aboutsummaryrefslogtreecommitdiff
path: root/ms_specific_proxyservice/src/test/java/at
diff options
context:
space:
mode:
Diffstat (limited to 'ms_specific_proxyservice/src/test/java/at')
-rw-r--r--ms_specific_proxyservice/src/test/java/at/asitplus/eidas/specific/proxy/test/FullStartUpAndProcessTest.java480
-rw-r--r--ms_specific_proxyservice/src/test/java/at/asitplus/eidas/specific/proxy/test/MsConnectorSpringResourceProviderTest.java56
-rw-r--r--ms_specific_proxyservice/src/test/java/at/asitplus/eidas/specific/proxy/test/builder/ProxyAuthenticationDataBuilderTest.java395
3 files changed, 931 insertions, 0 deletions
diff --git a/ms_specific_proxyservice/src/test/java/at/asitplus/eidas/specific/proxy/test/FullStartUpAndProcessTest.java b/ms_specific_proxyservice/src/test/java/at/asitplus/eidas/specific/proxy/test/FullStartUpAndProcessTest.java
new file mode 100644
index 00000000..2fe7ee05
--- /dev/null
+++ b/ms_specific_proxyservice/src/test/java/at/asitplus/eidas/specific/proxy/test/FullStartUpAndProcessTest.java
@@ -0,0 +1,480 @@
+package at.asitplus.eidas.specific.proxy.test;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.lang.reflect.Field;
+import java.text.SimpleDateFormat;
+import java.time.Instant;
+import java.util.Base64;
+import java.util.Map;
+import java.util.TimeZone;
+import java.util.Timer;
+import java.util.UUID;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.apache.ignite.Ignition;
+import org.joda.time.DateTime;
+import org.joda.time.DateTimeZone;
+import org.junit.AfterClass;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.opensaml.core.config.InitializationException;
+import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
+import org.opensaml.core.xml.io.UnmarshallingException;
+import org.opensaml.core.xml.util.XMLObjectSupport;
+import org.opensaml.saml.metadata.resolver.impl.ResourceBackedMetadataResolver;
+import org.opensaml.saml.saml2.core.Issuer;
+import org.opensaml.saml.saml2.core.RequestAbstractType;
+import org.opensaml.saml.saml2.core.Response;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.boot.web.servlet.FilterRegistrationBean;
+import org.springframework.core.io.ResourceLoader;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.ClassMode;
+import org.springframework.test.context.ActiveProfiles;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.TestPropertySource;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.test.web.servlet.setup.DefaultMockMvcBuilder;
+import org.springframework.test.web.servlet.setup.MockMvcBuilders;
+import org.springframework.util.Base64Utils;
+import org.springframework.web.context.WebApplicationContext;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import com.google.common.collect.ImmutableSet;
+
+import at.asitplus.eidas.specific.modules.auth.idaustria.controller.IdAustriaAuthSignalController;
+import at.asitplus.eidas.specific.modules.auth.idaustria.utils.IdAustriaAuthCredentialProvider;
+import at.asitplus.eidas.specific.modules.auth.idaustria.utils.IdAustriaAuthMetadataProvider;
+import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants;
+import at.asitplus.eidas.specific.modules.core.eidas.service.EidasAttributeRegistry;
+import at.asitplus.eidas.specific.modules.msproxyservice.protocol.EidasProxyServiceController;
+import at.gv.egiz.components.spring.api.SpringBootApplicationContextInitializer;
+import at.gv.egiz.eaaf.core.api.IStatusMessenger;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.impl.idp.controller.ProtocolFinalizationController;
+import at.gv.egiz.eaaf.core.impl.logging.LogMessageProviderFactory;
+import at.gv.egiz.eaaf.core.impl.utils.DomUtils;
+import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential;
+import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException;
+import at.gv.egiz.eaaf.modules.pvp2.exception.SamlSigningException;
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.OpenSaml3ResourceAdapter;
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer;
+import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
+import eu.eidas.auth.cache.IgniteInstanceInitializerSpecificCommunication;
+import eu.eidas.auth.commons.EidasParameterKeys;
+import eu.eidas.auth.commons.attribute.AttributeValue;
+import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
+import eu.eidas.auth.commons.light.ILightResponse;
+import eu.eidas.auth.commons.light.impl.LightRequest;
+import eu.eidas.auth.commons.tx.BinaryLightToken;
+import eu.eidas.specificcommunication.SpecificCommunicationDefinitionBeanNames;
+import eu.eidas.specificcommunication.protocol.SpecificCommunicationService;
+import lombok.SneakyThrows;
+import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
+import net.shibboleth.utilities.java.support.xml.XMLParserException;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@SpringBootTest
+@ContextConfiguration(initializers = {
+ org.springframework.boot.context.config.DelegatingApplicationContextInitializer.class,
+ SpringBootApplicationContextInitializer.class
+ })
+@TestPropertySource(locations = { "file:src/test/resources/config/junit_config_1_springboot.properties" })
+@DirtiesContext(classMode = ClassMode.AFTER_CLASS)
+@ActiveProfiles(profiles = {"JUNIT", "jUnitTestMode"})
+public class FullStartUpAndProcessTest {
+
+ private static final String METADATA_PATH = "classpath:/data/idp_metadata_classpath_entity.xml";
+ private static final String FINAL_REDIRECT = "https://localhost/ms_proxy/public/secure/finalizeAuthProtocol?pendingid=";
+ private static final String ERROR_REDIRECT = "https://localhost/ms_proxy/public/secure/errorHandling?errorid=";
+
+
+ @Autowired private WebApplicationContext wac;
+
+ @Autowired private ResourceLoader resourceLoader;
+ @Autowired private EidasAttributeRegistry attrRegistry;
+
+ @Autowired private IdAustriaAuthSignalController idAustriaEndpoint;
+ @Autowired private IdAustriaAuthMetadataProvider idAustriaMetadata;
+ @Autowired private IdAustriaAuthCredentialProvider credentialProvider;
+
+ @Autowired private EidasProxyServiceController eidasProxyEndpoint;
+ @Autowired private ProtocolFinalizationController finalize;
+
+ @Autowired private IStatusMessenger messager;
+
+ /**
+ * jUnit class initializer.
