From 811165262f7ef196c8586e42b838d7d7ba376e16 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Wed, 27 Jan 2021 11:19:29 +0100
Subject: fix problem in jUnit tests that depends on static Apache-Ignite
 holder in eIDAS Ref. implementation and occurin case of a start-up error

---
 .../specific/connector/test/FullStartUpAndProcessTest.java   | 12 ++++++++++--
 .../specific/connector/test/MainClassExecutableModeTest.java | 10 ++++++++--
 .../specific/connector/test/MainClassWebAppModeTest.java     |  7 +++++++
 3 files changed, 25 insertions(+), 4 deletions(-)

(limited to 'connector/src/test/java')

diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java
index 77037415..fcb0e73a 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java
@@ -6,6 +6,7 @@ import static org.powermock.api.mockito.PowerMockito.when;
 import java.io.ByteArrayInputStream;
 import java.io.IOException;
 import java.io.UnsupportedEncodingException;
+import java.lang.reflect.Field;
 import java.net.URISyntaxException;
 import java.util.Map;
 import java.util.Timer;
@@ -71,6 +72,7 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.OpenSaml3ResourceAdapter;
 import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer;
 import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
 import at.gv.egiz.eaaf.modules.pvp2.sp.impl.utils.AssertionAttributeExtractor;
+import eu.eidas.auth.cache.IgniteInstanceInitializerSpecificCommunication;
 import eu.eidas.auth.commons.attribute.AttributeDefinition;
 import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
 import eu.eidas.auth.commons.light.ILightRequest;
@@ -151,13 +153,19 @@ public class FullStartUpAndProcessTest {
   /**
    * Test shut-down.
    *
-   * @throws IOException In case of an error
+   * @throws Exception In case of an error
    */
   @AfterClass
-  public static void closeIgniteNode() throws IOException {
+  public static void closeIgniteNode() throws Exception {
     System.out.println("Closiong Ignite Node ... ");
     Ignition.stopAll(true);
 
+    
+    //set Ignite-node holder to 'null' because static holders are shared between different tests
+    final Field field = IgniteInstanceInitializerSpecificCommunication.class.getDeclaredField("instance");
+    field.setAccessible(true);
+    field.set(null, null);
+    
   }
 
   /**
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java
index 86df55df..708560b2 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java
@@ -22,6 +22,7 @@ import org.junit.runners.BlockJUnit4ClassRunner;
 import at.asitplus.eidas.specific.connector.SpringBootApplicationInitializer;
 import at.gv.egiz.eaaf.core.impl.logging.DummyStatusMessager;
 import at.gv.egiz.eaaf.core.impl.logging.LogMessageProviderFactory;
+import eu.eidas.auth.cache.IgniteInstanceInitializerSpecificCommunication;
 import lombok.extern.slf4j.Slf4j;
 
 @Slf4j
@@ -50,17 +51,22 @@ public class MainClassExecutableModeTest {
 
   /**
    * Initializer.
-   * @throws InterruptedException In case of an error 
+   * @throws Exception In case of an error 
    *
    */
   @AfterClass
-  public static void closeIgniteNode() throws InterruptedException {
+  public static void closeIgniteNode() throws Exception {
     System.out.println("Closing Ignite Node ... ");
     
     log.info("Stopping already running Apache Ignite nodes ... ");
     Ignition.stopAll(true);    
     Thread.sleep(1000);
     
+    //set Ignite-node holder to 'null' because static holders are shared between different tests
+    final Field field = IgniteInstanceInitializerSpecificCommunication.class.getDeclaredField("instance");
+    field.setAccessible(true);
+    field.set(null, null);
+            
   }
   
   /**
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java
index 07ef4968..79d062ae 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java
@@ -22,6 +22,7 @@ import org.junit.runners.BlockJUnit4ClassRunner;
 import at.asitplus.eidas.specific.connector.SpringBootApplicationInitializer;
 import at.gv.egiz.eaaf.core.impl.logging.DummyStatusMessager;
 import at.gv.egiz.eaaf.core.impl.logging.LogMessageProviderFactory;
+import eu.eidas.auth.cache.IgniteInstanceInitializerSpecificCommunication;
 
 @RunWith(BlockJUnit4ClassRunner.class)
 public class MainClassWebAppModeTest {
@@ -68,6 +69,12 @@ public class MainClassWebAppModeTest {
 
     System.clearProperty("eidas.ms.configuration");
     SpringBootApplicationInitializer.exit();
+    
+    
+    //set Ignite-node holder to 'null' because static holders are shared between different tests
+    final Field field1 = IgniteInstanceInitializerSpecificCommunication.class.getDeclaredField("instance");
+    field1.setAccessible(true);
+    field1.set(null, null);
        
   }
   
-- 
cgit v1.2.3


From 07318e70ea3a9d25ca945c391820149183c61ca0 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Mon, 8 Feb 2021 18:47:34 +0100
Subject: add Binding Public-Key into technical AuthBlock in case of an ID
 Austria process

---
 .../verification/AuthnRequestValidator.java        | 114 +++++++++++++--------
 .../test/utils/AuthnRequestValidatorTest.java      |   5 +
 connector/src/test/resources/data/pvp2_authn_3.xml |   3 +
 .../specific/connector/MsEidasNodeConstants.java   |   3 +
 .../eidas/v2/service/AuthBlockSigningService.java  |  12 +++
 .../tasks/CreateIdentityLinkTaskEidNewTest.java    |  25 ++++-
 6 files changed, 116 insertions(+), 46 deletions(-)

(limited to 'connector/src/test/java')

diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java
index a9eb06be..881eeb8a 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java
@@ -75,7 +75,7 @@ public class AuthnRequestValidator implements IAuthnRequestPostProcessor {
       if (nameIdPolicy != null) {
         final String nameIdFormat = nameIdPolicy.getFormat();
         if (nameIdFormat != null) {
-          if (!(NameIDType.TRANSIENT.equals(nameIdFormat) 
+          if (!(NameIDType.TRANSIENT.equals(nameIdFormat)
               || NameIDType.PERSISTENT.equals(nameIdFormat))) {
 
             throw new NameIdFormatNotSupportedException(nameIdFormat);
@@ -114,10 +114,10 @@ public class AuthnRequestValidator implements IAuthnRequestPostProcessor {
       // post-process requested LoA comparison-level
       pendingReq.getServiceProviderConfiguration(ServiceProviderConfiguration.class).setLoAMachtingMode(
           extractComparisonLevel(authnReq));
-      
-      //extract information from requested attributes
+
+      // extract information from requested attributes
       extractFromRequestedAttriutes(pendingReq, authnReq);
-      
+
     } catch (final EaafStorageException e) {
       log.info("Can NOT store Authn. Req. data into pendingRequest.", e);
       throw new AuthnRequestValidatorException("internal.02", null, e);
@@ -126,14 +126,14 @@ public class AuthnRequestValidator implements IAuthnRequestPostProcessor {
 
   }
 
-  private void extractFromRequestedAttriutes(IRequest pendingReq, AuthnRequest authnReq) 
-      throws AuthnRequestValidatorException {
+  private void extractFromRequestedAttriutes(IRequest pendingReq, AuthnRequest authnReq)
+      throws AuthnRequestValidatorException, EaafStorageException {
     // validate and process requested attributes
     boolean sectorDetected = false;
-    
+
     final ServiceProviderConfiguration spConfig = pendingReq.getServiceProviderConfiguration(
         ServiceProviderConfiguration.class);
-    
+
     if (authnReq.getExtensions() != null) {
       final List<XMLObject> requestedAttributes = authnReq.getExtensions().getUnknownXMLObjects();
       for (final XMLObject reqAttrObj : requestedAttributes) {
@@ -143,77 +143,101 @@ public class AuthnRequestValidator implements IAuthnRequestPostProcessor {
             for (final EaafRequestedAttribute el : reqAttr.getAttributes()) {
               log.trace("Processing req. attribute '" + el.getName() + "' ... ");
               if (el.getName().equals(PvpAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_NAME)) {
-                sectorDetected = extractBpkTargetIdentifier(el, spConfig); 
-               
+                sectorDetected = extractBpkTargetIdentifier(el, spConfig);
+
               } else if (el.getName().equals(ExtendedPvpAttributeDefinitions.EID_TRANSACTION_ID_NAME)) {
                 extractUniqueTransactionId(el, pendingReq);
-                
+
+              } else if (el.getName().equals(MsEidasNodeConstants.EID_BINDING_PUBLIC_KEY_NAME)) {
+                extractBindingPublicKey(el, pendingReq);
+
               } else {
                 log.debug("Ignore req. attribute: " + el.getName());
-                
+
               }
             }
 
           } else {
             log.debug("No requested Attributes in Authn. Request");
-            
+
           }
 
         } else {
           log.info("Ignore unknown requested attribute: " + reqAttrObj.getElementQName().toString());
-          
+
         }
       }
     }
-    
+
     if (!sectorDetected) {
       log.warn("Authn.Req validation FAILED. Reason: Contains NO or NO VALID target-sector information.");
       throw new AuthnRequestValidatorException("pvp2.22", new Object[] {
           "NO or NO VALID target-sector information" });
 
