From 58b3c1c2d7a27775af8c0b7c9d12dea08aa575fa Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Tue, 19 Jan 2021 10:37:45 +0100 Subject: build 'requesterId' for private-sector SP's based on hashed unique AppIds set 'requesterId' and 'providerName' to static value for any type of SP --- basicConfig/default_config.properties | 3 + .../src/main/resources/application.properties | 21 ++- .../specific/modules/auth/eidas/v2/Constants.java | 14 +- .../eidas/v2/handler/AbstractEidProcessor.java | 132 +++++++++++------- .../auth/eidas/v2/handler/LuEidProcessor.java | 61 +++++++++ .../src/main/resources/eidas_v2_auth.beans.xml | 5 + .../test/tasks/GenerateAuthnRequestTaskTest.java | 148 ++++++++++++++++++++- .../EidasRequestPreProcessingFirstTest.java | 3 +- .../EidasRequestPreProcessingSecondTest.java | 48 +++++++ .../resources/SpringTest-context_basic_test.xml | 5 + 10 files changed, 381 insertions(+), 59 deletions(-) create mode 100644 eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/LuEidProcessor.java diff --git a/basicConfig/default_config.properties b/basicConfig/default_config.properties index 8a1bc3a0..ad883284 100644 --- a/basicConfig/default_config.properties +++ b/basicConfig/default_config.properties @@ -31,6 +31,9 @@ eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.password= eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.path= eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.password= +## eIDAS Request configuration +eidas.ms.auth.eIDAS.node_v2.staticProviderNameForPublicSPs=Austria + ## E-AuthBlock configuration eidas.ms.auth.eIDAS.authblock.keystore.type=jks diff --git a/connector/src/main/resources/application.properties b/connector/src/main/resources/application.properties index b13b6c18..b92102ed 100644 --- a/connector/src/main/resources/application.properties +++ b/connector/src/main/resources/application.properties @@ -51,10 +51,23 @@ eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector #eidas.ms.auth.eIDAS.node_v2.forward.endpoint= eidas.ms.auth.eIDAS.node_v2.forward.method=POST eidas.ms.auth.eIDAS.node_v2.countrycode=AT +#eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=urn:publicid:gv.at:cdid\+.* eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=.* -eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName=true + +## use SAML2 requestId as transactionIdentifier to mitigate problems with SAML2 relaystate eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier=true -eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs=true + +## use hashed version of unique SP-Identifier as requesterId +eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm=true + +## user static requesterId for all SP's in case of LU +eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll=true + + +## set provider name for all public SPs +eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName=false + + eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/high @@ -92,6 +105,10 @@ eidas.ms.auth.eIDAS.szrclient.params.setBirthNameIfAvailable=true eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=false eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=false + + + + ##without mandates eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.0=PersonIdentifier,true eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.1=FamilyName,true diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java index cdc17654..c175d999 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java @@ -56,15 +56,21 @@ public class Constants { CONIG_PROPS_EIDAS_NODE + ".attributes.requested.{0}.onlynatural"; public static final String CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_REPRESENTATION = CONIG_PROPS_EIDAS_NODE + ".attributes.requested.representation"; + + public static final String CONIG_PROPS_EIDAS_NODE_REQUESTERID_USE_HASHED_VERSION = + CONIG_PROPS_EIDAS_NODE + ".requesterId.useHashedForm"; + public static final String CONIG_PROPS_EIDAS_NODE_WORKAROUND_USE_STATIC_REQUESTERID_FOR_LUX = + CONIG_PROPS_EIDAS_NODE + ".requesterId.lu.useStaticRequesterForAll"; + public static final String CONIG_PROPS_EIDAS_NODE_WORKAROUND_ADD_ALWAYS_PROVIDERNAME = - CONIG_PROPS_EIDAS_NODE + ".workarounds.addAlwaysProviderName"; + CONIG_PROPS_EIDAS_NODE + ".workarounds.addAlwaysProviderName"; public static final String CONIG_PROPS_EIDAS_NODE_WORKAROUND_USEREQUESTIDASTRANSACTIONIDENTIFIER = CONIG_PROPS_EIDAS_NODE + ".workarounds.useRequestIdAsTransactionIdentifier"; - public static final String CONIG_PROPS_EIDAS_NODE_WORKAROUND_USE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP = - CONIG_PROPS_EIDAS_NODE + ".workarounds.useStaticProviderNameForPublicSPs"; + + public static final String CONIG_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP = CONIG_PROPS_EIDAS_NODE + ".staticProviderNameForPublicSPs"; - public static final String DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP = "ERnP"; + public static final String DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP = "Austria"; public static final String FORWARD_METHOD_POST = "POST"; public static final String FORWARD_METHOD_GET = "GET"; diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/AbstractEidProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/AbstractEidProcessor.java index 42dbfeac..90be9a7a 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/AbstractEidProcessor.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/AbstractEidProcessor.java @@ -23,6 +23,10 @@ package at.asitplus.eidas.specific.modules.auth.eidas.v2.handler; +import java.nio.charset.StandardCharsets; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; +import java.util.Base64; import java.util.Map; import java.util.regex.Matcher; import java.util.regex.Pattern; @@ -66,7 +70,7 @@ public abstract class AbstractEidProcessor implements INationalEidProcessor { public final void preProcess(IRequest pendingReq, Builder authnRequestBuilder) { buildLevelOfAssurance(pendingReq.getServiceProviderConfiguration(), authnRequestBuilder); - buildProviderNameAttribute(pendingReq, authnRequestBuilder); + buildProviderNameAndRequesterIdAttribute(pendingReq, authnRequestBuilder); buildRequestedAttributes(authnRequestBuilder); } @@ -272,6 +276,83 @@ public abstract class AbstractEidProcessor implements INationalEidProcessor { } + /** + * Set ProviderName and RequestId into eIDAS AuthnRequest. + * + * @param pendingReq Current pendingRequest + * @param authnRequestBuilder AuthnREquest builer + */ + protected void buildProviderNameAndRequesterIdAttribute(IRequest pendingReq, Builder authnRequestBuilder) { + final ISpConfiguration spConfig = pendingReq.getServiceProviderConfiguration(); + + // set correct SPType for requested target sector + final String publicSectorTargetSelector = basicConfig.getBasicConfiguration( + Constants.CONIG_PROPS_EIDAS_NODE_PUBLICSECTOR_TARGETS, + Constants.POLICY_DEFAULT_ALLOWED_TARGETS); + final Pattern p = Pattern.compile(publicSectorTargetSelector); + final Matcher m = p.matcher(spConfig.getAreaSpecificTargetIdentifier()); + if (m.matches()) { + log.debug("Map " + spConfig.getAreaSpecificTargetIdentifier() + " to 'PublicSector'"); + authnRequestBuilder.spType(SpType.PUBLIC.getValue()); + + final String providerName = pendingReq.getRawData(Constants.DATA_PROVIDERNAME, String.class); + if (basicConfig.getBasicConfigurationBoolean( + Constants.CONIG_PROPS_EIDAS_NODE_WORKAROUND_ADD_ALWAYS_PROVIDERNAME, + false)) { + //TODO: only for eIDAS ref. node 2.0 and 2.1 because it need 'Providername' for + if (StringUtils.isNotEmpty(providerName)) { + log.debug("Set 'providername' to: {}", providerName); + authnRequestBuilder.providerName(providerName); + + } else { + authnRequestBuilder.providerName(basicConfig.getBasicConfiguration( + Constants.CONIG_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, + Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP)); + + } + } + + } else { + log.debug("Map " + spConfig.getAreaSpecificTargetIdentifier() + " to 'PrivateSector'"); + authnRequestBuilder.spType(SpType.PRIVATE.getValue()); + + // TODO: switch to RequesterId in further version + // set provider name for private sector applications + final String providerName = pendingReq.getRawData(Constants.DATA_PROVIDERNAME, String.class); + if (StringUtils.isNotEmpty(providerName)) { + authnRequestBuilder.providerName(providerName); + + } + + authnRequestBuilder.requesterId( + generateRequesterId(pendingReq.getRawData(Constants.DATA_REQUESTERID, String.class))); + + } + } + + private String generateRequesterId(String requesterId) { + if (requesterId != null && basicConfig.getBasicConfigurationBoolean( + Constants.CONIG_PROPS_EIDAS_NODE_REQUESTERID_USE_HASHED_VERSION, true)) { + try { + log.trace("Building hashed 'requesterId' for private SP ... "); + MessageDigest digest = MessageDigest.getInstance("SHA-256"); + String encodedRequesterId = Base64.getEncoder().encodeToString( + digest.digest(requesterId.getBytes(StandardCharsets.UTF_8))); + log.debug("Set 'requesterId' for: {} to: {}", requesterId, encodedRequesterId); + return encodedRequesterId; + + } catch (NoSuchAlgorithmException e) { + log.error("Can NOT generate hashed 'requesterId' from: {}. Use it as it is", requesterId, e); + + } + + } + + return requesterId; + + } + + private void buildRequestedAttributes(Builder authnRequestBuilder) { // build and add requested attribute set final Map ccSpecificReqAttr = getCountrySpecificRequestedAttributes(); @@ -308,55 +389,6 @@ public abstract class AbstractEidProcessor implements INationalEidProcessor { return builder.build(); } - - private void buildProviderNameAttribute(IRequest pendingReq, Builder authnRequestBuilder) { - final ISpConfiguration spConfig = pendingReq.getServiceProviderConfiguration(); - - // set correct SPType for requested target sector - final String publicSectorTargetSelector = basicConfig.getBasicConfiguration( - Constants.CONIG_PROPS_EIDAS_NODE_PUBLICSECTOR_TARGETS, - Constants.POLICY_DEFAULT_ALLOWED_TARGETS); - final Pattern p = Pattern.compile(publicSectorTargetSelector); - final Matcher m = p.matcher(spConfig.getAreaSpecificTargetIdentifier()); - if (m.matches()) { - log.debug("Map " + spConfig.getAreaSpecificTargetIdentifier() + " to 'PublicSector'"); - authnRequestBuilder.spType(SpType.PUBLIC.getValue()); - - if (basicConfig.getBasicConfigurationBoolean( - Constants.CONIG_PROPS_EIDAS_NODE_WORKAROUND_USE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, - true)) { - authnRequestBuilder.providerName(basicConfig.getBasicConfiguration( - Constants.CONIG_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, - Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP)); - - } else { - // TODO: only for eIDAS ref. node 2.0 and 2.1 because it need 'Providername' for - // any SPType - final String providerName = pendingReq.getRawData(Constants.DATA_PROVIDERNAME, String.class); - if (StringUtils.isNotEmpty(providerName) - && basicConfig.getBasicConfigurationBoolean( - Constants.CONIG_PROPS_EIDAS_NODE_WORKAROUND_ADD_ALWAYS_PROVIDERNAME, - false)) { - authnRequestBuilder.providerName(providerName); - - } - } - - } else { - log.debug("Map " + spConfig.getAreaSpecificTargetIdentifier() + " to 'PrivateSector'"); - authnRequestBuilder.spType(SpType.PRIVATE.getValue()); - - // TODO: switch to RequesterId in further version - // set provider name for private sector applications - final String providerName = pendingReq.getRawData(Constants.DATA_PROVIDERNAME, String.class); - if (StringUtils.isNotEmpty(providerName)) { - authnRequestBuilder.providerName(providerName); - authnRequestBuilder.requesterId(providerName); - - } - - } - } private void buildLevelOfAssurance(ISpConfiguration spConfig, Builder authnRequestBuilder) { // TODO: set matching mode if eIDAS ref. impl. support this method diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/LuEidProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/LuEidProcessor.java new file mode 100644 index 00000000..8402457f --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/LuEidProcessor.java @@ -0,0 +1,61 @@ +package at.asitplus.eidas.specific.modules.auth.eidas.v2.handler; + +import java.util.HashMap; +import java.util.Map; + +import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; +import at.gv.egiz.eaaf.core.api.IRequest; +import eu.eidas.auth.commons.light.impl.LightRequest.Builder; +import lombok.Getter; +import lombok.Setter; +import lombok.extern.slf4j.Slf4j; + +@Slf4j +public class LuEidProcessor extends AbstractEidProcessor { + + + + private static final String canHandleCC = "LU"; + + @Getter + @Setter + private int priority = 1; + + @Override + public String getName() { + return "LU-PostProcessor"; + + } + + @Override + public boolean canHandle(String countryCode) { + return countryCode != null && countryCode.equalsIgnoreCase(canHandleCC); + + } + + @Override + protected void buildProviderNameAndRequesterIdAttribute(IRequest pendingReq, Builder authnRequestBuilder) { + super.buildProviderNameAndRequesterIdAttribute(pendingReq, authnRequestBuilder); + if (basicConfig.getBasicConfigurationBoolean( + Constants.CONIG_PROPS_EIDAS_NODE_WORKAROUND_USE_STATIC_REQUESTERID_FOR_LUX, true)) { + String staticName = basicConfig.getBasicConfiguration( + Constants.CONIG_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, + Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP); + authnRequestBuilder.providerName(staticName); + authnRequestBuilder.requesterId(staticName); + log.debug("Use static name: {} as 'providerName' and 'RequesterId' for all 'LU' requests ", staticName); + + } else { + log.info("Static 'providerName' and 'RequesterId' for country: LU is deactivated"); + + } + + } + + @Override + protected Map getCountrySpecificRequestedAttributes() { + return new HashMap<>(); + + } + +} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml index 6cc704ab..3b0cee54 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml @@ -69,6 +69,11 @@ + + + + diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java index c416b515..f796bd86 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java @@ -83,6 +83,7 @@ public class GenerateAuthnRequestTaskTest { pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue()); pendingReq.setAuthUrl("http://test.com/"); + basicConfig.putConfigValue("eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm", "true"); basicConfig.putConfigValue("eidas.ms.auth.eIDAS.node_v2.entityId", RandomStringUtils.randomAlphabetic(10)); basicConfig.putConfigValue( @@ -297,7 +298,7 @@ public class GenerateAuthnRequestTaskTest { basicConfig.putConfigValue( "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true"); basicConfig.putConfigValue( - "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "true"); + "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderNames", "true"); basicConfig.putConfigValue( "eidas.ms.auth.eIDAS.node_v2.staticProviderNameForPublicSPs", "myNode"); @@ -365,6 +366,101 @@ public class GenerateAuthnRequestTaskTest { } + @Test + public void publicSpWithCountryLu() throws TaskExecutionException, + SpecificCommunicationException, EaafStorageException, UnsupportedEncodingException { + //set-up test + executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU"); + executionContext.put("selectedEnvironment", "prod"); + + String providerName = RandomStringUtils.randomAlphanumeric(10); + pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName); + + basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets"); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true"); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true"); + + String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET"); + + //execute test + task.execute(pendingReq, executionContext); + + //validate state + Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus()); + Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location")); + Assert.assertTrue("Wrong redirect endpoint", + ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint)); + + + final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null); + + Assert.assertEquals("PrividerName", "myNode", eidasReq.getProviderName()); + Assert.assertEquals("RequesterId found", "myNode", eidasReq.getRequesterId()); + Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType()); + Assert.assertEquals("wrong LoA", EaafConstants.EIDAS_LOA_HIGH, + eidasReq.getLevelOfAssurance()); + + Assert.assertEquals("Wrong req. attr. size", 4, eidasReq.getRequestedAttributes().size()); + + } + + @Test + public void privateSpWithCountryLu() throws TaskExecutionException, + SpecificCommunicationException, EaafStorageException, UnsupportedEncodingException { + //set-up test + executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU"); + executionContext.put("selectedEnvironment", "prod"); + + String providerName = RandomStringUtils.randomAlphanumeric(10); + String requesterId = RandomStringUtils.randomAlphanumeric(10); + pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName); + pendingReq.setRawDataToTransaction(Constants.DATA_REQUESTERID, requesterId); + + spConfig.put("target", + EaafConstants.URN_PREFIX_WBPK_TARGET_WITH_X + "FN+" + RandomStringUtils.randomNumeric(6)); + + basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets"); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true"); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true"); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "true"); + + String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET"); + + //execute test + task.execute(pendingReq, executionContext); + + //validate state + Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus()); + Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location")); + Assert.assertTrue("Wrong redirect endpoint", + ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint)); + + + final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null); + + Assert.assertEquals("PrividerName", "myNode", eidasReq.getProviderName()); + Assert.assertEquals("RequesterId", "myNode", eidasReq.getRequesterId()); + Assert.assertEquals("no PublicSP", "private", eidasReq.getSpType()); + Assert.assertEquals("wrong LoA", EaafConstants.EIDAS_LOA_HIGH, + eidasReq.getLevelOfAssurance()); + + Assert.assertEquals("Wrong req. attr. size", 4, eidasReq.getRequestedAttributes().size()); + + } + @Test public void withEidasNodePostReqNotValidTemplate() throws TaskExecutionException, SpecificCommunicationException, EaafStorageException, UnsupportedEncodingException { @@ -409,6 +505,53 @@ public class GenerateAuthnRequestTaskTest { EaafConstants.URN_PREFIX_WBPK_TARGET_WITH_X + "FN+" + RandomStringUtils.randomNumeric(6)); String providerName = RandomStringUtils.randomAlphanumeric(10); pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName); + pendingReq.setRawDataToTransaction(Constants.DATA_REQUESTERID, "http://junit.sp"); + + basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets"); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true"); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true"); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "false"); + + String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET"); + + + //perform test + task.execute(pendingReq, executionContext); + + //validate state + Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus()); + Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location")); + Assert.assertTrue("Wrong redirect endpoint", + ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint)); + + + final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null); + + Assert.assertEquals("PrividerName", providerName, eidasReq.getProviderName()); + Assert.assertEquals("RequesterId", "Wr8LrrVf5SYneblOlZdZNaLQQCCgzklfKQvyeZjBx10=", eidasReq.getRequesterId()); + Assert.assertEquals("no PublicSP", "private", eidasReq.getSpType()); + Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance()); + + } + + @Test + public void privateSPWithoutRequestIdHashing() throws TaskExecutionException, + SpecificCommunicationException, EaafStorageException { + //set-up test + executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC"); + spConfig.put("target", + EaafConstants.URN_PREFIX_WBPK_TARGET_WITH_X + "FN+" + RandomStringUtils.randomNumeric(6)); + String providerName = RandomStringUtils.randomAlphanumeric(10); + String requesterId = RandomStringUtils.randomAlphanumeric(10); + pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName); + pendingReq.setRawDataToTransaction(Constants.DATA_REQUESTERID, requesterId); basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets"); basicConfig.putConfigValue( @@ -417,6 +560,7 @@ public class GenerateAuthnRequestTaskTest { "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true"); basicConfig.putConfigValue( "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "false"); + basicConfig.putConfigValue("eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm", "false"); String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5); basicConfig.putConfigValue( @@ -438,7 +582,7 @@ public class GenerateAuthnRequestTaskTest { final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null); Assert.assertEquals("PrividerName", providerName, eidasReq.getProviderName()); - Assert.assertEquals("RequesterId", providerName, eidasReq.getRequesterId()); + Assert.assertEquals("RequesterId", requesterId, eidasReq.getRequesterId()); Assert.assertEquals("no PublicSP", "private", eidasReq.getSpType()); Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance()); diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java index d0ab50f4..7ac41500 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java @@ -146,9 +146,10 @@ public class EidasRequestPreProcessingFirstTest { Assert.assertEquals("ProviderName is not Static", Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, lightReq.getProviderName()); + Assert.assertNotSame("RequesterId was set", lightReq.getRequesterId()); Assert.assertEquals("no PublicSP", "public", lightReq.getSpType()); Assert.assertEquals("Requested attribute size not match", 8, lightReq.getRequestedAttributes().size()); } - + } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java index c44e803b..4a03fac1 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java @@ -86,6 +86,9 @@ public class EidasRequestPreProcessingSecondTest { authnRequestBuilder.issuer("Test"); authnRequestBuilder.levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll", "true"); + } @Test @@ -106,4 +109,49 @@ public class EidasRequestPreProcessingSecondTest { } + + /* + * Set ProviderName according to general configuration + */ + @Test + public void prePreProcessLuPublicSpWithoutRequestId() throws EidPostProcessingException { + + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll", "false"); + + final String testCountry = "LU"; + authnRequestBuilder.citizenCountryCode(testCountry); + preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder); + + final LightRequest lightReq = authnRequestBuilder.build(); + + Assert.assertEquals("ProviderName is not Static", "myNode", lightReq.getProviderName()); + Assert.assertNull("RequesterId", lightReq.getRequesterId()); + Assert.assertEquals("no PublicSP", "public", lightReq.getSpType()); + Assert.assertEquals("Requested attribute size not match", 4, lightReq.getRequestedAttributes().size()); + + } + + /* + * Always set requesterId and providername in case of country LU + */ + @Test + public void prePreProcessLuPublicSpWithStaticRequesterId() throws EidPostProcessingException { + + + final String testCountry = "LU"; + authnRequestBuilder.citizenCountryCode(testCountry); + preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder); + + final LightRequest lightReq = authnRequestBuilder.build(); + + Assert.assertEquals("ProviderName is not Static", + "myNode", lightReq.getProviderName()); + Assert.assertEquals("RequesterId is not Static", + "myNode", lightReq.getRequesterId()); + Assert.assertEquals("no PublicSP", "public", lightReq.getSpType()); + Assert.assertEquals("Requested attribute size not match", 4, lightReq.getRequestedAttributes().size()); + + } + } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml index 956cfcc9..cd2888c1 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml @@ -50,6 +50,11 @@ + + + + -- cgit v1.2.3 From 2fabf6cfdc78fceac1302d45c88d08214fe4e9e3 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Wed, 20 Jan 2021 14:32:37 +0100 Subject: add README.md, release and update informations, and full handbook --- README.md | 112 +++++++++++++++++++++ basicConfig/default_config.properties | 1 - connector/src/assembly/assembly_dir.xml | 2 + connector/src/assembly/assembly_zip.xml | 3 + .../src/main/resources/application.properties | 20 ++-- infos/handbook-work_in_progress.docx | Bin 0 -> 44486 bytes infos/readme_1.2.0.md | 59 +++++++++++ 7 files changed, 183 insertions(+), 14 deletions(-) create mode 100644 README.md create mode 100644 infos/handbook-work_in_progress.docx create mode 100644 infos/readme_1.2.0.md diff --git a/README.md b/README.md new file mode 100644 index 00000000..e0914598 --- /dev/null +++ b/README.md @@ -0,0 +1,112 @@ +# Member-state specific eIDAS Application + +## Description + +The member-state specific eIDAS application (ms-specific eIDAS) implements the bridge between the eIDAS reference implementation provides by European commission and the national eID system. This application consists of two parts + +- **MS-specific Connector:** implements the bridge to connect a national service-provider to a foreign idenity-provider. + +- **MS-specific Proxy-Service:** implements the bridge to connect a foreign service-provider to national eID system (ID Austria). This feature is not implemented yet. + + + +### Building + +The application uses SpringBoot as core framework, but the default build-profile does not build an executable jar. There, the application has to be deployed into an application service, like Apache Tomcat + +The project can be build with : + +``` +mvn clean package +``` + +The resulting `war` file can be deployed into an application server + +Set Java System-Property _-Deidas.ms.configuration=/path/to/configuration..._ to set the configuration for this application + + + +If you like to build an executable SpringBoot application with embedded Tomcat then use: + +``` +mvn -P embbededTomcat clean package +``` + +The resulting `jar` file can be run with java: + +``` +java -jar ./connector/target/ms-connector.jar +``` + +But it is also directly executalbe + +``` +./connector/target/ms-connector.jar +``` + +In case of a executable application package, the configuration can be either set by Java System-Property _-Deidas.ms.configuration=/path/to/configuration..._ or by default SpringBoot configuration features. + + + +### Configuration + +A default configuration is located at _basicConfig/_ + + + +## Generate a BM.I Release Package + +The full release packages for BM.I infrastructure will be automatically assembled by maven build-process. Before release build, all release related information have to added into infos folder. To add release informations follow the steps outlined below. + +Add a file with release informations to: +``` +./infos/readme_{version}.txt +``` + +Add additional eIDAS Node related information into: + +``` +./infos/eIDAS_Ref_Impl/ +``` + +Add, remove, or update the application description in the handbook and store the handbook for the current release version as pdf. + +``` +modify: ./infos/handbook-work_in_progress.docx +store pdf to: ./infos/handbook/handbook-{version}.pdf +``` + +Generate a release package with: + + +``` +mvn clean package +``` + +The full release package will be located add +``` +./target/ms_specific_connector-{version}-dist.tar.gz +``` + + + +## Changelog + +**v1.2.0** + +- Anpassungen zur Anbindungen an das E-ID System +- Update auf eIDAS Ref. Impl. 2.5.0 mit Apache Ignite Cache + https://ec.europa.eu/cefdigital/wiki/display/CEFDIGITAL/eIDAS-Node+version+2.5 +- TODO: + + + +**v1.1.0** + + - Update auf eIDAS Ref. Impl. 2.4.0 mit Apache Ignite Cache + https://ec.europa.eu/cefdigital/wiki/display/CEFDIGITAL/eIDAS-Node+version+2.4 + - Statischer Service-Provider Name für öffentliche Applikationen + - Mindest LoA, welche für Requests an eIDAS Proxy-Services verwendet wird. + - Requested Attributes je Land konfigurierbar + - Neue Template-Engine mit i18n Unterstützung + - Neuer Algorithmus zur Generierung von Sessiontokens \ No newline at end of file diff --git a/basicConfig/default_config.properties b/basicConfig/default_config.properties index ad883284..725fac7c 100644 --- a/basicConfig/default_config.properties +++ b/basicConfig/default_config.properties @@ -1,6 +1,5 @@ ## Basic service configuration eidas.ms.context.url.prefix= -eidas.ms.context.url.request.validation=false eidas.ms.core.configRootDir=file:./ diff --git a/connector/src/assembly/assembly_dir.xml b/connector/src/assembly/assembly_dir.xml index 37e05390..59437be6 100644 --- a/connector/src/assembly/assembly_dir.xml +++ b/connector/src/assembly/assembly_dir.xml @@ -43,7 +43,9 @@ readme_${project.version}.txt + readme_${project.version}.md eIDAS_Ref_Impl/* + handbook/* diff --git a/connector/src/assembly/assembly_zip.xml b/connector/src/assembly/assembly_zip.xml index 579da2e1..43877283 100644 --- a/connector/src/assembly/assembly_zip.xml +++ b/connector/src/assembly/assembly_zip.xml @@ -43,6 +43,9 @@ readme_${project.version}.txt + readme_${project.version}.md + eIDAS_Ref_Impl/* + handbook/* diff --git a/connector/src/main/resources/application.properties b/connector/src/main/resources/application.properties index b92102ed..9a4ae54f 100644 --- a/connector/src/main/resources/application.properties +++ b/connector/src/main/resources/application.properties @@ -17,9 +17,9 @@ spring.boot.admin.client.enabled=false ############################################################################# ## MS-speccific eIDAS-Connector configuration -#proxy.context.url.prefix= +#eidas.ms.context.url.prefix= eidas.ms.context.url.request.validation=false -#proxy.configRootDir=file:/.../config/ +#eidas.ms.configRootDir=file:/.../config/ eidas.ms.context.use.clustermode=true eidas.ms.core.logging.level.info.errorcodes=auth.21 @@ -51,8 +51,7 @@ eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector #eidas.ms.auth.eIDAS.node_v2.forward.endpoint= eidas.ms.auth.eIDAS.node_v2.forward.method=POST eidas.ms.auth.eIDAS.node_v2.countrycode=AT -#eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=urn:publicid:gv.at:cdid\+.