+ * @throws InterruptedException In case of an error
+ * @throws ComponentInitializationException In case of an error
+ * @throws InitializationException In case of an error
+ *
+ */
+ @BeforeClass
+ @SneakyThrows
+ public static void classInitializer() {
+ final String current = new java.io.File(".").toURI().toString();
+ System.clearProperty("eidas.ms.configuration");
+
+ //eIDAS Ref. Impl. properties
+ System.setProperty("EIDAS_CONFIG_REPOSITORY", current.substring("file:".length())
+ + "../basicConfig/eIDAS/");
+ System.setProperty("SPECIFIC_CONNECTOR_CONFIG_REPOSITORY", current.substring("file:".length())
+ + "../basicConfig/eIDAS/");
+ System.setProperty("SPECIFIC_PROXY_SERVICE_CONFIG_REPOSITORY", current.substring("file:".length())
+ + "../basicConfig/eIDAS/");
+
+ EaafOpenSaml3xInitializer.eaafInitialize();
+
+ }
+
+ /**
+ * Test shut-down.
+ *
+ * @throws Exception In case of an error
+ */
+ @AfterClass
+ @SneakyThrows
+ public static void closeIgniteNode() {
+ System.out.println("Closiong Ignite Node ... ");
+ Ignition.stopAll(true);
+
+ //set Ignite-node holder to 'null' because static holders are shared between different tests
+ final Field field = IgniteInstanceInitializerSpecificCommunication.class.getDeclaredField("instance");
+ field.setAccessible(true);
+ field.set(null, null);
+
+ }
+
+ /**
+ * jUnit test set-up.
+ *
+ *
+ */
+ @Before
+ public void setup() throws IOException {
+ DefaultMockMvcBuilder builder = MockMvcBuilders.webAppContextSetup(this.wac);
+ @SuppressWarnings("rawtypes")
+ Map<String, FilterRegistrationBean> filters = wac.getBeansOfType(FilterRegistrationBean.class);
+ for (FilterRegistrationBean<?> filter : filters.values()) {
+ if (filter.isEnabled()) {
+ builder.addFilter(filter.getFilter(), "/*");
+
+ }
+ }
+
+ LogMessageProviderFactory.setStatusMessager(messager);
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void simpleError() {
+ MockHttpServletRequest proxyHttpReq = new MockHttpServletRequest("POST", "https://localhost/ms_proxy");
+ String spCountryCode = injectEidas2AuthnReq(proxyHttpReq);
+ MockHttpServletResponse proxyHttpResp = new MockHttpServletResponse();
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(proxyHttpReq, proxyHttpResp));
+
+ injectIdAustriaSaml2Metadata();
+
+
+ // send eIDAS Proxy-Service process hand-over
+ eidasProxyEndpoint.receiveEidasAuthnRequest(proxyHttpReq, proxyHttpResp);
+
+
+ // extract SAML2 AuthnRequest to IDA system
+ assertEquals("forward to finalization", 200, proxyHttpResp.getStatus());
+ assertEquals("forward to eIDAS Node page", "text/html;charset=UTF-8", proxyHttpResp.getContentType());
+ String saml2ReqPage = proxyHttpResp.getContentAsString();
+ assertNotNull("selectionPage is null", saml2ReqPage);
+ assertFalse("selectionPage is empty", saml2ReqPage.isEmpty());
+
+ String saml2ReqB64 = extractRequestToken(saml2ReqPage, "<input type=\"hidden\" name=\"SAMLRequest\" value=\"");
+ String saml2RelayState = extractRequestToken(saml2ReqPage, "<input type=\"hidden\" name=\"RelayState\" value=\"");
+ assertNotNull("SAML2 request", saml2ReqB64);
+ assertNotNull("SAML2 relayState", saml2RelayState);
+
+
+
+ // send WRONG response from IDA system to eIDAS Proxy-Service
+ final MockHttpServletRequest idaHttpReq = new MockHttpServletRequest("POST", "https://localhost/ms_proxy");
+ idaHttpReq.setScheme("https");
+ idaHttpReq.setServerPort(443);
+ idaHttpReq.setContextPath("/ms_proxy");
+ idaHttpReq.addParameter(IdAustriaAuthSignalController.HTTP_PARAM_RELAYSTATE, RandomStringUtils.randomAlphanumeric(15));
+ idaHttpReq.addParameter("SAMLResponse", RandomStringUtils.randomAlphabetic(25));
+ final MockHttpServletResponse idaHttpResp = new MockHttpServletResponse();
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(idaHttpReq, idaHttpResp));
+
+ idAustriaEndpoint.performEidasAuthentication(idaHttpReq, idaHttpResp);
+
+
+ // validate forwarding to protocol finalization
+ assertEquals("forward to finalization", 302, idaHttpResp.getStatus());
+ assertNotNull("missing redirect header", idaHttpResp.getHeader("Location"));
+ assertTrue("wrong redirect header", idaHttpResp.getHeader("Location").startsWith(ERROR_REDIRECT));