     }
-    
+
+  }
+
+  private void extractBindingPublicKey(EaafRequestedAttribute el, IRequest pendingReq)
+      throws EaafStorageException {
+    if (el.getAttributeValues() != null && el.getAttributeValues().size() == 1) {
+      final String bindingPubKey = el.getAttributeValues().get(0).getDOM().getTextContent();
+      pendingReq.setRawDataToTransaction(MsEidasNodeConstants.EID_BINDING_PUBLIC_KEY_NAME, bindingPubKey);
+      log.info("Find Binding Public-Key. eIDAS authentication will be used to create an ID Austria Binding");
+
+    } else {
+      log.warn(
+          "Req. attribute '{}' contains NO or MORE THEN ONE attribute-values. Ignore full req. attribute",
+          el.getName());
+
+    }
   }
 
   /**
    * Extract unique transactionId from AuthnRequest.
-   * 
-   * @param el Requested attribute from AuthnRequest
-   * @param pendingReq Current pendingRequest object (has to be of type {@link RequestImpl})
-   * @return <code>true</code> if transactionId extraction was successful, otherwise <code>false</code>
+   *
+   * @param el         Requested attribute from AuthnRequest
+   * @param pendingReq Current pendingRequest object (has to be of type
+   *                   {@link RequestImpl})
+   * @return <code>true</code> if transactionId extraction was successful,
+   *         otherwise <code>false</code>
    */
   private boolean extractUniqueTransactionId(EaafRequestedAttribute el, IRequest pendingReq) {
     if (!(pendingReq instanceof RequestImpl)) {
-      log.warn("Can NOT set unique transactionId from AuthnRequest,because 'PendingRequest' is NOT from Type: {}",
+      log.warn(
+          "Can NOT set unique transactionId from AuthnRequest,because 'PendingRequest' is NOT from Type: {}",
           RequestImpl.class.getName());
-      
-    } else {        
+
+    } else {
       if (el.getAttributeValues() != null && el.getAttributeValues().size() == 1) {
-        final String transactionId = el.getAttributeValues().get(0).getDOM().getTextContent();      
-        ((RequestImpl)pendingReq).setUniqueTransactionIdentifier(transactionId);      
+        final String transactionId = el.getAttributeValues().get(0).getDOM().getTextContent();
+        ((RequestImpl) pendingReq).setUniqueTransactionIdentifier(transactionId);
         return true;
 
       } else {
-        log.warn("Req. attribute '{}' contains NO or MORE THEN ONE attribute-values. Ignore full req. attribute", 
+        log.warn(
+            "Req. attribute '{}' contains NO or MORE THEN ONE attribute-values. Ignore full req. attribute",
             el.getName());
-        
+
       }
-      
+
     }
-    
+
     return false;
   }
 
   /**
    * Extract the bPK target from requested attribute.
-   * 
-   * @param el Requested attribute from AuthnRequest
+   *
+   * @param el       Requested attribute from AuthnRequest
    * @param spConfig Service-Provider configuration for current process
-   * @return <code>true</code> if bPK target extraction was successful, otherwise <code>false</code>
+   * @return <code>true</code> if bPK target extraction was successful, otherwise
+   *         <code>false</code>
    */
-  private boolean extractBpkTargetIdentifier(EaafRequestedAttribute el, ServiceProviderConfiguration spConfig) {        
+  private boolean extractBpkTargetIdentifier(EaafRequestedAttribute el,
+      ServiceProviderConfiguration spConfig) {
     if (el.getAttributeValues() != null && el.getAttributeValues().size() == 1) {
-      final String sectorId = el.getAttributeValues().get(0).getDOM().getTextContent();      
+      final String sectorId = el.getAttributeValues().get(0).getDOM().getTextContent();
       try {
         spConfig.setBpkTargetIdentifier(sectorId);
         return true;
@@ -227,16 +251,16 @@ public class AuthnRequestValidator implements IAuthnRequestPostProcessor {
       log.warn("Req. attribute '" + el.getName()
           + "' contains NO or MORE THEN ONE attribute-values. Ignore full req. attribute");
     }
-    
+
     return false;
-    
+
   }
-  
-  private void postprocessLoaLevel(IRequest pendingReq, AuthnRequest authnReq) 
+
+  private void postprocessLoaLevel(IRequest pendingReq, AuthnRequest authnReq)
       throws AuthnRequestValidatorException {
     final List<String> reqLoA = extractLoA(authnReq);
-    log.trace("SP requests LoA with: {}", String.join(", ",reqLoA));
-    
+    log.trace("SP requests LoA with: {}", String.join(", ", reqLoA));
+
     LevelOfAssurance minimumLoAFromConfig = LevelOfAssurance.fromString(basicConfig.getBasicConfiguration(
         MsEidasNodeConstants.PROP_EIDAS_REQUEST_LOA_MINIMUM_LEVEL,
         EaafConstants.EIDAS_LOA_HIGH));
@@ -246,15 +270,15 @@ public class AuthnRequestValidator implements IAuthnRequestPostProcessor {
       minimumLoAFromConfig = LevelOfAssurance.HIGH;
 
     }
-          
+
     log.trace("Validate requested LoA to connector configuration minimum LoA: {} ...",
-        minimumLoAFromConfig);      
+        minimumLoAFromConfig);
     final List<String> allowedLoA = new ArrayList<>();
     for (final String loa : reqLoA) {
       try {
         final LevelOfAssurance intLoa = LevelOfAssurance.fromString(loa);
         String selectedLoA = EaafConstants.EIDAS_LOA_HIGH;
-        if (intLoa != null 
+        if (intLoa != null
             && intLoa.numericValue() <= minimumLoAFromConfig.numericValue()) {
           log.info("Client: {} requested LoA: {} will be upgraded to: {}",
               pendingReq.getServiceProviderConfiguration().getUniqueIdentifier(),
@@ -281,7 +305,7 @@ public class AuthnRequestValidator implements IAuthnRequestPostProcessor {
 
     pendingReq.getServiceProviderConfiguration(ServiceProviderConfiguration.class).setRequiredLoA(
         allowedLoA);
-    
+
   }
 
   private String extractComparisonLevel(AuthnRequest authnReq) {
@@ -335,7 +359,7 @@ public class AuthnRequestValidator implements IAuthnRequestPostProcessor {
   private String extractScopeRequsterId(AuthnRequest authnReq) {
     if (authnReq.getScoping() != null) {
       final Scoping scoping = authnReq.getScoping();
-      if (scoping.getRequesterIDs() != null 
+      if (scoping.getRequesterIDs() != null
           && scoping.getRequesterIDs().size() > 0) {
         if (scoping.getRequesterIDs().size() == 1) {
           return scoping.getRequesterIDs().get(0).getRequesterID();
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthnRequestValidatorTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthnRequestValidatorTest.java
index 9aafb4b6..c57515a0 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthnRequestValidatorTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthnRequestValidatorTest.java
@@ -214,6 +214,11 @@ public class AuthnRequestValidatorTest {
         
     Assert.assertEquals("wrong transactionId", "transId_11223344556677aabbcc", 
         pendingReq.getUniqueTransactionIdentifier());
+   
+    Assert.assertEquals("wrong binding pubkey", "binding_pubKey_1144225247125dsfasfasdf", 
+        pendingReq.getRawData(MsEidasNodeConstants.EID_BINDING_PUBLIC_KEY_NAME, String.class));
+    
+    
     
   }
   
diff --git a/connector/src/test/resources/data/pvp2_authn_3.xml b/connector/src/test/resources/data/pvp2_authn_3.xml
index 35e49b0f..5352c441 100644
--- a/connector/src/test/resources/data/pvp2_authn_3.xml
+++ b/connector/src/test/resources/data/pvp2_authn_3.xml
@@ -31,6 +31,9 @@
       <eid:RequestedAttribute FriendlyName="transactionId" Name="urn:eidgvat:attributes.transactionId" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true">
         <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">transId_11223344556677aabbcc</eid:AttributeValue>
       </eid:RequestedAttribute>
+      <eid:RequestedAttribute FriendlyName="Binding-PublicKey" Name="urn:eidgvat:attributes.binding.pubkey" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true">
+        <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">binding_pubKey_1144225247125dsfasfasdf</eid:AttributeValue>
+      </eid:RequestedAttribute>
     </eid:RequestedAttributes>
   </saml2p:Extensions>
   <saml2p:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"/>
diff --git a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MsEidasNodeConstants.java b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MsEidasNodeConstants.java
index 133f104d..027d0832 100644
--- a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MsEidasNodeConstants.java
+++ b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MsEidasNodeConstants.java
@@ -169,6 +169,9 @@ public class MsEidasNodeConstants {
   public static final List<String> COUNTRY_SELECTION_PARAM_WHITELIST =
       Arrays.asList(REQ_PARAM_SELECTED_COUNTRY, REQ_PARAM_SELECTED_ENVIRONMENT);
 
