diff options
Diffstat (limited to 'modules')
5 files changed, 98 insertions, 13 deletions
| diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java index a9125849..5468cd56 100644 --- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java +++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java @@ -334,7 +334,9 @@ public class Constants {    // UI options    public static final String HTML_FORM_ENABLE_MATCHING_BY_ADDRESS_SEARCH = "enableMatchingByAddressSearch"; -  public static final String HTML_FORM_CREATE_NEW_ERNP_ENTRY = "createNewErnpEntry"; +  public static final String HTML_FORM_WITH_CREATE_NEW_ERNP_ENTRY_OPTION = "createNewErnpEntryScreen"; +  public static final String HTML_FORM_DISALLOW_CREATENEW_ERNP_ENTRY = "disallowNewErnpEntry"; +      public static final String HTML_FORM_ADVANCED_MATCHING_FAILED = "advancedMatchingFailed";    public static final String HTML_FORM_ADVANCED_MATCHING_FAILED_REASON =         HTML_FORM_ADVANCED_MATCHING_FAILED + "Reason"; diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateOtherLoginMethodGuiTask.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateOtherLoginMethodGuiTask.java index 9d4f7152..e67805d6 100644 --- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateOtherLoginMethodGuiTask.java +++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateOtherLoginMethodGuiTask.java @@ -92,13 +92,20 @@ public class GenerateOtherLoginMethodGuiTask extends AbstractLocaleAuthServletTa            Constants.HTML_FORM_ENABLE_MATCHING_BY_ADDRESS_SEARCH,             String.valueOf(basicConfig.getBasicConfigurationBoolean(Constants.CONFIG_PROP_MATCHING_BY_ADDRESS))); -      // inject request to create a new ERnP entry +      // inject flag to show screen for last manual matching step        config.putCustomParameter(AbstractGuiFormBuilderConfiguration.PARAM_GROUP_UIOPTIONS, -          Constants.HTML_FORM_CREATE_NEW_ERNP_ENTRY,  +          Constants.HTML_FORM_WITH_CREATE_NEW_ERNP_ENTRY_OPTION,             String.valueOf(                MatchingTaskUtils.getExecutionContextFlag(                    executionContext,Constants.TRANSITION_TO_REQUESTING_NEW_ERNP_ENTRY_TASK))); -                         +                           +      // inject flag to disallow new ERnP entry in case of  +      config.putCustomParameter(AbstractGuiFormBuilderConfiguration.PARAM_GROUP_UIOPTIONS, +          Constants.HTML_FORM_DISALLOW_CREATENEW_ERNP_ENTRY,  +          String.valueOf(!MatchingTaskUtils.getIntermediateMatchingResult(pendingReq) +              .getOperationStatus().isAllowErnpEntryByUser())); +       +              // reset executionContext parameters        ReceiveOtherLoginMethodGuiResponseTask.ALL_EXECUTIONCONTEXT_PARAMETERS.forEach(            el -> executionContext.remove(el)); diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java index fb4e6e7b..0afe0ff6 100644 --- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java +++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java @@ -146,6 +146,14 @@ public class ReceiveOtherLoginMethodGuiResponseTask extends AbstractLocaleAuthSe          return;                case ADD_ME_AS_NEW: +        if (!MatchingTaskUtils.getIntermediateMatchingResult(pendingReq) +            .getOperationStatus().isAllowErnpEntryByUser()) { +          log.error("Create new ERnP entry by user was requested but it's not allowed!"); +          throw new TaskExecutionException(pendingReq,  +              "Create new ERnP entry by user was requested but it's not allowed!",  +              new EaafException("module.eidasauth.matching.98")); +           +        }          log.info("User selects insert-into-ERnP option. Starting ERnP operation and complete prozess ... ");          executionContext.put(Constants.TRANSITION_TO_CREATE_NEW_ERNP_ENTRY_BY_USER_TASK, true);          executionContext.put(Constants.TRANSITION_TO_REQUESTING_NEW_ERNP_ENTRY_TASK, false); diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateOtherLoginMethodGuiTaskTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateOtherLoginMethodGuiTaskTest.java index 6d08a731..037c76a1 100644 --- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateOtherLoginMethodGuiTaskTest.java +++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateOtherLoginMethodGuiTaskTest.java @@ -8,6 +8,7 @@ import static org.junit.Assert.assertTrue;  import java.io.UnsupportedEncodingException;  import java.text.MessageFormat; +import java.util.Collections;  import java.util.Locale;  import org.apache.commons.lang3.RandomStringUtils; @@ -32,9 +33,12 @@ import com.fasterxml.jackson.databind.json.JsonMapper;  import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SelectedLoginMethod; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService.RegisterOperationStatus; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService.RegisterStatusResults;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateOtherLoginMethodGuiTask;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveOtherLoginMethodGuiResponseTask;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummyOA; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.MatchingTaskUtils;  import at.gv.egiz.eaaf.core.api.IRequestStorage;  import at.gv.egiz.eaaf.core.api.data.EaafConstants;  import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; @@ -76,6 +80,7 @@ public class GenerateOtherLoginMethodGuiTaskTest {     * jUnit test set-up.     */    @Before +  @SneakyThrows    public void initialize() {      httpReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector");      httpResp = new MockHttpServletResponse(); @@ -91,6 +96,10 @@ public class GenerateOtherLoginMethodGuiTaskTest {      config.putConfigValue("auth.eIDAS.matching.byaddress.enable", "false"); +    MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq,  +        new RegisterStatusResults(new RegisterOperationStatus(null, true),  +            Collections.emptyList(), Collections.emptyList())); +          LocaleContextHolder.resetLocaleContext();    } @@ -125,11 +134,44 @@ public class GenerateOtherLoginMethodGuiTaskTest {    @Test    @SneakyThrows -  public void jsonResponseInsertErnp() throws TaskExecutionException, UnsupportedEncodingException { -    String reason = RandomStringUtils.randomAlphabetic(5); +  public void jsonResponseInsertErnpScreen() throws TaskExecutionException, UnsupportedEncodingException { +    executionContext.put(Constants.TRANSITION_TO_REQUESTING_NEW_ERNP_ENTRY_TASK, true); +    httpReq.addHeader("Accept", "application/json"); + +    task.execute(pendingReq, executionContext); + +    //result validation +    Assert.assertEquals("httpStausCode", 200, httpResp.getStatus()); +    Assert.assertEquals("http ContentType", "application/json;charset=UTF-8", httpResp.getContentType()); +    final String content = httpResp.getContentAsString(); +    assertNotNull("response body is null", content); +    Assert.assertFalse("response body is empty", content.isEmpty()); +    final JsonNode json = new JsonMapper().readTree(content); +    assertNotNull("response body is null", json); +    assertNull("advancedMatchFailed", json.get(Constants.HTML_FORM_ADVANCED_MATCHING_FAILED));      +    assertNotNull("createNewErnpEntryScreen", json.get(Constants.HTML_FORM_WITH_CREATE_NEW_ERNP_ENTRY_OPTION)); +    assertTrue("createNewErnpEntryScreen", json.get(Constants.HTML_FORM_WITH_CREATE_NEW_ERNP_ENTRY_OPTION).asBoolean());         +     +    assertNotNull("disallowNewErnpEntry", json.get(Constants.HTML_FORM_DISALLOW_CREATENEW_ERNP_ENTRY)); +    assertFalse("disallowNewErnpEntry", json.get(Constants.HTML_FORM_DISALLOW_CREATENEW_ERNP_ENTRY).asBoolean()); +         +    assertNull("advancedMatchingFailedReason", json.get(Constants.HTML_FORM_ADVANCED_MATCHING_FAILED_REASON)); +     +    assertNotNull("pendingRequest not stored",  +        storage.getPendingRequest(pendingReq.getPendingRequestId())); +     +  } +   +  @Test +  @SneakyThrows +  public void jsonResponseInsertErnpScreenButNotAllowed() throws TaskExecutionException, UnsupportedEncodingException {      executionContext.put(Constants.TRANSITION_TO_REQUESTING_NEW_ERNP_ENTRY_TASK, true);      httpReq.addHeader("Accept", "application/json"); +    MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq,  +        new RegisterStatusResults(new RegisterOperationStatus(null, false),  +            Collections.emptyList(), Collections.emptyList())); +          task.execute(pendingReq, executionContext);      //result validation @@ -141,8 +183,11 @@ public class GenerateOtherLoginMethodGuiTaskTest {      final JsonNode json = new JsonMapper().readTree(content);      assertNotNull("response body is null", json);      assertNull("advancedMatchFailed", json.get(Constants.HTML_FORM_ADVANCED_MATCHING_FAILED));      -    assertNotNull("createNewErnpEntry", json.get(Constants.HTML_FORM_CREATE_NEW_ERNP_ENTRY)); -    assertTrue("createNewErnpEntry", json.get(Constants.HTML_FORM_CREATE_NEW_ERNP_ENTRY).asBoolean()); +    assertNotNull("createNewErnpEntryScreen", json.get(Constants.HTML_FORM_WITH_CREATE_NEW_ERNP_ENTRY_OPTION)); +    