+ String finalPendingReqId = idaHttpResp.getHeader("Location").substring(ERROR_REDIRECT.length());
+ assertFalse("final errorId", finalPendingReqId.isEmpty());
+
+ // set-up error-handling request
+ MockHttpServletRequest finalizationReq = new MockHttpServletRequest("POST", "https://localhost/ms_proxy");
+ finalizationReq.setParameter("errorid", finalPendingReqId);
+ MockHttpServletResponse respErrorPage = new MockHttpServletResponse();
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(finalizationReq, respErrorPage));
+
+ // execute error-handling step
+ finalize.errorHandling(finalizationReq, respErrorPage);
+
+
+ // extract access-token for eIDAS node communication
+ assertEquals("errorPage", 200, respErrorPage.getStatus());
+ assertEquals("errorPage", "text/html;charset=UTF-8", respErrorPage.getContentType());
+ String errorPage = respErrorPage.getContentAsString();
+ assertNotNull("errorPage is null", errorPage);
+ assertFalse("errorPage is empty", errorPage.isEmpty());
+ assertTrue("Missing errorCode", errorPage.contains("auth.26"));
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void simpleSuccess() {
+ MockHttpServletRequest proxyHttpReq = new MockHttpServletRequest("POST", "https://localhost/ms_proxy");
+ String spCountryCode = injectEidas2AuthnReq(proxyHttpReq);
+ MockHttpServletResponse proxyHttpResp = new MockHttpServletResponse();
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(proxyHttpReq, proxyHttpResp));
+
+ injectIdAustriaSaml2Metadata();
+
+
+ // send eIDAS Proxy-Service process hand-over
+ eidasProxyEndpoint.receiveEidasAuthnRequest(proxyHttpReq, proxyHttpResp);
+
+
+ // extract SAML2 AuthnRequest to IDA system
+ assertEquals("forward to finalization", 200, proxyHttpResp.getStatus());
+ assertEquals("forward to eIDAS Node page", "text/html;charset=UTF-8", proxyHttpResp.getContentType());
+ String saml2ReqPage = proxyHttpResp.getContentAsString();
+ assertNotNull("selectionPage is null", saml2ReqPage);
+ assertFalse("selectionPage is empty", saml2ReqPage.isEmpty());
+
+ String saml2ReqB64 = extractRequestToken(saml2ReqPage, "<input type=\"hidden\" name=\"SAMLRequest\" value=\"");
+ String saml2RelayState = extractRequestToken(saml2ReqPage, "<input type=\"hidden\" name=\"RelayState\" value=\"");
+ assertNotNull("SAML2 request", saml2ReqB64);
+ assertNotNull("SAML2 relayState", saml2RelayState);
+
+ // validate SAML2 request to IDA system
+ String saml2ReqId = validateSaml2Request(saml2ReqB64, spCountryCode);
+
+ // build SAML2 response from IDA system
+ String saml2RespB64 = buildSaml2Response(saml2ReqId);
+
+
+ // send response from IDA system to eIDAS Proxy-Service
+ final MockHttpServletRequest idaHttpReq = new MockHttpServletRequest("POST", "https://localhost/ms_proxy");
+ idaHttpReq.setScheme("https");
+ idaHttpReq.setServerPort(443);
+ idaHttpReq.setContextPath("/ms_proxy");
+ idaHttpReq.addParameter(IdAustriaAuthSignalController.HTTP_PARAM_RELAYSTATE, saml2RelayState);
+ idaHttpReq.addParameter("SAMLResponse", saml2RespB64);
+ final MockHttpServletResponse idaHttpResp = new MockHttpServletResponse();
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(idaHttpReq, idaHttpResp));
+
+ idAustriaEndpoint.performEidasAuthentication(idaHttpReq, idaHttpResp);
+
+
+ // validate forwarding to protocol finalization
+ assertEquals("forward to finalization", 302, idaHttpResp.getStatus());
+ assertNotNull("missing redirect header", idaHttpResp.getHeader("Location"));
+ assertTrue("wrong redirect header", idaHttpResp.getHeader("Location").startsWith(FINAL_REDIRECT));
+ String finalPendingReqId = idaHttpResp.getHeader("Location").substring(FINAL_REDIRECT.length());
+ assertFalse("final pendingRequestId", finalPendingReqId.isEmpty());
+
+ // set-up finalization request
+ MockHttpServletRequest finalizationReq = new MockHttpServletRequest("POST", "https://localhost/ms_proxy");
+ finalizationReq.setParameter("pendingid", finalPendingReqId);
+ MockHttpServletResponse respToEidasProxy = new MockHttpServletResponse();
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(finalizationReq, respToEidasProxy));
+
+ // exexcute finalization step
+ finalize.finalizeAuthProtocol(finalizationReq, respToEidasProxy);
+
+
+ // extract access-token for eIDAS node communication