+  
+  public static final String EID_BINDING_PUBLIC_KEY_NAME = "urn:eidgvat:attributes.binding.pubkey";
+  
   private MsEidasNodeConstants() {
     //hidden Constructor for class with static values only.
   }
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/AuthBlockSigningService.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/AuthBlockSigningService.java
index 234d52dd..a2af4342 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/AuthBlockSigningService.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/AuthBlockSigningService.java
@@ -18,6 +18,7 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
 import com.fasterxml.jackson.annotation.JsonFormat;
+import com.fasterxml.jackson.annotation.JsonInclude;
 import com.fasterxml.jackson.annotation.JsonProperty;
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.databind.ObjectMapper;
@@ -81,6 +82,14 @@ public class AuthBlockSigningService {
     authBlock.setTimestamp(LocalDateTime.now().truncatedTo(ChronoUnit.SECONDS));
     authBlock.setUniqueId(pendingReq.getRawData(MsEidasNodeConstants.DATA_REQUESTERID, String.class)); 
     authBlock.setPiiTransactionId(pendingReq.getUniquePiiTransactionIdentifier());
+    
+    //set Binding PublicKey if available
+    Object bindingPubKey = pendingReq.getRawData(MsEidasNodeConstants.EID_BINDING_PUBLIC_KEY_NAME);
+    if (bindingPubKey instanceof String) {
+      authBlock.setBindingPublicKey((String) bindingPubKey);
+      
+    }
+    
     String jwsPayload = mapper.writeValueAsString(authBlock);
     log.debug("Building and sign authBlock with data: {}", jwsPayload);
     
@@ -172,6 +181,7 @@ public class AuthBlockSigningService {
    *
    */
   @Data
+  @JsonInclude(JsonInclude.Include.NON_NULL)
   private static class EidasAuchBlock {
 
     @JsonProperty("challenge")
@@ -189,6 +199,8 @@ public class AuthBlockSigningService {
     @JsonProperty("piiTransactionId")
     private String piiTransactionId;
     
+    @JsonProperty("bindingPublicKey")
+    private String bindingPublicKey;
     
   }
 
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
index 2e6790c5..0621081a 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
@@ -221,6 +221,7 @@ public class CreateIdentityLinkTaskEidNewTest {
     Assert.assertEquals("appId", randomTestSp, authBlockJson.get("appId").asText());    
     Assert.assertFalse("'challenge' is null", authBlockJson.get("challenge").asText().isEmpty());
     Assert.assertFalse("'timestamp' is null", authBlockJson.get("timestamp").asText().isEmpty());
+    Assert.assertFalse("binding pubKey", authBlockJson.has("bindingPublicKey"));
     
     
     // check vsz request
@@ -312,9 +313,11 @@ public class CreateIdentityLinkTaskEidNewTest {
     signContentEntry.setValue(RandomStringUtils.randomAlphanumeric(10));
     signContentResp.getOut().add(signContentEntry);
     when(szrMock, "signContent", any(), any(), any()).thenReturn(signContentResp);
-
+    
     String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+    String bindingPubKey = RandomStringUtils.randomAlphabetic(10);
     pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+    pendingReq.setRawDataToTransaction(MsEidasNodeConstants.EID_BINDING_PUBLIC_KEY_NAME, bindingPubKey);
     
     //perform test
     task.execute(pendingReq, executionContext);
@@ -329,8 +332,28 @@ public class CreateIdentityLinkTaskEidNewTest {
     Assert.assertNotNull("AuthProcessData", authProcessData);
     Assert.assertNotNull("eidasBind", authProcessData.getGenericDataFromSession(Constants.EIDAS_BIND, String.class));
 
+    // check authblock signature
     String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class);
     Assert.assertNotNull("AuthBlock", authBlock);
+    final AlgorithmConstraints constraints = new AlgorithmConstraints(ConstraintType.PERMIT,
+        BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.toArray(new String[BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.size()]));
+    Pair<KeyStore, Provider> keyStore = getKeyStore();
+    X509Certificate[] trustedCerts = EaafKeyStoreUtils
+        .getPrivateKeyAndCertificates(keyStore.getFirst(), ALIAS, PW.toCharArray(), true, "junit").getSecond();
+    JwsResult result = JoseUtils.validateSignature(authBlock, Arrays.asList(trustedCerts), constraints);
+    Assert.assertTrue("AuthBlock not valid", result.isValid());        
+    JsonNode authBlockJson = mapper.readTree(result.getPayLoad());    
+    Assert.assertNotNull("deserialized AuthBlock", authBlockJson);
+    
+    Assert.assertNotNull("no piiTransactionId in pendingRequesdt", 
+        storedPendingReq.getUniquePiiTransactionIdentifier());
+    Assert.assertEquals("piiTransactionId", storedPendingReq.getUniquePiiTransactionIdentifier(), 
+        authBlockJson.get("piiTransactionId").asText());
+    Assert.assertEquals("appId", randomTestSp, authBlockJson.get("appId").asText());    
+    Assert.assertFalse("'challenge' is null", authBlockJson.get("challenge").asText().isEmpty());
+    Assert.assertFalse("'timestamp' is null", authBlockJson.get("timestamp").asText().isEmpty());
+    Assert.assertTrue("binding pubKey", authBlockJson.has("bindingPublicKey"));
+    Assert.assertEquals("binding PubKey", bindingPubKey, authBlockJson.get("bindingPublicKey").asText());
     
     Assert.assertTrue("EID process", authProcessData.isEidProcess());
     Assert.assertTrue("foreigner process", authProcessData.isForeigner());
-- 
cgit v1.2.3


From c5c6344931f67ccaba335ffa476b5e8117948020 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Wed, 10 Mar 2021 12:25:10 +0100
Subject: switch to EAAF-components 1.1.13-SNAPSHOT to add
 EID-IDENTITY-STATUS-LEVEL attribute into SAML2 response

---
 basicConfig/default_config.properties              |   2 ++
 .../builder/AuthenticationDataBuilder.java         |  26 +++++++++++-----
 .../src/main/resources/application.properties      |   2 ++
 .../resources/specific_eIDAS_connector.beans.xml   |   6 ++++
 .../connector/test/FullStartUpAndProcessTest.java  |   7 +++--
 .../ProcessEngineSignalControllerTest.java         |   2 +-
 .../test/utils/AuthenticationDataBuilderTest.java  |  16 +++++++++-
 .../data/metadata_valid_without_encryption.xml     |   1 +
 .../spring/SpringTest_connector.beans.xml          |   6 ++++
 .../specific/modules/auth/eidas/v2/Constants.java  |   2 ++
 .../eidas/v2/tasks/ReceiveAuthnResponseTask.java   |   9 ++++--
 .../test/tasks/ReceiveEidasResponseTaskTest.java   |  34 +++++++++++++++++++--
 infos/handbook-work_in_progress.docx               | Bin 44486 -> 44445 bytes
 pom.xml                                            |   2 +-
 14 files changed, 98 insertions(+), 17 deletions(-)

(limited to 'connector/src/test/java')

diff --git a/basicConfig/default_config.properties b/basicConfig/default_config.properties
index 725fac7c..2ea12b17 100644
--- a/basicConfig/default_config.properties
+++ b/basicConfig/default_config.properties
@@ -18,6 +18,8 @@ eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret
 
 
 ## eIDAS Ref. Implementation connector ###
+eidas.ms.auth.eIDAS.eid.testidentity.default=false
+
 eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector
 eidas.ms.auth.eIDAS.node_v2.forward.endpoint=
 
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java
index c41660ce..3a93c1b8 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java
@@ -30,6 +30,7 @@ import org.springframework.stereotype.Service;
 import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
 import at.gv.egiz.eaaf.core.api.IRequest;
 import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions;
+import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions.EidIdentityStatusLevelValues;
 import at.gv.egiz.eaaf.core.api.idp.IAuthData;
 import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
 import at.gv.egiz.eaaf.core.api.idp.auth.data.IAuthProcessDataContainer;
@@ -37,8 +38,9 @@ import at.gv.egiz.eaaf.core.exceptions.EaafBuilderException;
 import at.gv.egiz.eaaf.core.exceptions.EaafException;
 import at.gv.egiz.eaaf.core.impl.data.Pair;
 import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData;
+import at.gv.egiz.eaaf.core.impl.idp.EidAuthenticationData;
 import at.gv.egiz.eaaf.core.impl.idp.auth.builder.AbstractAuthenticationDataBuilder;
-import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.EidAuthProcessDataWrapper;
 import lombok.extern.slf4j.Slf4j;
 
 @Service("AuthenticationDataBuilder")
@@ -47,9 +49,9 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder
   
