyservice.99", exception.getErrorId()); + + } + + @Test + public void missingForwardUrl() { + Map<String, Object> attr = new HashMap<>(); + attr.put(PvpAttributeDefinitions.BPK_NAME, + "AT+XX:" + RandomStringUtils.randomAlphanumeric(10)); + IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, + RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", false); + basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.proxy.forward.endpoint"); + + EaafException exception = assertThrows(EaafException.class, + () -> action.processRequest(pendingReq, httpReq, httpResp, authData)); + Assert.assertEquals("wrong errorCode", "config.08", exception.getErrorId()); + + } + + @Test + public void responseWithoutMandate() throws EaafException, SpecificCommunicationException { + Map<String, Object> attr = new HashMap<>(); + attr.put(PvpAttributeDefinitions.BPK_NAME, RandomStringUtils.randomAlphanumeric(10)); + IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, + RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", false); + + //perform test + SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData); + + //validate state + Assert.assertNotNull("Result should be not null", result); + + ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData); + assertEquals("wrong attr. size", 4, respAttr.size()); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER, + (String) attr.get(PvpAttributeDefinitions.BPK_NAME)); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME, authData.getFamilyName()); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME, authData.getGivenName()); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_DATEOFBIRTH, + authData.getDateOfBirth()); + + } + + @Test + public void responseWithoutMandateAndOptionalAttributesExist() throws EaafException, SpecificCommunicationException { + LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest(); + eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder() + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_DATEOFBIRTH).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByName("http://eidas.europa.eu/attributes/naturalperson/BirthName")) + .build()); + pendingReq.setEidasRequest(eidasRequestBuilder.build()); + + + Map<String, Object> attr = new HashMap<>(); + attr.put(PvpAttributeDefinitions.BPK_NAME, + "AT+XX:" + RandomStringUtils.randomAlphanumeric(10)); + attr.put("ida_birthname", RandomStringUtils.randomAlphanumeric(10)); + + IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, + RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", false); + + //perform test + SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData); + + //validate state + Assert.assertNotNull("Result should be not null", result); + + ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData); + assertEquals("wrong attr. size", 5, respAttr.size()); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER, + (String) attr.get(PvpAttributeDefinitions.BPK_NAME)); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME, authData.getFamilyName()); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME, authData.getGivenName()); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_DATEOFBIRTH, + authData.getDateOfBirth()); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_BIRTHNAME, + (String) attr.get("ida_birthname")); + + } + + @Test + public void responseWithoutMandateAndOptionalAttributesNotExist() throws EaafException, SpecificCommunicationException { + LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest(); + eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder() + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_DATEOFBIRTH).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByName("http://eidas.europa.eu/attributes/naturalperson/BirthName")) + .build()); + pendingReq.setEidasRequest(eidasRequestBuilder.build()); + + + Map<String, Object> attr = new HashMap<>(); + attr.put(PvpAttributeDefinitions.BPK_NAME, + "AT+XX:" + RandomStringUtils.randomAlphanumeric(10)); + + IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, + RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", false); + + //perform test + SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData); + + //validate state + Assert.assertNotNull("Result should be not null", result); + + ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData); + assertEquals("wrong attr. size", 4, respAttr.size()); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER, + (String) attr.get(PvpAttributeDefinitions.BPK_NAME)); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME, authData.getFamilyName()); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME, authData.getGivenName()); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_DATEOFBIRTH, + authData.getDateOfBirth()); + + } + + + @Test + public void responseWithNatMandate() throws EaafException, SpecificCommunicationException { + Map<String, Object> attr = new HashMap<>(); + attr.put(PvpAttributeDefinitions.BPK_NAME, + "AT+XX:" + RandomStringUtils.randomAlphanumeric(10)); + attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME, + RandomStringUtils.randomAlphabetic(10)); + attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME, + RandomStringUtils.randomAlphabetic(10)); + attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME, + RandomStringUtils.randomAlphabetic(10)); + attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME, + "1985-11-15"); + + + IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, + RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true); + + //perform test + SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData); + + //validate state + Assert.assertNotNull("Result should be not null", result); + + ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData); + assertEquals("wrong attr. size", 8, respAttr.size()); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_PERSONALIDENTIFIER, + (String) attr.get(PvpAttributeDefinitions.BPK_NAME)); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_CURRENTFAMILYNAME, authData.getFamilyName()); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_CURRENTGIVENNAME, authData.getGivenName()); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_DATEOFBIRTH, authData.getDateOfBirth()); + + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER, + (String) attr.get(PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME)); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME, + (String) attr.get(PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME)); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME, + (String) attr.get(PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME)); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_DATEOFBIRTH, + (String) attr.get(PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME)); + + } + + @Test + public void responseWithNatMandateOptionalAttribute() throws EaafException, SpecificCommunicationException { + LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest(); + eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder() + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_DATEOFBIRTH).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByName("http://eidas.europa.eu/attributes/naturalperson/BirthName")) + .build()); + pendingReq.setEidasRequest(eidasRequestBuilder.build()); + + Map<String, Object> attr = new HashMap<>(); + attr.put(PvpAttributeDefinitions.BPK_NAME, + "AT+XX:" + RandomStringUtils.randomAlphanumeric(10)); + attr.put("ida_birthName_mandator", RandomStringUtils.randomAlphanumeric(10)); + attr.put("ida_birthName", RandomStringUtils.randomAlphanumeric(10)); + + attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME, + RandomStringUtils.randomAlphabetic(10)); + attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME, + RandomStringUtils.randomAlphabetic(10)); + attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME, + RandomStringUtils.randomAlphabetic(10)); + attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME, + "1985-11-15"); + + + IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, + RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true); + + //perform test + SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData); + + //validate state + Assert.assertNotNull("Result should be not null", result); + + ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData); + assertEquals("wrong attr. size", 9, respAttr.size()); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_PERSONALIDENTIFIER, + (String) attr.get(PvpAttributeDefinitions.BPK_NAME)); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_CURRENTFAMILYNAME, authData.getFamilyName()); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_CURRENTGIVENNAME, authData.getGivenName()); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_DATEOFBIRTH, authData.getDateOfBirth()); + + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER, + (String) attr.get(PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME)); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME, + (String) attr.get(PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME)); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME, + (String) attr.get(PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME)); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_DATEOFBIRTH, + (String) attr.get(PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME)); + + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_BIRTHNAME, + (String) attr.get("ida_birthName_mandator")); + + } + + @Test + public void responseWithJurMandate() throws EaafException, SpecificCommunicationException { + Map<String, Object> attr = new HashMap<>(); + attr.put(PvpAttributeDefinitions.BPK_NAME, + "AT+XX:" + RandomStringUtils.randomAlphanumeric(10)); + IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, + RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true); + + attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME, + RandomStringUtils.randomAlphabetic(10)); + attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME, + RandomStringUtils.randomAlphabetic(10)); + + LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest(); + eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder() + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALNAME).first()) + .build()); + pendingReq.setEidasRequest(eidasRequestBuilder.build()); + + + //perform test + SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData); + + //validate state + Assert.assertNotNull("Result should be not null", result); + + ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData); + assertEquals("wrong attr. size", 6, respAttr.size()); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_PERSONALIDENTIFIER, + (String) attr.get(PvpAttributeDefinitions.BPK_NAME)); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_CURRENTFAMILYNAME, authData.getFamilyName()); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_CURRENTGIVENNAME, authData.getGivenName()); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_DATEOFBIRTH, authData.getDateOfBirth()); + + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER, + (String) attr.get(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME)); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_LEGALNAME, + (String) attr.get(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME)); + + assertNull("find nat. person subject: personalId", + getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER)); + assertNull("find nat. person subject: familyName", + getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME)); + assertNull("find nat. person subject: givenName", + getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME)); + assertNull("find nat. person subject: dateOfBirth", + getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_DATEOFBIRTH)); + + } + + @Test + public void borisModeResponseWithJurMandate() throws EaafException, SpecificCommunicationException { + Map<String, Object> attr = new HashMap<>(); + attr.put(PvpAttributeDefinitions.BPK_NAME, + "AT+XX:" + RandomStringUtils.randomAlphanumeric(10)); + IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, + RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true); + + attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME, + RandomStringUtils.randomAlphabetic(10)); + attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME, + RandomStringUtils.randomAlphabetic(10)); + attr.put(PvpAttributeDefinitions.MANDATE_TYPE_NAME, + "MUST_BE_UPDATED"); + + LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest(); + eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder() + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALNAME).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeLegalPersonRole").first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeNaturalPersonRole").first()) + .build()); + pendingReq.setEidasRequest(eidasRequestBuilder.build()); + + + //perform test + SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData); + + //validate state + Assert.assertNotNull("Result should be not null", result); + + ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData); + assertEquals("wrong attr. size", 8, respAttr.size()); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_PERSONALIDENTIFIER, + (String) attr.get(PvpAttributeDefinitions.BPK_NAME)); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_CURRENTFAMILYNAME, authData.getFamilyName()); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_CURRENTGIVENNAME, authData.getGivenName()); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_DATEOFBIRTH, authData.getDateOfBirth()); + + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER, + (String) attr.get(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME)); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_LEGALNAME, + (String) attr.get(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME)); + + checkAttrValue(respAttr, "eJusticeLegalPersonRole", "VIP1"); + checkAttrValue(respAttr, "eJusticeNaturalPersonRole", "VIP1"); + + assertNull("find nat. person subject: personalId", + getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER)); + assertNull("find nat. person subject: familyName", + getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME)); + assertNull("find nat. person subject: givenName", + getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME)); + assertNull("find nat. person subject: dateOfBirth", + getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_DATEOFBIRTH)); + + } + + @Test + public void borisModeResponseWithJurMandate2() throws EaafException, SpecificCommunicationException { + Map<String, Object> attr = new HashMap<>(); + attr.put(PvpAttributeDefinitions.BPK_NAME, + "AT+XX:" + RandomStringUtils.randomAlphanumeric(10)); + IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, + RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true); + + attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME, + RandomStringUtils.randomAlphabetic(10)); + attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME, + RandomStringUtils.randomAlphabetic(10)); + attr.put(PvpAttributeDefinitions.MANDATE_TYPE_NAME, + "SECOND"); + + LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest(); + eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder() + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALNAME).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeLegalPersonRole").first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeNaturalPersonRole").first()) + .build()); + pendingReq.setEidasRequest(eidasRequestBuilder.build()); + + + //perform test + SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData); + + //validate state + Assert.assertNotNull("Result should be not null", result); + + ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData); + assertEquals("wrong attr. size", 8, respAttr.size()); + + checkAttrValue(respAttr, "eJusticeLegalPersonRole", "VIP2"); + checkAttrValue(respAttr, "eJusticeNaturalPersonRole", "VIP2"); + + + } + + @Test + public void borisModeNoMandateType() throws EaafException, SpecificCommunicationException { + Map<String, Object> attr = new HashMap<>(); + attr.put(PvpAttributeDefinitions.BPK_NAME, + "AT+XX:" + RandomStringUtils.randomAlphanumeric(10)); + IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, + RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true); + + attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME, + RandomStringUtils.randomAlphabetic(10)); + attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME, + RandomStringUtils.randomAlphabetic(10)); + + LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest(); + eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder() + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALNAME).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeLegalPersonRole").first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeNaturalPersonRole").first()) + .build()); + pendingReq.setEidasRequest(eidasRequestBuilder.build()); + + + //perform test + SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData); + + //validate state + Assert.assertNotNull("Result should be not null", result); + + ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData); + assertEquals("wrong attr. size", 6, respAttr.size()); + + } + + @Test + public void borisModeEmptyMandateType() throws EaafException, SpecificCommunicationException { + Map<String, Object> attr = new HashMap<>(); + attr.put(PvpAttributeDefinitions.BPK_NAME, + "AT+XX:" + RandomStringUtils.randomAlphanumeric(10)); + IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, + RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true); + + attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME, + RandomStringUtils.randomAlphabetic(10)); + attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME, + RandomStringUtils.randomAlphabetic(10)); + attr.put(PvpAttributeDefinitions.MANDATE_TYPE_NAME, ""); + + LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest(); + eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder() + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALNAME).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeLegalPersonRole").first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeNaturalPersonRole").first()) + .build()); + pendingReq.setEidasRequest(eidasRequestBuilder.build()); + + + //perform test + SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData); + + //validate state + Assert.assertNotNull("Result should be not null", result); + + ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData); + assertEquals("wrong attr. size", 6, respAttr.size()); + + } + + @Test + public void borisModeUnknownMandateType() throws EaafException, SpecificCommunicationException { + Map<String, Object> attr = new HashMap<>(); + attr.put(PvpAttributeDefinitions.BPK_NAME, + "AT+XX:" + RandomStringUtils.randomAlphanumeric(10)); + IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, + RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true); + + attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME, + RandomStringUtils.randomAlphabetic(10)); + attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME, + RandomStringUtils.randomAlphabetic(10)); + attr.put(PvpAttributeDefinitions.MANDATE_TYPE_NAME, RandomStringUtils.randomAlphanumeric(10)); + + LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest(); + eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder() + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALNAME).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeLegalPersonRole").first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeNaturalPersonRole").first()) + .build()); + pendingReq.setEidasRequest(eidasRequestBuilder.build()); + + + //perform test + SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData); + + //validate state + Assert.assertNotNull("Result should be not null", result); + + ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData); + assertEquals("wrong attr. size", 6, respAttr.size()); + + } + + @Test + public void responseWithNatMandateWithWorkAround() throws EaafException, SpecificCommunicationException { + basicConfig.putConfigValue("auth.eIDAS.proxy.workaround.mandates.legalperson", + "true"); + + Map<String, Object> attr = new HashMap<>(); + attr.put(PvpAttributeDefinitions.BPK_NAME, + "AT+XX:" + RandomStringUtils.randomAlphanumeric(10)); + + attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME, + RandomStringUtils.randomAlphabetic(10)); + attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME, + RandomStringUtils.randomAlphabetic(10)); + attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME, + RandomStringUtils.randomAlphabetic(10)); + attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME, + "1985-11-15"); + + + IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, + RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true); + + //perform test + SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData); + + //validate state + Assert.assertNotNull("Result should be not null", result); + + ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData); + assertEquals("wrong attr. size", 8, respAttr.size()); + + } + + @Test + public void responseWithJurMandateWithWorkAround() throws EaafException, SpecificCommunicationException { + basicConfig.putConfigValue("auth.eIDAS.proxy.workaround.mandates.legalperson", + "true"); + + //request natural person subject only + LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest(); + eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder() + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALNAME).first()) + .build()); + pendingReq.setEidasRequest(eidasRequestBuilder.build()); + + Map<String, Object> attr = new HashMap<>(); + attr.put(PvpAttributeDefinitions.BPK_NAME, + "AT+XX:" + RandomStringUtils.randomAlphanumeric(10)); + IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, + RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true); + + attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME, + RandomStringUtils.randomAlphabetic(10)); + attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME, + RandomStringUtils.randomAlphabetic(10)); + + //perform test + SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData); + + //validate state + Assert.assertNotNull("Result should be not null", result); + + ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData); + assertEquals("wrong attr. size", 10, respAttr.size()); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER, + (String) attr.get(PvpAttributeDefinitions.BPK_NAME)); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME, authData.getFamilyName()); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME, authData.getGivenName()); + checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_DATEOFBIRTH, authData.getDateOfBirth()); + + } + + @Test + public void responseWithJurMandateWithWorkAroundNoNatSubject() throws EaafException, SpecificCommunicationException { + basicConfig.putConfigValue("auth.eIDAS.proxy.workaround.mandates.legalperson", + "true"); + + //request natural person subject only + LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest(); + eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder() + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALNAME).first()) + .build()); + pendingReq.setEidasRequest(eidasRequestBuilder.build()); + + Map<String, Object> attr = new HashMap<>(); + attr.put(PvpAttributeDefinitions.BPK_NAME, + "AT+XX:" + RandomStringUtils.randomAlphanumeric(10)); + IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH, + RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true); + + attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME, + RandomStringUtils.randomAlphabetic(10)); + attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME, + RandomStringUtils.randomAlphabetic(10)); + + //perform test + SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData); + + //validate state + Assert.assertNotNull("Result should be not null", result); + + ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData); + assertEquals("wrong attr. size", 6, respAttr.size()); + assertNull("find nat. person subject: personalId", + getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER)); + assertNull("find nat. person subject: familyName", + getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME)); + assertNull("find nat. person subject: givenName", + getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME)); + assertNull("find nat. person subject: dateOfBirth", + getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_DATEOFBIRTH)); + + } + + @Test + public void checkBasicConstrainsInAction() { + + Assert.assertTrue("Wrong NeedAuthentication", action.needAuthentication(pendingReq, httpReq, httpResp)); + Assert.assertNotNull("Missing ActionName", action.getDefaultActionName()); + + Assert.assertNotNull("missing ActionBean", context.getBean(ProxyServiceAuthenticationAction.class)); + + } + + private IAuthData generateDummyAuthData() { + return generateDummyAuthData(new HashMap<>(), EaafConstants.EIDAS_LOA_LOW, + RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1940-01-01", false); + + } + + private Object getAttrValue(ImmutableAttributeMap respAttr, String attrName) { + final AttributeDefinition<?> attrDef = + attrRegistry.getCoreAttributeRegistry().getByFriendlyName(attrName).first(); + return respAttr.getFirstValue(attrDef); + + } + + private void checkAttrValue(ImmutableAttributeMap respAttr, String attrName, String expected) { + Object value = getAttrValue(respAttr, attrName); + assertNotNull("not attr value: " + attrName, value); + + if (value instanceof String) { + assertEquals("wrong attr. value: " + attrName, expected, value); + + } else if ( value instanceof DateTime) { + assertEquals("wrong attr. value: " + attrName, expected, ((DateTime)value).toString("yyyy-MM-dd")); + + } + } + + private ImmutableAttributeMap validateBasicEidasResponse(IAuthData authData) throws SpecificCommunicationException { + assertNotNull("not redirct Header", httpResp.getHeader("Location")); + assertTrue("wrong redirect URL", httpResp.getHeader("Location").startsWith("http://eidas.proxy/endpoint?token=")); + String token = httpResp.getHeader("Location").substring("http://eidas.proxy/endpoint?token=".length()); + + ILightResponse resp = springManagedSpecificConnectorCommunicationService.getAndRemoveResponse(URLDecoder.decode(token), + ImmutableSortedSet.copyOf(attrRegistry.getCoreAttributeRegistry().getAttributes())); + + assertNotNull("responseId", resp.getId()); + assertEquals("inResponseTo", pendingReq.getEidasRequest().getId(), resp.getInResponseToId()); + assertEquals("relayState", pendingReq.getEidasRequest().getRelayState(), resp.getRelayState()); + assertEquals("LoA", authData.getEidasQaaLevel(), resp.getLevelOfAssurance()); + + assertNotNull("subjectNameId", resp.getSubject()); + assertEquals("subjectNameIdFormat", NameIDType.TRANSIENT, resp.getSubjectNameIdFormat()); + + assertFalse("not attributes", resp.getAttributes().isEmpty()); + return resp.getAttributes(); + + } + + private Builder generateBasicLightRequest() { + return LightRequest.builder() + .id(UUID.randomUUID().toString()) + .issuer(RandomStringUtils.randomAlphabetic(10)) + .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) + .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH) + .spCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase()) + .spType("public") + .requesterId(RandomStringUtils.randomAlphanumeric(10)) + .providerName(RandomStringUtils.randomAlphanumeric(10)) + .requestedAttributes(ImmutableAttributeMap.builder() + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME).first()) + .