From dcba52858a8815a99628e1198505b6a3e9369e85 Mon Sep 17 00:00:00 2001 From: Christian Kollmann Date: Tue, 30 Nov 2021 15:34:19 +0100 Subject: Remove unused constant Fixes #10 --- .../specific/modules/auth/eidas/v2/Constants.java | 29 ++++---- .../auth/eidas/v2/tasks/AlternativeSearchTask.java | 79 +++++++++++----------- .../eidas/v2/tasks/CreateIdentityLinkTask.java | 58 ++++++++-------- .../auth/eidas/v2/tasks/InitialSearchTask.java | 7 +- .../ReceiveAustrianResidenceGuiResponseTask.java | 70 +++++++++---------- .../ReceiveMobilePhoneSignatureResponseTask.java | 58 ++++++++-------- .../ReceiveOtherLoginMethodGuiResponseTask.java | 31 ++++----- ...eceiveMobilePhoneSignatureResponseTaskTest.java | 27 ++++---- 8 files changed, 173 insertions(+), 186 deletions(-) diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java index ee9b00f7..bfb82474 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java @@ -39,11 +39,6 @@ public class Constants { public static final String DATA_FULL_EIDAS_RESPONSE = "resp_fulleIDASResponse"; public static final String DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE = "resp_fulleIDASResponseAlternative"; - /** - * Stored when one match from register was found. - */ - public static final String DATA_RESULT_MATCHING_BPK = "matching_result_bpk"; - /** * Stored before Step 2 from Matching Concept, input from user eIDAS authn. */ @@ -67,7 +62,7 @@ public class Constants { // configuration properties public static final String CONIG_PROPS_EIDAS_PREFIX = "auth.eIDAS"; - public static final String CONIG_PROPS_EIDAS_IS_TEST_IDENTITY = CONIG_PROPS_EIDAS_PREFIX + public static final String CONIG_PROPS_EIDAS_IS_TEST_IDENTITY = CONIG_PROPS_EIDAS_PREFIX + ".eid.testidentity.default"; public static final String CONIG_PROPS_EIDAS_NODE = CONIG_PROPS_EIDAS_PREFIX + ".node_v2"; public static final String CONIG_PROPS_EIDAS_NODE_COUNTRYCODE = CONIG_PROPS_EIDAS_NODE + ".countrycode"; @@ -84,20 +79,20 @@ public class Constants { CONIG_PROPS_EIDAS_NODE + ".attributes.requested.{0}.onlynatural"; public static final String CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_REPRESENTATION = CONIG_PROPS_EIDAS_NODE + ".attributes.requested.representation"; - + public static final String CONIG_PROPS_EIDAS_NODE_REQUESTERID_USE_HASHED_VERSION = CONIG_PROPS_EIDAS_NODE + ".requesterId.useHashedForm"; public static final String CONIG_PROPS_EIDAS_NODE_WORKAROUND_USE_STATIC_REQUESTERID_FOR_LUX = CONIG_PROPS_EIDAS_NODE + ".requesterId.lu.useStaticRequesterForAll"; - + public static final String CONIG_PROPS_EIDAS_NODE_WORKAROUND_ADD_ALWAYS_PROVIDERNAME = - CONIG_PROPS_EIDAS_NODE + ".workarounds.addAlwaysProviderName"; + CONIG_PROPS_EIDAS_NODE + ".workarounds.addAlwaysProviderName"; public static final String CONIG_PROPS_EIDAS_NODE_WORKAROUND_USEREQUESTIDASTRANSACTIONIDENTIFIER = CONIG_PROPS_EIDAS_NODE + ".workarounds.useRequestIdAsTransactionIdentifier"; - - public static final String CONFIG_PROP_EIDAS_NODE_NAMEIDFORMAT = + + public static final String CONFIG_PROP_EIDAS_NODE_NAMEIDFORMAT = CONIG_PROPS_EIDAS_NODE + ".requested.nameIdFormat"; - + public static final String CONIG_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP = CONIG_PROPS_EIDAS_NODE + ".staticProviderNameForPublicSPs"; public static final String DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP = "Austria"; @@ -279,14 +274,14 @@ public class Constants { public static final String COUNTRY_CODE_DE = "DE"; public static final String COUNTRY_CODE_IT = "IT"; - + // UI options public static final String HTML_FORM_ADVANCED_MATCHING_FAILED = "advancedMatchingFailed"; - - + + // ProcessEngine context public static final String CONTEXT_FLAG_ADVANCED_MATCHING_FAILED = HTML_FORM_ADVANCED_MATCHING_FAILED; - + /** * {@link at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateNewErnpEntryTask}. */ @@ -315,7 +310,7 @@ public class Constants { */ public static final String TRANSITION_TO_GENERATE_EIDAS_LOGIN = "TASK_GenerateAlternativeEidasAuthn"; - + /** * Stores login selection from user. */ diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/AlternativeSearchTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/AlternativeSearchTask.java index e0273d10..f021fae9 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/AlternativeSearchTask.