   @Override
   protected IAuthData buildDeprecatedAuthData(IRequest pendingReq) throws EaafException {        
-    final IAuthProcessDataContainer authProcessData =
-        pendingReq.getSessionData(AuthProcessDataWrapper.class);    
-    AuthenticationData authData = new AuthenticationData();
+    final EidAuthProcessDataWrapper authProcessData =
+        pendingReq.getSessionData(EidAuthProcessDataWrapper.class);    
+    EidAuthenticationData authData = new EidAuthenticationData();
     
     //set basis infos
     super.generateDeprecatedBasicAuthData(authData, pendingReq, authProcessData);
@@ -58,6 +60,9 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder
     authData.setSsoSessionValidTo(
         new Date(new Date().getTime() + MsEidasNodeConstants.DEFAULT_PVP_ASSERTION_VALIDITY * 60 * 1000));
     
+    authData.setEidStatus(authProcessData.isTestIdentity() 
+        ? EidIdentityStatusLevelValues.TESTIDENTITY : EidIdentityStatusLevelValues.IDENTITY);
+    
     return authData;
 
   }
@@ -65,16 +70,21 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder
   @Override
   protected void buildServiceSpecificAuthenticationData(IAuthData authData, IRequest pendingReq) 
       throws EaafException {
-    if (authData instanceof AuthenticationData) {
-      ((AuthenticationData)authData).setGenericData(
+    if (authData instanceof EidAuthenticationData) {
+      ((EidAuthenticationData)authData).setGenericData(
           ExtendedPvpAttributeDefinitions.EID_PII_TRANSACTION_ID_NAME, 
           pendingReq.getUniquePiiTransactionIdentifier());
       log.trace("Inject piiTransactionId: {} into AuthData", pendingReq.getUniquePiiTransactionIdentifier());
     
       // set specific informations
-      ((AuthenticationData)authData).setSsoSessionValidTo(
+      ((EidAuthenticationData)authData).setSsoSessionValidTo(
           new Date(new Date().getTime() + MsEidasNodeConstants.DEFAULT_PVP_ASSERTION_VALIDITY * 60 * 1000));
 
+      //set E-ID status-level
+      final EidAuthProcessDataWrapper authProcessData =
+          pendingReq.getSessionData(EidAuthProcessDataWrapper.class);        
+      ((EidAuthenticationData)authData).setEidStatus(authProcessData.isTestIdentity() 
+          ? EidIdentityStatusLevelValues.TESTIDENTITY : EidIdentityStatusLevelValues.IDENTITY);
       
     } else {
       throw new RuntimeException("Can not inject PiiTransactionId because AuthData is of unknown type: " 
@@ -86,7 +96,7 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder
 
   @Override
   protected IAuthData getAuthDataInstance(IRequest arg0) throws EaafException {
-    return new AuthenticationData();
+    return new EidAuthenticationData();
 
   }
 
diff --git a/connector/src/main/resources/application.properties b/connector/src/main/resources/application.properties
index 9a4ae54f..2411fde3 100644
--- a/connector/src/main/resources/application.properties
+++ b/connector/src/main/resources/application.properties
@@ -48,6 +48,8 @@ eidas.ms.core.pendingrequestid.digist.algorithm=HmacSHA256
 
 ## eIDAS Ref. Implementation connector ###
 eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector
+eidas.ms.auth.eIDAS.eid.testidentity.default=false
+
 #eidas.ms.auth.eIDAS.node_v2.forward.endpoint=
 eidas.ms.auth.eIDAS.node_v2.forward.method=POST
 eidas.ms.auth.eIDAS.node_v2.countrycode=AT
diff --git a/connector/src/main/resources/specific_eIDAS_connector.beans.xml b/connector/src/main/resources/specific_eIDAS_connector.beans.xml
index f6fdeefe..0f8511d5 100644
--- a/connector/src/main/resources/specific_eIDAS_connector.beans.xml
+++ b/connector/src/main/resources/specific_eIDAS_connector.beans.xml
@@ -49,6 +49,9 @@
     <property name="pvpIdpCredentials">
       <ref bean="PVPEndPointCredentialProvider" />
     </property>
+    <property name="metadataProvider">
+      <ref bean="PVPMetadataProvider" />
+    </property>   
   </bean>
 
   <bean id="AuthnRequestValidator"
@@ -69,6 +72,9 @@
     <property name="pvpIdpCredentials">
       <ref bean="PVPEndPointCredentialProvider" />
     </property>
+    <property name="metadataProvider">
+      <ref bean="PVPMetadataProvider" />
+    </property>     
   </bean>
 
   <bean id="eaafProtocolAuthenticationService"
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java
index fcb0e73a..f50829c7 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java
@@ -62,6 +62,7 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasSignalServlet;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
 import at.gv.egiz.components.spring.api.SpringBootApplicationContextInitializer;
 import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
 import at.gv.egiz.eaaf.core.exceptions.EaafException;
 import at.gv.egiz.eaaf.core.impl.idp.controller.ProtocolFinalizationController;
 import at.gv.egiz.eaaf.core.impl.utils.DomUtils;
@@ -99,7 +100,7 @@ import szrservices.SignContentResponseType;
 @ActiveProfiles(profiles = {"JUNIT", "jUnitTestMode"})
 public class FullStartUpAndProcessTest {
 
-  private static final String FINAL_REDIRECT = "http://localhost/finalizeAuthProtocol?pendingid=";
+  private static final String FINAL_REDIRECT = "http://localhost/public/secure/finalizeAuthProtocol?pendingid=";
   
   @Autowired private WebApplicationContext wac;
   @Autowired private PvpEndPointCredentialProvider credentialProvider;
@@ -379,7 +380,7 @@ public class FullStartUpAndProcessTest {
     Assert.assertEquals("SAML2 status", Constants.SUCCESS_URI, saml2.getStatus().getStatusCode().getValue());
     
     final AssertionAttributeExtractor extractor = new AssertionAttributeExtractor(saml2);
-    Assert.assertEquals("wrong resp attr. size", 6, extractor.getAllIncludeAttributeNames().size());
+    Assert.assertEquals("wrong resp attr. size", 7, extractor.getAllIncludeAttributeNames().size());
     Assert.assertEquals("Wrong attr: LoA ", "http://eidas.europa.eu/LoA/high", 
         extractor.getSingleAttributeValue("urn:oid:1.2.40.0.10.2.1.1.261.108"));
     Assert.assertEquals("Wrong attr: PVP_VERSION ", "2.2", 
@@ -392,6 +393,8 @@ public class FullStartUpAndProcessTest {
         extractor.getSingleAttributeValue("urn:eidgvat:attributes.authblock.signed"));
     Assert.assertNotNull("Wrong attr: piiTras.Id ", 
         extractor.getSingleAttributeValue("urn:eidgvat:attributes.piiTransactionId"));
+    Assert.assertEquals("Wrong attr:EID_STATUS_LEVEL ", "http://eid.gv.at/eID/status/identity",
+        extractor.getSingleAttributeValue(PvpAttributeDefinitions.EID_IDENTITY_STATUS_LEVEL_NAME));
     
   }
 
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/controller/ProcessEngineSignalControllerTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/controller/ProcessEngineSignalControllerTest.java
index d2c4aff2..5b612036 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/controller/ProcessEngineSignalControllerTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/controller/ProcessEngineSignalControllerTest.java
@@ -69,7 +69,7 @@ public class ProcessEngineSignalControllerTest {
     Assert.assertEquals("http StatusCode", 302, httpResp.getStatus());
     Assert.assertNotNull("redirect header", httpResp.getHeaderValue("Location"));
     Assert.assertTrue("wrong redirect header", 
-        httpResp.getHeader("Location").startsWith("http://localhost/errorHandling?errorid="));
+        httpResp.getHeader("Location").startsWith("http://localhost/public/secure/errorHandling?errorid="));
   
   }
   
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java
index 5f1c5dcf..0df8638c 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java
@@ -11,6 +11,7 @@ import java.util.Map;
 import javax.xml.transform.TransformerException;
 
 import org.apache.commons.lang3.RandomStringUtils;
+import org.apache.commons.lang3.RandomUtils;
 import org.junit.Assert;
 import org.junit.Before;
 import org.junit.BeforeClass;
@@ -35,6 +36,7 @@ import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
 import at.gv.egiz.eaaf.core.api.data.EaafConstants;
 import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions;
 import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
+import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions.EidIdentityStatusLevelValues;
 import at.gv.egiz.eaaf.core.api.idp.IAuthData;
 import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
 import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
@@ -42,8 +44,10 @@ import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException;
 import at.gv.egiz.eaaf.core.exceptions.EaafBuilderException;
 import at.gv.egiz.eaaf.core.exceptions.EaafParserException;
 import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.impl.idp.EidAuthenticationData;
 import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BpkBuilder;
 import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.EidAuthProcessDataWrapper;
 import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser;
 import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
 import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
@@ -118,8 +122,10 @@ public class AuthenticationDataBuilderTest {
   @Test
   public void eidMode() throws EaafAuthenticationException {
     // initialize state
+    boolean isTestIdentity = RandomUtils.nextBoolean();
     pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(true);
-
+    pendingReq.getSessionData(EidAuthProcessDataWrapper.class).setTestIdentity(isTestIdentity);
+    
     // execute
     IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq);
 