+ assertEquals("forward to finalization", 200, respToEidasProxy.getStatus());
+ assertEquals("forward to eIDAS Node page", "text/html;charset=UTF-8", respToEidasProxy.getContentType());
+ String forwardPage = respToEidasProxy.getContentAsString();
+ assertNotNull("forward to eIDAS Node is null", forwardPage);
+ assertFalse("forward to eIDAS Node is empty", forwardPage.isEmpty());
+
+ String eidasNodeRespToken = extractRequestToken(forwardPage, "<input type=\"hidden\" name=\"token\" value=\"");
+ assertFalse("eidas req. token", eidasNodeRespToken.isEmpty());
+
+ // validate eIDAS light-response to eIDAS node
+ validateEidasLightResponse(eidasNodeRespToken);
+
+
+ }
+
+
+ @SneakyThrows
+ private void validateEidasLightResponse(String eidasNodeRespToken) {
+ final SpecificCommunicationService springManagedSpecificConnectorCommunicationService =
+ (SpecificCommunicationService) wac.getBean(
+ SpecificCommunicationDefinitionBeanNames.SPECIFIC_PROXYSERVICE_COMMUNICATION_SERVICE.toString());
+
+ ILightResponse lightResp = springManagedSpecificConnectorCommunicationService.getAndRemoveResponse(eidasNodeRespToken,
+ attrRegistry.getCoreAttributeRegistry().getAttributes());
+
+ SimpleDateFormat dateTimeParser = new SimpleDateFormat("yyyy-MM-dd");
+ dateTimeParser.setTimeZone(TimeZone.getTimeZone("UTC"));
+
+ assertNotNull("ligth-response", lightResp);
+ assertEquals("eIDAS statusCode", "urn:oasis:names:tc:SAML:2.0:status:Success", lightResp.getStatus().getStatusCode());
+ assertEquals("eIDAS LoA", "http://eidas.europa.eu/LoA/high", lightResp.getLevelOfAssurance());
+ assertEquals("eIDAS attribute size", 4, lightResp.getAttributes().size());
+ checkEidasAttribute(lightResp.getAttributes(),
+ "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", "QVGm48cqcM4UcyhDTNGYmVdrIoY=");
+ checkEidasAttribute(lightResp.getAttributes(),
+ "http://eidas.europa.eu/attributes/naturalperson/CurrentGivenName", "Max");
+ checkEidasAttribute(lightResp.getAttributes(),
+ "http://eidas.europa.eu/attributes/naturalperson/CurrentFamilyName", "Mustermann");
+ checkEidasAttribute(lightResp.getAttributes(),
+ "http://eidas.europa.eu/attributes/naturalperson/DateOfBirth",
+ new DateTime(dateTimeParser.parse("1940-01-01").getTime(), DateTimeZone.UTC));
+
+
+
+ }
+
+ private void checkEidasAttribute(ImmutableAttributeMap attributes, String attrName, Object expected) {
+ ImmutableSet<? extends AttributeValue<Object>> attr = attributes.getAttributeValuesByNameUri(attrName);
+ assertNotNull("Attribute: " + attrName, attr);
+ assertFalse("Empty AttributeValue: " + attrName, attr.isEmpty());
+ assertNotNull("AttributeValue: " + attrName, attr.asList().get(0));
+ assertEquals("Wrong AttributeValue: " + attrName, expected, attr.asList().get(0).getValue());
+
+ }
+
+ @SneakyThrows
+ private String validateSaml2Request(String saml2ReqB64, String spCountryCode) {
+ final RequestAbstractType authnReq = (RequestAbstractType) XMLObjectSupport.unmarshallFromInputStream(
+ XMLObjectProviderRegistrySupport.getParserPool(),
+ new ByteArrayInputStream(Base64Utils.decodeFromString(saml2ReqB64)));
+
+ // check requested attributes
+ assertEquals("wrong number of extension elements",
+ 1, authnReq.getExtensions().getOrderedChildren().size());
+ assertEquals("wrong number of requested attributes",
+ 5, authnReq.getExtensions().getOrderedChildren().get(0).getOrderedChildren().size());
+
+ return authnReq.getID();
+ }
+
+ @SneakyThrows
+ private String buildSaml2Response(String saml2ReqId) {
+ final Response response = initializeResponse(
+ "classpath:/data/idp_metadata_classpath_entity.xml",
+ "/data/Response_with_EID.xml",
+ credentialProvider.getMessageSigningCredential(),
+ true, saml2ReqId);
+ return Base64.getEncoder().encodeToString(
+ DomUtils.serializeNode(XMLObjectSupport.getMarshaller(response).marshall(response)).getBytes(
+ "UTF-8"));
+
+ }
+
+ private Response initializeResponse(String idpEntityId, String responsePath, EaafX509Credential credential,
+ boolean validConditions, String saml2ReqId) throws SamlSigningException, XMLParserException, UnmarshallingException,
+ Pvp2MetadataException {
+
+ final Response response = (Response) XMLObjectSupport.unmarshallFromInputStream(