* -eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=.* +eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=urn:publicid:gv.at:cdid\+.* ## use SAML2 requestId as transactionIdentifier to mitigate problems with SAML2 relaystate eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier=true @@ -106,9 +105,6 @@ eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=false eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=false - - - ##without mandates eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.0=PersonIdentifier,true eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.1=FamilyName,true @@ -137,7 +133,7 @@ eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.5=LegalName,true #eidas.ms.pvp2.key.metadata.password=password #eidas.ms.pvp2.key.signing.alias=sig #eidas.ms.pvp2.key.signing.password=password -#eidas.ms.pvp2.metadata.validity=24 +eidas.ms.pvp2.metadata.validity=24 #eidas.ms.pvp2.metadata.organisation.name=JUnit #eidas.ms.pvp2.metadata.organisation.friendyname=For testing with jUnit @@ -158,8 +154,6 @@ eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.5=LegalName,true ##only for advanced config -eidas.ms.configuration.sp.disableRegistrationRequirement= -#eidas.ms.configuration.restrictions.baseID.spTransmission= -eidas.ms.configuration.auth.default.countrycode= -eidas.ms.configuration.pvp.scheme.validation= -eidas.ms.configuration.pvp.enable.entitycategories= \ No newline at end of file +eidas.ms.configuration.sp.disableRegistrationRequirement=false +eidas.ms.configuration.pvp.scheme.validation=true +eidas.ms.configuration.pvp.enable.entitycategories=false \ No newline at end of file diff --git a/infos/handbook-work_in_progress.docx b/infos/handbook-work_in_progress.docx new file mode 100644 index 00000000..d311fa80 Binary files /dev/null and b/infos/handbook-work_in_progress.docx differ diff --git a/infos/readme_1.2.0.md b/infos/readme_1.2.0.md new file mode 100644 index 00000000..98e18ccb --- /dev/null +++ b/infos/readme_1.2.0.md @@ -0,0 +1,59 @@ +# MS-Connector v1.2.0 Release vom xx.xx.2021 + +Der MS-Connector implementiert eine Bridge zwischen dem österreichischen E-ID System und dem eIDAS Framework um ausländischen Benutzern eine Anmeldung am österreichischen Service-Providern zu ermöglichen. + +### Änderungen in dieser Version + + - Erforderliche Anpassungen zur Integration in den ID Austria + + - Update auf eIDAS Ref. Impl. 2.5.0 (Implementiert eIDAS Spezifikation 1.2) + https://ec.europa.eu/cefdigital/wiki/display/CEFDIGITAL/eIDAS-Node+version+2.5 + + - Codestabilisierung + + - Monitoring und HealthChecks Verbesserungen + + - Akutalisierung von Drittherstellerbibliotheken + + + + +### Durchführen eines Updates + +Nachfolgend finden Sie die erforderlichen Schritte für das Update eines bestehenden MS-specific eIDAS Connectors auf die aktuelle Version 1.2.0. Das vollständige Handbuch mit allen Konfigurationsparametern finden Sie im Releasepackage im Verzeichnis: _infos/handbook/_ + +### Ausgehend von einer bestehenden Version 1.1.0 + +1. Stoppen Sie die *MS-Connector* Applikation und fertigen Sie eine Sicherungskopie Ihrer Applikation inklusive Konfiguration an +2. Entpacken Sie das Releasepacket *ms_specific_connector-1.2.0-dist.zip* in ein temporäres Verzeichnis welches in weiterer Folge __MsConnectorPackage__ bezeichnet wird. +3. Kopieren sie die Applikation __MsConnectorPackage__/ms_connector.war nach in das Applikationsverzeichnis ihres Applikationsservers +4. Mit der Version 1.2.0 wurde die Konfiguration eine eine Minimalkonfiguration [`default_config.properties`](./../config/default_config.properties) und eine in den MS-Connectorintegrierte Defaultkonfiguration aufgteilt. Die nachfolgende Aufzählung umfasst die neuen oder geänderten Konfigurationsparameter, beschreibt jedoch keine Aufteilung einer bestehenden Konfiguration in Minimal- und Defaultteil. Eine vollständige Beschreibung aller Konfigurationswerte finden Sie **hier**. +5. Update bestehender Dateien . Die nachfolgenden Dateien wurden geändert und erfordern eine Anpassung oder eine Übernahme dem Releasepacket, sofern die Anpassung nicht bereits durchgeführt wurde + + * __MsConnectorPackage__/config/templates/error_message.html +6. Erstellung neuer Dateien + - _KeyStore für ID Austria AuthBlock:_ Erstellen eines KeyStore mit mit öffentlichem und privaten Schlüssel welcher für die JWS Signature des technischen ID Austria AuthBlocks verwendet werden soll. +7. Neue Konfigurationsparameter + - *Allgemeine Konfiguration* + - ```eidas.ms.core.configRootDir``` + - *ID Austria Umsetzung* + - ```eidas.ms.auth.eIDAS.authblock.keystore.type``` + - ```eidas.ms.auth.eIDAS.authblock.keystore.path``` + - ```eidas.ms.auth.eIDAS.authblock.keystore.password``` + - ```eidas.ms.auth.eIDAS.authblock.key.alias``` + - ```eidas.ms.auth.eIDAS.authblock.key.password``` + - *Service-Provider Konfiguration Konfiguration* + - ```eidas.ms.sp.x.newEidMode``` +8. Gelöschte Konfigurationsparameter + + - ```authhandler.modules.bindingservice.bpk.target``` +9. Neue optionale Konfigurationsparameter + - *Allgemeine Konfiguration* + - ```eidas.ms.core.logging.level.info.errorcodes``` + - *eIDAS Node Kommunikation* + * ```eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm``` + * ```eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll``` + * ```eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm``` + * ```eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm``` + - *ID Austria Umsetzung* + - ```eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject``` -- cgit v1.2.3 From 811165262f7ef196c8586e42b838d7d7ba376e16 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Wed, 27 Jan 2021 11:19:29 +0100 Subject: fix problem in jUnit tests that depends on static Apache-Ignite holder in eIDAS Ref. implementation and occurin case of a start-up error --- .../specific/connector/test/FullStartUpAndProcessTest.java | 12 ++++++++++-- .../specific/connector/test/MainClassExecutableModeTest.java | 10 ++++++++-- .../specific/connector/test/MainClassWebAppModeTest.java | 7 +++++++ 3 files changed, 25 insertions(+), 4 deletions(-) diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java index 77037415..fcb0e73a 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java @@ -6,6 +6,7 @@ import static org.powermock.api.mockito.PowerMockito.when; import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.UnsupportedEncodingException; +import java.lang.reflect.Field; import java.net.URISyntaxException; import java.util.Map; import java.util.Timer; @@ -71,6 +72,7 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.OpenSaml3ResourceAdapter; import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer; import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; import at.gv.egiz.eaaf.modules.pvp2.sp.impl.utils.AssertionAttributeExtractor; +import eu.eidas.auth.cache.IgniteInstanceInitializerSpecificCommunication; import eu.eidas.auth.commons.attribute.AttributeDefinition; import eu.eidas.auth.commons.attribute.ImmutableAttributeMap; import eu.eidas.auth.commons.light.ILightRequest; @@ -151,13 +153,19 @@ public class FullStartUpAndProcessTest { /** * Test shut-down. * - * @throws IOException In case of an error + * @throws Exception In case of an error */ @AfterClass - public static void closeIgniteNode() throws IOException { + public static void closeIgniteNode() throws Exception { System.out.println("Closiong Ignite Node ... "); Ignition.stopAll(true); + + //set Ignite-node holder to 'null' because static holders are shared between different tests + final Field field = IgniteInstanceInitializerSpecificCommunication.class.getDeclaredField("instance"); + field.setAccessible(true); + field.set(null, null); + } /** diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java index 86df55df..708560b2 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java @@ -22,6 +22,7 @@ import org.junit.runners.BlockJUnit4ClassRunner; import at.asitplus.eidas.specific.connector.SpringBootApplicationInitializer; import at.gv.egiz.eaaf.core.impl.logging.DummyStatusMessager; import at.gv.egiz.eaaf.core.impl.logging.LogMessageProviderFactory; +import eu.eidas.auth.cache.IgniteInstanceInitializerSpecificCommunication; import lombok.extern.slf4j.Slf4j; @Slf4j @@ -50,17 +51,22 @@ public class MainClassExecutableModeTest { /** * Initializer. - * @throws InterruptedException In case of an error + * @throws Exception In case of an error * */ @AfterClass - public static void closeIgniteNode() throws InterruptedException { + public static void closeIgniteNode() throws Exception { System.out.println("Closing Ignite Node ... "); log.info("Stopping already running Apache Ignite nodes ... "); Ignition.stopAll(true); Thread.sleep(1000); + //set Ignite-node holder to 'null' because static holders are shared between different tests + final Field field = IgniteInstanceInitializerSpecificCommunication.class.getDeclaredField("instance"); + field.setAccessible(true); + field.set(null, null); + } /** diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java index 07ef4968..79d062ae 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java @@ -22,6 +22,7 @@ import org.junit.runners.BlockJUnit4ClassRunner; import at.asitplus.eidas.specific.connector.SpringBootApplicationInitializer; import at.gv.egiz.eaaf.core.impl.logging.DummyStatusMessager; import at.gv.egiz.eaaf.core.impl.logging.LogMessageProviderFactory; +import eu.eidas.auth.cache.IgniteInstanceInitializerSpecificCommunication; @RunWith(BlockJUnit4ClassRunner.class) public class MainClassWebAppModeTest { @@ -68,6 +69,12 @@ public class MainClassWebAppModeTest { System.clearProperty("eidas.ms.configuration"); SpringBootApplicationInitializer.exit(); + + + //set Ignite-node holder to 'null' because static holders are shared between different tests + final Field field1 = IgniteInstanceInitializerSpecificCommunication.class.getDeclaredField("instance"); + field1.setAccessible(true); + field1.set(null, null); } -- cgit v1.2.3 From 07318e70ea3a9d25ca945c391820149183c61ca0 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Mon, 8 Feb 2021 18:47:34 +0100 Subject: add Binding Public-Key into technical AuthBlock in case of an ID Austria process --- .../verification/AuthnRequestValidator.java | 114 +++++++++++++-------- .../test/utils/AuthnRequestValidatorTest.java | 5 + connector/src/test/resources/data/pvp2_authn_3.xml | 3 + .../specific/connector/MsEidasNodeConstants.java | 3 + .../eidas/v2/service/AuthBlockSigningService.java | 12 +++ .../tasks/CreateIdentityLinkTaskEidNewTest.java | 25 ++++- 6 files changed, 116 insertions(+), 46 deletions(-) diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java index a9eb06be..881eeb8a 100644 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java @@ -75,7 +75,7 @@ public class AuthnRequestValidator implements IAuthnRequestPostProcessor { if (nameIdPolicy != null) { final String nameIdFormat = nameIdPolicy.getFormat(); if (nameIdFormat != null) { - if (!(NameIDType.TRANSIENT.equals(nameIdFormat) + if (!