@@ -128,6 +134,9 @@ public class AuthenticationDataBuilderTest {
     Assert.assertNotNull("authBlock null", authData.getGenericData(Constants.SZR_AUTHBLOCK, String.class));
     Assert.assertNotNull("eidasBind null", authData.getGenericData(Constants.EIDAS_BIND, String.class));
     Assert.assertNotNull("LoA null", authData.getEidasQaaLevel());
+    Assert.assertEquals("testIdentity flag", 
+        isTestIdentity ? EidIdentityStatusLevelValues.TESTIDENTITY : EidIdentityStatusLevelValues.IDENTITY, 
+        ((EidAuthenticationData)authData).getEidStatus());
 
     String authBlock = authData.getGenericData(Constants.SZR_AUTHBLOCK, String.class);
     String eidasBind = authData.getGenericData(Constants.EIDAS_BIND, String.class);
@@ -159,6 +168,8 @@ public class AuthenticationDataBuilderTest {
   @Test
   public void moaIdMode() throws EaafAuthenticationException, EaafBuilderException {
     //initialize state
+    boolean isTestIdentity = RandomUtils.nextBoolean();
+    pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(true);    
     pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(false);
     IIdentityLink idl = buildDummyIdl();
     pendingReq.getSessionData(AuthProcessDataWrapper.class).setIdentityLink(idl);
@@ -173,6 +184,9 @@ public class AuthenticationDataBuilderTest {
     Assert.assertNull("piiTransactionId", 
         authData.getGenericData(ExtendedPvpAttributeDefinitions.EID_PII_TRANSACTION_ID_NAME, String.class));
     
+    Assert.assertEquals("testIdentity flag", 
+        isTestIdentity ? EidIdentityStatusLevelValues.TESTIDENTITY : EidIdentityStatusLevelValues.IDENTITY, 
+        ((EidAuthenticationData)authData).getEidStatus());
     
     Assert.assertNotNull("assertion validTo", authData.getSsoSessionValidTo());
     Assert.assertNotNull("LoA null", authData.getEidasQaaLevel());
diff --git a/connector/src/test/resources/data/metadata_valid_without_encryption.xml b/connector/src/test/resources/data/metadata_valid_without_encryption.xml
index b224c336..32b24e91 100644
--- a/connector/src/test/resources/data/metadata_valid_without_encryption.xml
+++ b/connector/src/test/resources/data/metadata_valid_without_encryption.xml
@@ -71,6 +71,7 @@ ANsmjI2azWiTSFjb7Ou5fnCfbeiJUP0s66m8qS4rYl9L</ds:X509Certificate>
       <md:RequestedAttribute FriendlyName="userAuthBlock" Name="urn:eidgvat:attributes.authblock.signed" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/>
       <md:RequestedAttribute FriendlyName="eidBind" Name="urn:eidgvat:attributes.eidbind" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/>
       <md:RequestedAttribute FriendlyName="piiTransactionId" Name="urn:eidgvat:attributes.piiTransactionId" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/>
+      <md:RequestedAttribute FriendlyName="EID-IDENTITY-STATUS-LEVEL" Name="urn:oid:1.2.40.0.10.2.1.1.261.109" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/>
     </md:AttributeConsumingService>
   </md:SPSSODescriptor>
   <md:Organization>
diff --git a/connector/src/test/resources/spring/SpringTest_connector.beans.xml b/connector/src/test/resources/spring/SpringTest_connector.beans.xml
index ba385cb9..83acf445 100644
--- a/connector/src/test/resources/spring/SpringTest_connector.beans.xml
+++ b/connector/src/test/resources/spring/SpringTest_connector.beans.xml
@@ -41,6 +41,9 @@
     <property name="pvpIdpCredentials">
       <ref bean="PVPEndPointCredentialProvider" />
     </property>
+    <property name="metadataProvider">
+      <ref bean="PVPMetadataProvider" />
+    </property>       
   </bean>
 
   <bean id="AuthnRequestValidator"
@@ -61,6 +64,9 @@
     <property name="pvpIdpCredentials">
       <ref bean="PVPEndPointCredentialProvider" />
     </property>
+    <property name="metadataProvider">
+      <ref bean="PVPMetadataProvider" />
+    </property>     
   </bean>
 
   <bean id="eaafProtocolAuthenticationService"
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
index c175d999..d13dd00f 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
@@ -41,6 +41,8 @@ public class Constants {
 
   // configuration properties
   public static final String CONIG_PROPS_EIDAS_PREFIX = "auth.eIDAS";
+  public static final String CONIG_PROPS_EIDAS_IS_TEST_IDENTITY = CONIG_PROPS_EIDAS_PREFIX 
+      + ".eid.testidentity.default";
   public static final String CONIG_PROPS_EIDAS_NODE = CONIG_PROPS_EIDAS_PREFIX + ".node_v2";
   public static final String CONIG_PROPS_EIDAS_NODE_COUNTRYCODE = CONIG_PROPS_EIDAS_NODE + ".countrycode";
   public static final String CONIG_PROPS_EIDAS_NODE_PUBLICSECTOR_TARGETS = CONIG_PROPS_EIDAS_NODE
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java
index 684546f7..6cab9214 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java
@@ -39,7 +39,7 @@ import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
 import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
 import at.gv.egiz.eaaf.core.exceptions.EaafException;
 import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
-import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.EidAuthProcessDataWrapper;
 import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
 import eu.eidas.auth.commons.light.ILightResponse;
 import lombok.extern.slf4j.Slf4j;
@@ -99,10 +99,15 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
 
       // update MOA-Session data with received information
       log.debug("Store eIDAS response information into pending-request.");
-      final AuthProcessDataWrapper authProcessData = pendingReq.getSessionData(AuthProcessDataWrapper.class);
+      final EidAuthProcessDataWrapper authProcessData = pendingReq.getSessionData(EidAuthProcessDataWrapper.class);
       authProcessData.setQaaLevel(eidasResponse.getLevelOfAssurance());
       authProcessData.setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse);
 
+      
+      //inject set flag to inject 
+      authProcessData.setTestIdentity(
+          basicConfig.getBasicConfigurationBoolean(Constants.CONIG_PROPS_EIDAS_IS_TEST_IDENTITY, false));
+            
       // store MOA-session to database
       requestStoreage.storePendingRequest(pendingReq);
 
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java
index de9b2d3b..0e56e2b3 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java
@@ -39,7 +39,7 @@ import at.gv.egiz.eaaf.core.exceptions.EaafException;
 import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
 import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException;
 import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
-import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.EidAuthProcessDataWrapper;
 import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
 import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
 import at.gv.egiz.eaaf.core.impl.utils.Random;
@@ -84,6 +84,7 @@ public class ReceiveEidasResponseTaskTest {
     RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
 
     basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.eid.testidentity.default", "false");
     
     final Map<String, String> spConfig = new HashMap<>();
     spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
@@ -153,15 +154,44 @@ public class ReceiveEidasResponseTaskTest {
     IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId());
     Assert.assertNotNull("pendingReq not stored", storedReq);
     
-    final AuthProcessDataWrapper authProcessData = storedReq.getSessionData(AuthProcessDataWrapper.class);
+    final EidAuthProcessDataWrapper authProcessData = storedReq.getSessionData(EidAuthProcessDataWrapper.class);
     Assert.assertEquals("LoA", eidasResponse.getLevelOfAssurance(), authProcessData.getQaaLevel());
     Assert.assertNotNull("eIDAS response", 
         authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE));
     Assert.assertEquals("eIDAS response", eidasResponse, 
         authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE));
+    Assert.assertFalse("testIdentity flag", authProcessData.isTestIdentity());
         
   }
   
+  @Test
+  public void successWithTestIdentity() throws URISyntaxException, TaskExecutionException, PendingReqIdValidationException {    
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.eid.testidentity.default", "true");
+    
+    @NotNull        
+    AuthenticationResponse eidasResponse = buildDummyAuthResponse(Constants.SUCCESS_URI);
+    httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse);
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU");    
+      
+    //execute test
+    task.execute(pendingReq, executionContext);
+    
+    //validate state
+    IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId());
+    Assert.assertNotNull("pendingReq not stored", storedReq);
+    
+    final EidAuthProcessDataWrapper authProcessData = storedReq.getSessionData(EidAuthProcessDataWrapper.class);
+    Assert.assertEquals("LoA", eidasResponse.getLevelOfAssurance(), authProcessData.getQaaLevel());
+    Assert.assertNotNull("eIDAS response", 
+        authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE));
+    Assert.assertEquals("eIDAS response", eidasResponse, 
+        authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE));
+    Assert.assertTrue("testIdentity flag", authProcessData.isTestIdentity());
+        
+  }
+  
+  
+  
   @NotNull
   private AuthenticationResponse buildDummyAuthResponse(String statusCode) throws URISyntaxException {
     final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
diff --git a/infos/handbook-work_in_progress.docx b/infos/handbook-work_in_progress.docx
index d311fa80..192db5d4 100644
Binary files a/infos/handbook-work_in_progress.docx and b/infos/handbook-work_in_progress.docx differ
diff --git a/pom.xml b/pom.xml
index 46d02706..808d71b9 100644
--- a/pom.xml
+++ b/pom.xml
@@ -22,7 +22,7 @@
     <!-- ===================================================================== -->
     <egiz-spring-api>0.3</egiz-spring-api>
     <egiz-eventlog-slf4jBackend>0.4</egiz-eventlog-slf4jBackend>
-    <eaaf-core.version>1.1.11</eaaf-core.version>
+    <eaaf-core.version>1.1.13-SNAPSHOT</eaaf-core.version>
 
