From 26e422ff90f2a4fb9d2d25c0b2328b365fe5f0d7 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 11 Dec 2020 16:33:00 +0100 Subject: add 'findSecBugs' plug-in into 'spotBugs' module and solve bugs or exclude false-positive update gitlab-ci configuration to display jUnit test-coverage --- .../eidas/specific/connector/controller/MonitoringController.java | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'connector/src') diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/MonitoringController.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/MonitoringController.java index aa45c836..f2d9fc8c 100644 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/MonitoringController.java +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/MonitoringController.java @@ -34,6 +34,7 @@ import org.apache.commons.text.StringEscapeUtils; import org.apache.http.client.methods.CloseableHttpResponse; import org.apache.http.client.methods.HttpGet; import org.apache.http.client.methods.HttpUriRequest; +import org.apache.http.client.utils.URIBuilder; import org.apache.http.impl.client.CloseableHttpClient; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -250,9 +251,9 @@ public class MonitoringController { } // create HTTP client - // TODO: update if we switch to openSAML3 - CloseableHttpClient httpClient = httpClientFactory.getHttpClient(); - HttpUriRequest request = new HttpGet(urlString); + CloseableHttpClient httpClient = httpClientFactory.getHttpClient(); + URIBuilder uriBuilder = new URIBuilder(urlString); + HttpUriRequest request = new HttpGet(uriBuilder.build()); final CloseableHttpResponse respCode = httpClient.execute(request); if (respCode.getStatusLine().getStatusCode() != 200) { -- cgit v1.2.3 From 583c57b9eb692c7db34b618116294796e527eafe Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 11 Dec 2020 22:15:27 +0100 Subject: add more jUnit tests for stabilisation --- .../builder/AuthenticationDataBuilder.java | 77 +++--- .../test/AuthenticationDataBuilderTest.java | 297 ++++++++++++++++++-- .../attributes/AuthBlockAttributeBuilderTest.java | 14 + .../attributes/EidasBindAttributeBuilderTest.java | 32 ++- .../test/saml2/Pvp2SProfileEndPointTest.java | 298 +++++++++++++++++++++ .../resources/config/junit_config_1.properties | 2 +- .../src/test/resources/config/keys/Metadata.pem | 18 ++ connector/src/test/resources/data/metadata.xml | 106 ++++++++ connector/src/test/resources/data/pvp2_authn_1.xml | 2 +- connector/src/test/resources/data/test_idl_1.xml | 46 ++++ 10 files changed, 812 insertions(+), 80 deletions(-) create mode 100644 connector/src/test/java/at/asitplus/eidas/specific/connector/test/saml2/Pvp2SProfileEndPointTest.java create mode 100644 connector/src/test/resources/config/keys/Metadata.pem create mode 100644 connector/src/test/resources/data/metadata.xml create mode 100644 connector/src/test/resources/data/test_idl_1.xml (limited to 'connector/src') diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java index 13cceafb..c41660ce 100644 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java @@ -25,70 +25,63 @@ package at.asitplus.eidas.specific.connector.builder; import java.util.Date; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; import org.springframework.stereotype.Service; -import org.w3c.dom.DOMException; import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions; import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.api.idp.auth.data.IAuthProcessDataContainer; -import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException; import at.gv.egiz.eaaf.core.exceptions.EaafBuilderException; -import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; import at.gv.egiz.eaaf.core.exceptions.EaafException; -import at.gv.egiz.eaaf.core.exceptions.EaafParserException; -import at.gv.egiz.eaaf.core.exceptions.XPathException; import at.gv.egiz.eaaf.core.impl.data.Pair; import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData; import at.gv.egiz.eaaf.core.impl.idp.auth.builder.AbstractAuthenticationDataBuilder; import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; +import lombok.extern.slf4j.Slf4j; @Service("AuthenticationDataBuilder") +@Slf4j public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder { - private static final Logger