+ XMLObjectProviderRegistrySupport.getParserPool(),
+ FullStartUpAndProcessTest.class.getResourceAsStream(responsePath));
+ response.setIssueInstant(Instant.now());
+ final Issuer issuer = Saml2Utils.createSamlObject(Issuer.class);
+ issuer.setValue(idpEntityId);
+ response.setIssuer(issuer);
+ response.setInResponseTo(saml2ReqId);
+
+ if (validConditions) {
+ response.getAssertions().get(0).getConditions().setNotOnOrAfter(Instant.now().plusSeconds(5*60));
+
+ }
+
+ return Saml2Utils.signSamlObject(response, credential, true);
+ }
+
+ @SneakyThrows
+ private void injectIdAustriaSaml2Metadata() {
+ final org.springframework.core.io.Resource resource = resourceLoader.getResource(METADATA_PATH);
+ Timer timer = new Timer("PVP metadata-resolver refresh");
+ ResourceBackedMetadataResolver fileSystemResolver =
+ new ResourceBackedMetadataResolver(timer, new OpenSaml3ResourceAdapter(resource));
+ fileSystemResolver.setId("test");
+ fileSystemResolver.setParserPool(XMLObjectProviderRegistrySupport.getParserPool());
+ fileSystemResolver.initialize();
+ idAustriaMetadata.addMetadataResolverIntoChain(fileSystemResolver);
+
+
+ }
+
+ private String extractRequestToken(String selectionPage, String selector) {
+ int start = selectionPage.indexOf(selector);
+ assertTrue("find no starting element of selector", start > 0);
+ int end = selectionPage.indexOf("\"", start + selector.length());
+ assertTrue("find no end tag", end > 0);
+ return selectionPage.substring(start + selector.length(), end);
+
+ }
+
+ @SneakyThrows
+ private String injectEidas2AuthnReq(MockHttpServletRequest proxyHttpReq) {
+ String spCountryCode = "XX";
+ LightRequest.Builder authnReqBuilder = LightRequest.builder()
+ .id(UUID.randomUUID().toString())
+ .issuer(RandomStringUtils.randomAlphabetic(10))
+ .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+ .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+ .spCountryCode(spCountryCode)
+ .spType("public")
+ .requestedAttributes(ImmutableAttributeMap.builder()
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first())
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME).first())
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME).first())
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ EidasConstants.eIDAS_ATTR_DATEOFBIRTH).first())
+ .build());
+
+ final SpecificCommunicationService springManagedSpecificConnectorCommunicationService =
+ (SpecificCommunicationService) wac.getBean(
+ SpecificCommunicationDefinitionBeanNames.SPECIFIC_PROXYSERVICE_COMMUNICATION_SERVICE.toString());
+ BinaryLightToken token = springManagedSpecificConnectorCommunicationService.putRequest(authnReqBuilder.build());
+ proxyHttpReq.addParameter(EidasParameterKeys.TOKEN.toString(), Base64Utils.encodeToString(token.getTokenBytes()));
+
+ return spCountryCode;
+
+ }
+
+}
diff --git a/ms_specific_proxyservice/src/test/java/at/asitplus/eidas/specific/proxy/test/MsConnectorSpringResourceProviderTest.java b/ms_specific_proxyservice/src/test/java/at/asitplus/eidas/specific/proxy/test/MsConnectorSpringResourceProviderTest.java
new file mode 100644
index 00000000..2da6b316
--- /dev/null
+++ b/ms_specific_proxyservice/src/test/java/at/asitplus/eidas/specific/proxy/test/MsConnectorSpringResourceProviderTest.java
@@ -0,0 +1,56 @@
+package at.asitplus.eidas.specific.proxy.test;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+import org.apache.commons.io.IOUtils;
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.BlockJUnit4ClassRunner;
+import org.springframework.core.io.Resource;
+
+import at.asitplus.eidas.specific.proxy.MsSpecificEidasProxySpringResourceProvider;
+import at.gv.egiz.eaaf.core.test.TestConstants;
+
+
+
+@RunWith(BlockJUnit4ClassRunner.class)
+public class MsConnectorSpringResourceProviderTest {
+
+ @Test
+ public void testSpringConfig() {
+ final MsSpecificEidasProxySpringResourceProvider test =
+ new MsSpecificEidasProxySpringResourceProvider();
+ for (final Resource el : test.getResourcesToLoad()) {
+ try {
+ IOUtils.toByteArray(el.getInputStream());
+
+ } catch (final IOException e) {
+ Assert.fail("Ressouce: " + el.getFilename() + " not found");
+ }
+
+ }
+
+ Assert.assertNotNull("no Name", test.getName());