(NameIDType.TRANSIENT.equals(nameIdFormat) || NameIDType.PERSISTENT.equals(nameIdFormat))) { throw new NameIdFormatNotSupportedException(nameIdFormat); @@ -114,10 +114,10 @@ public class AuthnRequestValidator implements IAuthnRequestPostProcessor { // post-process requested LoA comparison-level pendingReq.getServiceProviderConfiguration(ServiceProviderConfiguration.class).setLoAMachtingMode( extractComparisonLevel(authnReq)); - - //extract information from requested attributes + + // extract information from requested attributes extractFromRequestedAttriutes(pendingReq, authnReq); - + } catch (final EaafStorageException e) { log.info("Can NOT store Authn. Req. data into pendingRequest.", e); throw new AuthnRequestValidatorException("internal.02", null, e); @@ -126,14 +126,14 @@ public class AuthnRequestValidator implements IAuthnRequestPostProcessor { } - private void extractFromRequestedAttriutes(IRequest pendingReq, AuthnRequest authnReq) - throws AuthnRequestValidatorException { + private void extractFromRequestedAttriutes(IRequest pendingReq, AuthnRequest authnReq) + throws AuthnRequestValidatorException, EaafStorageException { // validate and process requested attributes boolean sectorDetected = false; - + final ServiceProviderConfiguration spConfig = pendingReq.getServiceProviderConfiguration( ServiceProviderConfiguration.class); - + if (authnReq.getExtensions() != null) { final List requestedAttributes = authnReq.getExtensions().getUnknownXMLObjects(); for (final XMLObject reqAttrObj : requestedAttributes) { @@ -143,77 +143,101 @@ public class AuthnRequestValidator implements IAuthnRequestPostProcessor { for (final EaafRequestedAttribute el : reqAttr.getAttributes()) { log.trace("Processing req. attribute '" + el.getName() + "' ... "); if (el.getName().equals(PvpAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_NAME)) { - sectorDetected = extractBpkTargetIdentifier(el, spConfig); - + sectorDetected = extractBpkTargetIdentifier(el, spConfig); + } else if (el.getName().equals(ExtendedPvpAttributeDefinitions.EID_TRANSACTION_ID_NAME)) { extractUniqueTransactionId(el, pendingReq); - + + } else if (el.getName().equals(MsEidasNodeConstants.EID_BINDING_PUBLIC_KEY_NAME)) { + extractBindingPublicKey(el, pendingReq); + } else { log.debug("Ignore req. attribute: " + el.getName()); - + } } } else { log.debug("No requested Attributes in Authn. Request"); - + } } else { log.info("Ignore unknown requested attribute: " + reqAttrObj.getElementQName().toString()); - + } } } - + if (!sectorDetected) { log.warn("Authn.Req validation FAILED. Reason: Contains NO or NO VALID target-sector information."); throw new AuthnRequestValidatorException("pvp2.22", new Object[] { "NO or NO VALID target-sector information" }); } - + + } + + private void extractBindingPublicKey(EaafRequestedAttribute el, IRequest pendingReq) + throws EaafStorageException { + if (el.getAttributeValues() != null && el.getAttributeValues().size() == 1) { + final String bindingPubKey = el.getAttributeValues().get(0).getDOM().getTextContent(); + pendingReq.setRawDataToTransaction(MsEidasNodeConstants.EID_BINDING_PUBLIC_KEY_NAME, bindingPubKey); + log.info("Find Binding Public-Key. eIDAS authentication will be used to create an ID Austria Binding"); + + } else { + log.warn( + "Req. attribute '{}' contains NO or MORE THEN ONE attribute-values. Ignore full req. attribute", + el.getName()); + + } } /** * Extract unique transactionId from AuthnRequest. - * - * @param el Requested attribute from AuthnRequest - * @param pendingReq Current pendingRequest object (has to be of type {@link RequestImpl}) - * @return true if transactionId extraction was successful, otherwise false + * + * @param el Requested attribute from AuthnRequest + * @param pendingReq Current pendingRequest object (has to be of type + * {@link RequestImpl}) + * @return true if transactionId extraction was successful, + * otherwise false */ private boolean extractUniqueTransactionId(EaafRequestedAttribute el, IRequest pendingReq) { if (!(pendingReq instanceof RequestImpl)) { - log.warn("Can NOT set unique transactionId from AuthnRequest,because 'PendingRequest' is NOT from Type: {}", + log.warn( + "Can NOT set unique transactionId from AuthnRequest,because 'PendingRequest' is NOT from Type: {}", RequestImpl.class.getName()); - - } else { + + } else { if (el.getAttributeValues() != null && el.getAttributeValues().size() == 1) { - final String transactionId = el.getAttributeValues().get(0).getDOM().getTextContent(); - ((RequestImpl)pendingReq).setUniqueTransactionIdentifier(transactionId); + final String transactionId = el.getAttributeValues().get(0).getDOM().getTextContent(); + ((RequestImpl) pendingReq).setUniqueTransactionIdentifier(transactionId); return true; } else { - log.warn("Req. attribute '{}' contains NO or MORE THEN ONE attribute-values. Ignore full req. attribute", + log.warn( + "Req. attribute '{}' contains NO or MORE THEN ONE attribute-values. Ignore full req. attribute", el.getName()); - + } - + } - + return false; } /** * Extract the bPK target from requested attribute. - * - * @param el Requested attribute from AuthnRequest + * + * @param el Requested attribute from AuthnRequest * @param spConfig Service-Provider configuration for current process - * @return true if bPK target extraction was successful, otherwise false + * @return true if bPK target extraction was successful, otherwise + * false */ - private boolean extractBpkTargetIdentifier(EaafRequestedAttribute el, ServiceProviderConfiguration spConfig) { + private boolean extractBpkTargetIdentifier(EaafRequestedAttribute el, + ServiceProviderConfiguration spConfig) { if (el.getAttributeValues() != null && el.getAttributeValues().size() == 1) { - final String sectorId = el.getAttributeValues().get(0).getDOM().getTextContent(); + final String sectorId = el.getAttributeValues().get(0).getDOM().getTextContent(); try { spConfig.setBpkTargetIdentifier(sectorId); return true; @@ -227,16 +251,16 @@ public class AuthnRequestValidator implements IAuthnRequestPostProcessor { log.warn("Req. attribute '" + el.getName() + "' contains NO or MORE THEN ONE attribute-values. Ignore full req. attribute"); } - + return false; - + } - - private void postprocessLoaLevel(IRequest pendingReq, AuthnRequest authnReq) + + private void postprocessLoaLevel(IRequest pendingReq, AuthnRequest authnReq) throws AuthnRequestValidatorException { final List reqLoA = extractLoA(authnReq); - log.trace("SP requests LoA with: {}", String.join(", ",reqLoA)); - + log.trace("SP requests LoA with: {}", String.join(", ", reqLoA)); + LevelOfAssurance minimumLoAFromConfig = LevelOfAssurance.fromString(basicConfig.getBasicConfiguration( MsEidasNodeConstants.PROP_EIDAS_REQUEST_LOA_MINIMUM_LEVEL, EaafConstants.EIDAS_LOA_HIGH)); @@ -246,15 +270,15 @@ public class AuthnRequestValidator implements IAuthnRequestPostProcessor { minimumLoAFromConfig = LevelOfAssurance.HIGH; } - + log.trace("Validate requested LoA to connector configuration minimum LoA: {} ...", - minimumLoAFromConfig); + minimumLoAFromConfig); final List allowedLoA = new ArrayList<>(); for (final String loa : reqLoA) { try { final LevelOfAssurance intLoa = LevelOfAssurance.fromString(loa); String selectedLoA = EaafConstants.EIDAS_LOA_HIGH; - if (intLoa != null + if (intLoa != null && intLoa.numericValue() <= minimumLoAFromConfig.numericValue()) { log.info("Client: {} requested LoA: {} will be upgraded to: {}", pendingReq.getServiceProviderConfiguration().getUniqueIdentifier(), @@ -281,7 +305,7 @@ public class AuthnRequestValidator implements IAuthnRequestPostProcessor { pendingReq.getServiceProviderConfiguration(ServiceProviderConfiguration.class).setRequiredLoA( allowedLoA); - + } private String extractComparisonLevel(AuthnRequest authnReq) { @@ -335,7 +359,7 @@ public class AuthnRequestValidator implements IAuthnRequestPostProcessor { private String extractScopeRequsterId(AuthnRequest authnReq) { if (authnReq.getScoping() != null) { final Scoping scoping = authnReq.getScoping(); - if (scoping.getRequesterIDs() != null + if (scoping.getRequesterIDs() != null && scoping.getRequesterIDs().size() > 0) { if (scoping.getRequesterIDs().size() == 1) { return scoping.getRequesterIDs().get(0).getRequesterID(); diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthnRequestValidatorTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthnRequestValidatorTest.java index 9aafb4b6..c57515a0 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthnRequestValidatorTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthnRequestValidatorTest.java @@ -214,6 +214,11 @@ public class AuthnRequestValidatorTest { Assert.assertEquals("wrong transactionId", "transId_11223344556677aabbcc", pendingReq.getUniqueTransactionIdentifier()); + + Assert.assertEquals("wrong binding pubkey", "binding_pubKey_1144225247125dsfasfasdf", + pendingReq.getRawData(MsEidasNodeConstants.EID_BINDING_PUBLIC_KEY_NAME, String.class)); + + } diff --git a/connector/src/test/resources/data/pvp2_authn_3.xml b/connector/src/test/resources/data/pvp2_authn_3.xml index 35e49b0f..5352c441 100644 --- a/connector/src/test/resources/data/pvp2_authn_3.xml +++ b/connector/src/test/resources/data/pvp2_authn_3.xml @@ -31,6 +31,9 @@ transId_11223344556677aabbcc + + binding_pubKey_1144225247125dsfasfasdf + diff --git a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MsEidasNodeConstants.java b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MsEidasNodeConstants.java index 133f104d..027d0832 100644 --- a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MsEidasNodeConstants.java +++ b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MsEidasNodeConstants.java @@ -169,6 +169,9 @@ public class MsEidasNodeConstants { public static final List COUNTRY_SELECTION_PARAM_WHITELIST = Arrays.asList(REQ_PARAM_SELECTED_COUNTRY, REQ_PARAM_SELECTED_ENVIRONMENT); + + public static final String EID_BINDING_PUBLIC_KEY_NAME = "urn:eidgvat:attributes.binding.pubkey"; + private MsEidasNodeConstants() { //hidden Constructor for class with static values only. } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/AuthBlockSigningService.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/AuthBlockSigningService.java index 234d52dd..a2af4342 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/AuthBlockSigningService.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/AuthBlockSigningService.java @@ -18,6 +18,7 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import com.fasterxml.jackson.annotation.JsonFormat; +import com.fasterxml.jackson.annotation.JsonInclude; import com.fasterxml.jackson.annotation.JsonProperty; import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.databind.ObjectMapper; @@ -81,6 +82,14 @@ public class AuthBlockSigningService { authBlock.setTimestamp(LocalDateTime.now().truncatedTo(ChronoUnit.SECONDS)); authBlock.setUniqueId(pendingReq.getRawData(MsEidasNodeConstants.DATA_REQUESTERID, String.class)); authBlock.setPiiTransactionId(pendingReq.getUniquePiiTransactionIdentifier()); + + //set Binding PublicKey if available + Object bindingPubKey = pendingReq.getRawData(MsEidasNodeConstants.EID_BINDING_PUBLIC_KEY_NAME); + if (bindingPubKey instanceof String) { + authBlock.setBindingPublicKey((String) bindingPubKey); + + } + String jwsPayload = mapper.writeValueAsString(authBlock); log.debug("Building and sign authBlock with data: {}", jwsPayload); @@ -172,6 +181,7 @@ public class AuthBlockSigningService { * */ @Data + @JsonInclude(JsonInclude.Include.NON_NULL) private static class EidasAuchBlock { @JsonProperty("challenge") @@ -189,6 +199,8 @@ public class AuthBlockSigningService { @JsonProperty("piiTransactionId") private String piiTransactionId; + @JsonProperty("bindingPublicKey") + private String bindingPublicKey; } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java index 2e6790c5..0621081a 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java @@ -221,6 +221,7 @@ public class CreateIdentityLinkTaskEidNewTest { Assert.assertEquals("appId", randomTestSp, authBlockJson.get("appId").asText()); Assert.assertFalse("'challenge' is null", authBlockJson.get("challenge").asText().isEmpty()); Assert.assertFalse("'timestamp' is null", authBlockJson.get("timestamp").asText().isEmpty()); + Assert.assertFalse("binding pubKey", authBlockJson.has("bindingPublicKey")); // check vsz request @@ -312,9 +313,11 @@ public class CreateIdentityLinkTaskEidNewTest { signContentEntry.setValue(RandomStringUtils.randomAlphanumeric(10)); signContentResp.getOut().add(signContentEntry); when(szrMock, "signContent", any(), any(), any()).thenReturn(signContentResp); - + String randomTestSp = RandomStringUtils.randomAlphabetic(10); + String bindingPubKey = RandomStringUtils.randomAlphabetic(10); pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); + pendingReq.setRawDataToTransaction(MsEidasNodeConstants.EID_BINDING_PUBLIC_KEY_NAME, bindingPubKey); //perform test task.execute(pendingReq, executionContext); @@ -329,8 +332,28 @@ public class CreateIdentityLinkTaskEidNewTest { Assert.assertNotNull("AuthProcessData", authProcessData); Assert.assertNotNull("eidasBind", authProcessData.getGenericDataFromSession(Constants.EIDAS_BIND, String.class)); + // check authblock signature String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class); Assert.assertNotNull("AuthBlock", authBlock); + final AlgorithmConstraints constraints = new AlgorithmConstraints(ConstraintType.PERMIT, + BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.toArray(new String[BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.size()])); + Pair keyStore = getKeyStore(); + X509Certificate[] trustedCerts = EaafKeyStoreUtils + .getPrivateKeyAndCertificates(keyStore.getFirst(), ALIAS, PW.toCharArray(), true, "junit").getSecond(); + JwsResult result = JoseUtils.validateSignature(authBlock, Arrays.asList(trustedCerts), constraints); + Assert.assertTrue("AuthBlock not valid", result.isValid()); + JsonNode authBlockJson = mapper.readTree(result.getPayLoad()); + Assert.assertNotNull("deserialized AuthBlock", authBlockJson); + + Assert.assertNotNull("no piiTransactionId in pendingRequesdt", + storedPendingReq.getUniquePiiTransactionIdentifier()); + Assert.assertEquals("piiTransactionId", storedPendingReq.getUniquePiiTransactionIdentifier(), + authBlockJson.get("piiTransactionId").asText()); + Assert.assertEquals("appId", randomTestSp, authBlockJson.get("appId").asText()); + Assert.assertFalse("'challenge' is null", authBlockJson.get("challenge").asText().isEmpty()); + Assert.assertFalse("'timestamp' is null", authBlockJson.get("timestamp").asText().isEmpty()); + Assert.assertTrue("binding pubKey", authBlockJson.has("bindingPublicKey")); + Assert.assertEquals("binding PubKey", bindingPubKey, authBlockJson.get("bindingPublicKey").asText()); Assert.assertTrue("EID process", authProcessData.isEidProcess()); Assert.assertTrue("foreigner process", authProcessData.isForeigner()); -- cgit v1.2.3 From c5c6344931f67ccaba335ffa476b5e8117948020 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Wed, 10 Mar 2021 12:25:10 +0100 Subject: switch to EAAF-components 1.1.13-SNAPSHOT to add EID-IDENTITY-STATUS-LEVEL attribute into SAML2 response --- basicConfig/default_config.properties | 2 ++ .../builder/AuthenticationDataBuilder.java | 26 +++++++++++----- .../src/main/resources/application.properties | 2 ++ .../resources/specific_eIDAS_connector.beans.xml | 6 ++++ .../connector/test/FullStartUpAndProcessTest.java | 7 +++-- .../ProcessEngineSignalControllerTest.java | 2 +- .../test/utils/AuthenticationDataBuilderTest.java | 16 +++++++++- .../data/metadata_valid_without_encryption.xml | 1 + .../spring/SpringTest_connector.beans.xml | 6 ++++ .../specific/modules/auth/eidas/v2/Constants.java | 2 ++ .../eidas/v2/tasks/ReceiveAuthnResponseTask.java | 9 ++++-- .../test/tasks/ReceiveEidasResponseTaskTest.java | 34 +++++++++++++++++++-- infos/handbook-work_in_progress.docx | Bin 44486 -> 44445 bytes pom.xml | 2 +- 14 files changed, 98 insertions(+), 17 deletions(-) diff --git a/basicConfig/default_config.properties b/basicConfig/default_config.properties index 725fac7c..2ea12b17 100644 --- a/basicConfig/default_config.properties +++ b/basicConfig/default_config.properties @@ -18,6 +18,8 @@ eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret ## eIDAS Ref. Implementation connector ### +eidas.ms.auth.eIDAS.eid.testidentity.default=false + eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector eidas.ms.auth.eIDAS.node_v2.forward.endpoint= diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java index c41660ce..3a93c1b8 100644 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java @@ -30,6 +30,7 @@ import org.springframework.stereotype.Service; import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions.EidIdentityStatusLevelValues; import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.api.idp.auth.data.IAuthProcessDataContainer; @@ -37,8 +38,9 @@ import at.gv.egiz.eaaf.core.exceptions.EaafBuilderException; import at.gv.egiz.eaaf.core.exceptions.EaafException; import at.gv.egiz.eaaf.core.impl.data.Pair; import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData; +import at.gv.egiz.eaaf.core.impl.idp.EidAuthenticationData; import at.gv.egiz.eaaf.core.impl.idp.auth.builder.AbstractAuthenticationDataBuilder; -import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; +import at.gv.egiz.eaaf.core.impl.idp.auth.data.EidAuthProcessDataWrapper; import lombok.extern.slf4j.Slf4j; @Service("AuthenticationDataBuilder") @@ -47,9 +49,9 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder @Override protected IAuthData buildDeprecatedAuthData(IRequest pendingReq) throws EaafException { - final IAuthProcessDataContainer authProcessData = - pendingReq.getSessionData(AuthProcessDataWrapper.class); - AuthenticationData authData = new AuthenticationData(); + final EidAuthProcessDataWrapper authProcessData = + pendingReq.getSessionData(EidAuthProcessDataWrapper.class); + EidAuthenticationData authData = new EidAuthenticationData(); //set basis infos super.generateDeprecatedBasicAuthData(authData, pendingReq, authProcessData); @@ -58,6 +60,9 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder authData.setSsoSessionValidTo( new Date(new Date().getTime() + MsEidasNodeConstants.DEFAULT_PVP_ASSERTION_VALIDITY * 60 * 1000)); + authData.setEidStatus(authProcessData.isTestIdentity() + ? EidIdentityStatusLevelValues.TESTIDENTITY : EidIdentityStatusLevelValues.IDENTITY); + return authData; } @@ -65,16 +70,21 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder @Override protected void buildServiceSpecificAuthenticationData(IAuthData authData, IRequest pendingReq) throws EaafException { - if (authData instanceof AuthenticationData) { - ((AuthenticationData)authData).setGenericData( + if (authData instanceof EidAuthenticationData) { + ((EidAuthenticationData)authData).setGenericData( ExtendedPvpAttributeDefinitions.EID_PII_TRANSACTION_ID_NAME, pendingReq.getUniquePiiTransactionIdentifier()); log.trace("Inject piiTransactionId: {} into AuthData", pendingReq.getUniquePiiTransactionIdentifier()); // set specific informations - ((AuthenticationData)authData).setSsoSessionValidTo( + ((EidAuthenticationData)authData).setSsoSessionValidTo( new Date(new Date().getTime() + MsEidasNodeConstants.DEFAULT_PVP_ASSERTION_VALIDITY * 60 * 1000)); + //set E-ID status-level + final EidAuthProcessDataWrapper authProcessData = + pendingReq.getSessionData(EidAuthProcessDataWrapper.class); + ((EidAuthenticationData)authData).setEidStatus(authProcessData.isTestIdentity() + ? EidIdentityStatusLevelValues.TESTIDENTITY : EidIdentityStatusLevelValues.IDENTITY); } else { throw new RuntimeException("Can not inject PiiTransactionId because AuthData is of unknown type: " @@ -86,7 +96,7 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder @Override protected IAuthData getAuthDataInstance(IRequest arg0) throws EaafException { - return new AuthenticationData(); + return new EidAuthenticationData(); } diff --git a/connector/src/main/resources/application.properties b/connector/src/main/resources/application.properties index 9a4ae54f..2411fde3 100644 --- a/connector/src/main/resources/application.properties +++ b/connector/src/main/resources/application.properties @@ -48,6 +48,8 @@ eidas.ms.core.pendingrequestid.digist.algorithm=HmacSHA256 ## eIDAS Ref. Implementation connector ### eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector +eidas.ms.auth.eIDAS.eid.testidentity.default=false + #eidas.ms.auth.eIDAS.node_v2.forward.endpoint= eidas.ms.auth.eIDAS.node_v2.forward.method=POST eidas.ms.auth.eIDAS.node_v2.countrycode=AT diff --git a/connector/src/main/resources/specific_eIDAS_connector.beans.xml b/connector/src/main/resources/specific_eIDAS_connector.beans.xml index f6fdeefe..0f8511d5 100644 --- a/connector/src/main/resources/specific_eIDAS_connector.beans.xml +++ b/connector/src/main/resources/specific_eIDAS_connector.beans.xml @@ -49,6 +49,9 @@ + + + + + + + diff --git a/connector/src/test/resources/spring/SpringTest_connector.beans.xml b/connector/src/test/resources/spring/SpringTest_connector.beans.xml index ba385cb9..83acf445 100644 --- a/connector/src/test/resources/spring/SpringTest_connector.beans.xml +++ b/connector/src/test/resources/spring/SpringTest_connector.beans.xml @@ -41,6 +41,9 @@ + + + + + + spConfig = new HashMap<>(); spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp"); @@ -153,15 +154,44 @@ public class ReceiveEidasResponseTaskTest { IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId()); Assert.assertNotNull("pendingReq not stored", storedReq); - final AuthProcessDataWrapper authProcessData = storedReq.getSessionData(AuthProcessDataWrapper.class); + final EidAuthProcessDataWrapper authProcessData = storedReq.getSessionData(EidAuthProcessDataWrapper.class); Assert.assertEquals("LoA", eidasResponse.getLevelOfAssurance(), authProcessData.getQaaLevel()); Assert.assertNotNull("eIDAS response", authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE)); Assert.assertEquals("eIDAS response", eidasResponse, authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE)); + Assert.assertFalse("testIdentity flag", authProcessData.isTestIdentity()); } + @Test + public void successWithTestIdentity() throws URISyntaxException, TaskExecutionException, PendingReqIdValidationException { + basicConfig.putConfigValue("eidas.ms.auth.eIDAS.eid.testidentity.default", "true"); + + @NotNull + AuthenticationResponse eidasResponse = buildDummyAuthResponse(Constants.SUCCESS_URI); + httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse); + executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU"); + + //execute test + task.execute(pendingReq, executionContext); + + //validate state + IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId()); + Assert.assertNotNull("pendingReq not stored", storedReq); + + final EidAuthProcessDataWrapper authProcessData = storedReq.getSessionData(EidAuthProcessDataWrapper.class); + Assert.assertEquals("LoA", eidasResponse.getLevelOfAssurance(), authProcessData.getQaaLevel()); + Assert.assertNotNull("eIDAS response", + authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE)); + Assert.assertEquals("eIDAS response", eidasResponse, + authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE)); + Assert.assertTrue("testIdentity flag", authProcessData.isTestIdentity()); + + } + + + @NotNull private AuthenticationResponse buildDummyAuthResponse(String statusCode) throws URISyntaxException { final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( diff --git a/infos/handbook-work_in_progress.docx b/infos/handbook-work_in_progress.docx index d311fa80..192db5d4 100644 Binary files a/infos/handbook-work_in_progress.docx and b/infos/handbook-work_in_progress.docx differ diff --git a/pom.xml b/pom.xml index 46d02706..808d71b9 100644 --- a/pom.xml +++ b/pom.xml @@ -22,7 +22,7 @@ 0.3 0.4 - 1.1.11 + 1.1.13-SNAPSHOT 2.4.1 2.3.1 -- cgit v1.2.3 From ddf39a5b497925204be868a77bcb746277bb2c8b Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Thu, 11 Mar 2021 17:30:18 +0100 Subject: update package names after refactoring of eaaf-components --- .../specific/connector/test/utils/AuthenticationDataBuilderTest.java | 4 ++-- .../specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java index 0df8638c..52932c8c 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java @@ -44,8 +44,8 @@ import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException; import at.gv.egiz.eaaf.core.exceptions.EaafBuilderException; import at.gv.egiz.eaaf.core.exceptions.EaafParserException; import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; +import at.gv.egiz.eaaf.core.impl.builder.BpkBuilder; import at.gv.egiz.eaaf.core.impl.idp.EidAuthenticationData; -import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BpkBuilder; import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; import at.gv.egiz.eaaf.core.impl.idp.auth.data.EidAuthProcessDataWrapper; import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser; @@ -169,7 +169,7 @@ public class AuthenticationDataBuilderTest { public void moaIdMode() throws EaafAuthenticationException, EaafBuilderException { //initialize state boolean isTestIdentity = RandomUtils.nextBoolean(); - pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(true); + pendingReq.getSessionData(EidAuthProcessDataWrapper.class).setTestIdentity(true); pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(false); IIdentityLink idl = buildDummyIdl(); pendingReq.getSessionData(AuthProcessDataWrapper.class).setIdentityLink(idl); diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java index b519354c..f4849b07 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java @@ -64,8 +64,8 @@ import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.exceptions.EaafException; import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; +import at.gv.egiz.eaaf.core.impl.builder.BpkBuilder; import at.gv.egiz.eaaf.core.impl.data.Pair; -import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BpkBuilder; import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser; import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask; -- cgit v1.2.3 From 7a1196805baad8fe055f92cfa8746c67684749b9 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Fri, 12 Mar 2021 10:46:59 +0100 Subject: update StatusMessageProvider for better distiguish between internal and external errorCodes --- .../specific/connector/provider/StatusMessageProvider.java | 14 ++++++++++---- .../test/utils/AuthenticationDataBuilderTest.java | 2 +- 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/StatusMessageProvider.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/StatusMessageProvider.java index 073f7513..e83d9d49 100644 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/StatusMessageProvider.java +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/StatusMessageProvider.java @@ -28,6 +28,7 @@ import java.util.Locale; import java.util.MissingResourceException; import java.util.ResourceBundle; +import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.stereotype.Service; @@ -94,11 +95,10 @@ public class StatusMessageProvider implements IStatusMessenger { public String getResponseErrorCode(Throwable throwable) { String errorCode = IStatusMessenger.CODES_EXTERNAL_ERROR_GENERIC; if (throwable instanceof EaafException) { - errorCode = mapInternalErrorToExternalError(((EaafException) throwable).getErrorId()); + errorCode = ((EaafException) throwable).getErrorId(); } - // TODO: maybe more internal switches are required - + return errorCode; } @@ -120,7 +120,13 @@ public class StatusMessageProvider implements IStatusMessenger { } else { try { - return externalError.getString(intErrorCode); + if (StringUtils.isNotEmpty(intErrorCode)) { + return externalError.getString(intErrorCode); + + } else { + return IStatusMessenger.CODES_EXTERNAL_ERROR_GENERIC; + + } } catch (final MissingResourceException e2) { log.info(MessageFormat.format(ERROR_NO_EXTERNALERROR_CODE, new Object[] { intErrorCode })); diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java index 52932c8c..cea20f04 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java @@ -169,7 +169,7 @@ public class AuthenticationDataBuilderTest { public void moaIdMode() throws EaafAuthenticationException, EaafBuilderException { //initialize state boolean isTestIdentity = RandomUtils.nextBoolean(); - pendingReq.getSessionData(EidAuthProcessDataWrapper.class).setTestIdentity(true); + pendingReq.getSessionData(EidAuthProcessDataWrapper.class).setTestIdentity(isTestIdentity); pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(false); IIdentityLink idl = buildDummyIdl(); pendingReq.getSessionData(AuthProcessDataWrapper.class).setIdentityLink(idl); -- cgit v1.2.3 From 291905eed9c187444c83657241b589d31d825149 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Wed, 12 May 2021 12:46:07 +0200 Subject: update third-party libs to latest versions --- basicConfig/templates/error_message.html | 10 +- connector/pom.xml | 14 +++ connector/src/main/resources/logback.xml | 107 +-------------------- .../resources/specific_eIDAS_connector.beans.xml | 3 + .../connector/test/FullStartUpAndProcessTest.java | 2 +- .../test/utils/AuthenticationDataBuilderTest.java | 2 +- .../spring/SpringTest_connector.beans.xml | 3 + eidas_modules/authmodule-eIDAS-v2/pom.xml | 4 + .../modules/auth/eidas/v2/test/SzrClientTest.java | 9 +- .../tasks/CreateIdentityLinkTaskEidNewTest.java | 2 +- .../v2/test/tasks/CreateIdentityLinkTaskTest.java | 2 +- infos/handbook-work_in_progress.docx | Bin 44445 -> 44928 bytes infos/readme_1.2.0.md | 7 +- pom.xml | 33 ++++--- 14 files changed, 63 insertions(+), 135 deletions(-) diff --git a/basicConfig/templates/error_message.html b/basicConfig/templates/error_message.html index f9788f6a..b1367962 100644 --- a/basicConfig/templates/error_message.html +++ b/basicConfig/templates/error_message.html @@ -21,16 +21,12 @@

Error Information


-

Code :

+

Code :

Msg :

- -
-

fullError

-