log = LoggerFactory.getLogger(AuthenticationDataBuilder.class); - + @Override - public IAuthData buildAuthenticationData(IRequest pendingReq) throws EaafAuthenticationException { - - final IAuthProcessDataContainer authProcessData = pendingReq.getSessionData(AuthProcessDataWrapper.class); + protected IAuthData buildDeprecatedAuthData(IRequest pendingReq) throws EaafException { + final IAuthProcessDataContainer authProcessData = + pendingReq.getSessionData(AuthProcessDataWrapper.class); AuthenticationData authData = new AuthenticationData(); - - boolean isEidModeNew = pendingReq.getServiceProviderConfiguration() - .isConfigurationValue(MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE, false); - - if (isEidModeNew) { - authData = (AuthenticationData) super.buildAuthenticationData(pendingReq); - } else { - try { - generateDeprecatedBasicAuthData(authData, pendingReq, authProcessData); - - // set specific informations - authData.setSsoSessionValidTo( - new Date(new Date().getTime() + MsEidasNodeConstants.DEFAULT_PVP_ASSERTION_VALIDITY * 60 * 1000)); - - } catch (EaafBuilderException | EaafParserException - | EaafConfigurationException | XPathException | DOMException e) { - log.warn("Can not build authentication data from auth. process information"); - throw new EaafAuthenticationException("builder.11", new Object[]{e.getMessage()}, e); - - } - } + + //set basis infos + super.generateDeprecatedBasicAuthData(authData, pendingReq, authProcessData); + + // set specific informations + authData.setSsoSessionValidTo( + new Date(new Date().getTime() + MsEidasNodeConstants.DEFAULT_PVP_ASSERTION_VALIDITY * 60 * 1000)); + return authData; - } - - @Override - protected IAuthData buildDeprecatedAuthData(IRequest arg0) throws EaafException { - return new AuthenticationData(); } @Override - protected void buildServiceSpecificAuthenticationData(IAuthData arg0, IRequest arg1) throws EaafException { - // TODO Auto-generated method stub - + protected void buildServiceSpecificAuthenticationData(IAuthData authData, IRequest pendingReq) + throws EaafException { + if (authData instanceof AuthenticationData) { + ((AuthenticationData)authData).setGenericData( + ExtendedPvpAttributeDefinitions.EID_PII_TRANSACTION_ID_NAME, + pendingReq.getUniquePiiTransactionIdentifier()); + log.trace("Inject piiTransactionId: {} into AuthData", pendingReq.getUniquePiiTransactionIdentifier()); + + // set specific informations + ((AuthenticationData)authData).setSsoSessionValidTo( + new Date(new Date().getTime() + MsEidasNodeConstants.DEFAULT_PVP_ASSERTION_VALIDITY * 60 * 1000)); + + + } else { + throw new RuntimeException("Can not inject PiiTransactionId because AuthData is of unknown type: " + + authData.getClass().getName()); + + } + } @Override @@ -100,8 +93,6 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder @Override protected Pair buildOAspecificbPK(IRequest pendingReq, AuthenticationData authData) throws EaafBuilderException { - // TODO: check if bPK already exists - return super.buildOAspecificbPK(pendingReq, authData); } diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthenticationDataBuilderTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthenticationDataBuilderTest.java index 1721fe61..316dcb5f 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthenticationDataBuilderTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthenticationDataBuilderTest.java @@ -1,18 +1,15 @@ package at.asitplus.eidas.specific.connector.test; +import static at.asitplus.eidas.specific.connector.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE; + +import java.io.IOException; +import java.security.PublicKey; +import java.util.Date; +import java.util.HashMap; +import java.util.Map; + +import javax.xml.transform.TransformerException; -import at.asitplus.eidas.specific.connector.builder.AuthenticationDataBuilder; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; -import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; -import at.gv.egiz.eaaf.core.api.idp.IAuthData; -import at.gv.egiz.eaaf.core.api.idp.IConfiguration; -import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException; -import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; -import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; -import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration; -import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; -import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer; -import