From c5c6344931f67ccaba335ffa476b5e8117948020 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Wed, 10 Mar 2021 12:25:10 +0100
Subject: switch to EAAF-components 1.1.13-SNAPSHOT to add
EID-IDENTITY-STATUS-LEVEL attribute into SAML2 response
---
.../connector/test/FullStartUpAndProcessTest.java | 7 +++++--
.../controller/ProcessEngineSignalControllerTest.java | 2 +-
.../test/utils/AuthenticationDataBuilderTest.java | 16 +++++++++++++++-
.../resources/data/metadata_valid_without_encryption.xml | 1 +
.../test/resources/spring/SpringTest_connector.beans.xml | 6 ++++++
5 files changed, 28 insertions(+), 4 deletions(-)
(limited to 'connector/src/test')
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java
index fcb0e73a..f50829c7 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java
@@ -62,6 +62,7 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasSignalServlet;
import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
import at.gv.egiz.components.spring.api.SpringBootApplicationContextInitializer;
import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
import at.gv.egiz.eaaf.core.exceptions.EaafException;
import at.gv.egiz.eaaf.core.impl.idp.controller.ProtocolFinalizationController;
import at.gv.egiz.eaaf.core.impl.utils.DomUtils;
@@ -99,7 +100,7 @@ import szrservices.SignContentResponseType;
@ActiveProfiles(profiles = {"JUNIT", "jUnitTestMode"})
public class FullStartUpAndProcessTest {
- private static final String FINAL_REDIRECT = "http://localhost/finalizeAuthProtocol?pendingid=";
+ private static final String FINAL_REDIRECT = "http://localhost/public/secure/finalizeAuthProtocol?pendingid=";
@Autowired private WebApplicationContext wac;
@Autowired private PvpEndPointCredentialProvider credentialProvider;
@@ -379,7 +380,7 @@ public class FullStartUpAndProcessTest {
Assert.assertEquals("SAML2 status", Constants.SUCCESS_URI, saml2.getStatus().getStatusCode().getValue());
final AssertionAttributeExtractor extractor = new AssertionAttributeExtractor(saml2);
- Assert.assertEquals("wrong resp attr. size", 6, extractor.getAllIncludeAttributeNames().size());
+ Assert.assertEquals("wrong resp attr. size", 7, extractor.getAllIncludeAttributeNames().size());
Assert.assertEquals("Wrong attr: LoA ", "http://eidas.europa.eu/LoA/high",
extractor.getSingleAttributeValue("urn:oid:1.2.40.0.10.2.1.1.261.108"));
Assert.assertEquals("Wrong attr: PVP_VERSION ", "2.2",
@@ -392,6 +393,8 @@ public class FullStartUpAndProcessTest {
extractor.getSingleAttributeValue("urn:eidgvat:attributes.authblock.signed"));
Assert.assertNotNull("Wrong attr: piiTras.Id ",
extractor.getSingleAttributeValue("urn:eidgvat:attributes.piiTransactionId"));
+ Assert.assertEquals("Wrong attr:EID_STATUS_LEVEL ", "http://eid.gv.at/eID/status/identity",
+ extractor.getSingleAttributeValue(PvpAttributeDefinitions.EID_IDENTITY_STATUS_LEVEL_NAME));
}
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/controller/ProcessEngineSignalControllerTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/controller/ProcessEngineSignalControllerTest.java
index d2c4aff2..5b612036 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/controller/ProcessEngineSignalControllerTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/controller/ProcessEngineSignalControllerTest.java
@@ -69,7 +69,7 @@ public class ProcessEngineSignalControllerTest {
Assert.assertEquals("http StatusCode", 302, httpResp.getStatus());
Assert.assertNotNull("redirect header", httpResp.getHeaderValue("Location"));
Assert.assertTrue("wrong redirect header",
- httpResp.getHeader("Location").startsWith("http://localhost/errorHandling?errorid="));
+ httpResp.getHeader("Location").startsWith("http://localhost/public/secure/errorHandling?errorid="));
}
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java
index 5f1c5dcf..0df8638c 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java
@@ -11,6 +11,7 @@ import java.util.Map;
import javax.xml.transform.TransformerException;
import org.apache.commons.lang3.RandomStringUtils;
+import org.apache.commons.lang3.RandomUtils;
