From 7a62a84f23b3a1a1027ebda31fb790ee072793cc Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 27 Nov 2020 09:08:10 +0100 Subject: read unique transactionId from AuthnRequest to reuse it for eIDAS authentication --- .../connector/test/AuthnRequestValidatorTest.java | 52 ++++++++++++++++++---- 1 file changed, 43 insertions(+), 9 deletions(-) (limited to 'connector/src/test/java/at/asitplus/eidas') diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthnRequestValidatorTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthnRequestValidatorTest.java index e34c8036..389f561e 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthnRequestValidatorTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthnRequestValidatorTest.java @@ -33,11 +33,14 @@ import org.xml.sax.SAXException; import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; import at.asitplus.eidas.specific.connector.config.ServiceProviderConfiguration; import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; -import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; import at.gv.egiz.eaaf.core.exceptions.AuthnRequestValidatorException; +import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl; import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; import at.gv.egiz.eaaf.core.impl.utils.DomUtils; import at.gv.egiz.eaaf.modules.pvp2.api.validation.IAuthnRequestPostProcessor; +import at.gv.egiz.eaaf.modules.pvp2.idp.impl.PvpSProfilePendingRequest; import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer; import net.shibboleth.utilities.java.support.component.ComponentInitializationException; @@ -53,12 +56,12 @@ import net.shibboleth.utilities.java.support.component.ComponentInitializationEx @DirtiesContext(classMode = ClassMode.BEFORE_CLASS) public class AuthnRequestValidatorTest { - @Autowired private IConfiguration basicConfig; + @Autowired private IConfigurationWithSP basicConfig; @Autowired protected IAuthnRequestPostProcessor authRequestValidator; private MockHttpServletRequest httpReq; private MockHttpServletResponse httpResp; - private TestRequestImpl pendingReq; + private PvpSProfilePendingRequest pendingReq; /** * jUnit class initializer. @@ -76,10 +79,11 @@ public class AuthnRequestValidatorTest { /** * jUnit test set-up. + * @throws EaafException * */ @Before - public void initialize() { + public void initialize() throws EaafException { httpReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector"); httpResp = new MockHttpServletResponse(); RequestContextHolder.resetRequestAttributes(); @@ -88,10 +92,12 @@ public class AuthnRequestValidatorTest { Map spConfig = new HashMap<>(); spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphabetic(10)); - pendingReq = new TestRequestImpl(); - pendingReq.setAuthUrl("https://localhost/ms_connector"); - pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10)); - pendingReq.setSpConfig(new ServiceProviderConfiguration(spConfig, basicConfig)); + pendingReq = new PvpSProfilePendingRequest(); + pendingReq.initialize(httpReq, basicConfig); + pendingReq.setPendingRequestId(RandomStringUtils.randomAlphanumeric(10)); + pendingReq.setOnlineApplicationConfiguration(new ServiceProviderConfiguration(spConfig, basicConfig)); + ((RequestImpl)pendingReq).setUniqueTransactionIdentifier(null); + } @Test @@ -128,6 +134,8 @@ public class AuthnRequestValidatorTest { Assert.assertEquals("bPK target not match", "urn:publicid:gv.at:cdid+BF", pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()); + Assert.assertNull("wrong transactionId", pendingReq.getUniqueTransactionIdentifier()); + } @Test @@ -164,6 +172,8 @@ public class AuthnRequestValidatorTest { Assert.assertEquals("bPK target not match", "urn:publicid:gv.at:cdid+BF", pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()); + Assert.assertNull("wrong transactionId", pendingReq.getUniqueTransactionIdentifier()); + } @Test @@ -200,6 +210,30 @@ public class AuthnRequestValidatorTest { Assert.assertEquals("bPK target not match", "urn:publicid:gv.at:cdid+XX", pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()); + Assert.assertEquals("wrong transactionId", "transId_11223344556677aabbcc", + pendingReq.getUniqueTransactionIdentifier()); + + } + + @Test + public void transactionIdWrongPendingReqType() throws AuthnRequestValidatorException, ParserConfigurationException, + SAXException, IOException, UnmarshallingException { + + Map spConfig = new HashMap<>(); + spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphabetic(10)); + + TestRequestImpl pendingReqLocal = new TestRequestImpl(); + pendingReqLocal.setPendingReqId(RandomStringUtils.randomAlphanumeric(10)); + pendingReqLocal.setSpConfig(new ServiceProviderConfiguration(spConfig, basicConfig)); + + AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_3.xml"); + + //test + authRequestValidator.process(httpReq, pendingReqLocal, authReq, null); + + //validate + Assert.assertNull("wrong transactionId", pendingReqLocal.getUniqueTransactionIdentifier()); + } @Test @@ -214,7 +248,7 @@ public class AuthnRequestValidatorTest { } catch (AuthnRequestValidatorException e) { Assert.assertEquals("Wrong errorCode", "pvp2.22", e.getErrorId()); - + } } -- cgit v1.2.3