net.shibboleth.utilities.java.support.component.ComponentInitializationException; import org.apache.commons.lang3.RandomStringUtils; import org.junit.Assert; import org.junit.Before; @@ -29,14 +26,32 @@ import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import org.springframework.test.context.web.WebAppConfiguration; import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.ServletRequestAttributes; +import org.w3c.dom.Element; -import java.util.HashMap; -import java.util.Map; - -import static at.asitplus.eidas.specific.connector.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE; +import at.asitplus.eidas.specific.connector.builder.AuthenticationDataBuilder; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; +import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; +import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.idp.IAuthData; +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink; +import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException; +import at.gv.egiz.eaaf.core.exceptions.EaafBuilderException; +import at.gv.egiz.eaaf.core.exceptions.EaafParserException; +import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; +import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BpkBuilder; +import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; +import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser; +import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration; +import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; +import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer; +import net.shibboleth.utilities.java.support.component.ComponentInitializationException; @RunWith(SpringJUnit4ClassRunner.class) -@ContextConfiguration({"/applicationContext.xml", "/SpringTest_connector.beans.xml", "/eaaf_core.beans.xml", "/eaaf_pvp.beans.xml", "/eaaf_pvp_idp.beans.xml", "/spring/SpringTest-context_simple_storage.xml"}) +@ContextConfiguration({ "/applicationContext.xml", "/SpringTest_connector.beans.xml", "/eaaf_core.beans.xml", + "/eaaf_pvp.beans.xml", "/eaaf_pvp_idp.beans.xml", "/spring/SpringTest-context_simple_storage.xml" }) @WebAppConfiguration public class AuthenticationDataBuilderTest { @@ -55,11 +70,11 @@ public class AuthenticationDataBuilderTest { private String eidasBind; private String authBlock; - @BeforeClass public static void classInitializer() throws InitializationException, ComponentInitializationException { final String current = new java.io.File(".").toURI().toString(); - System.setProperty("eidas.ms.configuration", current + "src/test/resources/config/junit_config_3.properties"); + System.setProperty("eidas.ms.configuration", current + + "src/test/resources/config/junit_config_3.properties"); EaafOpenSaml3xInitializer.eaafInitialize(); } @@ -80,28 +95,258 @@ public class AuthenticationDataBuilderTest { pendingReq = new TestRequestImpl(); pendingReq.setAuthUrl("https://localhost/ms_connector"); pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10)); + pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10)); pendingReq.setSpConfig(oaParam); - pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(true); authBlock = RandomStringUtils.randomAlphanumeric(20); eidasBind = RandomStringUtils.randomAlphanumeric(20); - pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession(Constants.SZR_AUTHBLOCK, authBlock); - pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession(Constants.EIDAS_BIND, eidasBind); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(Constants.SZR_AUTHBLOCK, authBlock); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(Constants.EIDAS_BIND, eidasBind); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setQaaLevel(EaafConstants.EIDAS_LOA_PREFIX + RandomStringUtils.randomAlphabetic(5)); + pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( + PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, + RandomStringUtils.randomAlphabetic(2)); + LocaleContextHolder.resetLocaleContext(); + } @Test - public void first() throws EaafAuthenticationException { + public void eidMode() throws