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_DATEOFBIRTH).first()) + .build() + ); + } + + private IAuthData generateDummyAuthData(Map<String, Object> attrs, String loa, String familyName, String givenName, String dateOfBirth, + boolean useMandates) { + attrs.put(PvpAttributeDefinitions.BIRTHDATE_NAME, dateOfBirth); + attrs.put(PvpAttributeDefinitions.GIVEN_NAME_NAME, givenName); + attrs.put(PvpAttributeDefinitions.PRINCIPAL_NAME_NAME, familyName); + + return new IEidAuthData() { + + @Override + public boolean isSsoSession() { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean isForeigner() { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean isBaseIdTransferRestrication() { + // TODO Auto-generated method stub + return false; + } + + @Override + public Instant getSsoSessionValidTo() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getSessionIndex() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getNameIdFormat() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getNameID() { + // TODO Auto-generated method stub + return null; + } + + @Override + public IIdentityLink getIdentityLink() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getIdentificationValue() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getIdentificationType() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getGivenName() { + return givenName; + } + + @Override + public <T> T getGenericData(String key, Class<T> clazz) { + if (attrs.containsKey(key)) { + return (T) attrs.get(key); + + } else { + return null; + } + + } + + @Override + public String getDateOfBirth() { + return dateOfBirth; + } + + @Override + public String getFamilyName() { + return familyName; + } + + @Override + public String getEncryptedSourceIdType() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getEncryptedSourceId() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getEidasQaaLevel() { + return loa; + + } + + + @Override + public String getCiticenCountryCode() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getBpkType() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getBpk() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getAuthenticationIssuer() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getAuthenticationIssueInstantString() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Instant getAuthenticationIssueInstant() { + // TODO Auto-generated method stub + return null; + } + + @Override + public byte[] getSignerCertificate() { + // TODO Auto-generated method stub + return null; + } + + @Override + public byte[] getEidToken() { + // TODO Auto-generated method stub + return null; + } + + @Override + public EidIdentityStatusLevelValues getEidStatus() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getVdaEndPointUrl() { + // TODO Auto-generated method stub + return null; + } + + @Override + public boolean isUseMandate() { + return useMandates; + + } + + @Override + public String getDateOfBirthFormated(String pattern) { + // TODO Auto-generated method stub + return null; + } + }; + + } +} diff --git a/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/services/ProxyEidasAttributeRegistryTest.java b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/services/ProxyEidasAttributeRegistryTest.java new file mode 100644 index 00000000..b6b8a8df --- /dev/null +++ b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/services/ProxyEidasAttributeRegistryTest.java @@ -0,0 +1,162 @@ +package at.asitplus.eidas.specific.modules.msproxyservice.test.services; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; + +import java.util.Arrays; +import java.util.Collections; +import java.util.List; +import java.util.Optional; +import java.util.Set; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.web.servlet.config.annotation.EnableWebMvc; + +import at.asitplus.eidas.specific.modules.msproxyservice.service.ProxyEidasAttributeRegistry; +import lombok.NonNull; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration(locations = { + "/spring/SpringTest-context_basic_test.xml", + "/spring/SpringTest-context_basic_mapConfig.xml", + }) +@EnableWebMvc +public class ProxyEidasAttributeRegistryTest { + + @Autowired ProxyEidasAttributeRegistry attrRegistry; + + @Test + public void checkDefaultAttributes() { + assertEquals("default attributes without mandates", 2, + attrRegistry.getAlwaysRequestedAttributes(false).count()); + assertEquals("default attributes with mandates", 4, + attrRegistry.getAlwaysRequestedAttributes(true).count()); + + } + + @Test + public void eidasAttributeMapping() { + checkAttributeMapping("http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", false, + Arrays.asList("urn:oid:1.2.40.0.10.2.1.1.149")); + checkAttributeMapping("http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", true, + Arrays.asList("urn:oid:1.2.40.0.10.2.1.1.149", "urn:oid:1.2.40.0.10.2.1.1.261.98")); + + } + + @Test + public void eidasAttributeMappingMandateOnly() { + checkAttributeMapping("http://eidas.europa.eu/attributes/legalperson/LegalPersonIdentifier", false, + Arrays.asList( + "urn:oid:1.2.40.0.10.2.1.1.149", + "urn:oid:2.5.4.42", + "urn:oid:1.2.40.0.10.2.1.1.261.20", + "urn:oid:1.2.40.0.10.2.1.1.55")); + checkAttributeMapping("http://eidas.europa.eu/attributes/legalperson/LegalPersonIdentifier", true, + Arrays.asList( + "urn:oid:1.2.40.0.10.2.1.1.261.100", + "urn:oid:1.2.40.0.10.2.1.1.149", + "urn:oid:2.5.4.42", + "urn:oid:1.2.40.0.10.2.1.1.261.20", + "urn:oid:1.2.40.0.10.2.1.1.55")); + + } + + @Test + public void eidasAttributeMappingWithNoIdaAttribute() { + checkAttributeMapping("http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth", false, + Collections.emptyList()); + checkAttributeMapping("http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth", true, + Collections.emptyList()); + + } + + @Test + public void unknownEidasAttribute() { + checkAttributeMapping("http://eidas.europa.eu/attributes/jUnit/not/exits", false, + Collections.emptyList()); + checkAttributeMapping("http://eidas.europa.eu/attributes/jUnit/not/exits", true, + Collections.emptyList()); + + } + + @Test + public void unknownEidasAttribute2() { + checkAttributeMapping(RandomStringUtils.randomAlphabetic(10), false, + Collections.emptyList()); + checkAttributeMapping(RandomStringUtils.randomAlphabetic(10), true, + Collections.emptyList()); + + } + + @Test + public void attributeResponseMapping() { + assertFalse("find wrong IDA mapping", attrRegistry.mapEidasAttributeToSpecificIdaAttribute( + "http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth", false).isPresent()); + assertFalse("find wrong IDA mapping", attrRegistry.mapEidasAttributeToSpecificIdaAttribute( + "http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth", true).isPresent()); + + + Optional<String> attr1 = attrRegistry.mapEidasAttributeToSpecificIdaAttribute( + "http://eidas.europa.eu/attributes/naturalperson/BirthName", false); + assertTrue("find wrong IDA mapping", attr1.isPresent()); + assertEquals("find wrong IDA mapping value", "ida_birthname", attr1.get()); + + Optional<String> attr2 = attrRegistry.mapEidasAttributeToSpecificIdaAttribute( + "http://eidas.europa.eu/attributes/naturalperson/BirthName", true); + assertTrue("find wrong IDA mapping", attr2.isPresent()); + assertEquals("find wrong IDA mapping value", "ida_birthName_mandator", attr2.get()); + + + assertTrue("find wrong IDA mapping", attrRegistry.mapEidasAttributeToSpecificIdaAttribute( + "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", false).isPresent()); + assertTrue("find wrong IDA mapping", attrRegistry.mapEidasAttributeToSpecificIdaAttribute( + "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", true).isPresent()); + + } + + @Test + public void defaultRepresentativeAttributes() { + assertEquals("wrong number of rep. attributes", 4, + attrRegistry.getRepresentativeAttributesToAddByDefault().count()); + + } + + @Test + public void specificAttributeHandler() { + assertFalse("find wrong attribute", + attrRegistry.mapEidasAttributeToAttributeHandler( + "http://eidas.europa.eu/attributes/jUnit/no/custom/handler").isPresent()); + + assertFalse("find wrong attribute", + attrRegistry.mapEidasAttributeToAttributeHandler( + "http://eidas.europa.eu/attributes/naturalperson/representative/DateOfBirth").isPresent()); + + assertFalse("find wrong attribute", + attrRegistry.mapEidasAttributeToAttributeHandler( + "http://e-justice.europa.eu/attributes/legalperson/eJusticePersonRoleNotExist").isPresent()); + + Optional<String> attr2 = attrRegistry.mapEidasAttributeToAttributeHandler( + "http://e-justice.europa.eu/attributes/naturalperson/eJusticeNaturalPersonRole"); + assertTrue("find wrong IDA mapping", attr2.isPresent()); + assertEquals("find wrong specific attribute-handler", + "at.asitplus.eidas.specific.modules.msproxyservice.handler.EJusticePersonRoleHandler", attr2.get()); + + } + + + private void checkAttributeMapping(String eidasAttr, boolean withMandates, List<String> idaAttributes) { + @NonNull + Set<String> idaAttrResult = attrRegistry.getIdaAttributesForEidasAttribute(eidasAttr, withMandates); + assertEquals("wrong number of IDA attributes", idaAttributes.size(), idaAttrResult.size()); + idaAttributes.forEach( + el -> assertTrue("missing: " + el, idaAttrResult.contains(el))); + + } + +} diff --git a/modules/eidas_proxy-sevice/src/test/resources/config/additional-attributes.xml b/modules/eidas_proxy-sevice/src/test/resources/config/additional-attributes.xml new file mode 100644 index 00000000..c7b40d90 --- /dev/null +++ b/modules/eidas_proxy-sevice/src/test/resources/config/additional-attributes.xml @@ -0,0 +1,68 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- +# Copyright (c) 2017 European Commission +# Licensed under the EUPL, Version 1.2 or – as soon they will be +# approved by the European Commission - subsequent versions of the +# EUPL (the "Licence"); +# You may not use this work except in compliance with the Licence. +# You may obtain a copy of the Licence at: +# * https://joinup.ec.europa.eu/page/eupl-text-11-12 +# * +# Unless required by applicable law or agreed to in writing, software +# distributed under the Licence is distributed on an "AS IS" basis, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the Licence for the specific language governing permissions and limitations under the Licence. + --> + +<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> +<properties> + <comment>Dynamic attributes</comment> + + <entry key="1.NameUri">http://eidas.europa.eu/attributes/naturalperson/AdditionalAttribute</entry> + <entry key="1.FriendlyName">AdditionalAttribute</entry> + <entry key="1.PersonType">NaturalPerson</entry> + <entry key="1.Required">false</entry> + <entry key="1.XmlType.NamespaceUri">http://www.w3.org/2001/XMLSchema</entry> + <entry key="1.XmlType.LocalPart">string</entry> + <entry key="1.XmlType.NamespacePrefix">xs</entry> + <entry key="1.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + + <entry key="2.NameUri">http://eidas.europa.eu/attributes/legalperson/LegalAdditionalAttribute</entry> + <entry key="2.FriendlyName">LegalAdditionalAttribute</entry> + <entry key="2.PersonType">LegalPerson</entry> + <entry key="2.Required">false</entry> + <entry key="2.XmlType.NamespaceUri">http://www.w3.org/2001/XMLSchema</entry> + <entry key="2.XmlType.LocalPart">string</entry> + <entry key="2.XmlType.NamespacePrefix">xs</entry> + <entry key="2.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + + <entry key="3.NameUri">http://e-justice.europa.eu/attributes/naturalperson/eJusticeNaturalPersonRole</entry> + <entry key="3.FriendlyName">eJusticeNaturalPersonRole</entry> + <entry key="3.PersonType">NaturalPerson</entry> + <entry key="3.Required">false</entry> + <entry key="3.XmlType.NamespaceUri">http://www.w3.org/2001/XMLSchema</entry> + <entry key="3.XmlType.LocalPart">string</entry> + <entry key="3.XmlType.NamespacePrefix">xs</entry> + <entry key="3.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + + <entry key="4.NameUri">http://e-justice.europa.eu/attributes/legalperson/eJusticeLegalPersonRole</entry> + <entry key="4.FriendlyName">eJusticeLegalPersonRole</entry> + <entry key="4.PersonType">LegalPerson</entry> + <entry key="4.Required">false</entry> + <entry key="4.XmlType.NamespaceUri">http://www.w3.org/2001/XMLSchema</entry> + <entry key="4.XmlType.LocalPart">string</entry> + <entry key="4.XmlType.NamespacePrefix">xs</entry> + <entry key="4.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + + <entry key="5.NameUri">http://e-justice.europa.eu/attributes/legalperson/eJusticePersonRoleNotExist</entry> + <entry key="5.FriendlyName">eJusticeLegalPersonRole</entry> + <entry key="5.PersonType">LegalPerson</entry> + <entry key="5.Required">false</entry> + <entry key="5.XmlType.NamespaceUri">http://www.w3.org/2001/XMLSchema</entry> + <entry key="5.XmlType.LocalPart">string</entry> + <entry key="5.XmlType.NamespacePrefix">xs</entry> + <entry key="5.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + + + +</properties> diff --git a/modules/eidas_proxy-sevice/src/test/resources/config/eidas-attributes.xml b/modules/eidas_proxy-sevice/src/test/resources/config/eidas-attributes.xml new file mode 100644 index 00000000..cbae35db --- /dev/null +++ b/modules/eidas_proxy-sevice/src/test/resources/config/eidas-attributes.xml @@ -0,0 +1,376 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- +# Copyright (c) 2017 European Commission +# Licensed under the EUPL, Version 1.2 or – as soon they will be +# approved by the European Commission - subsequent versions of the +# EUPL (the "Licence"); +# You may not use this work except in compliance with the Licence. +# You may obtain a copy of the Licence at: +# * https://joinup.ec.europa.eu/page/eupl-text-11-12 +# * +# Unless required by applicable law or agreed to in writing, software +# distributed under the Licence is distributed on an "AS IS" basis, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the Licence for the specific language governing permissions and limitations under the Licence. + --> + +<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> +<properties> + <comment>eIDAS attributes</comment> + + <entry key="1.NameUri">http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier</entry> + <entry key="1.FriendlyName">PersonIdentifier</entry> + <entry key="1.PersonType">NaturalPerson</entry> + <entry key="1.Required">true</entry> + <entry key="1.UniqueIdentifier">true</entry> + <entry key="1.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry> + <entry key="1.XmlType.LocalPart">PersonIdentifierType</entry> + <entry key="1.XmlType.NamespacePrefix">eidas-natural</entry> + <entry key="1.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + + <entry key="2.NameUri">http://eidas.europa.eu/attributes/naturalperson/CurrentFamilyName</entry> + <entry key="2.FriendlyName">FamilyName</entry> + <entry key="2.PersonType">NaturalPerson</entry> + <entry key="2.Required">true</entry> + <entry key="2.TransliterationMandatory">true</entry> + <entry key="2.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry> + <entry key="2.XmlType.LocalPart">CurrentFamilyNameType</entry> + <entry key="2.XmlType.NamespacePrefix">eidas-natural</entry> + <entry key="2.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + + <entry key="3.NameUri">http://eidas.europa.eu/attributes/naturalperson/CurrentGivenName</entry> + <entry key="3.FriendlyName">FirstName</entry> + <entry key="3.PersonType">NaturalPerson</entry> + <entry key="3.Required">true</entry> + <entry key="3.TransliterationMandatory">true</entry> + <entry key="3.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry> + <entry key="3.XmlType.LocalPart">CurrentGivenNameType</entry> + <entry key="3.XmlType.NamespacePrefix">eidas-natural</entry> + <entry key="3.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + + <entry key="4.NameUri">http://eidas.europa.eu/attributes/naturalperson/DateOfBirth</entry> + <entry key="4.FriendlyName">DateOfBirth</entry> + <entry key="4.PersonType">NaturalPerson</entry> + <entry key="4.Required">true</entry> + <entry key="4.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry> + <entry key="4.XmlType.LocalPart">DateOfBirthType</entry> + <entry key="4.XmlType.NamespacePrefix">eidas-natural</entry> + <entry key="4.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.DateTimeAttributeValueMarshaller</entry> + + <entry key="5.NameUri">http://eidas.europa.eu/attributes/naturalperson/BirthName</entry> + <entry key="5.FriendlyName">BirthName</entry> + <entry key="5.PersonType">NaturalPerson</entry> + <entry key="5.Required">false</entry> + <entry key="5.TransliterationMandatory">true</entry> + <entry key="5.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry> + <entry key="5.XmlType.LocalPart">BirthNameType</entry> + <entry key="5.XmlType.NamespacePrefix">eidas-natural</entry> + <entry key="5.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + + <entry key="6.NameUri">http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth</entry> + <entry key="6.FriendlyName">PlaceOfBirth</entry> + <entry key="6.PersonType">NaturalPerson</entry> + <entry key="6.Required">false</entry> + <entry key="6.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry> + <entry key="6.XmlType.LocalPart">PlaceOfBirthType</entry> + <entry key="6.XmlType.NamespacePrefix">eidas-natural</entry> + <entry key="6.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + + <entry key="7.NameUri">http://eidas.europa.eu/attributes/naturalperson/CurrentAddress</entry> + <entry key="7.FriendlyName">CurrentAddress</entry> + <entry key="7.PersonType">NaturalPerson</entry> + <entry key="7.Required">false</entry> + <entry key="7.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry> + <entry key="7.XmlType.LocalPart">CurrentAddressType</entry> + <entry key="7.XmlType.NamespacePrefix">eidas-natural</entry> + <entry key="7.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.CurrentAddressAttributeValueMarshaller</entry> + + <entry key="8.NameUri">http://eidas.europa.eu/attributes/naturalperson/Gender</entry> + <entry key="8.FriendlyName">Gender</entry> + <entry key="8.PersonType">NaturalPerson</entry> + <entry key="8.Required">false</entry> + <entry key="8.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry> + <entry key="8.XmlType.LocalPart">GenderType</entry> + <entry key="8.XmlType.NamespacePrefix">eidas-natural</entry> + <entry key="8.