     <spring-boot-starter-web.version>2.4.1</spring-boot-starter-web.version>
     <spring-boot-admin-starter-client.version>2.3.1</spring-boot-admin-starter-client.version>
-- 
cgit v1.2.3


From ddf39a5b497925204be868a77bcb746277bb2c8b Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Thu, 11 Mar 2021 17:30:18 +0100
Subject: update package names after refactoring of eaaf-components

---
 .../specific/connector/test/utils/AuthenticationDataBuilderTest.java  | 4 ++--
 .../specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java  | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

(limited to 'connector/src/test/java')

diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java
index 0df8638c..52932c8c 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java
@@ -44,8 +44,8 @@ import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException;
 import at.gv.egiz.eaaf.core.exceptions.EaafBuilderException;
 import at.gv.egiz.eaaf.core.exceptions.EaafParserException;
 import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.impl.builder.BpkBuilder;
 import at.gv.egiz.eaaf.core.impl.idp.EidAuthenticationData;
-import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BpkBuilder;
 import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
 import at.gv.egiz.eaaf.core.impl.idp.auth.data.EidAuthProcessDataWrapper;
 import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser;
@@ -169,7 +169,7 @@ public class AuthenticationDataBuilderTest {
   public void moaIdMode() throws EaafAuthenticationException, EaafBuilderException {
     //initialize state
     boolean isTestIdentity = RandomUtils.nextBoolean();
-    pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(true);    
+    pendingReq.getSessionData(EidAuthProcessDataWrapper.class).setTestIdentity(true);    
     pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(false);
     IIdentityLink idl = buildDummyIdl();
     pendingReq.getSessionData(AuthProcessDataWrapper.class).setIdentityLink(idl);
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java
index b519354c..f4849b07 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java
@@ -64,8 +64,8 @@ import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
 import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
 import at.gv.egiz.eaaf.core.exceptions.EaafException;
 import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.builder.BpkBuilder;
 import at.gv.egiz.eaaf.core.impl.data.Pair;
-import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BpkBuilder;
 import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
 import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser;
 import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
-- 
cgit v1.2.3


From 7a1196805baad8fe055f92cfa8746c67684749b9 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Fri, 12 Mar 2021 10:46:59 +0100
Subject: update StatusMessageProvider for better distiguish between internal
 and external errorCodes

---
 .../specific/connector/provider/StatusMessageProvider.java | 14 ++++++++++----
 .../test/utils/AuthenticationDataBuilderTest.java          |  2 +-
 2 files changed, 11 insertions(+), 5 deletions(-)

(limited to 'connector/src/test/java')

diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/StatusMessageProvider.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/StatusMessageProvider.java
index 073f7513..e83d9d49 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/StatusMessageProvider.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/StatusMessageProvider.java
@@ -28,6 +28,7 @@ import java.util.Locale;
 import java.util.MissingResourceException;
 import java.util.ResourceBundle;
 
+import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.stereotype.Service;
@@ -94,11 +95,10 @@ public class StatusMessageProvider implements IStatusMessenger {
   public String getResponseErrorCode(Throwable throwable) {
     String errorCode = IStatusMessenger.CODES_EXTERNAL_ERROR_GENERIC;
     if (throwable instanceof EaafException) {
-      errorCode = mapInternalErrorToExternalError(((EaafException) throwable).getErrorId());
+      errorCode = ((EaafException) throwable).getErrorId();
       
     }
-    // TODO: maybe more internal switches are required
-
+        
     return errorCode;
 
   }
@@ -120,7 +120,13 @@ public class StatusMessageProvider implements IStatusMessenger {
 
     } else {
       try {
-        return externalError.getString(intErrorCode);
+        if (StringUtils.isNotEmpty(intErrorCode)) {
+          return externalError.getString(intErrorCode);
+
+        } else {
+          return IStatusMessenger.CODES_EXTERNAL_ERROR_GENERIC;
+
+        }
 
       } catch (final MissingResourceException e2) {
         log.info(MessageFormat.format(ERROR_NO_EXTERNALERROR_CODE, new Object[] { intErrorCode }));
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java
index 52932c8c..cea20f04 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java
@@ -169,7 +169,7 @@ public class AuthenticationDataBuilderTest {
   public void moaIdMode() throws EaafAuthenticationException, EaafBuilderException {
     //initialize state
     boolean isTestIdentity = RandomUtils.nextBoolean();
-    pendingReq.getSessionData(EidAuthProcessDataWrapper.class).setTestIdentity(true);    
+    pendingReq.getSessionData(EidAuthProcessDataWrapper.class).setTestIdentity(isTestIdentity);    
     pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(false);
     IIdentityLink idl = buildDummyIdl();
     pendingReq.getSessionData(AuthProcessDataWrapper.class).setIdentityLink(idl);
-- 
cgit v1.2.3


From 291905eed9c187444c83657241b589d31d825149 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Wed, 12 May 2021 12:46:07 +0200
Subject: update third-party libs to latest versions

---
 basicConfig/templates/error_message.html           |  10 +-
 connector/pom.xml                                  |  14 +++
 connector/src/main/resources/logback.xml           | 107 +--------------------
 .../resources/specific_eIDAS_connector.beans.xml   |   3 +
 .../connector/test/FullStartUpAndProcessTest.java  |   2 +-
 .../test/utils/AuthenticationDataBuilderTest.java  |   2 +-
 .../spring/SpringTest_connector.beans.xml          |   3 +
 eidas_modules/authmodule-eIDAS-v2/pom.xml          |   4 +
 .../modules/auth/eidas/v2/test/SzrClientTest.java  |   9 +-
 .../tasks/CreateIdentityLinkTaskEidNewTest.java    |   2 +-
 .../v2/test/tasks/CreateIdentityLinkTaskTest.java  |   2 +-
 infos/handbook-work_in_progress.docx               | Bin 44445 -> 44928 bytes
 infos/readme_1.2.0.md                              |   7 +-
 pom.xml                                            |  33 ++++---
 14 files changed, 63 insertions(+), 135 deletions(-)

(limited to 'connector/src/test/java')