EaafAuthenticationException { + // initialize state + pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(true); + + // execute IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq); + // validate state Assert.assertNotNull("AuthData null", authData); Assert.assertNotNull("authBlock null", authData.getGenericData(Constants.SZR_AUTHBLOCK, String.class)); Assert.assertNotNull("eidasBind null", authData.getGenericData(Constants.EIDAS_BIND, String.class)); - Assert.assertNotNull("eidasBind null", authData.getEidasQaaLevel()); + Assert.assertNotNull("LoA null", authData.getEidasQaaLevel()); + String authBlock = authData.getGenericData(Constants.SZR_AUTHBLOCK, String.class); String eidasBind = authData.getGenericData(Constants.EIDAS_BIND, String.class); - Assert.assertEquals("authBlock not equal", authBlock, this.authBlock); - Assert.assertEquals("eidasBind not equal", eidasBind, this.eidasBind); + Assert.assertEquals("authBlock not equal", this.authBlock, authBlock); + Assert.assertEquals("eidasBind not equal", this.eidasBind, eidasBind); + Assert.assertEquals("piiTransactionId", + authData.getGenericData(ExtendedPvpAttributeDefinitions.EID_PII_TRANSACTION_ID_NAME, String.class), + this.pendingReq.getUniquePiiTransactionIdentifier()); + Assert.assertNotNull("assertion validTo", authData.getSsoSessionValidTo()); + Assert.assertEquals("LoA", pendingReq.getSessionData(AuthProcessDataWrapper.class).getQaaLevel(), + authData.getEidasQaaLevel()); + Assert.assertEquals("EID-ISSUING-NATION", + pendingReq.getSessionData(AuthProcessDataWrapper.class).getGenericDataFromSession( + PvpAttributeDefinitions.EID_ISSUING_NATION_NAME), + authData.getCiticenCountryCode()); + + Assert.assertNull("bPK", authData.getBpk()); + Assert.assertNull("bPKType", authData.getBpkType()); + Assert.assertNull("FamilyName", authData.getFamilyName()); + Assert.assertNull("GivenName", authData.getGivenName()); + Assert.assertNull("DateOfBirth", authData.getDateOfBirth()); + Assert.assertNull("baseId", authData.getIdentificationValue()); + Assert.assertNull("baseIdType", authData.getIdentificationType()); + Assert.assertNull("IDL", authData.getIdentityLink()); + + } + + @Test + public void moaIdMode() throws EaafAuthenticationException, EaafBuilderException { + //initialize state + pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(false); + IIdentityLink idl = buildDummyIdl(); + pendingReq.getSessionData(AuthProcessDataWrapper.class).setIdentityLink(idl); + + //execute + IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq); + + //validate state + Assert.assertNotNull("AuthData null", authData); + Assert.assertNull("authBlock null", authData.getGenericData(Constants.SZR_AUTHBLOCK, String.class)); + Assert.assertNull("eidasBind null", authData.getGenericData(Constants.EIDAS_BIND, String.class)); + Assert.assertNull("piiTransactionId", + authData.getGenericData(ExtendedPvpAttributeDefinitions.EID_PII_TRANSACTION_ID_NAME, String.class)); + + + Assert.assertNotNull("assertion validTo", authData.getSsoSessionValidTo()); + Assert.assertNotNull("LoA null", authData.getEidasQaaLevel()); + Assert.assertEquals("LoA", pendingReq.getSessionData(AuthProcessDataWrapper.class).getQaaLevel(), + authData.getEidasQaaLevel()); + Assert.assertEquals("EID-ISSUING-NATION", + pendingReq.getSessionData(AuthProcessDataWrapper.class).getGenericDataFromSession( + PvpAttributeDefinitions.EID_ISSUING_NATION_NAME), + authData.getCiticenCountryCode()); + + Assert.assertEquals("FamilyName", idl.getFamilyName(), authData.getFamilyName()); + Assert.assertEquals("GivenName", idl.getGivenName(), authData.getGivenName()); + Assert.assertEquals("DateOfBirth", idl.getDateOfBirth(), authData.getFormatedDateOfBirth()); + Assert.assertEquals("bPK", + BpkBuilder.generateAreaSpecificPersonIdentifier( + idl.getIdentificationValue(), EaafConstants.URN_PREFIX_CDID + "XX").getFirst(), + authData.getBpk()); + Assert.assertEquals("bPKType", EaafConstants.URN_PREFIX_CDID + "XX", authData.getBpkType()); + Assert.assertNotNull("IDL", authData.getIdentityLink()); + + + } + + private IIdentityLink buildDummyIdl() { + return new IIdentityLink() { + + String familyName = RandomStringUtils.randomAlphabetic(10); + String givenName = RandomStringUtils.randomAlphabetic(10); + String