- + - \ No newline at end of file + diff --git a/connector/pom.xml b/connector/pom.xml index 36a6d9df..6516e351 100644 --- a/connector/pom.xml +++ b/connector/pom.xml @@ -135,6 +135,20 @@ com.github.skjolber mockito-soap-cxf test + org.powermock diff --git a/connector/src/main/resources/logback.xml b/connector/src/main/resources/logback.xml index 7aa2d0cc..9679d9e4 100644 --- a/connector/src/main/resources/logback.xml +++ b/connector/src/main/resources/logback.xml @@ -8,96 +8,6 @@ - - - logs/eidas-ms-specific.log - - %5p | %d{dd HH:mm:ss,SSS} | %t | %m%n - - - 9999 - logs/eidas-ms-specific.log.%i - - - - 10000KB - - - - - logs/eIDAS_node.log - - %5p | %d{dd HH:mm:ss,SSS} | %t | %m%n - - - 9999 - logs/eIDAS_node.log.%i - - - - 10000KB - - - - - logs/eidas-ms-reversion.log - - %5p | %d{dd HH:mm:ss,SSS} | %t | %m%n - - - 9999 - logs/eidas-ms-reversion.log.%i - - - - 10000KB - - - - - logs/eidas-ms-statistic.log - - %m%n - - - 9999 - logs/eidas-ms-statistic.log.%i - - - - 10000KB - - - - - logs/console.log - - %5p | %d{dd HH:mm:ss,SSS} | %t | %m%n - - - 9999 - logs/console.log.%i - - - - 10000KB - - @@ -105,27 +15,16 @@ - + - + - - - - - - - + - diff --git a/connector/src/main/resources/specific_eIDAS_connector.beans.xml b/connector/src/main/resources/specific_eIDAS_connector.beans.xml index 0f8511d5..df2a9aa4 100644 --- a/connector/src/main/resources/specific_eIDAS_connector.beans.xml +++ b/connector/src/main/resources/specific_eIDAS_connector.beans.xml @@ -82,6 +82,9 @@
+ + diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java index f50829c7..64e8272e 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java @@ -50,7 +50,7 @@ import org.springframework.web.context.WebApplicationContext; import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.ServletRequestAttributes; -import com.skjolberg.mockito.soap.SoapServiceRule; +import com.github.skjolber.mockito.soap.SoapServiceRule; import at.asitplus.eidas.specific.connector.controller.ProcessEngineSignalController; import at.asitplus.eidas.specific.connector.controller.Pvp2SProfileEndpoint; diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java index cea20f04..17ecb2ca 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java @@ -199,7 +199,7 @@ public class AuthenticationDataBuilderTest { Assert.assertEquals("FamilyName", idl.getFamilyName(), authData.getFamilyName()); Assert.assertEquals("GivenName", idl.getGivenName(), authData.getGivenName()); - Assert.assertEquals("DateOfBirth", idl.getDateOfBirth(), authData.getFormatedDateOfBirth()); + Assert.assertEquals("DateOfBirth", idl.getDateOfBirth(), authData.getDateOfBirth()); Assert.assertEquals("bPK", BpkBuilder.generateAreaSpecificPersonIdentifier( idl.getIdentificationValue(), EaafConstants.URN_PREFIX_CDID + "XX").getFirst(), diff --git a/connector/src/test/resources/spring/SpringTest_connector.beans.xml b/connector/src/test/resources/spring/SpringTest_connector.beans.xml index 83acf445..4d770570 100644 --- a/connector/src/test/resources/spring/SpringTest_connector.beans.xml +++ b/connector/src/test/resources/spring/SpringTest_connector.beans.xml @@ -74,6 +74,9 @@ + + diff --git a/eidas_modules/authmodule-eIDAS-v2/pom.xml b/eidas_modules/authmodule-eIDAS-v2/pom.xml index 074a4205..78039e9c 100644 --- a/eidas_modules/authmodule-eIDAS-v2/pom.xml +++ b/eidas_modules/authmodule-eIDAS-v2/pom.xml @@ -102,6 +102,10 @@ org.springframework spring-webmvc + + org.apache.cxf + cxf-core + org.apache.cxf cxf-rt-frontend-jaxws diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java index cf4ed95c..786b10de 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java @@ -54,6 +54,8 @@ import org.junit.runner.RunWith; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.test.annotation.DirtiesContext; +import org.springframework.test.annotation.DirtiesContext.ClassMode; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import org.springframework.util.Base64Utils; @@ -63,7 +65,7 @@ import org.xml.sax.SAXException; import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.databind.JsonMappingException; import com.fasterxml.jackson.databind.ObjectMapper; -import com.skjolberg.mockito.soap.SoapServiceRule; +import com.github.skjolber.mockito.soap.SoapServiceRule; import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; @@ -96,6 +98,7 @@ import szrservices.TravelDocumentType; @ContextConfiguration(locations = { "/SpringTest-context_tasks_test.xml", "/SpringTest-context_basic_mapConfig.xml"}) +@DirtiesContext(classMode = ClassMode.AFTER_CLASS) public class SzrClientTest { private static final Logger log = LoggerFactory.getLogger(SzrClientTest.class); @@ -134,9 +137,11 @@ public class SzrClientTest { eidData.setPseudonym("1234sdgsdfg56789ABCDEF"); basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject", "false"); - + } + + @Test public void getStammzahlenEcryptedTest() throws JAXBException, SZRException_Exception, SzrCommunicationException { diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java index 0621081a..175f95e6 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java @@ -40,7 +40,7 @@ import org.springframework.web.context.request.ServletRequestAttributes; import com.fasterxml.jackson.databind.JsonNode; import com.fasterxml.jackson.databind.ObjectMapper; -import com.skjolberg.mockito.soap.SoapServiceRule; +import com.github.skjolber.mockito.soap.SoapServiceRule; import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap; diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java index 8c7558dd..e880178f 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java @@ -28,7 +28,7 @@ import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.ServletRequestAttributes; -import com.skjolberg.mockito.soap.SoapServiceRule; +import com.github.skjolber.mockito.soap.SoapServiceRule; import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap; diff --git a/infos/handbook-work_in_progress.docx b/infos/handbook-work_in_progress.docx index 192db5d4..3f2c6afd 100644 Binary files a/infos/handbook-work_in_progress.docx and b/infos/handbook-work_in_progress.docx differ diff --git a/infos/readme_1.2.0.md b/infos/readme_1.2.0.md index 98e18ccb..5b25d3f9 100644 --- a/infos/readme_1.2.0.md +++ b/infos/readme_1.2.0.md @@ -1,4 +1,4 @@ -# MS-Connector v1.2.0 Release vom xx.xx.2021 +# MS-Connector v1.2.0 Release vom 12.05.2021 Der MS-Connector implementiert eine Bridge zwischen dem österreichischen E-ID System und dem eIDAS Framework um ausländischen Benutzern eine Anmeldung am österreichischen Service-Providern zu ermöglichen. @@ -27,7 +27,7 @@ Nachfolgend finden Sie die erforderlichen Schritte für das Update eines bestehe 1. Stoppen Sie die *MS-Connector* Applikation und fertigen Sie eine Sicherungskopie Ihrer Applikation inklusive Konfiguration an 2. Entpacken Sie das Releasepacket *ms_specific_connector-1.2.0-dist.zip* in ein temporäres Verzeichnis welches in weiterer Folge __MsConnectorPackage__ bezeichnet wird. 3. Kopieren sie die Applikation __MsConnectorPackage__/ms_connector.war nach in das Applikationsverzeichnis ihres Applikationsservers -4. Mit der Version 1.2.0 wurde die Konfiguration eine eine Minimalkonfiguration [`default_config.properties`](./../config/default_config.properties) und eine in den MS-Connectorintegrierte Defaultkonfiguration aufgteilt. Die nachfolgende Aufzählung umfasst die neuen oder geänderten Konfigurationsparameter, beschreibt jedoch keine Aufteilung einer bestehenden Konfiguration in Minimal- und Defaultteil. Eine vollständige Beschreibung aller Konfigurationswerte finden Sie **hier**. +4. Mit der Version 1.2.0 wurde die Konfiguration eine eine Minimalkonfiguration [`default_config.properties`](./../config/default_config.properties) und eine in den MS-Connectorintegrierte Defaultkonfiguration aufgteilt. Die nachfolgende Aufzählung umfasst die neuen oder geänderten Konfigurationsparameter, beschreibt jedoch keine Aufteilung einer bestehenden Konfiguration in Minimal- und Defaultteil. Eine vollständige Beschreibung aller Konfigurationswerte finden Sie im Handbuch zum AT MS-Connector. 5. Update bestehender Dateien . Die nachfolgenden Dateien wurden geändert und erfordern eine Anpassung oder eine Übernahme dem Releasepacket, sofern die Anpassung nicht bereits durchgeführt wurde * __MsConnectorPackage__/config/templates/error_message.html @@ -53,7 +53,6 @@ Nachfolgend finden Sie die erforderlichen Schritte für das Update eines bestehe - *eIDAS Node Kommunikation* * ```eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm``` * ```eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll``` - * ```eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm``` - * ```eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm``` - *ID Austria Umsetzung* + - ```eidas.ms.auth.eIDAS.eid.testidentity.default``` - ```eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject``` diff --git a/pom.xml b/pom.xml index 808d71b9..2b557e9a 100644 --- a/pom.xml +++ b/pom.xml @@ -22,32 +22,32 @@ 0.3 0.4 - 1.1.13-SNAPSHOT + 1.1.13 - 2.4.1 - 2.3.1 - 5.3.2 - 3.0.11.RELEASE - 3.4.1 + 2.4.5 + 2.4.1 + 5.3.6 + 3.0.12.RELEASE + 3.3.5 2.5.0 - 3.11 + 3.12.0 1.9 4.4 - 30.0-jre - 2.10.8 + 30.1.1-jre + 2.10.10 1.7.30 - 2.12.0 + 2.12.3 2.0.1.Final 6.1.5.Final - 4.13.1 + 4.13.2 2.22.2 - 1.0.5 + 1.2.0 4.0.0 @@ -64,7 +64,7 @@ - 1.18.12 + 1.18.20 3.8.1 2.8.1 1.20 @@ -267,6 +267,11 @@ joda-time ${joda-time.version} + + org.apache.cxf + cxf-core + ${cxf.version} + org.apache.cxf cxf-rt-frontend-jaxws @@ -280,7 +285,7 @@ javax.servlet javax.servlet-api - 3.0.1 + 3.1.0 provided -- cgit v1.2.3 From 30cc38a77b37697af7cbd6d2d8f24c90fe08b959 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Wed, 12 May 2021 20:38:12 +0200 Subject: switch to release version --- .gitlab-ci.yml | 3 ++- basicConfig/eIDAS/igniteSpecificCommunication.xml | 19 ++++++++++++++++++- build_reporting/pom.xml | 2 +- connector/pom.xml | 2 +- connector_lib/pom.xml | 2 +- eidas_modules/authmodule-eIDAS-v2/pom.xml | 2 +- eidas_modules/pom.xml | 2 +- infos/Handbuch_MS-eIDAS-Node.docx | Bin 0 -> 64139 bytes infos/handbook/Handbuch_MS-eIDAS-Node.pdf | Bin 0 -> 871397 bytes infos/readme_1.2.0.md | 7 ++++--- pom.xml | 2 +- 11 files changed, 30 insertions(+), 11 deletions(-) create mode 100644 infos/Handbuch_MS-eIDAS-Node.docx create mode 100644 infos/handbook/Handbuch_MS-eIDAS-Node.pdf diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 364d19fb..166c8d57 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,4 +1,5 @@ -image: maven:latest +#image: maven:latest +image: maven:3.6.3-jdk-11 variables: LC_ALL: "en_US.UTF-8" diff --git a/basicConfig/eIDAS/igniteSpecificCommunication.xml b/basicConfig/eIDAS/igniteSpecificCommunication.xml index f817f5a4..da61cbf1 100644 --- a/basicConfig/eIDAS/igniteSpecificCommunication.xml +++ b/basicConfig/eIDAS/igniteSpecificCommunication.xml @@ -53,30 +53,35 @@ + + - + + + + @@ -106,4 +111,16 @@ + + + + + + + + + + diff --git a/build_reporting/pom.xml b/build_reporting/pom.xml index eca57a03..36e9877d 100644 --- a/build_reporting/pom.xml +++ b/build_reporting/pom.xml @@ -6,7 +6,7 @@ at.asitplus.eidas ms_specific - 1.1.1-SNAPSHOT + 1.2.0 build_reporting pom diff --git a/connector/pom.xml b/connector/pom.xml index 6516e351..afe9f81c 100644 --- a/connector/pom.xml +++ b/connector/pom.xml @@ -6,7 +6,7 @@ at.asitplus.eidas ms_specific - 1.1.1-SNAPSHOT + 1.2.0 at.asitplus.eidas.ms_specific diff --git a/connector_lib/pom.xml b/connector_lib/pom.xml index f24a2801..c3d28008 100644 --- a/connector_lib/pom.xml +++ b/connector_lib/pom.xml @@ -7,7 +7,7 @@ at.asitplus.eidas ms_specific - 1.1.1-SNAPSHOT + 1.2.0 at.asitplus.eidas.ms_specific connector_lib diff --git a/eidas_modules/authmodule-eIDAS-v2/pom.xml b/eidas_modules/authmodule-eIDAS-v2/pom.xml index 78039e9c..e95175d1 100644 --- a/eidas_modules/authmodule-eIDAS-v2/pom.xml +++ b/eidas_modules/authmodule-eIDAS-v2/pom.xml @@ -6,7 +6,7 @@ at.asitplus.eidas.ms_specific modules - 1.1.1-SNAPSHOT + 1.2.0 at.asitplus.eidas.ms_specific.modules authmodule-eIDAS-v2 diff --git a/eidas_modules/pom.xml b/eidas_modules/pom.xml index 701ee39b..4389637d 100644 --- a/eidas_modules/pom.xml +++ b/eidas_modules/pom.xml @@ -4,7 +4,7 @@ at.asitplus.eidas ms_specific - 1.1.1-SNAPSHOT + 1.2.0 at.asitplus.eidas.ms_specific modules diff --git a/infos/Handbuch_MS-eIDAS-Node.docx b/infos/Handbuch_MS-eIDAS-Node.docx new file mode 100644 index 00000000..7bb5c919 Binary files /dev/null and b/infos/Handbuch_MS-eIDAS-Node.docx differ diff --git a/infos/handbook/Handbuch_MS-eIDAS-Node.pdf b/infos/handbook/Handbuch_MS-eIDAS-Node.pdf new file mode 100644 index 00000000..dd79201f Binary files /dev/null and b/infos/handbook/Handbuch_MS-eIDAS-Node.pdf differ diff --git a/infos/readme_1.2.0.md b/infos/readme_1.2.0.md index 5b25d3f9..2b4638cf 100644 --- a/infos/readme_1.2.0.md +++ b/infos/readme_1.2.0.md @@ -28,9 +28,10 @@ Nachfolgend finden Sie die erforderlichen Schritte für das Update eines bestehe 2. Entpacken Sie das Releasepacket *ms_specific_connector-1.2.0-dist.zip* in ein temporäres Verzeichnis welches in weiterer Folge __MsConnectorPackage__ bezeichnet wird. 3. Kopieren sie die Applikation __MsConnectorPackage__/ms_connector.war nach in das Applikationsverzeichnis ihres Applikationsservers 4. Mit der Version 1.2.0 wurde die Konfiguration eine eine Minimalkonfiguration [`default_config.properties`](./../config/default_config.properties) und eine in den MS-Connectorintegrierte Defaultkonfiguration aufgteilt. Die nachfolgende Aufzählung umfasst die neuen oder geänderten Konfigurationsparameter, beschreibt jedoch keine Aufteilung einer bestehenden Konfiguration in Minimal- und Defaultteil. Eine vollständige Beschreibung aller Konfigurationswerte finden Sie im Handbuch zum AT MS-Connector. -5. Update bestehender Dateien . Die nachfolgenden Dateien wurden geändert und erfordern eine Anpassung oder eine Übernahme dem Releasepacket, sofern die Anpassung nicht bereits durchgeführt wurde - - * __MsConnectorPackage__/config/templates/error_message.html +5. Update bestehender Dateien . Die nachfolgenden Dateien wurden geändert und erfordern eine Anpassung oder eine Übernahme dem Releasepacket, sofern die Anpassung nicht bereits durchgeführt wurde. Sofern die entsprechenden Datein an die bestehende Infrastruktur angepasst wurden so müssen diese Änderungen übernommen werden. + - __MsConnectorPackage__/config/templates/error_message.html + - __MsConnectorPackage__/config/eIDAS/igniteSpecificCommunication.xml + Hinweis: Siehe auch Update-Hinweise zur EIDAS-Node v2.5 6. Erstellung neuer Dateien - _KeyStore für ID Austria AuthBlock:_ Erstellen eines KeyStore mit mit öffentlichem und privaten Schlüssel welcher für die JWS Signature des technischen ID Austria AuthBlocks verwendet werden soll. 7. Neue Konfigurationsparameter diff --git a/pom.xml b/pom.xml index 2b557e9a..e89fb51a 100644 --- a/pom.xml +++ b/pom.xml @@ -5,7 +5,7 @@ 4.0.0 at.asitplus.eidas ms_specific - 1.1.1-SNAPSHOT + 1.2.0 pom MS specific