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/AlternativeSearchTask.java @@ -62,7 +62,6 @@ import lombok.extern.slf4j.Slf4j; * Output: * * Transitions: * * * @author amarsalek @@ -110,20 +113,14 @@ public class ReceiveAustrianResidenceGuiResponseTask extends AbstractAuthServlet } - //TODO: Here, we need an error handling an can not stop full process if form input was invalid - //TODO: check minimum form elements - /*TODO: maybe we can switch to custom controller and use WebMVC form-binding feature. - * Binding element can be add as attribute to this request - */ if (input.getStreet().isEmpty() || input.getCity().isEmpty() || input.getZipcode().isEmpty()) { // HTML form should ensure that mandatory fields are set => this should never happen - throw new TaskExecutionException(pendingReq, "Invalid user input", - new InvalidUserInputException("module.eidasauth.matching.06")); + executionContext.put(CONTEXT_FLAG_ADVANCED_MATCHING_FAILED, true); + executionContext.put(TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK, true); + return; } - - try { SimpleEidasData eidasData = MatchingTaskUtils.getInitialEidasData(pendingReq); RegisterStatusResults initialSearchResult = MatchingTaskUtils.getIntermediateMatchingResult(pendingReq); diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java index 03cf5858..4655d7ab 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java @@ -23,6 +23,8 @@ package at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks; +import static at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED; +import static at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK; import static at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustriaClientAuthConstants.MODULE_NAME_FOR_LOGGING; import java.io.IOException; @@ -49,7 +51,6 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleMobileSignatureData; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.InvalidUserInputException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.WorkflowException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustriaClientAuthConstants; import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustriaClientAuthEventConstants; @@ -98,6 +99,7 @@ import lombok.extern.slf4j.Slf4j; *
  • {@link GenerateAustrianResidenceGuiTask} if no results in registers were found
    • *
  • {@link CreateIdentityLinkTask} if one exact match between initial register search (with MDS) data and * register search with MPS data exists
    • + *
  • {@link GenerateOtherLoginMethodGuiTask} if a user input error has happened
    • * * * @author tlenz @@ -169,8 +171,9 @@ public class ReceiveMobilePhoneSignatureResponseTask extends AbstractAuthServlet // check if MDS from ID Austria authentication matchs to eIDAS authentication if (!simpleMobileSignatureData.equalsSimpleEidasData(eidasData)) { - // user has cheated!? - throw new InvalidUserInputException("module.eidasauth.matching.05"); + executionContext.put(CONTEXT_FLAG_ADVANCED_MATCHING_FAILED, true); + executionContext.put(TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK, true); + return; } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java index 812e534c..f4419c1c 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java @@ -23,21 +23,17 @@ package at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks; -import java.util.Enumeration; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.commons.lang.StringEscapeUtils; -import org.springframework.stereotype.Component; - import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SelectedLoginMethod; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.InvalidUserInputException; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; -import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; import at.gv.egiz.eaaf.core.impl.idp.controller.tasks.AbstractLocaleAuthServletTask; import lombok.extern.slf4j.Slf4j; +import org.apache.commons.lang.StringEscapeUtils; +import org.springframework.stereotype.Component; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.util.Enumeration; /** * Handles user's selection from {@link GenerateOtherLoginMethodGuiTask}. @@ -52,6 +48,7 @@ import lombok.extern.slf4j.Slf4j; *
  • {@link GenerateMobilePhoneSignatureRequestTask} if selected by user
    • *
  • {@link GenerateAustrianResidenceGuiTask} if selected by user
    • *
  • {@link GenerateAuthnRequestTask} if selected by user
    • + *
  • {@link GenerateOtherLoginMethodGuiTask} if a user input error has happened