dateOfBirth = "1955-02-03"; + String baseId = RandomStringUtils.randomAlphanumeric(20); + String saml2Serialized = RandomStringUtils.randomAlphanumeric(150); + + + + @Override + public void setSamlAssertion(Element arg0) throws TransformerException, IOException { + + } + + @Override + public void setPublicKey(PublicKey[] arg0) { + // TODO Auto-generated method stub + + } + + @Override + public void setPrPerson(Element arg0) { + // TODO Auto-generated method stub + + } + + @Override + public void setIssueInstant(String arg0) { + // TODO Auto-generated method stub + + } + + @Override + public void setIdentificationValue(String arg0) { + // TODO Auto-generated method stub + + } + + @Override + public void setIdentificationType(String arg0) { + // TODO Auto-generated method stub + + } + + @Override + public void setGivenName(String arg0) { + // TODO Auto-generated method stub + + } + + @Override + public void setFamilyName(String arg0) { + // TODO Auto-generated method stub + + } + + @Override + public void setDsigReferenceTransforms(Element[] arg0) { + // TODO Auto-generated method stub + + } + + @Override + public void setDateOfBirth(String arg0) { + // TODO Auto-generated method stub + + } + + @Override + public String getSerializedSamlAssertion() { + return this.saml2Serialized; + } + + @Override + public Element getSamlAssertion() { + IIdentityLink fullIdl; + try { + fullIdl = new SimpleIdentityLinkAssertionParser( + AuthenticationDataBuilderTest.class.getResourceAsStream("/data/test_idl_1.xml")).parseIdentityLink(); + return fullIdl.getSamlAssertion(); + + } catch (EaafParserException e) { + e.printStackTrace(); + } + + return null; + + } + + @Override + public PublicKey[] getPublicKey() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Element getPrPerson() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getName() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Date getIssueInstantDate() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getIssueInstant() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getIdentificationValue() { + return this.baseId; + } + + @Override + public String getIdentificationType() { + return EaafConstants.URN_PREFIX_BASEID; + } + + @Override + public String getGivenName() { + return this.givenName; + } + + @Override + public String getFamilyName() { + return this.familyName; + } + + @Override + public Element[] getDsigReferenceTransforms() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getDateOfBirth() { + return this.dateOfBirth; + + } + }; } } diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/attributes/AuthBlockAttributeBuilderTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/attributes/AuthBlockAttributeBuilderTest.java index b7c6cd44..f6d22c98 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/attributes/AuthBlockAttributeBuilderTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/attributes/AuthBlockAttributeBuilderTest.java @@ -13,6 +13,7 @@ import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import at.asitplus.eidas.specific.connector.attributes.AuthBlockAttributeBuilder; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; +import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions; import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder; import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException; @@ -41,6 +42,19 @@ public class AuthBlockAttributeBuilderTest extends AbstractAttributeBuilderTest log.info("setting up"); } + @Test + public void checkName() { + Assert.assertEquals("Wrong attr. name", + ExtendedPvpAttributeDefinitions.EID_AUTHBLOCK_SIGNED_NAME, attrBuilde.getName()); + + } + + @Test + public void checkEmptyAttribute() { + Assert.assertNull("empty attr.", attrBuilde.buildEmpty(gen)); + + } + @Test public void okTest() { log.info("starting: " + mTestName); diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/attributes/EidasBindAttributeBuilderTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/attributes/EidasBindAttributeBuilderTest.java index 254efb59..9a2c6cdc 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/attributes/EidasBindAttributeBuilderTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/attributes/EidasBindAttributeBuilderTest.java @@ -1,13 +1,7 @@ package at.asitplus.eidas.specific.connector.test.attributes; -import at.asitplus.eidas.specific.connector.attributes.EidasBindAttributeBuilder; -import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions; -import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder; -import at.gv.egiz.eaaf.core.api.idp.IAuthData; -import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException; -import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData; -import at.gv.egiz.eaaf.core.impl.idp.auth.attributes.AbstractAttributeBuilderTest; -import lombok.extern.slf4j.Slf4j; +import static at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants.EIDAS_BIND; + import org.junit.Assert; import org.junit.Before; import org.junit.Rule; @@ -17,7 +11,14 @@ import org.junit.runner.RunWith; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -import static at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants.EIDAS_BIND; +import at.asitplus.eidas.specific.connector.attributes.EidasBindAttributeBuilder; +import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder; +import at.gv.egiz.eaaf.core.api.idp.IAuthData; +import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException; +import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData; +import at.gv.egiz.eaaf.core.impl.idp.auth.attributes.AbstractAttributeBuilderTest; +import lombok.extern.slf4j.Slf4j; @Slf4j @@ -35,6 +36,19 @@ public class EidasBindAttributeBuilderTest extends AbstractAttributeBuilderTest log.info("setting up"); } + @Test + public void checkName() { + Assert.assertEquals("Wrong attr. name", + ExtendedPvpAttributeDefinitions.EID_EIDBIND_NAME, attrBuilde.getName()); + + } + + @Test + public void checkEmptyAttribute() { + Assert.assertNull("empty attr.", attrBuilde.buildEmpty(gen)); + + } + @Test public void okTest() { log.info("starting: " + mTestName); diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/saml2/Pvp2SProfileEndPointTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/saml2/Pvp2SProfileEndPointTest.java new file mode 100644 index 00000000..da5693f3 --- /dev/null +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/saml2/Pvp2SProfileEndPointTest.java @@ -0,0 +1,298 @@ +package at.asitplus.eidas.specific.connector.test.saml2; + +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.io.UnsupportedEncodingException; +import java.security.cert.CertificateException; +import java.security.cert.CertificateFactory; +import java.security.cert.X509Certificate; +import java.util.List; +import java.util.Timer; + +import javax.xml.transform.TransformerException; + +import org.joda.time.DateTime; +import org.junit.Assert; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.opensaml.core.config.InitializationException; +import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport; +import org.opensaml.core.xml.io.MarshallingException; +import org.opensaml.core.xml.io.UnmarshallingException; +import org.opensaml.core.xml.util.XMLObjectSupport; +import org.opensaml.saml.metadata.resolver.impl.ResourceBackedMetadataResolver; +import org.opensaml.saml.saml2.core.RequestAbstractType; +import org.opensaml.saml.saml2.metadata.EntityDescriptor; +import org.opensaml.saml.saml2.metadata.IDPSSODescriptor; +import org.opensaml.saml.saml2.metadata.RoleDescriptor; +import org.opensaml.saml.saml2.metadata.SPSSODescriptor; +import org.opensaml.saml.security.impl.SAMLSignatureProfileValidator; +import org.opensaml.security.credential.Credential; +import org.opensaml.security.x509.BasicX509Credential; +import org.opensaml.xmlsec.signature.support.SignatureException; +import org.opensaml.xmlsec.signature.support.SignatureValidator; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.core.io.ResourceLoader; +import org.springframework.mock.web.MockHttpServletRequest; +import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.test.annotation.DirtiesContext; +import org.springframework.test.annotation.DirtiesContext.ClassMode; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.test.context.web.WebAppConfiguration; +import org.springframework.util.Base64Utils; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; + +import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; +import