+ Assert.assertNull("Find package definitions", test.getPackagesToScan());
+
+ }
+
+ @Test
+ public void testSpILoaderConfig() {
+ final InputStream el = this.getClass().getResourceAsStream(TestConstants.TEST_SPI_LOADER_PATH);
+ try {
+ final String spiFile = IOUtils.toString(el, "UTF-8");
+
+ Assert.assertEquals("Wrong classpath in SPI file",
+ MsSpecificEidasProxySpringResourceProvider.class.getName(), spiFile);
+
+
+ } catch (final IOException e) {
+ Assert.fail("Ressouce: " + TestConstants.TEST_SPI_LOADER_PATH + " not found");
+
+ }
+ }
+
+}
diff --git a/ms_specific_proxyservice/src/test/java/at/asitplus/eidas/specific/proxy/test/builder/ProxyAuthenticationDataBuilderTest.java b/ms_specific_proxyservice/src/test/java/at/asitplus/eidas/specific/proxy/test/builder/ProxyAuthenticationDataBuilderTest.java
new file mode 100644
index 00000000..ee2c8d8c
--- /dev/null
+++ b/ms_specific_proxyservice/src/test/java/at/asitplus/eidas/specific/proxy/test/builder/ProxyAuthenticationDataBuilderTest.java
@@ -0,0 +1,395 @@
+package at.asitplus.eidas.specific.proxy.test.builder;
+
+import static at.asitplus.eidas.specific.core.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+
+import java.lang.reflect.Field;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.apache.commons.lang3.RandomUtils;
+import org.apache.ignite.Ignition;
+import org.junit.AfterClass;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.opensaml.core.config.InitializationException;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.context.i18n.LocaleContextHolder;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.ClassMode;
+import org.springframework.test.context.ActiveProfiles;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.TestPropertySource;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import com.google.common.collect.Sets;
+
+import at.asitplus.eidas.specific.core.MsEidasNodeConstants;
+import at.asitplus.eidas.specific.core.builder.AuthenticationDataBuilder;
+import at.asitplus.eidas.specific.core.config.ServiceProviderConfiguration;
+import at.gv.egiz.components.spring.api.SpringBootApplicationContextInitializer;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.impl.idp.EidAuthenticationData;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.EidAuthProcessDataWrapper;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer;
+import eu.eidas.auth.cache.IgniteInstanceInitializerSpecificCommunication;
+import lombok.SneakyThrows;
+import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@SpringBootTest
+@ContextConfiguration(initializers = {
+ org.springframework.boot.context.config.DelegatingApplicationContextInitializer.class,
+ SpringBootApplicationContextInitializer.class
+ })
+@TestPropertySource(locations = { "file:src/test/resources/config/junit_config_1_springboot.properties" })
+@DirtiesContext(classMode = ClassMode.AFTER_CLASS)
+@ActiveProfiles(profiles = {"JUNIT", "jUnitTestMode"})
+public class ProxyAuthenticationDataBuilderTest {
+
+
+ @Autowired
+ private AuthenticationDataBuilder authenticationDataBuilder;
+
+ @Autowired(required = true)
+ private IConfiguration basicConfig;
+
+ private MockHttpServletRequest httpReq;
+ private MockHttpServletResponse httpResp;
+ private TestRequestImpl pendingReq;
+
+ private Map<String, String> spConfig;
+ private ServiceProviderConfiguration oaParam;
+
+ private String eidasBind;
+ private String authBlock;
+
+ @BeforeClass
+ public static void classInitializer() throws InitializationException, ComponentInitializationException {
+ final String current = new java.io.File(".").toURI().toString();
+ System.setProperty("eidas.ms.configuration", current
+ + "src/test/resources/config/junit_config_3.properties");
+
+ //eIDAS Ref. Impl. properties
+ System.setProperty("EIDAS_CONFIG_REPOSITORY", current.substring("file:".length())
+ + "../basicConfig/eIDAS/");
+ System.setProperty("SPECIFIC_CONNECTOR_CONFIG_REPOSITORY", current.substring("file:".length())
+ + "../basicConfig/eIDAS/");
+ System.setProperty("SPECIFIC_PROXY_SERVICE_CONFIG_REPOSITORY", current.substring("file:".length())
+ + "../basicConfig/eIDAS/");
+
+ EaafOpenSaml3xInitializer.eaafInitialize();
+ }
+
+ /**
+ * Test shut-down.
