From 26e422ff90f2a4fb9d2d25c0b2328b365fe5f0d7 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Fri, 11 Dec 2020 16:33:00 +0100
Subject: add 'findSecBugs' plug-in into 'spotBugs' module and solve bugs or
 exclude false-positive update gitlab-ci configuration to display jUnit
 test-coverage

---
 .../eidas/specific/connector/controller/MonitoringController.java  | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

(limited to 'connector/src/main/java/at/asitplus/eidas')

diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/MonitoringController.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/MonitoringController.java
index aa45c836..f2d9fc8c 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/MonitoringController.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/MonitoringController.java
@@ -34,6 +34,7 @@ import org.apache.commons.text.StringEscapeUtils;
 import org.apache.http.client.methods.CloseableHttpResponse;
 import org.apache.http.client.methods.HttpGet;
 import org.apache.http.client.methods.HttpUriRequest;
+import org.apache.http.client.utils.URIBuilder;
 import org.apache.http.impl.client.CloseableHttpClient;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -250,9 +251,9 @@ public class MonitoringController {
       }
 
       // create HTTP client
-      // TODO: update if we switch to openSAML3
-      CloseableHttpClient httpClient = httpClientFactory.getHttpClient();
-      HttpUriRequest request = new HttpGet(urlString);
+      CloseableHttpClient httpClient = httpClientFactory.getHttpClient();      
+      URIBuilder uriBuilder = new URIBuilder(urlString);      
+      HttpUriRequest request = new HttpGet(uriBuilder.build());
 
       final CloseableHttpResponse respCode = httpClient.execute(request);
       if (respCode.getStatusLine().getStatusCode() != 200) {
-- 
cgit v1.2.3


From 583c57b9eb692c7db34b618116294796e527eafe Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Fri, 11 Dec 2020 22:15:27 +0100
Subject: add more jUnit tests for stabilisation

---
 .../builder/AuthenticationDataBuilder.java         | 77 ++++++++++------------
 1 file changed, 34 insertions(+), 43 deletions(-)

(limited to 'connector/src/main/java/at/asitplus/eidas')

diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java
index 13cceafb..c41660ce 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java
@@ -25,70 +25,63 @@ package at.asitplus.eidas.specific.connector.builder;
 
 import java.util.Date;
 
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 import org.springframework.stereotype.Service;
-import org.w3c.dom.DOMException;
 
 import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
 import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions;
 import at.gv.egiz.eaaf.core.api.idp.IAuthData;
 import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
 import at.gv.egiz.eaaf.core.api.idp.auth.data.IAuthProcessDataContainer;
-import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException;
 import at.gv.egiz.eaaf.core.exceptions.EaafBuilderException;
-import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
 import at.gv.egiz.eaaf.core.exceptions.EaafException;
-import at.gv.egiz.eaaf.core.exceptions.EaafParserException;
-import at.gv.egiz.eaaf.core.exceptions.XPathException;
 import at.gv.egiz.eaaf.core.impl.data.Pair;
 import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData;
 import at.gv.egiz.eaaf.core.impl.idp.auth.builder.AbstractAuthenticationDataBuilder;
 import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
+import lombok.extern.slf4j.Slf4j;
 
 @Service("AuthenticationDataBuilder")
+@Slf4j
 public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder {
-  private static final Logger log = LoggerFactory.getLogger(AuthenticationDataBuilder.class);
-
+  
   @Override
-  public IAuthData buildAuthenticationData(IRequest pendingReq) throws EaafAuthenticationException {
-
-    final IAuthProcessDataContainer authProcessData = pendingReq.getSessionData(AuthProcessDataWrapper.class);
+  protected IAuthData buildDeprecatedAuthData(IRequest pendingReq) throws EaafException {        
+    final IAuthProcessDataContainer authProcessData =
+        pendingReq.getSessionData(AuthProcessDataWrapper.class);    
     AuthenticationData authData = new AuthenticationData();
-
-    boolean isEidModeNew = pendingReq.getServiceProviderConfiguration()
-        .isConfigurationValue(MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE, false);
-
-    if (isEidModeNew) {
-      authData = (AuthenticationData) super.buildAuthenticationData(pendingReq);
-    } else {
-      try {
-        generateDeprecatedBasicAuthData(authData, pendingReq, authProcessData);
-
-        // set specific informations
-        authData.setSsoSessionValidTo(
-            new Date(new Date().getTime() + MsEidasNodeConstants.DEFAULT_PVP_ASSERTION_VALIDITY * 60 * 1000));
-
-      } catch (EaafBuilderException | EaafParserException
-          | EaafConfigurationException | XPathException | DOMException e) {
-        log.warn("Can not build authentication data from auth. process information");
-        throw new EaafAuthenticationException("builder.11", new Object[]{e.getMessage()}, e);
-
-      }
-    }
+    
+    //set basis infos
+    super.generateDeprecatedBasicAuthData(authData, pendingReq, authProcessData);
+    
+    // set specific informations
+    authData.setSsoSessionValidTo(
+        new Date(new Date().getTime() + MsEidasNodeConstants.DEFAULT_PVP_ASSERTION_VALIDITY * 60 * 1000));
+    
     return authData;
-  }
-
-  @Override
-  protected IAuthData buildDeprecatedAuthData(IRequest arg0) throws EaafException {
-    return new AuthenticationData();
 
   }
 
   @Override
-  protected void buildServiceSpecificAuthenticationData(IAuthData arg0, IRequest arg1) throws EaafException {
-    // TODO Auto-generated method stub
-
+  protected void buildServiceSpecificAuthenticationData(IAuthData authData, IRequest pendingReq) 
+      throws EaafException {
+    if (authData instanceof AuthenticationData) {
+      ((AuthenticationData)authData).setGenericData(
+          ExtendedPvpAttributeDefinitions.EID_PII_TRANSACTION_ID_NAME, 
+          pendingReq.getUniquePiiTransactionIdentifier());
+      log.trace("Inject piiTransactionId: {} into AuthData", pendingReq.getUniquePiiTransactionIdentifier());
+    
+      // set specific informations
+      ((AuthenticationData)authData).setSsoSessionValidTo(
+          new Date(new Date().getTime() + MsEidasNodeConstants.DEFAULT_PVP_ASSERTION_VALIDITY * 60 * 1000));
+
+      
+    } else {
+      throw new RuntimeException("Can not inject PiiTransactionId because AuthData is of unknown type: " 
+          + authData.getClass().getName());
+      
+    }
+        
   }
 
   @Override
@@ -100,8 +93,6 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder
   @Override
   protected Pair<String, String> buildOAspecificbPK(IRequest pendingReq, AuthenticationData authData)
       throws EaafBuilderException {
-    // TODO: check if bPK already exists
-
     return super.buildOAspecificbPK(pendingReq, authData);
 
   }
-- 
cgit v1.2.3