at.asitplus.eidas.specific.connector.controller.Pvp2SProfileEndpoint; +import at.asitplus.eidas.specific.connector.provider.PvpEndPointCredentialProvider; +import at.asitplus.eidas.specific.connector.provider.PvpMetadataProvider; +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.IRequestStorage; +import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.core.impl.utils.DomUtils; +import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.OpenSaml3ResourceAdapter; +import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer; +import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; +import net.shibboleth.utilities.java.support.component.ComponentInitializationException; +import net.shibboleth.utilities.java.support.xml.XMLParserException; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/applicationContext.xml", + "/specific_eIDAS_connector.beans.xml", + "/eaaf_core.beans.xml", + "/eaaf_pvp.beans.xml", + "/eaaf_pvp_idp.beans.xml", + "/spring/SpringTest-context_simple_storage.xml" }) +@WebAppConfiguration +@DirtiesContext(classMode = ClassMode.BEFORE_CLASS) +public class Pvp2SProfileEndPointTest { + + + @Autowired private Pvp2SProfileEndpoint controller; + @Autowired private PvpEndPointCredentialProvider credentialProvider; + @Autowired private PvpMetadataProvider metadataProvider; + @Autowired private ResourceLoader resourceLoader; + @Autowired private IRequestStorage storage; + + private static CertificateFactory fact; + + + private MockHttpServletRequest httpReq; + private MockHttpServletResponse httpResp; + + + /** + * jUnit class initializer. + * @throws ComponentInitializationException In case of an error + * @throws InitializationException In case of an error + * @throws CertificateException + * + */ + @BeforeClass + public static void classInitializer() throws InitializationException, + ComponentInitializationException, CertificateException { + final String current = new java.io.File(".").toURI().toString(); + System.setProperty("eidas.ms.configuration", current + "src/test/resources/config/junit_config_1.properties"); + + EaafOpenSaml3xInitializer.eaafInitialize(); + + fact = CertificateFactory.getInstance("X.509"); + + } + + /** + * jUnit test set-up. + * @throws EaafException + * + */ + @Before + public void initialize() throws EaafException { + httpReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector"); + httpResp = new MockHttpServletResponse(); + RequestContextHolder.resetRequestAttributes(); + RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); + + } + + @Test + public void authnReqWrongEndpoint() throws EaafException, XMLParserException, UnmarshallingException, + UnsupportedEncodingException, TransformerException, IOException, MarshallingException, + ComponentInitializationException { + //initialize test + final RequestAbstractType authnReq = (RequestAbstractType) XMLObjectSupport.unmarshallFromInputStream( + XMLObjectProviderRegistrySupport.getParserPool(), + Pvp2SProfileEndPointTest.class.getResourceAsStream("/data/pvp2_authn_3.xml")); + authnReq.setIssueInstant(DateTime.now()); + RequestAbstractType signedAuthnReq = + Saml2Utils.signSamlObject(authnReq, credentialProvider.getMetaDataSigningCredential(), true); + String b64 = Base64Utils.encodeToString(DomUtils.serializeNode( + XMLObjectSupport.getMarshaller(signedAuthnReq).marshall(signedAuthnReq)).getBytes("UTF-8")); + httpReq.setParameter("SAMLRequest", b64); + + final org.springframework.core.io.Resource resource = resourceLoader.getResource( + "classpath:/data/metadata.xml"); + Timer timer = new Timer("PVP metadata-resolver refresh"); + ResourceBackedMetadataResolver fileSystemResolver = + new ResourceBackedMetadataResolver(timer, new OpenSaml3ResourceAdapter(resource)); + fileSystemResolver.setId("test"); + fileSystemResolver.setParserPool(XMLObjectProviderRegistrySupport.getParserPool()); + fileSystemResolver.initialize(); + metadataProvider.addMetadataResolverIntoChain(fileSystemResolver); + + + //request SAML2 authentication + try { + controller.pvpIdpPostRequest(httpReq, httpResp); + Assert.fail("wrong AuthnRequest not detected"); + + }catch (EaafException e) { + Assert.assertEquals("wrong errorId", "pvp2.22", e.getErrorId()); + + } + } + + @Test + public void authnReqWrongSigned() throws