import org.junit.Assert;
import org.junit.Before;
import org.junit.BeforeClass;
@@ -35,6 +36,7 @@ import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
import at.gv.egiz.eaaf.core.api.data.EaafConstants;
import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions;
import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
+import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions.EidIdentityStatusLevelValues;
import at.gv.egiz.eaaf.core.api.idp.IAuthData;
import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
@@ -42,8 +44,10 @@ import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException;
import at.gv.egiz.eaaf.core.exceptions.EaafBuilderException;
import at.gv.egiz.eaaf.core.exceptions.EaafParserException;
import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.impl.idp.EidAuthenticationData;
import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BpkBuilder;
import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.EidAuthProcessDataWrapper;
import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser;
import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
@@ -118,8 +122,10 @@ public class AuthenticationDataBuilderTest {
@Test
public void eidMode() throws EaafAuthenticationException {
// initialize state
+ boolean isTestIdentity = RandomUtils.nextBoolean();
pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(true);
-
+ pendingReq.getSessionData(EidAuthProcessDataWrapper.class).setTestIdentity(isTestIdentity);
+
// execute
IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq);
@@ -128,6 +134,9 @@ public class AuthenticationDataBuilderTest {
Assert.assertNotNull("authBlock null", authData.getGenericData(Constants.SZR_AUTHBLOCK, String.class));
Assert.assertNotNull("eidasBind null", authData.getGenericData(Constants.EIDAS_BIND, String.class));
Assert.assertNotNull("LoA null", authData.getEidasQaaLevel());
+ Assert.assertEquals("testIdentity flag",
+ isTestIdentity ? EidIdentityStatusLevelValues.TESTIDENTITY : EidIdentityStatusLevelValues.IDENTITY,
+ ((EidAuthenticationData)authData).getEidStatus());
String authBlock = authData.getGenericData(Constants.SZR_AUTHBLOCK, String.class);
String eidasBind = authData.getGenericData(Constants.EIDAS_BIND, String.class);
@@ -159,6 +168,8 @@ public class AuthenticationDataBuilderTest {
@Test
public void moaIdMode() throws EaafAuthenticationException, EaafBuilderException {
//initialize state
+ boolean isTestIdentity = RandomUtils.nextBoolean();
+ pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(true);
pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(false);
IIdentityLink idl = buildDummyIdl();
pendingReq.getSessionData(AuthProcessDataWrapper.class).setIdentityLink(idl);
@@ -173,6 +184,9 @@ public class AuthenticationDataBuilderTest {
Assert.assertNull("piiTransactionId",
authData.getGenericData(ExtendedPvpAttributeDefinitions.EID_PII_TRANSACTION_ID_NAME, String.class));
+ Assert.assertEquals("testIdentity flag",
+ isTestIdentity ? EidIdentityStatusLevelValues.TESTIDENTITY : EidIdentityStatusLevelValues.IDENTITY,
+ ((EidAuthenticationData)authData).getEidStatus());
Assert.assertNotNull("assertion validTo", authData.getSsoSessionValidTo());
Assert.assertNotNull("LoA null", authData.getEidasQaaLevel());
diff --git a/connector/src/test/resources/data/metadata_valid_without_encryption.xml b/connector/src/test/resources/data/metadata_valid_without_encryption.xml
index b224c336..32b24e91 100644
--- a/connector/src/test/resources/data/metadata_valid_without_encryption.xml
+++ b/connector/src/test/resources/data/metadata_valid_without_encryption.xml
@@ -71,6 +71,7 @@ ANsmjI2azWiTSFjb7Ou5fnCfbeiJUP0s66m8qS4rYl9L
+
diff --git a/connector/src/test/resources/spring/SpringTest_connector.beans.xml b/connector/src/test/resources/spring/SpringTest_connector.beans.xml
index ba385cb9..83acf445 100644
--- a/connector/src/test/resources/spring/SpringTest_connector.beans.xml
+++ b/connector/src/test/resources/spring/SpringTest_connector.beans.xml
@@ -41,6 +41,9 @@
+
+
+
+
+
+