diff --git a/basicConfig/templates/error_message.html b/basicConfig/templates/error_message.html
index f9788f6a..b1367962 100644
--- a/basicConfig/templates/error_message.html
+++ b/basicConfig/templates/error_message.html
@@ -21,16 +21,12 @@
               <div id="alert_area" class="hell" role="application" >
                 <p th:text="#{gui.errorpage.msg.information}">Error Information</p>
                 <br/>
-                <p><b th:text="#{gui.errorpage.msg.errorcode}">Code :</b> <span th:text="${errorCode}"></span></p> 
+                <p><b th:text="#{gui.errorpage.msg.errorcode}">Code :</b> <span th:text="${extErrorCode}"></span></p>
                 <p><b th:text="#{gui.errorpage.msg.errormsg}">Msg   :</b > <span th:text="${#messages.msgWithParams('__${errorCode}__', '__${errorParams}__')}"></span></p>
               </div>
       </div>
-      
-      <div th:if="${msg.stacktrace}">
-        <p><b th:text="#{gui.errorpage.msg.stacktrace}">fullError</b> <span th:text="${msg.stacktrace}"></span></p> 
-      </div>
-      
+            
 		</div>
 	</div>
 </body>
-</html>
\ No newline at end of file
+</html>
diff --git a/connector/pom.xml b/connector/pom.xml
index 36a6d9df..6516e351 100644
--- a/connector/pom.xml
+++ b/connector/pom.xml
@@ -135,6 +135,20 @@
       <groupId>com.github.skjolber</groupId>
       <artifactId>mockito-soap-cxf</artifactId>
       <scope>test</scope>
+      <!--exclusions>
+        <exclusion>
+          <groupId>org.apache.cxf</groupId>
+          <artifactId>cxf-rt-wsdl</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>org.apache.cxf</groupId>
+          <artifactId>cxf-rt-bindings-soap</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>org.apache.cxf</groupId>
+          <artifactId>cxf-core</artifactId>
+        </exclusion>
+      </exclusions-->
     </dependency>
     <dependency>
       <groupId>org.powermock</groupId>
diff --git a/connector/src/main/resources/logback.xml b/connector/src/main/resources/logback.xml
index 7aa2d0cc..9679d9e4 100644
--- a/connector/src/main/resources/logback.xml
+++ b/connector/src/main/resources/logback.xml
@@ -8,96 +8,6 @@
 <!-- http://www.qos.ch/shop/products/professionalSupport -->
 <!-- -->
 <configuration>
-  <appender name="msnode"
-    class="ch.qos.logback.core.rolling.RollingFileAppender">
-    <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender -->
-    <File>logs/eidas-ms-specific.log</File>
-    <encoder>
-      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n</pattern>
-    </encoder>
-    <rollingPolicy
-      class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
-      <maxIndex>9999</maxIndex>
-      <FileNamePattern>logs/eidas-ms-specific.log.%i
-      </FileNamePattern>
-    </rollingPolicy>
-    <triggeringPolicy
-      class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
-      <MaxFileSize>10000KB</MaxFileSize>
-    </triggeringPolicy>
-  </appender>
-  <appender name="EIDASNODE"
-    class="ch.qos.logback.core.rolling.RollingFileAppender">
-    <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender -->
-    <File>logs/eIDAS_node.log</File>
-    <encoder>
-      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n</pattern>
-    </encoder>
-    <rollingPolicy
-      class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
-      <maxIndex>9999</maxIndex>
-      <FileNamePattern>logs/eIDAS_node.log.%i
-      </FileNamePattern>
-    </rollingPolicy>
-    <triggeringPolicy
-      class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
-      <MaxFileSize>10000KB</MaxFileSize>
-    </triggeringPolicy>
-  </appender>
-  <appender name="reversion"
-    class="ch.qos.logback.core.rolling.RollingFileAppender">
-    <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender -->
-    <File>logs/eidas-ms-reversion.log</File>
-    <encoder>
-      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n</pattern>
-    </encoder>
-    <rollingPolicy
-      class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
-      <maxIndex>9999</maxIndex>
-      <FileNamePattern>logs/eidas-ms-reversion.log.%i
-      </FileNamePattern>
-    </rollingPolicy>
-    <triggeringPolicy
-      class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
-      <MaxFileSize>10000KB</MaxFileSize>
-    </triggeringPolicy>
-  </appender>
-  <appender name="statistic"
-    class="ch.qos.logback.core.rolling.RollingFileAppender">
-    <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender -->
-    <File>logs/eidas-ms-statistic.log</File>
-    <encoder>
-      <pattern>%m%n</pattern>
-    </encoder>
-    <rollingPolicy
-      class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
-      <maxIndex>9999</maxIndex>
-      <FileNamePattern>logs/eidas-ms-statistic.log.%i
-      </FileNamePattern>
-    </rollingPolicy>
-    <triggeringPolicy
-      class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
-      <MaxFileSize>10000KB</MaxFileSize>
-    </triggeringPolicy>
-  </appender>
-  <appender name="stdout"
-    class="ch.qos.logback.core.rolling.RollingFileAppender">
-    <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender -->
-    <File>logs/console.log</File>
-    <encoder>
-      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n</pattern>
-    </encoder>
-    <rollingPolicy
-      class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
-      <maxIndex>9999</maxIndex>
-      <FileNamePattern>logs/console.log.%i
-      </FileNamePattern>
-    </rollingPolicy>
-    <triggeringPolicy
-      class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
-      <MaxFileSize>10000KB</MaxFileSize>
-    </triggeringPolicy>
-  </appender>
   <appender name="console"
     class="ch.qos.logback.core.ConsoleAppender">
     <encoder>
@@ -105,27 +15,16 @@
     </encoder>
   </appender>
   <logger name="at.gv.egiz.eaaf" level="info">
-    <appender-ref ref="msnode" />
+    <appender-ref ref="console" />
   </logger>
   <logger name="eu.eidas" additivity="false" level="info">
-    <appender-ref ref="EIDASNODE" />
+    <appender-ref ref="console" />
   </logger>
   <logger name="at.gv.egiz.eidas.specific" additivity="false"
     level="info">
-    <appender-ref ref="msnode" />
-  </logger>
-  <logger
-    name="at.gv.egiz.eidas.specific.connector.logger.RevisionLogger"
-    additivity="false" level="info">
-    <appender-ref ref="reversion" />
-  </logger>
-  <logger
-    name="at.gv.egiz.eidas.specific.connector.logger.StatisticLogger"
-    additivity="false" level="info">
-    <appender-ref ref="statistic" />
+    <appender-ref ref="console" />
   </logger>
   <root level="info">
-    <appender-ref ref="stdout" />
     <appender-ref ref="console" />
   </root>
 </configuration>
diff --git a/connector/src/main/resources/specific_eIDAS_connector.beans.xml b/connector/src/main/resources/specific_eIDAS_connector.beans.xml
index 0f8511d5..df2a9aa4 100644
--- a/connector/src/main/resources/specific_eIDAS_connector.beans.xml
+++ b/connector/src/main/resources/specific_eIDAS_connector.beans.xml
@@ -82,6 +82,9 @@
     <property name="guiBuilder" ref="mvcGUIBuilderImpl" />
   </bean>
 
+  <bean id="defaultErrorHandler"
+        class="at.gv.egiz.eaaf.core.impl.idp.auth.services.DefaultErrorService"/>
+
   <bean id="securePendingRequestIdGeneration"
     class="at.gv.egiz.eaaf.core.impl.utils.SecurePendingRequestIdGenerationStrategy" />
 
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java
index f50829c7..64e8272e 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java
@@ -50,7 +50,7 @@ import org.springframework.web.context.WebApplicationContext;
 import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
 
-import com.skjolberg.mockito.soap.SoapServiceRule;
+import com.github.skjolber.mockito.soap.SoapServiceRule;
 
 import at.asitplus.eidas.specific.connector.controller.ProcessEngineSignalController;
 import at.asitplus.eidas.specific.connector.controller.Pvp2SProfileEndpoint;
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java
index cea20f04..17ecb2ca 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java
@@ -199,7 +199,7 @@ public class AuthenticationDataBuilderTest {
     
     Assert.assertEquals("FamilyName", idl.getFamilyName(), authData.getFamilyName());
     Assert.assertEquals("GivenName", idl.getGivenName(), authData.getGivenName());
-    Assert.assertEquals("DateOfBirth", idl.getDateOfBirth(), authData.getFormatedDateOfBirth());
+    Assert.assertEquals("DateOfBirth", idl.getDateOfBirth(), authData.getDateOfBirth());
     Assert.assertEquals("bPK", 
         BpkBuilder.generateAreaSpecificPersonIdentifier(
             idl.getIdentificationValue(), EaafConstants.URN_PREFIX_CDID + "XX").getFirst(), 
diff --git a/connector/src/test/resources/spring/SpringTest_connector.beans.xml b/connector/src/test/resources/spring/SpringTest_connector.beans.xml
index 83acf445..4d770570 100644
--- a/connector/src/test/resources/spring/SpringTest_connector.beans.xml
+++ b/connector/src/test/resources/spring/SpringTest_connector.beans.xml
@@ -74,6 +74,9 @@
     <property name="guiBuilder" ref="mvcGUIBuilderImpl" />
   </bean>
 
+  <bean id="defaultErrorHandler"
+        class="at.gv.egiz.eaaf.core.impl.idp.auth.services.DefaultErrorService"/>
+
   <bean id="securePendingRequestIdGeneration"
     class="at.gv.egiz.eaaf.core.impl.utils.SecurePendingRequestIdGenerationStrategy" />
 
diff --git a/eidas_modules/authmodule-eIDAS-v2/pom.xml b/eidas_modules/authmodule-eIDAS-v2/pom.xml
index 074a4205..78039e9c 100644
--- a/eidas_modules/authmodule-eIDAS-v2/pom.xml
+++ b/eidas_modules/authmodule-eIDAS-v2/pom.xml
@@ -102,6 +102,10 @@
       <groupId>org.springframework</groupId>
       <artifactId>spring-webmvc</artifactId>
     </dependency>
+    <dependency>
+      <groupId>org.apache.cxf</groupId>
+      <artifactId>cxf-core</artifactId>
+    </dependency>
     <dependency>
       <groupId>org.apache.cxf</groupId>
       <artifactId>cxf-rt-frontend-jaxws</artifactId>
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java
index cf4ed95c..786b10de 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java
@@ -54,6 +54,8 @@ import org.junit.runner.RunWith;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.ClassMode;
 import org.springframework.test.context.ContextConfiguration;
 import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
 import org.springframework.util.Base64Utils;
@@ -63,7 +65,7 @@ import org.xml.sax.SAXException;
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.databind.JsonMappingException;
 import com.fasterxml.jackson.databind.ObjectMapper;
-import com.skjolberg.mockito.soap.SoapServiceRule;
+import com.github.skjolber.mockito.soap.SoapServiceRule;
 
 import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
@@ -96,6 +98,7 @@ import szrservices.TravelDocumentType;
 @ContextConfiguration(locations = {
     "/SpringTest-context_tasks_test.xml",
     "/SpringTest-context_basic_mapConfig.xml"})
+@DirtiesContext(classMode = ClassMode.AFTER_CLASS)
 public class SzrClientTest {
   private static final Logger log = LoggerFactory.getLogger(SzrClientTest.class);
 