    • * * * @author amarsalek @@ -63,41 +60,32 @@ public class ReceiveOtherLoginMethodGuiResponseTask extends AbstractLocaleAuthSe @Override public void executeWithLocale(ExecutionContext executionContext, HttpServletRequest request, - HttpServletResponse response) throws TaskExecutionException { + HttpServletResponse response) { try { SelectedLoginMethod selection = SelectedLoginMethod.valueOf(extractUserSelection(request)); executionContext.put(Constants.REQ_SELECTED_LOGIN_METHOD_PARAMETER, selection); executionContext.remove(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED); transitionToNextTask(executionContext, selection); - } catch (final IllegalArgumentException e) { - log.error("Parsing selected login method FAILED.", e); - throw new TaskExecutionException(pendingReq, "Parsing selected login method FAILED.", - new InvalidUserInputException("module.eidasauth.matching.98")); - } catch (final Exception e) { log.error("Parsing selected login method FAILED.", e); - throw new TaskExecutionException(pendingReq, "Parsing selected login method FAILED.", e); - + executionContext.put(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED, true); + executionContext.put(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK, true); } } - private String extractUserSelection(HttpServletRequest request) throws InvalidUserInputException { + private String extractUserSelection(HttpServletRequest request) { Enumeration paramNames = request.getParameterNames(); while (paramNames.hasMoreElements()) { String paramName = paramNames.nextElement(); if (Constants.REQ_SELECTED_LOGIN_METHOD_PARAMETER.equalsIgnoreCase(paramName)) { return StringEscapeUtils.escapeHtml(request.getParameter(paramName)); - } } - - throw new InvalidUserInputException("module.eidasauth.matching.98"); - + return null; } - private void transitionToNextTask(ExecutionContext executionContext, SelectedLoginMethod selection) - throws InvalidUserInputException { + private void transitionToNextTask(ExecutionContext executionContext, SelectedLoginMethod selection) { switch (selection) { case EIDAS_LOGIN: executionContext.put(Constants.TRANSITION_TO_GENERATE_EIDAS_LOGIN, true); @@ -116,8 +104,9 @@ public class ReceiveOtherLoginMethodGuiResponseTask extends AbstractLocaleAuthSe return; default: - throw new InvalidUserInputException("module.eidasauth.matching.98"); - + executionContext.put(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED, true); + executionContext.put(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK, true); + return; } } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/messages/eidas_connector_message.properties b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/messages/eidas_connector_message.properties index cfb48d57..f47d0f30 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/messages/eidas_connector_message.properties +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/messages/eidas_connector_message.properties @@ -19,9 +19,5 @@ module.eidasauth.matching.01=Matching failed, because of an ZMR communication er module.eidasauth.matching.02=Matching failed, because ZMR response contains historic information which is not supported. module.eidasauth.matching.03=Matching failed in workflow step: {0} with error: {1} module.eidasauth.matching.04=An error occurred while loading your data from official registers. Please contact the support. -module.eidasauth.matching.05=Matching failed, because result from alternative authentication-method does not match to eIDAS authentication -module.eidasauth.matching.06=Matching failed, because GUI form for matching by residence was invalid filled - - -module.eidasauth.matching.98=Matching failed, because of an invalid or unknown request parameter. + module.eidasauth.matching.99=Matching failed, because of an unexpected processing error. Reason: {0} \ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveMobilePhoneSignatureResponseTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveMobilePhoneSignatureResponseTaskTest.java index 918e9d93..8094ac1e 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveMobilePhoneSignatureResponseTaskTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveMobilePhoneSignatureResponseTaskTest.java @@ -47,7 +47,6 @@ import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyCo import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.InvalidUserInputException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.ManualFixNecessaryException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.IdAustriaClientAuthConstants; import at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.provider.IdAustriaClientAuthCredentialProvider; @@ -324,12 +323,11 @@ public class ReceiveMobilePhoneSignatureResponseTaskTest { .build(); authProcessData.setGenericDataToSession(Constants.DATA_SIMPLE_EIDAS, eidData); - TaskExecutionException e = assertThrows(TaskExecutionException.class, - () -> task.execute(pendingReq, executionContext)); - assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID()); - isInstanceOf(AuthnResponseValidationException.class, e.getOriginalException()); - isInstanceOf(InvalidUserInputException.class, e.getOriginalException().getCause()); + task.execute(pendingReq, executionContext); + + assertEquals("Next