+ *
+ * @throws Exception In case of an error
+ */
+ @AfterClass
+ @SneakyThrows
+ public static void closeIgniteNode() {
+ System.out.println("Closiong Ignite Node ... ");
+ Ignition.stopAll(true);
+
+ //set Ignite-node holder to 'null' because static holders are shared between different tests
+ final Field field = IgniteInstanceInitializerSpecificCommunication.class.getDeclaredField("instance");
+ field.setAccessible(true);
+ field.set(null, null);
+
+ }
+
+ @Before
+ @SneakyThrows
+ public void initialize() throws EaafStorageException {
+ httpReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector");
+ httpResp = new MockHttpServletResponse();
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+ spConfig = new HashMap<>();
+ spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
+ spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
+ spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "true");
+ oaParam = new ServiceProviderConfiguration(spConfig, basicConfig);
+ oaParam.setBpkTargetIdentifier("urn:publicid:gv.at:cdid+XX");
+
+ pendingReq = new TestRequestImpl();
+ pendingReq.setAuthUrl("https://localhost/ms_connector");
+ pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10));
+ pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10));
+ pendingReq.setSpConfig(oaParam);
+ authBlock = RandomStringUtils.randomAlphanumeric(20);
+ eidasBind = RandomStringUtils.randomAlphanumeric(20);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, authBlock);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, eidasBind);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setQaaLevel(EaafConstants.EIDAS_LOA_PREFIX + RandomStringUtils.randomAlphabetic(5));
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession(
+ PvpAttributeDefinitions.EID_ISSUING_NATION_NAME,
+ RandomStringUtils.randomAlphabetic(2));
+
+ LocaleContextHolder.resetLocaleContext();
+
+ }
+
+ @Test
+ @SneakyThrows
+ public void eidasProxyModeSimple() throws EaafAuthenticationException {
+ // initialize state
+ pendingReq = new TestRequestImpl();
+ pendingReq.setAuthUrl("https://localhost/ms_connector");
+ pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10));
+ pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10));
+ pendingReq.setSpConfig(oaParam);
+ boolean isTestIdentity = RandomUtils.nextBoolean();
+
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(true);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setForeigner(false);
+
+ String bpk = RandomStringUtils.randomAlphanumeric(10);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession(
+ PvpAttributeDefinitions.BPK_NAME, "eidas+AT+XX:" + bpk);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession(
+ PvpAttributeDefinitions.GIVEN_NAME_NAME, "Max");
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession(
+ PvpAttributeDefinitions.PRINCIPAL_NAME_NAME, "Mustermann");
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession(
+ PvpAttributeDefinitions.BIRTHDATE_NAME, "1940-01-01");
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession(
+ PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME,
+ "http://eidas.europa.eu/LoA/high");
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession(
+ PvpAttributeDefinitions.EID_ISSUING_NATION_NAME,
+ RandomStringUtils.randomAlphabetic(2));
+
+ String randAttr = RandomStringUtils.randomAlphabetic(10);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession(
+ randAttr, RandomStringUtils.randomAlphabetic(10));
+
+ oaParam.setRequestedAttributes(Sets.newHashSet(randAttr,
+ PvpAttributeDefinitions.BPK_NAME,
+ PvpAttributeDefinitions.GIVEN_NAME_NAME,
+ PvpAttributeDefinitions.PRINCIPAL_NAME_NAME,
+ PvpAttributeDefinitions.BIRTHDATE_NAME,
+ PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME,
+ PvpAttributeDefinitions.EID_ISSUING_NATION_NAME));
+
+
+ // execute
+ IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq);
+
+ // validate state
+ Assert.assertNotNull("AuthData null", authData);
+ Assert.assertNull("authBlock null", authData.getGenericData(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, String.class));
+ Assert.assertNull("eidasBind null", authData.getGenericData(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, String.class));
+ Assert.assertNotNull("LoA null", authData.getEidasQaaLevel());
+
+ Assert.assertEquals("FamilyName", "Mustermann", authData.getFamilyName());
+ Assert.assertEquals("GivenName", "Max", authData.getGivenName());
+ Assert.assertEquals("DateOfBirth", "1940-01-01", authData.getDateOfBirth());
+
+ Assert.assertEquals("LoA", "http://eidas.europa.eu/LoA/high", authData.getEidasQaaLevel());
+ Assert.assertEquals("EID-ISSUING-NATION",
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).getGenericDataFromSession(
+ PvpAttributeDefinitions.EID_ISSUING_NATION_NAME),
+ authData.getCiticenCountryCode());
+
+ checkGenericAttribute(authData, PvpAttributeDefinitions.BPK_NAME, bpk);
+ checkGenericAttribute(authData, PvpAttributeDefinitions.GIVEN_NAME_NAME, "Max");
+ checkGenericAttribute(authData, PvpAttributeDefinitions.PRINCIPAL_NAME_NAME, "Mustermann");
+ checkGenericAttribute(authData, PvpAttributeDefinitions.BIRTHDATE_NAME, "1940-01-01");
+
+ Assert.assertEquals("random optional attr.",
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).getGenericDataFromSession(
+ randAttr),
+ authData.getGenericData(randAttr, String.class));
+
+ }
+
+
+ @Test
+ public void eidasProxyModeWithNatMandate() throws EaafAuthenticationException, EaafStorageException {
+ // initialize state
+ injectRepresentativeInfosIntoSession();
+
+ String givenNameMandate = RandomStringUtils.randomAlphabetic(10);
+ String familyNameMandate = RandomStringUtils.randomAlphabetic(10);
+ String dateOfBirthMandate = "1957-09-15";
+ String bpkMandate = RandomStringUtils.randomAlphanumeric(10);
+
+ // set nat. person mandate information
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setUseMandates(true);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME, givenNameMandate);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME, familyNameMandate);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME, dateOfBirthMandate);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME, "AT+XX:" + bpkMandate);