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.GenderAttributeValueMarshaller</entry> + + <entry key="9.NameUri">http://eidas.europa.eu/attributes/legalperson/LegalPersonIdentifier</entry> + <entry key="9.FriendlyName">LegalPersonIdentifier</entry> + <entry key="9.PersonType">LegalPerson</entry> + <entry key="9.Required">true</entry> + <entry key="9.UniqueIdentifier">true</entry> + <entry key="9.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> + <entry key="9.XmlType.LocalPart">LegalPersonIdentifierType</entry> + <entry key="9.XmlType.NamespacePrefix">eidas-legal</entry> + <entry key="9.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + + <entry key="10.NameUri">http://eidas.europa.eu/attributes/legalperson/LegalName</entry> + <entry key="10.FriendlyName">LegalName</entry> + <entry key="10.PersonType">LegalPerson</entry> + <entry key="10.Required">true</entry> + <entry key="10.TransliterationMandatory">true</entry> + <entry key="10.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> + <entry key="10.XmlType.LocalPart">LegalNameType</entry> + <entry key="10.XmlType.NamespacePrefix">eidas-legal</entry> + <entry key="10.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + + <entry key="11.NameUri">http://eidas.europa.eu/attributes/legalperson/LegalPersonAddress</entry> + <entry key="11.FriendlyName">LegalAddress</entry> + <entry key="11.PersonType">LegalPerson</entry> + <entry key="11.Required">false</entry> + <entry key="11.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> + <entry key="11.XmlType.LocalPart">LegalPersonAddressType</entry> + <entry key="11.XmlType.NamespacePrefix">eidas-legal</entry> + <entry key="11.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.LegalAddressAttributeValueMarshaller</entry> + + <entry key="12.NameUri">http://eidas.europa.eu/attributes/legalperson/VATRegistrationNumber</entry> + <entry key="12.FriendlyName">VATRegistration</entry> + <entry key="12.PersonType">LegalPerson</entry> + <entry key="12.Required">false</entry> + <entry key="12.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> + <entry key="12.XmlType.LocalPart">VATRegistrationNumberType</entry> + <entry key="12.XmlType.NamespacePrefix">eidas-legal</entry> + <entry key="12.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + + <entry key="13.NameUri">http://eidas.europa.eu/attributes/legalperson/TaxReference</entry> + <entry key="13.FriendlyName">TaxReference</entry> + <entry key="13.PersonType">LegalPerson</entry> + <entry key="13.Required">false</entry> + <entry key="13.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> + <entry key="13.XmlType.LocalPart">TaxReferenceType</entry> + <entry key="13.XmlType.NamespacePrefix">eidas-legal</entry> + <entry key="13.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + + <entry key="14.NameUri">http://eidas.europa.eu/attributes/legalperson/D-2012-17-EUIdentifier</entry> + <entry key="14.FriendlyName">D-2012-17-EUIdentifier</entry> + <entry key="14.PersonType">LegalPerson</entry> + <entry key="14.Required">false</entry> + <entry key="14.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> + <entry key="14.XmlType.LocalPart">D-2012-17-EUIdentifierType</entry> + <entry key="14.XmlType.NamespacePrefix">eidas-legal</entry> + <entry key="14.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + + <entry key="15.NameUri">http://eidas.europa.eu/attributes/legalperson/LEI</entry> + <entry key="15.FriendlyName">LEI</entry> + <entry key="15.PersonType">LegalPerson</entry> + <entry key="15.Required">false</entry> + <entry key="15.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> + <entry key="15.XmlType.LocalPart">LEIType</entry> + <entry key="15.XmlType.NamespacePrefix">eidas-legal</entry> + <entry key="15.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + + <entry key="16.NameUri">http://eidas.europa.eu/attributes/legalperson/EORI</entry> + <entry key="16.FriendlyName">EORI</entry> + <entry key="16.PersonType">LegalPerson</entry> + <entry key="16.Required">false</entry> + <entry key="16.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> + <entry key="16.XmlType.LocalPart">EORIType</entry> + <entry key="16.XmlType.NamespacePrefix">eidas-legal</entry> + <entry key="16.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + + <entry key="17.NameUri">http://eidas.europa.eu/attributes/legalperson/SEED</entry> + <entry key="17.FriendlyName">SEED</entry> + <entry key="17.PersonType">LegalPerson</entry> + <entry key="17.Required">false</entry> + <entry key="17.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> + <entry key="17.XmlType.LocalPart">SEEDType</entry> + <entry key="17.XmlType.NamespacePrefix">eidas-legal</entry> + <entry key="17.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + + <entry key="18.NameUri">http://eidas.europa.eu/attributes/legalperson/SIC</entry> + <entry key="18.FriendlyName">SIC</entry> + <entry key="18.PersonType">LegalPerson</entry> + <entry key="18.Required">false</entry> + <entry key="18.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry> + <entry key="18.XmlType.LocalPart">SICType</entry> + <entry key="18.XmlType.NamespacePrefix">eidas-legal</entry> + <entry key="18.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + + <entry key="19.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/PersonIdentifier</entry> + <entry key="19.FriendlyName">RepresentativePersonIdentifier</entry> + <entry key="19.PersonType">RepresentativeNaturalPerson</entry> + <entry key="19.Required">false</entry> + <entry key="19.UniqueIdentifier">true</entry> + <entry key="19.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry> + <entry key="19.XmlType.LocalPart">PersonIdentifierType</entry> + <entry key="19.XmlType.NamespacePrefix">eidas-natural</entry> + <entry key="19.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + + <entry key="20.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/CurrentFamilyName</entry> + <entry key="20.FriendlyName">RepresentativeFamilyName</entry> + <entry key="20.PersonType">RepresentativeNaturalPerson</entry> + <entry key="20.Required">false</entry> + <entry key="20.TransliterationMandatory">true</entry> + <entry key="20.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry> + <entry key="20.XmlType.LocalPart">CurrentFamilyNameType</entry> + <entry key="20.XmlType.NamespacePrefix">eidas-reprentative-natural</entry> + <entry key="20.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + + <entry key="21.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/CurrentGivenName</entry> + <entry key="21.FriendlyName">RepresentativeFirstName</entry> + <entry key="21.PersonType">RepresentativeNaturalPerson</entry> + <entry key="21.Required">false</entry> + <entry key="21.TransliterationMandatory">true</entry> + <entry key="21.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry> + <entry key="21.XmlType.LocalPart">CurrentGivenNameType</entry> + <entry key="21.XmlType.NamespacePrefix">eidas-reprentative-natural</entry> + <entry key="21.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + + <entry key="22.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/DateOfBirth</entry> + <entry key="22.FriendlyName">RepresentativeDateOfBirth</entry> + <entry key="22.PersonType">RepresentativeNaturalPerson</entry> + <entry key="22.Required">false</entry> + <entry key="22.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry> + <entry key="22.XmlType.LocalPart">DateOfBirthType</entry> + <entry key="22.XmlType.NamespacePrefix">eidas-reprentative-natural</entry> + <entry key="22.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.DateTimeAttributeValueMarshaller</entry> + + <entry key="23.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/BirthName</entry> + <entry key="23.FriendlyName">RepresentativeBirthName</entry> + <entry key="23.PersonType">RepresentativeNaturalPerson</entry> + <entry key="23.Required">false</entry> + <entry key="23.TransliterationMandatory">true</entry> + <entry key="23.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry> + <entry key="23.XmlType.LocalPart">BirthNameType</entry> + <entry key="23.XmlType.NamespacePrefix">eidas-reprentative-natural</entry> + <entry key="23.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + + <entry key="24.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/PlaceOfBirth</entry> + <entry key="24.FriendlyName">RepresentativePlaceOfBirth</entry> + <entry key="24.PersonType">RepresentativeNaturalPerson</entry> + <entry key="24.Required">false</entry> + <entry key="24.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry> + <entry key="24.XmlType.LocalPart">PlaceOfBirthType</entry> + <entry key="24.XmlType.NamespacePrefix">eidas-reprentative-natural</entry> + <entry key="24.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + + <entry key="25.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/CurrentAddress</entry> + <entry key="25.FriendlyName">RepresentativeCurrentAddress</entry> + <entry key="25.PersonType">RepresentativeNaturalPerson</entry> + <entry key="25.Required">false</entry> + <entry key="25.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry> + <entry key="25.XmlType.LocalPart">CurrentAddressType</entry> + <entry key="25.XmlType.NamespacePrefix">eidas-reprentative-natural</entry> + <entry key="25.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.RepvCurrentAddressAttributeValueMarshaller</entry> + + <entry key="26.