task", true, executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK)); + assertEquals("advancedMatchingError flag", true, executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED)); } //TODO: implement new test that this test makes no sense any more diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveOtherLoginMethodGuiResponseTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveOtherLoginMethodGuiResponseTaskTest.java index 84e78fdb..da8a7497 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveOtherLoginMethodGuiResponseTaskTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveOtherLoginMethodGuiResponseTaskTest.java @@ -25,7 +25,6 @@ import org.springframework.web.context.request.ServletRequestAttributes; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SelectedLoginMethod; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.InvalidUserInputException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveOtherLoginMethodGuiResponseTask; import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; @@ -88,7 +87,7 @@ public class ReceiveOtherLoginMethodGuiResponseTaskTest { public void withNoOtherLoginSelection() throws TaskExecutionException { testTransition(SelectedLoginMethod.NO_OTHER_LOGIN, Constants.TRANSITION_TO_GENERATE_GUI_QUERY_AUSTRIAN_RESIDENCE_TASK); } - + @Test public void withAddMeAsNewSelection() throws TaskExecutionException { testTransition(SelectedLoginMethod.ADD_ME_AS_NEW, Constants.TRANSITION_TO_CREATE_NEW_ERNP_ENTRY_TASK); @@ -106,48 +105,44 @@ public class ReceiveOtherLoginMethodGuiResponseTaskTest { assertEquals("Wrong login-selection found", loginMethod, executionContext.get(Constants.REQ_SELECTED_LOGIN_METHOD_PARAMETER)); assertEquals("Next task", true, executionContext.get(expectedTransition)); assertNull("find advancedMatchingError flag", executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED)); - + } - public void withInvalidSelection() { + public void withInvalidSelection() throws TaskExecutionException { httpReq.setParameter(Constants.REQ_SELECTED_LOGIN_METHOD_PARAMETER, RandomStringUtils.randomAlphabetic(2)); - TaskExecutionException e = assertThrows(TaskExecutionException.class, - () -> task.execute(pendingReq, executionContext)); + task.execute(pendingReq, executionContext); - assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID()); - isInstanceOf(InvalidUserInputException.class, e.getOriginalException()); + assertEquals("Next task", true, executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK)); + assertEquals("advancedMatchingError flag", true, executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED)); } @Test - public void withNullSelection() { + public void withNullSelection() throws TaskExecutionException { httpReq.setParameter(Constants.REQ_SELECTED_LOGIN_METHOD_PARAMETER, "null"); - TaskExecutionException e = assertThrows(TaskExecutionException.class, - () -> task.execute(pendingReq, executionContext)); + task.execute(pendingReq, executionContext); - assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID()); - isInstanceOf(InvalidUserInputException.class, e.getOriginalException()); + assertEquals("Next task", true, executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK)); + assertEquals("advancedMatchingError flag", true, executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED)); } @Test - public void withEmptySelection() { + public void withEmptySelection() throws TaskExecutionException { httpReq.setParameter(Constants.REQ_SELECTED_LOGIN_METHOD_PARAMETER, ""); - TaskExecutionException e = assertThrows(TaskExecutionException.class, - () -> task.execute(pendingReq, executionContext)); + task.execute(pendingReq, executionContext); - assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID()); - isInstanceOf(InvalidUserInputException.class, e.getOriginalException()); + assertEquals("Next task", true, executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK)); + assertEquals("advancedMatchingError flag", true, executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED)); } @Test - public void withoutLoginMethodSelection() { + public void withoutLoginMethodSelection() throws TaskExecutionException { - TaskExecutionException e = assertThrows(TaskExecutionException.class, - () -> task.execute(pendingReq, executionContext)); + task.execute(pendingReq, executionContext); - assertEquals(pendingReq.getPendingRequestId(), e.getPendingRequestID()); - isInstanceOf(InvalidUserInputException.class, e.getOriginalException()); + assertEquals("Next task", true, executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK)); + assertEquals("advancedMatchingError flag", true, executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED)); } } -- cgit v1.2.3 From 