+
+ oaParam.setRequestedAttributes(Sets.newHashSet(
+ PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME,
+ PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME,
+ PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME,
+ PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME));
+
+ // execute test
+ IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq);
+
+
+ // validate state
+ Assert.assertNotNull("AuthData null", authData);
+ assertTrue("mandate flag", ((EidAuthenticationData)authData).isUseMandate());
+
+ //check mandate informations
+ checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME, givenNameMandate);
+ checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME, familyNameMandate);
+ checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME, "1957-09-15");
+ checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME, bpkMandate);
+
+ }
+
+ @Test
+ public void eidasProxyModeWithNatMandateWrongBpkFormat() throws EaafAuthenticationException, EaafStorageException {
+ // initialize state
+ injectRepresentativeInfosIntoSession();
+
+ String givenNameMandate = RandomStringUtils.randomAlphabetic(10);
+ String familyNameMandate = RandomStringUtils.randomAlphabetic(10);
+ String dateOfBirthMandate = "1957-09-15";
+ String bpkMandate = RandomStringUtils.randomAlphanumeric(10);
+
+ // set nat. person mandate information
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setUseMandates(true);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME, givenNameMandate);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME, familyNameMandate);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME, dateOfBirthMandate);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME, bpkMandate);
+
+ oaParam.setRequestedAttributes(Sets.newHashSet(
+ PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME,
+ PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME,
+ PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME,
+ PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME));
+
+ // execute test
+ IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq);
+
+
+ // validate state
+ Assert.assertNotNull("AuthData null", authData);
+ assertTrue("mandate flag", ((EidAuthenticationData)authData).isUseMandate());
+
+ //check mandate informations
+ checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME, givenNameMandate);
+ checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME, familyNameMandate);
+ checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME, "1957-09-15");
+ checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME, bpkMandate);
+
+ }
+
+ @Test
+ public void eidasProxyModeWithJurMandate() throws EaafAuthenticationException, EaafStorageException {
+ // initialize state
+ injectRepresentativeInfosIntoSession();
+
+ String commonMandate = RandomStringUtils.randomAlphabetic(10);
+
+ // set constant country-code and sourcePin to check hashed eIDAS identifier
+ String sourcePinMandate = "asfdsadfsadfsafsdafsadfasr";
+ spConfig.put("target", EaafConstants.URN_PREFIX_EIDAS + "AT+EE");
+
+ // set nat. person mandate information
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setUseMandates(true);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME, commonMandate);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME, sourcePinMandate);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME,
+ EaafConstants.URN_PREFIX_BASEID + "+XFN");
+
+ oaParam.setRequestedAttributes(Sets.newHashSet(
+ PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME,
+ PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME,
+ PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME));
+
+ // execute test
+ IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq);
+
+
+ // validate state
+ Assert.assertNotNull("AuthData null", authData);
+ assertTrue("mandate flag", ((EidAuthenticationData)authData).isUseMandate());
+
+ //check mandate informations
+ checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME, commonMandate);
+ checkGenericAttribute(authData, PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME, "XFN+" + sourcePinMandate);
+
+ }
+
+ private void injectRepresentativeInfosIntoSession() throws EaafStorageException {
+ boolean isTestIdentity = RandomUtils.nextBoolean();
+ pendingReq.getSessionData(EidAuthProcessDataWrapper.class).setTestIdentity(isTestIdentity);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(true);
+
+ String givenName = RandomStringUtils.randomAlphabetic(10);
+ String familyName = RandomStringUtils.randomAlphabetic(10);
+ String dateOfBirth = "1956-12-08";
+ String bpk = RandomStringUtils.randomAlphanumeric(10);
+ String cc = pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class);
+ String spC = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+ spConfig.put("target", EaafConstants.URN_PREFIX_EIDAS + cc + "+" + spC);
+
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(true);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setForeigner(false);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(PvpAttributeDefinitions.GIVEN_NAME_NAME, givenName);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(PvpAttributeDefinitions.PRINCIPAL_NAME_NAME, familyName);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(PvpAttributeDefinitions.BIRTHDATE_NAME, dateOfBirth);
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(PvpAttributeDefinitions.BPK_NAME, bpk);
+
+ //set LoA level attribute instead of explicit session-data
+ pendingReq.getSessionData(AuthProcessDataWrapper.class)
+ .setGenericDataToSession(PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME,
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).getQaaLevel());
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setQaaLevel(null);
+
+ }
+
+ private void checkGenericAttribute(IAuthData authData, String attrName, String expected) {
+ assertEquals("Wrong: " + attrName, expected, authData.getGenericData(attrName, String.class));
+
+ }
+
+}