@@ -134,9 +137,11 @@ public class SzrClientTest {
     eidData.setPseudonym("1234sdgsdfg56789ABCDEF");
     
     basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject", "false");
-    
+      
   }
 
+  
+  
 
   @Test
   public void getStammzahlenEcryptedTest() throws JAXBException, SZRException_Exception, SzrCommunicationException {
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
index 0621081a..175f95e6 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
@@ -40,7 +40,7 @@ import org.springframework.web.context.request.ServletRequestAttributes;
 
 import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.ObjectMapper;
-import com.skjolberg.mockito.soap.SoapServiceRule;
+import com.github.skjolber.mockito.soap.SoapServiceRule;
 
 import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
 import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap;
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java
index 8c7558dd..e880178f 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java
@@ -28,7 +28,7 @@ import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
 import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
 
-import com.skjolberg.mockito.soap.SoapServiceRule;
+import com.github.skjolber.mockito.soap.SoapServiceRule;
 
 import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
 import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap;
diff --git a/infos/handbook-work_in_progress.docx b/infos/handbook-work_in_progress.docx
index 192db5d4..3f2c6afd 100644
Binary files a/infos/handbook-work_in_progress.docx and b/infos/handbook-work_in_progress.docx differ
diff --git a/infos/readme_1.2.0.md b/infos/readme_1.2.0.md
index 98e18ccb..5b25d3f9 100644
--- a/infos/readme_1.2.0.md
+++ b/infos/readme_1.2.0.md
@@ -1,4 +1,4 @@
-# MS-Connector v1.2.0 Release vom xx.xx.2021
+# MS-Connector v1.2.0 Release vom 12.05.2021
 
 Der MS-Connector implementiert eine Bridge zwischen dem österreichischen E-ID System und dem eIDAS Framework um ausländischen Benutzern eine Anmeldung am österreichischen Service-Providern zu ermöglichen.
 
@@ -27,7 +27,7 @@ Nachfolgend finden Sie die erforderlichen Schritte für das Update eines bestehe
 1. Stoppen Sie die *MS-Connector* Applikation und fertigen Sie eine Sicherungskopie Ihrer Applikation inklusive Konfiguration an
 2. Entpacken Sie das Releasepacket *ms_specific_connector-1.2.0-dist.zip* in ein temporäres Verzeichnis welches in weiterer Folge __MsConnectorPackage__ bezeichnet wird.
 3. Kopieren sie die Applikation __MsConnectorPackage__/ms_connector.war nach in das Applikationsverzeichnis ihres Applikationsservers
-4. Mit der Version 1.2.0 wurde die Konfiguration eine eine Minimalkonfiguration [`default_config.properties`](./../config/default_config.properties)  und eine in den MS-Connectorintegrierte Defaultkonfiguration aufgteilt. Die nachfolgende Aufzählung umfasst die neuen oder geänderten Konfigurationsparameter, beschreibt jedoch keine Aufteilung einer bestehenden Konfiguration in Minimal- und Defaultteil. Eine vollständige Beschreibung aller Konfigurationswerte finden Sie **hier**.
+4. Mit der Version 1.2.0 wurde die Konfiguration eine eine Minimalkonfiguration [`default_config.properties`](./../config/default_config.properties)  und eine in den MS-Connectorintegrierte Defaultkonfiguration aufgteilt. Die nachfolgende Aufzählung umfasst die neuen oder geänderten Konfigurationsparameter, beschreibt jedoch keine Aufteilung einer bestehenden Konfiguration in Minimal- und Defaultteil. Eine vollständige Beschreibung aller Konfigurationswerte finden Sie im Handbuch zum AT MS-Connector.
 5. Update bestehender Dateien . Die nachfolgenden Dateien wurden geändert und erfordern eine Anpassung oder eine Übernahme dem Releasepacket, sofern die Anpassung nicht bereits durchgeführt wurde
 
    * __MsConnectorPackage__/config/templates/error_message.html
@@ -53,7 +53,6 @@ Nachfolgend finden Sie die erforderlichen Schritte für das Update eines bestehe
    - *eIDAS Node Kommunikation*
      * ```eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm```
      * ```eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll```
-     * ```eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm```
-     * ```eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm```
    - *ID Austria Umsetzung*
+     - ```eidas.ms.auth.eIDAS.eid.testidentity.default```
      - ```eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject```
diff --git a/pom.xml b/pom.xml
index 808d71b9..2b557e9a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -22,32 +22,32 @@
     <!-- ===================================================================== -->
     <egiz-spring-api>0.3</egiz-spring-api>
     <egiz-eventlog-slf4jBackend>0.4</egiz-eventlog-slf4jBackend>
-    <eaaf-core.version>1.1.13-SNAPSHOT</eaaf-core.version>
+    <eaaf-core.version>1.1.13</eaaf-core.version>
 
-    <spring-boot-starter-web.version>2.4.1</spring-boot-starter-web.version>
-    <spring-boot-admin-starter-client.version>2.3.1</spring-boot-admin-starter-client.version>
-    <org.springframework.version>5.3.2</org.springframework.version>
-    <org.thymeleaf-spring5.version>3.0.11.RELEASE</org.thymeleaf-spring5.version>
-    <cxf.version>3.4.1</cxf.version>
+    <spring-boot-starter-web.version>2.4.5</spring-boot-starter-web.version>
+    <spring-boot-admin-starter-client.version>2.4.1</spring-boot-admin-starter-client.version>
+    <org.springframework.version>5.3.6</org.springframework.version>
+    <org.thymeleaf-spring5.version>3.0.12.RELEASE</org.thymeleaf-spring5.version>
+    <cxf.version>3.3.5</cxf.version>
 
     <eidas-ref.version>2.5.0</eidas-ref.version>
 
-    <org.apache.commons-lang3.version>3.11</org.apache.commons-lang3.version>
+    <org.apache.commons-lang3.version>3.12.0</org.apache.commons-lang3.version>
     <org.apache.commons-text.version>1.9</org.apache.commons-text.version>
     <commons-collections4.version>4.4</commons-collections4.version>
-    <com.google.guava.version>30.0-jre</com.google.guava.version>
-    <joda-time.version>2.10.8</joda-time.version>
+    <com.google.guava.version>30.1.1-jre</com.google.guava.version>
+    <joda-time.version>2.10.10</joda-time.version>
     <org.slf4j.version>1.7.30</org.slf4j.version>
-    <jackson-datatype-jsr310.version>2.12.0</jackson-datatype-jsr310.version>
+    <jackson-datatype-jsr310.version>2.12.3</jackson-datatype-jsr310.version>
     <!-- org.xerial.sqlite-jdbc.version>3.34.0</org.xerial.sqlite-jdbc.version -->
 
     <javax.validation-api.version>2.0.1.Final</javax.validation-api.version>
     <hibernate-validator.version>6.1.5.Final</hibernate-validator.version>
 
     <!-- testing -->
-    <junit.version>4.13.1</junit.version>
+    <junit.version>4.13.2</junit.version>
     <surefire.version>2.22.2</surefire.version>
-    <mockito-soap-cxf.version>1.0.5</mockito-soap-cxf.version>
+    <mockito-soap-cxf.version>1.2.0</mockito-soap-cxf.version>
     <com.squareup.okhttp3.version>4.0.0</com.squareup.okhttp3.version>
 
     <!-- Code quality checks -->
@@ -64,7 +64,7 @@
 
 
     <!-- Build and assembly -->
-    <org.projectlombok.lombok.version>1.18.12</org.projectlombok.lombok.version>
+    <org.projectlombok.lombok.version>1.18.20</org.projectlombok.lombok.version>
     <maven-compiler-plugin.version>3.8.1</maven-compiler-plugin.version>
     <versions-maven-plugin.version>2.8.1</versions-maven-plugin.version>
     <license-maven-plugin>1.20</license-maven-plugin>
@@ -267,6 +267,11 @@
         <artifactId>joda-time</artifactId>
         <version>${joda-time.version}</version>
       </dependency>
+      <dependency>
+        <groupId>org.apache.cxf</groupId>
+        <artifactId>cxf-core</artifactId>
+        <version>${cxf.version}</version>
+      </dependency>      
       <dependency>
         <groupId>org.apache.cxf</groupId>
         <artifactId>cxf-rt-frontend-jaxws</artifactId>
@@ -280,7 +285,7 @@
       <dependency>
         <groupId>javax.servlet</groupId>
         <artifactId>javax.servlet-api</artifactId>
-        <version>3.0.1</version>
+        <version>3.1.0</version>
         <scope>provided</scope>
       </dependency>
       <dependency>
-- 
cgit v1.2.3