325c3aff4e4d272072e09de66c06493ebd9858ec Mon Sep 17 00:00:00 2001 From: Christian Kollmann Date: Wed, 1 Dec 2021 06:46:44 +0100 Subject: Build: Remove dependency on IAIK JCE --- eidas_modules/authmodule-eIDAS-v2/pom.xml | 25 ++-- licenses/IAIK-LICENSE.txt | 108 ---------------- licenses/SIC_LICENSE.txt | 197 ------------------------------ pom.xml | 2 +- 4 files changed, 9 insertions(+), 323 deletions(-) delete mode 100644 licenses/IAIK-LICENSE.txt delete mode 100644 licenses/SIC_LICENSE.txt diff --git a/eidas_modules/authmodule-eIDAS-v2/pom.xml b/eidas_modules/authmodule-eIDAS-v2/pom.xml index 6b5469a1..976a4d9b 100644 --- a/eidas_modules/authmodule-eIDAS-v2/pom.xml +++ b/eidas_modules/authmodule-eIDAS-v2/pom.xml @@ -59,15 +59,6 @@ eaaf_module_pvp2_sp - - iaik.prod - iaik_jce_full - 5.52_moa - - - - - eu.eidas @@ -181,12 +172,12 @@ org.springframework.boot spring-boot-starter-test test - + org.springframework.boot spring-boot-starter-tomcat test - + com.github.skjolber mockito-soap-cxf @@ -283,15 +274,15 @@ -verbose - + ${basedir}/src/main/resources/wsdl/zmr_client/wsdl/Service.wsdl -verbose - - ${basedir}/src/main/resources/wsdl/addresssearching_client/wsdl/Service.wsdl @@ -300,10 +291,10 @@ http://bmi.gv.at/namespace/zmr-su/base/20040201#=at.gv.bmi.namespace.zmr_su.base._20040201_.address - http://bmi.gv.at/namespace/zmr-su/zmr/20040201#=at.gv.bmi.namespace.zmr_su.zrm._20040201_.address + http://bmi.gv.at/namespace/zmr-su/zmr/20040201#=at.gv.bmi.namespace.zmr_su.zrm._20040201_.address - - + + diff --git a/licenses/IAIK-LICENSE.txt b/licenses/IAIK-LICENSE.txt deleted file mode 100644 index 4fa412cf..00000000 --- a/licenses/IAIK-LICENSE.txt +++ /dev/null @@ -1,108 +0,0 @@ -Stiftung SIC License Agreement for "IAIK MOA" - -Valid from December 1st, 2005 - -The Stiftung SIC -Stiftung Secure Information and Communication Technologies -Inffeldgasse16a, A-8010 Graz, Austria, hereafter referred to as "Stiftung SIC", -offers to grant licences for the SOFTWARE defined below according to the following conditions: - -1. DEFINITIONS -For the purpose of this Licence Agreement, the following definitions are valid: - -a. The term "SOFTWARE" refers to the "IAIK MOA" bundle in any -form (object code or other) including documentation. The -SOFTWARE is the sole property of Stiftung SIC and protected by -Austrian, International Copyright Law, e.g. the Revised Berne -Convention, and the US Copyright Act. - -b. "IAIK MOA" is distributed in documentation, manuals, and user -guides, tools - including any revisions, patches and updates -downloaded by the customer. - -c."IAIK MOA Runtime Modules" means the runtime object code -modules provided with, or derived from the SOFTWARE. - -d. "MOA modules" mean the modules for online applications made -available by the Austrian Federal Chancellery and they consist of -MOA-Signature Creation (MOA-SS), MOA-Signature Verification -(MOA-SP) and MOA-Identification (MOA-ID). - -2. GRANTING of LICENCES - -The licensee is granted as specified below: - -o IAIK MOA Runtime License -Stiftung SIC grants the Licensee a non-exclusive, non-transferable runtime licence to use the -"IAIK MOA" modules in the context of unmodified MOA modules. Any attempt to use any parts or -the whole IAIK Crypto Toolkits which come bundled together with the MOA modules for any -purpose other than accessing these MOA modules by applications, including, but not limited to, -the development of applications, the creation of a toolkit, or inclusion in a different toolkit, is not -permitted without additional licenses. These licences are not transferable to contractors or any -other persons, organisations or companies outside the licensee's organisation without making -such persons, organisations or companies explicitly aware of the restrictions of these licenses -and such persons, organisations or companies explicitly agree to observe these restrictions. - -3. LIMITATIONS for all LICENCES: -LICENSEES must not attempt to reverse engineer, decompile, disassemble, reverse, translate or in -any other manner decode the computer programmes in the IAIK libraries in order to derive the -source code there from. - -4. WARRANTY: -Stiftung SIC guarantees that the SOFTWARE is free of any computer virus or other malicious -hidden routines that would intentionally cause damage to or corrupt data, storage media or -equipment. For proving the integrity of the SOFTWARE, Stiftung SIC may calculate a SHA-1 hash -value over the distribution file and publish it on its web site. It is the duty of the licensee to verify this -hash value. If the hash value cannot be verified, Stiftung SIC declines any warranties on that -software, and the licensee should immediately (or within 30 