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/Gender</entry> + <entry key="26.FriendlyName">RepresentativeGender</entry> + <entry key="26.PersonType">RepresentativeNaturalPerson</entry> + <entry key="26.Required">false</entry> + <entry key="26.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry> + <entry key="26.XmlType.LocalPart">GenderType</entry> + <entry key="26.XmlType.NamespacePrefix">eidas-reprentative-natural</entry> + <entry key="26.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.GenderAttributeValueMarshaller</entry> + + <entry key="27.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/LegalPersonIdentifier</entry> + <entry key="27.FriendlyName">RepresentativeLegalPersonIdentifier</entry> + <entry key="27.PersonType">RepresentativeLegalPerson</entry> + <entry key="27.Required">false</entry> + <entry key="27.UniqueIdentifier">true</entry> + <entry key="27.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> + <entry key="27.XmlType.LocalPart">LegalPersonIdentifierType</entry> + <entry key="27.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> + <entry key="27.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + + <entry key="28.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/LegalName</entry> + <entry key="28.FriendlyName">RepresentativeLegalName</entry> + <entry key="28.PersonType">RepresentativeLegalPerson</entry> + <entry key="28.Required">false</entry> + <entry key="28.TransliterationMandatory">true</entry> + <entry key="28.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> + <entry key="28.XmlType.LocalPart">LegalNameType</entry> + <entry key="28.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> + <entry key="28.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + + <entry key="29.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/LegalPersonAddress</entry> + <entry key="29.FriendlyName">RepresentativeLegalAddress</entry> + <entry key="29.PersonType">RepresentativeLegalPerson</entry> + <entry key="29.Required">false</entry> + <entry key="29.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> + <entry key="29.XmlType.LocalPart">LegalPersonAddressType</entry> + <entry key="29.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> + <entry key="29.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.RepvLegalAddressAttributeValueMarshaller</entry> + + <entry key="30.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/VATRegistrationNumber</entry> + <entry key="30.FriendlyName">RepresentativeVATRegistration</entry> + <entry key="30.PersonType">RepresentativeLegalPerson</entry> + <entry key="30.Required">false</entry> + <entry key="30.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> + <entry key="30.XmlType.LocalPart">VATRegistrationNumberType</entry> + <entry key="30.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> + <entry key="30.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + + <entry key="31.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/TaxReference</entry> + <entry key="31.FriendlyName">RepresentativeTaxReference</entry> + <entry key="31.PersonType">RepresentativeLegalPerson</entry> + <entry key="31.Required">false</entry> + <entry key="31.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> + <entry key="31.XmlType.LocalPart">TaxReferenceType</entry> + <entry key="31.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> + <entry key="31.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + + <entry key="32.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/D-2012-17-EUIdentifier</entry> + <entry key="32.FriendlyName">RepresentativeD-2012-17-EUIdentifier</entry> + <entry key="32.PersonType">RepresentativeLegalPerson</entry> + <entry key="32.Required">false</entry> + <entry key="32.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> + <entry key="32.XmlType.LocalPart">D-2012-17-EUIdentifierType</entry> + <entry key="32.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> + <entry key="32.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + + <entry key="33.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/LEI</entry> + <entry key="33.FriendlyName">RepresentativeLEI</entry> + <entry key="33.PersonType">RepresentativeLegalPerson</entry> + <entry key="33.Required">false</entry> + <entry key="33.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> + <entry key="33.XmlType.LocalPart">LEIType</entry> + <entry key="33.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> + <entry key="33.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + + <entry key="34.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/EORI</entry> + <entry key="34.FriendlyName">RepresentativeEORI</entry> + <entry key="34.PersonType">RepresentativeLegalPerson</entry> + <entry key="34.Required">false</entry> + <entry key="34.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> + <entry key="34.XmlType.LocalPart">EORIType</entry> + <entry key="34.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> + <entry key="34.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + + <entry key="35.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/SEED</entry> + <entry key="35.FriendlyName">RepresentativeSEED</entry> + <entry key="35.PersonType">RepresentativeLegalPerson</entry> + <entry key="35.Required">false</entry> + <entry key="35.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> + <entry key="35.XmlType.LocalPart">SEEDType</entry> + <entry key="35.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> + <entry key="35.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + + <entry key="36.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/SIC</entry> + <entry key="36.FriendlyName">RepresentativeSIC</entry> + <entry key="36.PersonType">RepresentativeLegalPerson</entry> + <entry key="36.Required">false</entry> + <entry key="36.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> + <entry key="36.XmlType.LocalPart">SICType</entry> + <entry key="36.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> + <entry key="36.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + + <entry key="39.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/LegalPersonAddress</entry> + <entry key="39.FriendlyName">RepresentativeLegalAddress</entry> + <entry key="39.PersonType">RepresentativeLegalPerson</entry> + <entry key="39.Required">false</entry> + <entry key="39.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> + <entry key="39.XmlType.LocalPart">LegalPersonAddressType</entry> + <entry key="39.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> + <entry key="39.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.RepvLegalAddressAttributeValueMarshaller</entry> + + <entry key="40.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/VATRegistrationNumber</entry> + <entry key="40.FriendlyName">RepresentativeVATRegistration</entry> + <entry key="40.PersonType">RepresentativeLegalPerson</entry> + <entry key="40.Required">false</entry> + <entry key="40.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry> + <entry key="40.XmlType.LocalPart">VATRegistrationNumberType</entry> + <entry key="40.XmlType.NamespacePrefix">eidas-reprentative-legal</entry> + <entry key="40.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry> + + +</properties> diff --git a/modules/eidas_proxy-sevice/src/test/resources/config/idaAttributeMapping.json b/modules/eidas_proxy-sevice/src/test/resources/config/idaAttributeMapping.json new file mode 100644 index 00000000..96034d12 --- /dev/null +++ b/modules/eidas_proxy-sevice/src/test/resources/config/idaAttributeMapping.json @@ -0,0 +1,215 @@ +[ + { + "eidasAttribute": "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", + "idaAttribute": { + "basic": "urn:oid:1.2.40.0.10.2.1.1.149", + "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.98" + }, + "type": { + "mds": true, + "autoIncludeWithMandates": false + } + }, + { + "eidasAttribute": "http://eidas.europa.eu/attributes/naturalperson/CurrentGivenName", + "idaAttribute": { + "basic": "urn:oid:2.5.4.42", + "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.78" + }, + "type": { + "mds": true, + "autoIncludeWithMandates": false + } + }, + { + "eidasAttribute": "http://eidas.europa.eu/attributes/naturalperson/CurrentFamilyName", + "idaAttribute": { + "basic": "urn:oid:1.2.40.0.10.2.1.1.261.20", + "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.80" + }, + "type": { + "mds": true, + "autoIncludeWithMandates": false + } + }, + { + "eidasAttribute": "http://eidas.europa.eu/attributes/naturalperson/DateOfBirth", + "idaAttribute": { + "basic": "urn:oid:1.2.40.0.10.2.1.1.55", + "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.82" + }, + "type": { + "mds": true, + "autoIncludeWithMandates": false + } + }, + { + "eidasAttribute": "http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth", + "idaAttribute": {}, + "type": { + "mds": false, + "autoIncludeWithMandates": false + } + }, + { + "eidasAttribute": "http://eidas.europa.eu/attributes/naturalperson/BirthName", + "idaAttribute": { + "basic": "ida_birthname", + "withMandates": "ida_birthName_mandator" + }, + "type": { + "mds": false, + "autoIncludeWithMandates": false + } + }, + { + "eidasAttribute": "http://eidas.europa.eu/attributes/legalperson/LegalPersonIdentifier", + "idaAttribute": { + "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.100" + }, + "addionalRequiredAttributes" : [ + "urn:oid:1.2.40.0.10.2.1.1.149", + "urn:oid:2.5.4.42", + "urn:oid:1.2.40.0.10.2.1.1.261.20", + "urn:oid:1.2.40.0.10.2.1.1.55" + ], + "type": { + "mds": true, + "autoIncludeWithMandates": false + } + }, + { + "eidasAttribute": "http://eidas.europa.eu/attributes/legalperson/LegalName", + "idaAttribute": { + "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.84" + }, + "type": { + "mds": true, + "autoIncludeWithMandates": false + } + }, + { + "eidasAttribute": "http://eidas.europa.eu/attributes/naturalperson/representative/PersonIdentifier", + "idaAttribute": { + "withMandates": "urn:oid:1.2.40.0.10.2.1.1.149" + }, + "type": { + "mds": true, + "autoIncludeWithMandates": true + } + }, + { + "eidasAttribute": "http://eidas.europa.eu/attributes/naturalperson/representative/CurrentFamilyName", + "idaAttribute": { + "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.20" + }, + "type": { + "mds": true, + "autoIncludeWithMandates": true + } + }, + { + "eidasAttribute": "http://eidas.europa.eu/attributes/naturalperson/representative/CurrentGivenName", + "idaAttribute": { + "withMandates": "urn:oid:2.5.4.42" + }, + "type": { + "mds": true, + "autoIncludeWithMandates": true + } + }, + { + "eidasAttribute": "http://eidas.europa.eu/attributes/naturalperson/representative/DateOfBirth", + "idaAttribute": { + "withMandates": "urn:oid:1.2.40.0.10.2.1.1.55" + }, + "type": { + "mds": true, + "autoIncludeWithMandates": true + } + }, + { + "eidasAttribute": "http://e-justice.europa.eu/attributes/naturalperson/eJusticeNaturalPersonRole", + "specificAttributeHandlerClass": "at.asitplus.eidas.specific.modules.msproxyservice.handler.EJusticePersonRoleHandler", + "type": { + "mds": false, + "autoIncludeWithMandates": false + } + }, + { + "eidasAttribute": "http://e-justice.europa.eu/attributes/legalperson/eJusticeLegalPersonRole", + "specificAttributeHandlerClass": "at.asitplus.eidas.specific.modules.msproxyservice.handler.EJusticePersonRoleHandler", + "type": { + "mds": false, + "autoIncludeWithMandates": false + } + }, + { + "eidasAttribute": "http://e-justice.europa.eu/attributes/legalperson/eJusticePersonRoleNotExist", + "specificAttributeHandlerClass": "at.asitplus.eidas.specific.modules.msproxyservice.handler.notExist", + "type": { + "mds": false, + "autoIncludeWithMandates": false + } + }, + { + "eidasAttribute": "*", + "idaAttribute": { + "basic": "urn:oid:1.2.40.0.10.2.1.1.261.32", + "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.32" + }, + "type": { + "mds": false, + "autoIncludeWithMandates": false + } + }, + { + "eidasAttribute": "*", + "idaAttribute": { + "basic": "urn:oid:1.2.40.0.10.2.1.1.261.108", + "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.108" + }, + "type": { + "mds": false, + "autoIncludeWithMandates": false + } + }, + { + "eidasAttribute": "*", + "idaAttribute": { + "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.68" + }, + "type": { + "mds": false, + "autoIncludeWithMandates": false + } + }, + { + "eidasAttribute": "*", + "idaAttribute": { + "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.106" + }, + "type": { + "mds": false, + "autoIncludeWithMandates": false + } + }, + { + "eidasAttribute": "http://eidas.europa.eu/attributes/jUnit/not/exits", + "idaAttribute": { + "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.106" + }, + "type": { + "mds": false, + "autoIncludeWithMandates": false + } + }, + { + "eidasAttribute": "http://eidas.europa.eu/attributes/jUnit/no/custom/handler", + "specificAttributeHandlerClass": "", + "type": { + "mds": false, + "autoIncludeWithMandates": false + } + } +]
\ No newline at end of file diff --git a/modules/eidas_proxy-sevice/src/test/resources/config/junit_config_1.properties b/modules/eidas_proxy-sevice/src/test/resources/config/junit_config_1.properties new file mode 100644 index 00000000..90b44868 --- /dev/null +++ b/modules/eidas_proxy-sevice/src/test/resources/config/junit_config_1.properties @@ -0,0 +1,19 @@ +## Basic service configuration +eidas.ms.context.url.prefix=http://localhost +eidas.ms.context.url.request.validation=false + +eidas.ms.auth.eIDAS.node_v2.proxy.entityId=ownSpecificProxy +eidas.ms.auth.eIDAS.node_v2.proxy.forward.endpoint=http://eidas.proxy/endpoint + +eidas.ms.auth.eIDAS.proxy.attribute.mapping.config=idaAttributeMapping.json + + +############################################################################# +## advanced eIDAS attribute processing + +# BORIS attribute for eJustice +eidas.ms.advanced.attributes.ejusticerole.mandate.profiles=MUST_BE_UPDATED +eidas.ms.advanced.attributes.ejusticerole.mandate.mode=legal +eidas.ms.advanced.attributes.ejusticerole.additional.ida.attributes=testAttribute +eidas.ms.advanced.attributes.ejusticerole.value.1=MUST_BE_UPDATED=VIP1 +eidas.ms.advanced.attributes.ejusticerole.value.2=SECOND=VIP2 diff --git a/modules/eidas_proxy-sevice/src/test/resources/config/junit_config_2.properties b/modules/eidas_proxy-sevice/src/test/resources/config/junit_config_2.properties new file mode 100644 index 00000000..8963129e --- /dev/null +++ b/modules/eidas_proxy-sevice/src/test/resources/config/junit_config_2.properties @@ -0,0 +1,18 @@ +## Basic service configuration +eidas.ms.context.url.prefix=http://localhost +eidas.ms.context.url.request.validation=false + +eidas.ms.auth.eIDAS.node_v2.proxy.entityId=ownSpecificProxy +eidas.ms.auth.eIDAS.node_v2.proxy.forward.endpoint=http://eidas.proxy/endpoint + +eidas.ms.auth.eIDAS.proxy.attribute.mapping.config=idaAttributeMapping.json + + +############################################################################# +## advanced eIDAS attribute processing + +# BORIS attribute for eJustice +eidas.ms.advanced.attributes.ejusticerole.mandate.profiles=MUST_BE_UPDATED +eidas.ms.advanced.attributes.ejusticerole.mandate.mode=legal +eidas.ms.advanced.attributes.ejusticerole.value.1=MUST_BE_UPDATED=VIP1 +eidas.ms.advanced.attributes.ejusticerole.value.2=SECOND=VIP2 diff --git a/modules/eidas_proxy-sevice/src/test/resources/spring/SpringTest-context_basic_mapConfig.xml b/modules/eidas_proxy-sevice/src/test/resources/spring/SpringTest-context_basic_mapConfig.xml new file mode 100644 index 00000000..fe9ff441 --- /dev/null +++ b/modules/eidas_proxy-sevice/src/test/resources/spring/SpringTest-context_basic_mapConfig.xml @@ -0,0 +1,20 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:tx="http://www.springframework.org/schema/tx" + xmlns:aop="http://www.springframework.org/schema/aop" + xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + + <context:annotation-config /> + + <bean id="dummyMapBasedConfiguration" + class="at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap"> + <constructor-arg value="/config/junit_config_1.properties" /> + <property name="configRootDirSufix" value="src/test/resources/config" /> + </bean> + +</beans>
\ No newline at end of file diff --git a/modules/eidas_proxy-sevice/src/test/resources/spring/SpringTest-context_basic_mapConfig2.xml b/modules/eidas_proxy-sevice/src/test/resources/spring/SpringTest-context_basic_mapConfig2.xml new file mode 100644 index 00000000..dfe98ea5 --- /dev/null +++ b/modules/eidas_proxy-sevice/src/test/resources/spring/SpringTest-context_basic_mapConfig2.xml @@ -0,0 +1,20 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:tx="http://www.springframework.org/schema/tx" + xmlns:aop="http://www.springframework.org/schema/aop" + xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + + <context:annotation-config /> + + <bean id="dummyMapBasedConfiguration" + class="at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap"> + <constructor-arg value="/config/junit_config_2.properties" /> + <property name="configRootDirSufix" value="src/test/resources/config" /> + </bean> + +</beans>
\ No newline at end of file diff --git a/modules/eidas_proxy-sevice/src/test/resources/spring/SpringTest-context_basic_test.xml b/modules/eidas_proxy-sevice/src/test/resources/spring/SpringTest-context_basic_test.xml new file mode 100644 index 00000000..0b7540f5 --- /dev/null +++ b/modules/eidas_proxy-sevice/src/test/resources/spring/SpringTest-context_basic_test.xml @@ -0,0 +1,34 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:tx="http://www.springframework.org/schema/tx" + xmlns:aop="http://www.springframework.org/schema/aop" + xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + + + <import resource="classpath:/SpringTest-context_authManager.xml" /> + <import resource="classpath:/spring/eidas_proxy-service.beans.xml"/> + + <bean id="springManagedSpecificProxyserviceCommunicationService" + class="at.asitplus.eidas.specific.modules.core.eidas.test.dummy.DummySpecificCommunicationService" /> + + <bean id="mvcGUIBuilderImpl" + class="at.gv.egiz.eaaf.core.impl.gui.builder.SpringMvcGuiFormBuilderImpl" /> + + <bean id="specificConnectorAttributesFileWithPath" + class="java.lang.String"> + <constructor-arg + value="src/test/resources/config/eidas-attributes.xml" /> + </bean> + + <bean id="specificConnectorAdditionalAttributesFileWithPath" + class="java.lang.String"> + <constructor-arg + value="src/test/resources/config/additional-attributes.xml" /> + </bean> + +</beans>
\ No newline at end of file |