assertTrue("createNewErnpEntryScreen", json.get(Constants.HTML_FORM_WITH_CREATE_NEW_ERNP_ENTRY_OPTION).asBoolean());         +     +    assertNotNull("disallowNewErnpEntry", json.get(Constants.HTML_FORM_DISALLOW_CREATENEW_ERNP_ENTRY)); +    assertTrue("disallowNewErnpEntry", json.get(Constants.HTML_FORM_DISALLOW_CREATENEW_ERNP_ENTRY).asBoolean());      assertNull("advancedMatchingFailedReason", json.get(Constants.HTML_FORM_ADVANCED_MATCHING_FAILED_REASON)); @@ -175,11 +220,11 @@ public class GenerateOtherLoginMethodGuiTaskTest {      assertEquals("advancedMatchingFailedReason", reason,           json.get(Constants.HTML_FORM_ADVANCED_MATCHING_FAILED_REASON).asText()); -    assertNotNull("createNewErnpEntry", json.get(Constants.HTML_FORM_CREATE_NEW_ERNP_ENTRY)); -    assertFalse("createNewErnpEntry", json.get(Constants.HTML_FORM_CREATE_NEW_ERNP_ENTRY).asBoolean()); +    assertNotNull("createNewErnpEntryScreen", json.get(Constants.HTML_FORM_WITH_CREATE_NEW_ERNP_ENTRY_OPTION)); +    assertFalse("createNewErnpEntryScreen", json.get(Constants.HTML_FORM_WITH_CREATE_NEW_ERNP_ENTRY_OPTION).asBoolean()); -    assertNotNull("enableMatchingByAddressSearch", json.get(Constants.HTML_FORM_CREATE_NEW_ERNP_ENTRY)); -    assertFalse("enableMatchingByAddressSearch", json.get(Constants.HTML_FORM_CREATE_NEW_ERNP_ENTRY).asBoolean()); +    assertNotNull("enableMatchingByAddressSearch", json.get(Constants.HTML_FORM_WITH_CREATE_NEW_ERNP_ENTRY_OPTION)); +    assertFalse("enableMatchingByAddressSearch", json.get(Constants.HTML_FORM_WITH_CREATE_NEW_ERNP_ENTRY_OPTION).asBoolean());      assertNotNull("pendingRequest not stored",  diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveOtherLoginMethodGuiResponseTaskTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveOtherLoginMethodGuiResponseTaskTest.java index dfd355de..db4f4fcb 100644 --- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveOtherLoginMethodGuiResponseTaskTest.java +++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveOtherLoginMethodGuiResponseTaskTest.java @@ -29,7 +29,10 @@ import at.asitplus.eidas.specific.core.MsEidasNodeConstants;  import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SelectedLoginMethod; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService.RegisterOperationStatus; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService.RegisterStatusResults;  import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveOtherLoginMethodGuiResponseTask; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.MatchingTaskUtils;  import at.gv.egiz.eaaf.core.api.IRequest;  import at.gv.egiz.eaaf.core.api.IRequestStorage;  import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; @@ -75,6 +78,7 @@ public class ReceiveOtherLoginMethodGuiResponseTaskTest {     * jUnit test set-up.     */    @Before +  @SneakyThrows    public void initialize() {      httpReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector");      httpResp = new MockHttpServletResponse(); @@ -89,6 +93,10 @@ public class ReceiveOtherLoginMethodGuiResponseTaskTest {      pendingReq.setSpConfig(spConfig);          config.putConfigValue("auth.eIDAS.matching.byaddress.enable", "false"); +    MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq,  +        new RegisterStatusResults(new RegisterOperationStatus(null, true),  +            Collections.emptyList(), Collections.emptyList())); +          LocaleContextHolder.resetLocaleContext();    } @@ -166,7 +174,22 @@ public class ReceiveOtherLoginMethodGuiResponseTaskTest {    } -         +    +  @Test +  @SneakyThrows +  public void withAddMeAsNewSelectionButNotAllowed() throws TaskExecutionException { +    MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq,  +        new RegisterStatusResults(new RegisterOperationStatus(null, false),  +            Collections.emptyList(), Collections.emptyList()));     +    httpReq.setParameter(Constants.REQ_SELECTED_LOGIN_METHOD_PARAMETER,  SelectedLoginMethod.ADD_ME_AS_NEW.name()); +     +    TaskExecutionException error = assertThrows("wrong exception", TaskExecutionException.class, +        () -> task.execute(pendingReq, executionContext)); +    assertEquals("wrong errorCode", "module.eidasauth.matching.98",   +        ((EaafException) error.getOriginalException()).getErrorId()); +        +  } +      @Test    public void withRequestingNewEntrySelection() throws TaskExecutionException {      testTransition(SelectedLoginMethod.REQUESTING_NEW_ENTRY, Constants.TRANSITION_TO_REQUESTING_NEW_ERNP_ENTRY_TASK); | 