days of delivery at the latest), contact -Stiftung SIC for verification and reshipment. -The SOFTWARE is provided "as is" and except for the declaration and warranty stated in this -section, Stiftung SIC makes no representations, conditions or warranties, either express or implied, -relative to the SOFTWARE or services provided hereunder, including all implied conditions or -warranties of merchantability and fitness for a particular purpose and all conditions with respect to -intellectual property infringement. Stiftung SIC may, but shall not be obliged to, fix errors in any -SOFTWARE. - -5. PROPRIETARY INFORMATION and CONFIDENTIALITY: -The LICENSEE acknowledges that the SOFTWARE remains the property of, and is confidential to, -Stiftung SIC and incorporates trade secrets of Stiftung SIC, and that Stiftung SIC shall have the -exclusive right to any copyrights or patents in respect of the SOFTWARE. The LICENSEE agrees to -maintain the confidentiality of the SOFTWARE. -The LICENSEE further agrees that (with the exception of paragraph 2 above), he shall not make -any disclosure of the SOFTWARE (including copies thereof or methods or concepts utilised therein) -to any person or entity, other than employees of the LICENSEE, to whom such disclosure is -necessary in order to use the SOFTWARE as provided herein. The LICENSEE shall appropriately -notify each employee to whom any such disclosure is made. Such disclosure must be made in -confidence and shall be kept in confidence by the employee in question. -The LICENSEE agrees to use diligent and determined efforts to secure and protect the -SOFTWARE and copies thereof in a manner consistent with their proprietary character and the -maintenance of Licensor's rights therein, and without limitation thereof, to take appropriate action, -by instruction or agreement with its employees who are permitted access to the SOFTWARE or -copies thereof, or otherwise, to satisfy its obligations as hereby stated. - -6. TERMINATION: -Stiftung SIC may terminate this Agreement without prior notice, if the licensee 1. neglects or fails to -perform or observe, or correct a breach of its obligations to Stiftung SIC; 2. goes out of business, -files a bankruptcy petition or has such a petition filed involuntarily against it or becomes insolvent; 3. -develops, sells, licenses or distributes or attempts to develop, sell, license or distribute any software -based on the SOFTWARE which is outside the scope of the limited rights granted herein, to any -third party. In the event of such a termination, the Licensee shall immediately destroy all copies and -ensure that all backup copies are destroyed as well. - -Stiftung SIC may at any time stop granting free licenses of the SOFTWARE in combination with the -MOA modules without prior notice. In this case, all licenses granted until that time remain valid, i.e. -allow the licensee to continue using the SOFTWARE in combination with the unmodified MOA -modules. - -7. LIABILITY: -To the maximum extent allowed by applicable law Stiftung SIC shall not be liable for any damages -whatsoever (including, without limitation, damages for loss of business profits, business interruption, -loss of business information, or other pecuniary loss) arising out of the use of or inability to use the -SOFTWARE, even if Stiftung SIC has been advised of the possibility of such damages. - -8. WAIVER: -Invalidity, on legal grounds, of any term of this Agreement does not render the Agreement as a whole -invalid. - -9. GOVERNING LAW, ARBITRATION: -This Agreement is governed by Austrian law. diff --git a/licenses/SIC_LICENSE.txt b/licenses/SIC_LICENSE.txt deleted file mode 100644 index 5452d915..00000000 --- a/licenses/SIC_LICENSE.txt +++ /dev/null @@ -1,197 +0,0 @@ -License for Open Source Projects - -Stiftung SIC Java Crypto-Software Development Kit Licence Agreement for -Free Licenses Valid from February 19, 2010, amended May 13, 2011 - -The Stiftung SIC (Stiftung Secure Information and Communication -Technologies, Inffeldgasse16a, A-8010 Graz, Austria / Europe) hereafter -referred to as "Stiftung SIC" offers to grant licences for the SOFTWARE -defined below according to the following conditions: - -1. DEFINITIONS - -a. "LICENSEE" refers to the person, organisation or company, to whom the -licenses are granted under this license agreement. - -b. The term "SOFTWARE" refers to IAIK Java Crypto Software in any form -(source code, object code or other) including documentation. The -SOFTWARE is the sole property of Stiftung SIC and protected by Austrian, -International Copyright Law, e.g. the Revised Berne Convention, and the -US Copyright Act. - -c. "IAIK Java Crypto Software" means either