eIDAS components -- cgit v1.2.3 From 34d5786b43c8562fe007392d7835a051e063f49f Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Fri, 14 May 2021 07:39:52 +0200 Subject: switch to next snapshot version --- build_reporting/pom.xml | 2 +- connector/pom.xml | 2 +- connector_lib/pom.xml | 2 +- eidas_modules/authmodule-eIDAS-v2/pom.xml | 2 +- eidas_modules/pom.xml | 2 +- pom.xml | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/build_reporting/pom.xml b/build_reporting/pom.xml index 36e9877d..d604e25f 100644 --- a/build_reporting/pom.xml +++ b/build_reporting/pom.xml @@ -6,7 +6,7 @@ at.asitplus.eidas ms_specific - 1.2.0 + 1.2.1-SNAPSHOT build_reporting pom diff --git a/connector/pom.xml b/connector/pom.xml index afe9f81c..e39c71d4 100644 --- a/connector/pom.xml +++ b/connector/pom.xml @@ -6,7 +6,7 @@ at.asitplus.eidas ms_specific - 1.2.0 + 1.2.1-SNAPSHOT at.asitplus.eidas.ms_specific diff --git a/connector_lib/pom.xml b/connector_lib/pom.xml index c3d28008..71ef7e92 100644 --- a/connector_lib/pom.xml +++ b/connector_lib/pom.xml @@ -7,7 +7,7 @@ at.asitplus.eidas ms_specific - 1.2.0 + 1.2.1-SNAPSHOT at.asitplus.eidas.ms_specific connector_lib diff --git a/eidas_modules/authmodule-eIDAS-v2/pom.xml b/eidas_modules/authmodule-eIDAS-v2/pom.xml index e95175d1..b850d4f3 100644 --- a/eidas_modules/authmodule-eIDAS-v2/pom.xml +++ b/eidas_modules/authmodule-eIDAS-v2/pom.xml @@ -6,7 +6,7 @@ at.asitplus.eidas.ms_specific modules - 1.2.0 + 1.2.1-SNAPSHOT at.asitplus.eidas.ms_specific.modules authmodule-eIDAS-v2 diff --git a/eidas_modules/pom.xml b/eidas_modules/pom.xml index 4389637d..f574e385 100644 --- a/eidas_modules/pom.xml +++ b/eidas_modules/pom.xml @@ -4,7 +4,7 @@ at.asitplus.eidas ms_specific - 1.2.0 + 1.2.1-SNAPSHOT at.asitplus.eidas.ms_specific modules diff --git a/pom.xml b/pom.xml index e89fb51a..2c934fb0 100644 --- a/pom.xml +++ b/pom.xml @@ -5,7 +5,7 @@ 4.0.0 at.asitplus.eidas ms_specific - 1.2.0 + 1.2.1-SNAPSHOT pom MS specific eIDAS components -- cgit v1.2.3 From 0b1973c22e8f9e799a57629f4653324395b73664 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Thu, 27 May 2021 17:19:01 +0200 Subject: fix broken language selection in GUI --- basicConfig/properties/messages.properties | 2 ++ .../connector/config/StaticResourceConfiguration.java | 17 +++++++++++++++-- 2 files changed, 17 insertions(+), 2 deletions(-) diff --git a/basicConfig/properties/messages.properties b/basicConfig/properties/messages.properties index ea604cda..0420d8b9 100644 --- a/basicConfig/properties/messages.properties +++ b/basicConfig/properties/messages.properties @@ -80,6 +80,8 @@ gui.countryselection.country.lu=Luxembourg gui.countryselection.country.lu.logo.alt=Luxembourg-eID gui.countryselection.country.mt=Malta gui.countryselection.country.mt.logo.alt=Malta-eID +gui.countryselection.country.no=Norway +gui.countryselection.country.no.logo.alt=Norway-eID gui.countryselection.country.ro=Romania gui.countryselection.country.ro.logo.alt=Romania-eID gui.countryselection.country.sk=Slovakia diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/config/StaticResourceConfiguration.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/config/StaticResourceConfiguration.java index a1e953f1..b4d58cdd 100644 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/config/StaticResourceConfiguration.java +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/config/StaticResourceConfiguration.java @@ -33,9 +33,9 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.context.support.ReloadableResourceBundleMessageSource; -import org.springframework.web.servlet.config.annotation.EnableWebMvc; import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; +import org.springframework.web.servlet.i18n.CookieLocaleResolver; import org.thymeleaf.templateresolver.FileTemplateResolver; import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; @@ -50,7 +50,6 @@ import at.gv.egiz.eaaf.core.impl.utils.FileUtils; * */ @Configuration -@EnableWebMvc public class StaticResourceConfiguration implements WebMvcConfigurer { private static final Logger log = LoggerFactory.getLogger(StaticResourceConfiguration.class); private static final String[] CLASSPATH_RESOURCE_LOCATIONS = { @@ -159,6 +158,20 @@ public class StaticResourceConfiguration implements WebMvcConfigurer { } + /** + * Get a i18n resolver based on cookies. + * + * @return + */ + @Bean + public CookieLocaleResolver localeResolver() { + final CookieLocaleResolver localeResolver = new CookieLocaleResolver(); + localeResolver.setCookieName("currentLanguage"); + localeResolver.setCookieMaxAge(3600); + return localeResolver; + + } + /** * Get a Tyhmeleaf Template-Resolver with external configuration path. * -- cgit v1.2.3 From 429f65e3b18a702fc0f4585ee7258378eae88a79 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Fri, 28 May 2021 14:30:16 +0200 Subject: switch to next release version --- build_reporting/pom.xml | 2 +- connector/pom.xml | 2 +- connector_lib/pom.xml | 2 +- eidas_modules/authmodule-eIDAS-v2/pom.xml | 2 +- eidas_modules/pom.xml | 2 +- infos/readme_1.2.1.md | 57 +++++++++++++++++++++++++++++++ pom.xml | 2 +- 7 files changed, 63 insertions(+), 6 deletions(-) create mode 100644 infos/readme_1.2.1.md diff --git a/build_reporting/pom.xml b/build_reporting/pom.xml index d604e25f..7e43a418 100644 --- a/build_reporting/pom.xml +++ b/build_reporting/pom.xml @@ -6,7 +6,7 @@ at.asitplus.eidas ms_specific - 1.2.1-SNAPSHOT + 1.2.1 build_reporting pom diff --git a/connector/pom.xml b/connector/pom.xml index e39c71d4..f31f0a1d 100644 --- a/connector/pom.xml +++ b/connector/pom.xml @@ -6,7 +6,7 @@ at.asitplus.eidas ms_specific - 1.2.1-SNAPSHOT + 1.2.1 at.asitplus.eidas.ms_specific diff --git a/connector_lib/pom.xml b/connector_lib/pom.xml index 71ef7e92..b7a0fa24 100644 --- a/connector_lib/pom.xml +++ b/connector_lib/pom.xml @@ -7,7 +7,7 @@ at.asitplus.eidas ms_specific - 1.2.1-SNAPSHOT + 1.2.1 at.asitplus.eidas.ms_specific connector_lib diff --git a/eidas_modules/authmodule-eIDAS-v2/pom.xml b/eidas_modules/authmodule-eIDAS-v2/pom.xml index b850d4f3..d00058e1 100644 --- a/eidas_modules/authmodule-eIDAS-v2/pom.xml +++ b/eidas_modules/authmodule-eIDAS-v2/pom.xml @@ -6,7 +6,7 @@ at.asitplus.eidas.ms_specific modules - 1.2.1-SNAPSHOT + 1.2.1 at.asitplus.eidas.ms_specific.modules authmodule-eIDAS-v2 diff --git a/eidas_modules/pom.xml b/eidas_modules/pom.xml index f574e385..a1b6eb26 100644 --- a/eidas_modules/pom.xml +++ b/eidas_modules/pom.xml @@ -4,7 +4,7 @@ at.asitplus.eidas ms_specific - 1.2.1-SNAPSHOT + 1.2.1 at.asitplus.eidas.ms_specific modules diff --git a/infos/readme_1.2.1.md b/infos/readme_1.2.1.md new file mode 100644 index 00000000..290a12db --- /dev/null +++ b/infos/readme_1.2.1.md @@ -0,0 +1,57 @@ +# MS-Connector v1.2.1 Release vom 28.05.2021 + +Der MS-Connector implementiert eine Bridge zwischen dem österreichischen E-ID System und dem eIDAS Framework um ausländischen Benutzern eine Anmeldung am österreichischen Service-Providern zu ermöglichen. + +### Änderungen in dieser Version + + - Erforderliche Anpassungen zur Integration in den ID Austria + - Update auf eIDAS Ref. Impl. 2.5.0 (Implementiert eIDAS Spezifikation 1.2) + https://ec.europa.eu/cefdigital/wiki/display/CEFDIGITAL/eIDAS-Node+version+2.5 + - Codestabilisierung + - Monitoring und HealthChecks Verbesserungen + - Akutalisierung von Drittherstellerbibliotheken + - Bugfix in Version 1.2.1 + - Möglichen Fehler in der Sprachauswahl via GUI behoben + + + + +### Durchführen eines Updates + +Nachfolgend finden Sie die erforderlichen Schritte für das Update eines bestehenden MS-specific eIDAS Connectors auf die aktuelle Version 1.2.1. Das vollständige Handbuch mit allen Konfigurationsparametern finden Sie im Releasepackage im Verzeichnis: _infos/handbook/_ + +### Ausgehend von einer bestehenden Version 1.1.0 + +1. Stoppen Sie die *MS-Connector* Applikation und fertigen Sie eine Sicherungskopie Ihrer Applikation inklusive Konfiguration an +2. Entpacken Sie das Releasepacket *ms_specific_connector-1.2.1-dist.zip* in ein temporäres Verzeichnis welches in weiterer Folge __MsConnectorPackage__ bezeichnet wird. +3. Kopieren sie die Applikation __MsConnectorPackage__/ms_connector.war nach in das Applikationsverzeichnis ihres Applikationsservers +4. Mit der Version 1.2.0 wurde die Konfiguration eine eine Minimalkonfiguration [`default_config.properties`](./../config/default_config.properties) und eine in den MS-Connectorintegrierte Defaultkonfiguration aufgteilt. Die nachfolgende Aufzählung umfasst die neuen oder geänderten Konfigurationsparameter, beschreibt jedoch keine Aufteilung einer bestehenden Konfiguration in Minimal- und Defaultteil. Eine vollständige Beschreibung aller Konfigurationswerte finden Sie im Handbuch zum AT MS-Connector. +5. Update bestehender Dateien . Die nachfolgenden Dateien wurden geändert und erfordern eine Anpassung oder eine Übernahme dem Releasepacket, sofern die Anpassung nicht bereits durchgeführt wurde. Sofern die entsprechenden Datein an die bestehende Infrastruktur angepasst wurden so müssen diese Änderungen übernommen werden. + - __MsConnectorPackage__/config/templates/error_message.html + - __MsConnectorPackage__/config/eIDAS/igniteSpecificCommunication.xml + Hinweis: Siehe auch Update-Hinweise zur EIDAS-Node v2.5 +6. Erstellung neuer Dateien + - _KeyStore für ID Austria AuthBlock:_ Erstellen eines KeyStore mit mit öffentlichem und privaten Schlüssel welcher für die JWS Signature des technischen ID Austria AuthBlocks verwendet werden soll. +7. Neue Konfigurationsparameter + - *Allgemeine Konfiguration* + - ```eidas.ms.core.configRootDir``` + - *ID Austria Umsetzung* + - ```eidas.ms.auth.eIDAS.authblock.keystore.type``` + - ```eidas.ms.auth.eIDAS.authblock.keystore.path``` + - ```eidas.ms.auth.eIDAS.authblock.keystore.password``` + - ```eidas.ms.auth.eIDAS.authblock.key.alias``` + - ```eidas.ms.auth.eIDAS.authblock.key.password``` + - *Service-Provider Konfiguration Konfiguration* + - ```eidas.ms.sp.x.newEidMode``` +8. Gelöschte Konfigurationsparameter + + - ```authhandler.modules.bindingservice.bpk.target``` +9. Neue optionale Konfigurationsparameter + - *Allgemeine Konfiguration* + - ```eidas.ms.core.logging.level.info.errorcodes``` + - *eIDAS Node Kommunikation* + * ```eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm``` + * ```eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll``` + - *ID Austria Umsetzung* + - ```eidas.ms.auth.eIDAS.eid.testidentity.default``` + - ```eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject``` diff --git a/pom.xml b/pom.xml index 2c934fb0..81c4e113 100644 --- a/pom.xml +++ b/pom.xml @@ -5,7 +5,7 @@ 4.0.0 at.asitplus.eidas ms_specific - 1.2.1-SNAPSHOT + 1.2.1 pom MS specific eIDAS components -- cgit v1.2.3 From 293ad818005f6d0434f2e1140535e9e7b9e5cd25 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Fri, 28 May 2021 14:31:51 +0200 Subject: switch to next snapshot version --- build_reporting/pom.xml | 2 +- connector/pom.xml | 2 +- connector_lib/pom.xml | 2 +- eidas_modules/authmodule-eIDAS-v2/pom.xml | 2 +- eidas_modules/pom.xml | 2 +- pom.xml | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/build_reporting/pom.xml b/build_reporting/pom.xml index 7e43a418..0bad67af 100644 --- a/build_reporting/pom.xml +++ b/build_reporting/pom.xml @@ -6,7 +6,7 @@ at.asitplus.eidas ms_specific - 1.2.1 + 1.2.2-SNAPSHOT build_reporting pom diff --git a/connector/pom.xml b/connector/pom.xml index f31f0a1d..66aaf225 100644 --- a/connector/pom.xml +++ b/connector/pom.xml @@ -6,7 +6,7 @@ at.asitplus.eidas ms_specific - 1.2.1 + 1.2.2-SNAPSHOT at.asitplus.eidas.ms_specific diff --git a/connector_lib/pom.xml b/connector_lib/pom.xml index b7a0fa24..f9d39966 100644 --- a/connector_lib/pom.xml +++ b/connector_lib/pom.xml @@ -7,7 +7,7 @@ at.asitplus.eidas ms_specific - 1.2.1 + 1.2.2-SNAPSHOT at.asitplus.eidas.ms_specific connector_lib diff --git a/eidas_modules/authmodule-eIDAS-v2/pom.xml b/eidas_modules/authmodule-eIDAS-v2/pom.xml index d00058e1..802ff5f4 100644 --- a/eidas_modules/authmodule-eIDAS-v2/pom.xml +++ b/eidas_modules/authmodule-eIDAS-v2/pom.xml @@ -6,7 +6,7 @@ at.asitplus.eidas.ms_specific modules - 1.2.1 + 1.2.2-SNAPSHOT at.asitplus.eidas.ms_specific.modules authmodule-eIDAS-v2 diff --git a/eidas_modules/pom.xml b/eidas_modules/pom.xml index a1b6eb26..057befbb 100644 --- a/eidas_modules/pom.xml +++ b/eidas_modules/pom.xml @@ -4,7 +4,7 @@ at.asitplus.eidas ms_specific - 1.2.1 + 1.2.2-SNAPSHOT at.asitplus.eidas.ms_specific modules diff --git a/pom.xml b/pom.xml index 81c4e113..d96aefe0 100644 --- a/pom.xml +++ b/pom.xml @@ -5,7 +5,7 @@ 4.0.0 at.asitplus.eidas ms_specific - 1.2.1 + 1.2.2-SNAPSHOT pom MS specific eIDAS components -- cgit v1.2.3 From af013acbb41d98b39d5ede56dbd5227858688e33 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Fri, 25 Jun 2021 10:26:17 +0200 Subject: fix bug in combination with EidasNode v2.5 and DE Middleware # Conflicts: # connector/src/main/resources/application.properties --- .../src/main/resources/application.properties | 2 +- .../specific/modules/auth/eidas/v2/Constants.java | 2 + .../eidas/v2/tasks/GenerateAuthnRequestTask.java | 3 +- .../test/tasks/GenerateAuthnRequestTaskTest.java | 15 ++++-- infos/Handbuch_MS-eIDAS-Node.docx | Bin 64139 -> 58160 bytes infos/handbook-work_in_progress.docx | Bin 44928 -> 0 bytes infos/handbook/Handbuch_MS-eIDAS-Node.pdf | Bin 871397 -> 162244 bytes infos/readme_1.2.2.md | 60 +++++++++++++++++++++ 8 files changed, 76 insertions(+), 6 deletions(-) delete mode 100644 infos/handbook-work_in_progress.docx create mode 100644 infos/readme_1.2.2.md diff --git a/connector/src/main/resources/application.properties b/connector/src/main/resources/application.properties index 2411fde3..73a83c13 100644 --- a/connector/src/main/resources/application.properties +++ b/connector/src/main/resources/application.properties @@ -69,7 +69,7 @@ eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll=true eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName=false - +#eidas.ms.auth.eIDAS.node_v2.requested.nameIdFormat= eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/high #eidas.ms.auth.eIDAS.szrclient.useTestService=true diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java index d13dd00f..1732a61a 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java @@ -69,6 +69,8 @@ public class Constants { public static final String CONIG_PROPS_EIDAS_NODE_WORKAROUND_USEREQUESTIDASTRANSACTIONIDENTIFIER = CONIG_PROPS_EIDAS_NODE + ".workarounds.useRequestIdAsTransactionIdentifier"; + public static final String CONFIG_PROP_EIDAS_NODE_NAMEIDFORMAT = + CONIG_PROPS_EIDAS_NODE + ".requested.nameIdFormat"; public static final String CONIG_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP = CONIG_PROPS_EIDAS_NODE + ".staticProviderNameForPublicSPs"; diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateAuthnRequestTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateAuthnRequestTask.java index 92f58877..9900fa98 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateAuthnRequestTask.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateAuthnRequestTask.java @@ -106,7 +106,8 @@ public class GenerateAuthnRequestTask extends AbstractAuthServletTask { authnRequestBuilder.id(UUID.randomUUID().toString()); // set nameIDFormat - authnRequestBuilder.nameIdFormat(Constants.eIDAS_REQ_NAMEID_FORMAT); + authnRequestBuilder.nameIdFormat( + authConfig.getBasicConfiguration(Constants.CONFIG_PROP_EIDAS_NODE_NAMEIDFORMAT)); // set citizen country code for foreign uses authnRequestBuilder.citizenCountryCode(citizenCountryCode); diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java index f796bd86..4edfe32d 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java @@ -1,5 +1,7 @@ package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks; +import static org.junit.Assert.assertNull; + import java.io.UnsupportedEncodingException; import java.util.HashMap; import java.util.Map; @@ -91,7 +93,8 @@ public class GenerateAuthnRequestTaskTest { "http://test/" + RandomStringUtils.randomAlphabetic(5)); basicConfig.putConfigValue( "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET"); - + basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.requested.nameIdFormat"); + } @Test @@ -313,9 +316,8 @@ public class GenerateAuthnRequestTaskTest { Assert.assertEquals("ProviderName is not Static", "myNode", eidasReq.getProviderName()); Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType()); Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance()); - Assert.assertEquals("wrong CC", cc, eidasReq.getCitizenCountryCode()); - Assert.assertEquals("NameIdFormat", Constants.eIDAS_REQ_NAMEID_FORMAT, eidasReq.getNameIdFormat()); - + Assert.assertEquals("wrong CC", cc, eidasReq.getCitizenCountryCode()); + assertNull("NameIdPolicy not null", eidasReq.getNameIdFormat()); } @@ -337,6 +339,10 @@ public class GenerateAuthnRequestTaskTest { basicConfig.putConfigValue( "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "false"); + String nameIdFormat = RandomStringUtils.randomAlphabetic(10); + basicConfig.putConfigValue( + "eidas.ms.auth.eIDAS.node_v2.requested.nameIdFormat", nameIdFormat); + String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5); basicConfig.putConfigValue( "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint); @@ -363,6 +369,7 @@ public class GenerateAuthnRequestTaskTest { eidasReq.getLevelOfAssurance()); Assert.assertEquals("Wrong req. attr. size", 4, eidasReq.getRequestedAttributes().size()); + Assert.assertEquals("NameIdFormat", nameIdFormat, eidasReq.getNameIdFormat()); } diff --git a/infos/Handbuch_MS-eIDAS-Node.docx b/infos/Handbuch_MS-eIDAS-Node.docx index 7bb5c919..aacb3828 100644 Binary files a/infos/Handbuch_MS-eIDAS-Node.docx and b/infos/Handbuch_MS-eIDAS-Node.docx differ diff --git a/infos/handbook-work_in_progress.docx b/infos/handbook-work_in_progress.docx deleted file mode 100644 index 3f2c6afd..00000000 Binary files a/infos/handbook-work_in_progress.docx and /dev/null differ diff --git a/infos/handbook/Handbuch_MS-eIDAS-Node.pdf b/infos/handbook/Handbuch_MS-eIDAS-Node.pdf index dd79201f..1d4195bb 100644 Binary files a/infos/handbook/Handbuch_MS-eIDAS-Node.pdf and b/infos/handbook/Handbuch_MS-eIDAS-Node.pdf differ diff --git a/infos/readme_1.2.2.md b/infos/readme_1.2.2.md new file mode 100644 index 00000000..6e7abdd0 --- /dev/null +++ b/infos/readme_1.2.2.md @@ -0,0 +1,60 @@ +# MS-Connector v1.2.2 Release vom 26.06.2021 + +Der MS-Connector implementiert eine Bridge zwischen dem österreichischen E-ID System und dem eIDAS Framework um ausländischen Benutzern eine Anmeldung am österreichischen Service-Providern zu ermöglichen. + +### Änderungen in dieser Version + + - Bugfix + - Inkompatibilität zwischen AT MS-Connector, EidasNode v2.5 und Deutscher Middleware behoben + + + + +### Durchführen eines Updates + +Nachfolgend finden Sie die erforderlichen Schritte für das Update eines bestehenden MS-specific eIDAS Connectors auf die aktuelle Version 1.2.2. Das vollständige Handbuch mit allen Konfigurationsparametern finden Sie im Releasepackage im Verzeichnis: _infos/handbook/_ + +### Ausgehend von einer bestehenden Version 1.2.x + +1. Stoppen Sie die *MS-Connector* Applikation und fertigen Sie eine Sicherungskopie Ihrer Applikation inklusive Konfiguration an +2. Entpacken Sie das Releasepacket *ms_specific_connector-1.2.2-dist.zip* in ein temporäres Verzeichnis welches in weiterer Folge __MsConnectorPackage__ bezeichnet wird. +3. Kopieren sie die Applikation __MsConnectorPackage__/ms_connector.war nach in das Applikationsverzeichnis ihres Applikationsservers +4. Neue optionale Konfigurationsparameter + - *Allgemeine Konfiguration* + - ```eidas.ms.auth.eIDAS.node_v2.requested.nameIdFormat``` + +### Ausgehend von einer bestehenden Version 1.1.0 + +1. Stoppen Sie die *MS-Connector* Applikation und fertigen Sie eine Sicherungskopie Ihrer Applikation inklusive Konfiguration an +2. Entpacken Sie das Releasepacket *ms_specific_connector-1.2.2-dist.zip* in ein temporäres Verzeichnis welches in weiterer Folge __MsConnectorPackage__ bezeichnet wird. +3. Kopieren sie die Applikation __MsConnectorPackage__/ms_connector.war nach in das Applikationsverzeichnis ihres Applikationsservers +4. Mit der Version 1.2.0 wurde die Konfiguration eine eine Minimalkonfiguration [`default_config.properties`](./../config/default_config.properties) und eine in den MS-Connectorintegrierte Defaultkonfiguration aufgteilt. Die nachfolgende Aufzählung umfasst die neuen oder geänderten Konfigurationsparameter, beschreibt jedoch keine Aufteilung einer bestehenden Konfiguration in Minimal- und Defaultteil. Eine vollständige Beschreibung aller Konfigurationswerte finden Sie im Handbuch zum AT MS-Connector. +5. Update bestehender Dateien . Die nachfolgenden Dateien wurden geändert und erfordern eine Anpassung oder eine Übernahme dem Releasepacket, sofern die Anpassung nicht bereits durchgeführt wurde. Sofern die entsprechenden Datein an die bestehende Infrastruktur angepasst wurden so müssen diese Änderungen übernommen werden. + - __MsConnectorPackage__/config/templates/error_message.html + - __MsConnectorPackage__/config/eIDAS/igniteSpecificCommunication.xml + Hinweis: Siehe auch Update-Hinweise zur EIDAS-Node v2.5 +6. Erstellung neuer Dateien + - _KeyStore für ID Austria AuthBlock:_ Erstellen eines KeyStore mit mit öffentlichem und privaten Schlüssel welcher für die JWS Signature des technischen ID Austria AuthBlocks verwendet werden soll. +7. Neue Konfigurationsparameter + - *Allgemeine Konfiguration* + - ```eidas.ms.core.configRootDir``` + - *ID Austria Umsetzung* + - ```eidas.ms.auth.eIDAS.authblock.keystore.type``` + - ```eidas.ms.auth.eIDAS.authblock.keystore.path``` + - ```eidas.ms.auth.eIDAS.authblock.keystore.password``` + - ```eidas.ms.auth.eIDAS.authblock.key.alias``` + - ```eidas.ms.auth.eIDAS.authblock.key.password``` + - *Service-Provider Konfiguration Konfiguration* + - ```eidas.ms.sp.x.newEidMode``` +8. Gelöschte Konfigurationsparameter + + - ```authhandler.modules.bindingservice.bpk.target``` +9. Neue optionale Konfigurationsparameter + - *Allgemeine Konfiguration* + - ```eidas.ms.core.logging.level.info.errorcodes``` + - *eIDAS Node Kommunikation* + * ```eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm``` + * ```eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll``` + - *ID Austria Umsetzung* + - ```eidas.ms.auth.eIDAS.eid.testidentity.default``` + - ```eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject``` -- cgit v1.2.3 From e0a9aad4a321bae3b9c9afe7ea178d93b258749a Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Fri, 25 Jun 2021 10:27:36 +0200 Subject: switch to next release version # Conflicts: # eidas_modules/authmodule_id-austria/pom.xml # eidas_modules/eidas_proxy-sevice/pom.xml --- build_reporting/pom.xml | 2 +- connector/pom.xml | 2 +- connector_lib/pom.xml | 2 +- eidas_modules/authmodule-eIDAS-v2/pom.xml | 2 +- eidas_modules/authmodule_id-austria/pom.xml | 174 ++++++++++++++++++++++++++ eidas_modules/eidas_proxy-sevice/pom.xml | 185 ++++++++++++++++++++++++++++ eidas_modules/pom.xml | 2 +- pom.xml | 2 +- 8 files changed, 365 insertions(+), 6 deletions(-) create mode 100644 eidas_modules/authmodule_id-austria/pom.xml create mode 100644 eidas_modules/eidas_proxy-sevice/pom.xml diff --git a/build_reporting/pom.xml b/build_reporting/pom.xml index 0bad67af..c4bf9f83 100644 --- a/build_reporting/pom.xml +++ b/build_reporting/pom.xml @@ -6,7 +6,7 @@ at.asitplus.eidas ms_specific - 1.2.2-SNAPSHOT + 1.2.2 build_reporting pom diff --git a/connector/pom.xml b/connector/pom.xml index 66aaf225..54c86546 100644 --- a/connector/pom.xml +++ b/connector/pom.xml @@ -6,7 +6,7 @@ at.asitplus.eidas ms_specific - 1.2.2-SNAPSHOT + 1.2.2 at.asitplus.eidas.ms_specific diff --git a/connector_lib/pom.xml b/connector_lib/pom.xml index f9d39966..0c44be76 100644 --- a/connector_lib/pom.xml +++ b/connector_lib/pom.xml @@ -7,7 +7,7 @@ at.asitplus.eidas ms_specific - 1.2.2-SNAPSHOT + 1.2.2 at.asitplus.eidas.ms_specific connector_lib diff --git a/eidas_modules/authmodule-eIDAS-v2/pom.xml b/eidas_modules/authmodule-eIDAS-v2/pom.xml index 802ff5f4..e0cbb807 100644 --- a/eidas_modules/authmodule-eIDAS-v2/pom.xml +++ b/eidas_modules/authmodule-eIDAS-v2/pom.xml @@ -6,7 +6,7 @@ at.asitplus.eidas.ms_specific modules - 1.2.2-SNAPSHOT + 1.2.2 at.asitplus.eidas.ms_specific.modules authmodule-eIDAS-v2 diff --git a/eidas_modules/authmodule_id-austria/pom.xml b/eidas_modules/authmodule_id-austria/pom.xml new file mode 100644 index 00000000..3585fcea --- /dev/null +++ b/eidas_modules/authmodule_id-austria/pom.xml @@ -0,0 +1,174 @@ + + 4.0.0 + + at.asitplus.eidas.ms_specific + modules + 1.2.2 + + at.asitplus.eidas.ms_specific.modules + authmodule_id-austria + ID-Austria authentication + User authentication forwarding user to ID Austria system + + + + at.gv.egiz.components + egiz-spring-api + + + at.asitplus.eidas.ms_specific + connector_lib + + + at.asitplus.eidas.ms_specific.modules + eidas_proxy-sevice + + + at.gv.egiz.eaaf + eaaf-core + + + at.gv.egiz.eaaf + eaaf_module_pvp2_sp + + + + org.apache.commons + commons-lang3 + + + com.google.guava + guava + + + org.apache.commons + commons-text + + + + javax.servlet + javax.servlet-api + provided + + + + + junit + junit + test + + + org.springframework + spring-test + test + + + org.powermock + powermock-module-junit4 + 2.0.7 + test + + + org.powermock + powermock-api-mockito2 + 2.0.7 + test + + + com.squareup.okhttp3 + mockwebserver + test + + + + at.asitplus.eidas.ms_specific + connector_lib + test + test-jar + + + + at.gv.egiz.eaaf + eaaf_core_utils + test + test-jar + + + at.gv.egiz.eaaf + eaaf-core + test + test-jar + + + at.gv.egiz.eaaf + eaaf_module_pvp2_core + test + test-jar + + + at.gv.egiz.eaaf + eaaf_module_pvp2_idp + test + test-jar + + + + + + + src/main/resources + + + + + + org.apache.maven.plugins + maven-compiler-plugin + + + + com.github.spotbugs + spotbugs-maven-plugin + ${spotbugs-maven-plugin.version} + + checks/spotbugs-exclude.xml + + + + + org.jacoco + jacoco-maven-plugin + + + post-unit-check + test + + check + report + + + true + + + + + + + + maven-surefire-plugin + + 1 + + + + org.apache.maven.surefire + surefire-junit47 + ${surefire.version} + + + + + + + + \ No newline at end of file diff --git a/eidas_modules/eidas_proxy-sevice/pom.xml b/eidas_modules/eidas_proxy-sevice/pom.xml new file mode 100644 index 00000000..6b280c64 --- /dev/null +++ b/eidas_modules/eidas_proxy-sevice/pom.xml @@ -0,0 +1,185 @@ + + 4.0.0 + + at.asitplus.eidas.ms_specific + modules + 1.2.2 + + at.asitplus.eidas.ms_specific.modules + eidas_proxy-sevice + eIDAS specific proxy-service + Austrian specific eIDAS Proxy-Service to handle eIDAS Proxy-Service requests from other member states + + + + eIDASNode-local + local + file:${basedir}/../../repository + + + + + + at.gv.egiz.components + egiz-spring-api + + + at.asitplus.eidas.ms_specific + connector_lib + + + at.asitplus.eidas.ms_specific.modules + authmodule-eIDAS-v2 + + + + at.gv.egiz.eaaf + eaaf-core + + + at.gv.egiz.eaaf + eaaf_module_pvp2_sp + + + + eu.eidas + eidas-light-commons + + + eu.eidas + eidas-specific-communication-definition + + + eu.eidas + eidas-jcache-ignite-specific-communication + + + + org.apache.commons + commons-lang3 + + + com.google.guava + guava + + + org.apache.commons + commons-text + + + + javax.servlet + javax.servlet-api + provided + + + + + junit + junit + test + + + org.springframework + spring-test + test + + + org.powermock + powermock-module-junit4 + 2.0.7 + test + + + org.powermock + powermock-api-mockito2 + 2.0.7 + test + + + + at.asitplus.eidas.ms_specific + connector_lib + test + test-jar + + + at.asitplus.eidas.ms_specific.modules + authmodule-eIDAS-v2 + test + test-jar + + + + at.gv.egiz.eaaf + eaaf_core_utils + test + test-jar + + + at.gv.egiz.eaaf + eaaf-core + test + test-jar + + + + + + + + src/main/resources + + + + + + org.apache.maven.plugins + maven-compiler-plugin + + + + com.github.spotbugs + spotbugs-maven-plugin + ${spotbugs-maven-plugin.version} + + checks/spotbugs-exclude.xml + + + + + org.jacoco + jacoco-maven-plugin + + + post-unit-check + test + + check + report + + + true + + + + + + + + maven-surefire-plugin + + 1 + + + + org.apache.maven.surefire + surefire-junit47 + ${surefire.version} + + + + + + + \ No newline at end of file diff --git a/eidas_modules/pom.xml b/eidas_modules/pom.xml index 057befbb..8f6017ff 100644 --- a/eidas_modules/pom.xml +++ b/eidas_modules/pom.xml @@ -4,7 +4,7 @@ at.asitplus.eidas ms_specific - 1.2.2-SNAPSHOT + 1.2.2 at.asitplus.eidas.ms_specific modules diff --git a/pom.xml b/pom.xml index d96aefe0..5863ee58 100644 --- a/pom.xml +++ b/pom.xml @@ -5,7 +5,7 @@ 4.0.0 at.asitplus.eidas ms_specific - 1.2.2-SNAPSHOT + 1.2.2 pom MS specific eIDAS components -- cgit v1.2.3