IAIK-JCE, iSaSiLk or any -other Java-based Crypto-Software development kit which usually consists -of source code (if applicable; for source licences only), Java byte code -or any other form of object code. The Software and additional tools are -distributed in documentation, manuals, user guides, sample application -code, tools - including any revisions, patches and updates delivered or -downloaded by the LICENSEE. - -d. "IAIK Java Crypto Software Runtime Modules" means the runtime object -code modules provided with, or derived from, an IAIK-Java-Crypto -Software Development Kit, which are usually distributed as a -Java-Archive in JAR or ZIP-Format, or in any other format suitable for -use by application programmes or other software. - -e. "IAIK-Crypto Software based Application" means any computer programme -created by the LICENSEE using any of the IAIK-Toolkits, with the -exception of server software, which is considered as a different -category. - -f. "Server software" means IAIK-Crypto Software based applications run -or published on a server (like but not limited to a web server). -Examples for server software are applets, midlets, servlets, CGI-scripts -or software that is run on a server. - -g. "To publish" means that an application is retrievable or accessible -from a certain server, but not installed on another machine. - -h. "DERIVED SOFTWARE" refers to software (excluding any of our SOFTWARE) -in any form (source code, object code or other) that uses the IAIK Java -Crypto Software Runtime Modules. It also includes parts where LICENSEE -acts as a licensor or sub-licensor. - -i. “Open Source Software Development” means development under an -ACCEPTED LICENSE. - -j. "ACCEPTED LICENSE" means the following licenses: - -j1. GPL Version 2, June 1991 (http: //www.fsf.org/licenses/gpl.html). - -j2. European Union Public License (EUPL) Version 1.1, January 2009 -(http://www.osor.eu/eupl) - for distribution under compatible licenses -defined in the licenses above or under any other license, the LICENSEE -needs explicit permission by Stiftung SIC. - -2. GRANTING of LICENCES Stiftung SIC grants free licenses of the -SOFTWARE for development of free of charge open source software. The -SOFTWARE may be distributed bundled with the free of charge open source -software in binary form only. The type of open source development is -generally unrestricted; the only exception is a product that contains or -is an API or a service of which most of the functionality is provided by -the SOFTWARE. The derived product must not offer features that are -similar to that of the SOFTWARE. This means, this license does not allow -developing a product that contains or is a wrapper around the SOFTWARE. - -The LICENSEE and his licensees are granted a non-exclusive, -non-transferable license to run and redistribute the IAIK Java Crypto -Software Runtime Modules in unmodified, binary form under the following -conditions. - - * The LICENSEE and his licensees are not permitted to charge any - royalties or fees for DERIVED SOFTWARE. - - * The LICENSEE of "IAIK Java Crypto Software Runtime Modules", has to - make the source code of his product publicly available under an - ACCEPTED LICENSE. - - * The LICENSEE is further hereby obliged and authorized to bind his - licensees to all these conditions. - -If LICENSEE licenses DERIVED SOFTWARE under any other free software -licensing scheme that is similar to an ACCEPTED LICENSE, it may be -possible to grant a free license. Stiftung SIC will decide on this -individually after inspecting the intended use and license conditions. - -This free license shall NOT be construed or otherwise interpreted as any -kind of express or implied representation that this SOFTWARE is -licensable under an ACCEPTED LICENSE or any free license other than the -one laid out in this document. - -3. LIMITATIONS for all LICENCES: LICENSEES must not attempt to reverse -engineer, decompile, disassemble, reverse, translate or in any other -manner decode the computer programmes in the IAIK-Toolkit in order to -derive the source code there from. - -ATTENTION: THIS LICENSE AGREEMENT DOES NOT INCLUDE LICENSING OF THE -INCLUDED ALGORITHMS, when appropriate. Please see -http://jce.iaik.tugraz.at/sic/sales/patent_issues_algorithms for a -summary of the licence/patent status situation of algorithms used in -IAIK-JCE. It is the sole responsibility of LICENSEES to ensure the -legality of using the IAIK-Crypto software in their countries. Stiftung -SIC declares that to the best of its knowledge all parts of the -IAIK-Toolkits have been developed by Austrian citizens, except for the -HTTP implementation (w3c_http.jar) delivered with the iSaSiLk -distribution and free third party libraries (like Apache Xalan or -Xerces) that may be delivered with the toolkits for convenience. The -implementation of the Camellia cipher algorithm core has been provided -by NTT (Nippon Telegraph and Telephone Corporation) under BSD licence -terms -(see http://jce.iaik.tugraz.at/sic/sales/patent_issues_algorithms). - -4. TERMS of LICENSE: Free licenses for development of free of charge -open source software under ACCEPTED LICENSES are perpetual. Stiftung SIC -has no obligation to continue making free updates or new versions -available for LICENSEE - -5. DELIVERY: Free licenses are made available by download only. - -6. WARRANTY: Stiftung SIC guarantees that the SOFTWARE is free of any -computer virus or other malicious hidden routines that would -intentionally cause damage to or corrupt data, storage media or -equipment. - -The SOFTWARE is provided "as is" and except for the declaration and -warranty stated in this Section, Stiftung SIC makes no representations, -conditions or warranties, either express or implied, relative to the -IAIK-Toolkit or services provided hereunder, including all implied -conditions or warranties of merchantability and fitness for a particular -purpose and all conditions with respect to intellectual property -infringement. - -7. PROPRIETARY INFORMATION and CONFIDENTIALITY: The LICENSEE -acknowledges that the SOFTWARE remains the property of, and is -confidential to, Stiftung SIC and incorporates trade secrets of Stiftung -SIC, and that Stiftung SIC shall have the exclusive right to any -copyrights or patents in respect of the SOFTWARE. The LICENSEE agrees to -maintain the confidentiality of the SOFTWARE. The LICENSEE further -agrees that (with the exception of paragraph 2 above), he shall not make -any disclosure of the SOFTWARE (including copies thereof or methods or -concepts utilised therein) to any person or entity, other than employees -of the LICENSEE, to whom such disclosure is necessary in order to use -the SOFTWARE as provided herein. The LICENSEE shall appropriately notify -each employee to whom any such disclosure is made. Such disclosure must -be made in confidence and shall be kept in confidence by the employee in -question. The LICENSEE agrees to use diligent and determined efforts to -secure and protect the SOFTWARE and copies thereof in a manner -consistent with their proprietary character and the maintenance of -LICENSOR`s rights therein, and without limitation thereof, to take -appropriate action, by instruction or agreement with its employees who -are permitted access to the SOFTWARE or copies thereof, or otherwise, to -satisfy its obligations as hereby stated. - -8. TERMINATION: Stiftung SIC may terminate this Agreement without prior -notice, if the LICENSEE 1. neglects or fails to perform or observe, or -correct a breach of its obligations to Stiftung SIC; 2. goes out of -business, files a bankruptcy petition or has such a petition filed -involuntarily against it or becomes insolvent; 3. develops, sells, -licenses or distributes or attempts to develop, sell, license or -distribute any software based on the IAIK-Toolkit which is outside the -scope of the limited rights granted herein, to any third party. In the -event of such a termination, the LICENSEE shall immediately delete all -electronic versions from his systems and ensure that all backup copies -are destroyed as well. - -9. LIABILITY: To the maximum extent allowed by applicable law Stiftung -SIC shall not be liable for any damages whatsoever (including, without -limitation, damages for loss of business profits, business interruption, -loss of business information, or other pecuniary loss) arising out of -the use of or inability to use the IAIK-Toolkit, even if Stiftung SIC -has been advised of the possibility of such damages. - -10. EXPORT RESTRICTIONS: In some countries, the IAIK-Toolkits may be -subject to export and import restrictions. Their re-export may require -the approval of the competent authorities. The LICENSEE shall be liable -for the observance of any control regulation and explicitly agrees to -hold Stiftung SIC fully harmless. - -11. WAIVER: Invalidity, on legal grounds, of any term of this Agreement -does not render the Agreement as a whole invalid. - -12. SURVIVAL: Irrespective of expiration or termination of this -Agreement, the provisions of Articles 2, 4, and 8 shall survive the -termination or the expiry of this Agreement. - -13. GOVERNING LAW, ARBITRATION: This Agreement is governed by Austrian -law. - diff --git a/pom.xml b/pom.xml index 529b515e..48169e8c 100644 --- a/pom.xml +++ b/pom.xml @@ -518,7 +518,7 @@ test - iaik.*|MOA.spss.* + MOA.spss.* -- cgit v1.2.3