EaafException, XMLParserException, UnmarshallingException, + UnsupportedEncodingException, TransformerException, IOException, MarshallingException, + ComponentInitializationException { + //initialize test + final RequestAbstractType authnReq = (RequestAbstractType) XMLObjectSupport.unmarshallFromInputStream( + XMLObjectProviderRegistrySupport.getParserPool(), + Pvp2SProfileEndPointTest.class.getResourceAsStream("/data/pvp2_authn_1.xml")); + authnReq.setIssueInstant(DateTime.now()); + RequestAbstractType signedAuthnReq = + Saml2Utils.signSamlObject(authnReq, credentialProvider.getMetaDataSigningCredential(), true); + String b64 = Base64Utils.encodeToString(DomUtils.serializeNode( + XMLObjectSupport.getMarshaller(signedAuthnReq).marshall(signedAuthnReq)).getBytes("UTF-8")); + httpReq.setParameter("SAMLRequest", b64); + + final org.springframework.core.io.Resource resource = resourceLoader.getResource( + "classpath:/data/metadata.xml"); + Timer timer = new Timer("PVP metadata-resolver refresh"); + ResourceBackedMetadataResolver fileSystemResolver = + new ResourceBackedMetadataResolver(timer, new OpenSaml3ResourceAdapter(resource)); + fileSystemResolver.setId("test"); + fileSystemResolver.setParserPool(XMLObjectProviderRegistrySupport.getParserPool()); + fileSystemResolver.initialize(); + metadataProvider.addMetadataResolverIntoChain(fileSystemResolver); + + + //request SAML2 authentication + try { + controller.pvpIdpPostRequest(httpReq, httpResp); + Assert.fail("wrong AuthnRequest not detected"); + + }catch (EaafException e) { + Assert.assertEquals("wrong errorId", "pvp2.21", e.getErrorId()); + + } + } + + @Test + public void authnReqValid() throws EaafException, XMLParserException, UnmarshallingException, + UnsupportedEncodingException, TransformerException, IOException, MarshallingException, + ComponentInitializationException { + //initialize test + final RequestAbstractType authnReq = (RequestAbstractType) XMLObjectSupport.unmarshallFromInputStream( + XMLObjectProviderRegistrySupport.getParserPool(), + Pvp2SProfileEndPointTest.class.getResourceAsStream("/data/pvp2_authn_1.xml")); + authnReq.setIssueInstant(DateTime.now()); + RequestAbstractType signedAuthnReq = + Saml2Utils.signSamlObject(authnReq, credentialProvider.getMessageSigningCredential(), true); + String b64 = Base64Utils.encodeToString(DomUtils.serializeNode( + XMLObjectSupport.getMarshaller(signedAuthnReq).marshall(signedAuthnReq)).getBytes("UTF-8")); + httpReq.setParameter("SAMLRequest", b64); + + final org.springframework.core.io.Resource resource = resourceLoader.getResource( + "classpath:/data/metadata.xml"); + Timer timer = new Timer("PVP metadata-resolver refresh"); + ResourceBackedMetadataResolver fileSystemResolver = + new ResourceBackedMetadataResolver(timer, new OpenSaml3ResourceAdapter(resource)); + fileSystemResolver.setId("test"); + fileSystemResolver.setParserPool(XMLObjectProviderRegistrySupport.getParserPool()); + fileSystemResolver.initialize(); + metadataProvider.addMetadataResolverIntoChain(fileSystemResolver); + + + //request SAML2 authentication + controller.pvpIdpPostRequest(httpReq, httpResp); + + + //validate state + Assert.assertEquals("http statuscode", 200, httpResp.getStatus()); + Assert.assertEquals("Wrong http ContentType", "text/html;charset=UTF-8", httpResp.getContentType()); + + String html = httpResp.getContentAsString(); + Assert.assertNotNull("html result is null", html); + Assert.assertFalse("html result is empty", html.isEmpty()); + Assert.assertTrue("Wrong page", html.contains("action=\"/myHomeCountry\"")); + + String pattern = " idp = entity.getRoleDescriptors(IDPSSODescriptor.DEFAULT_ELEMENT_NAME); + Assert.assertEquals("IDP descr. size", 1, idp.size()); + Assert.assertEquals("IDP descr. endpoints", 2, idp.get(0).getEndpoints().size()); + Assert.assertEquals("IDP descr. keyDescr", 1, idp.get(0).getKeyDescriptors().size()); + + } + +} diff --git a/connector/src/test/resources/config/junit_config_1.properties b/connector/src/test/resources/config/junit_config_1.properties index 3350f947..ab6782a7 100644 --- a/connector/src/test/resources/config/junit_config_1.properties +++ b/connector/src/test/resources/config/junit_config_1.properties @@ -97,7 +97,7 @@ eidas.ms.pvp2.metadata.contact.surname=Mustermann eidas.ms.pvp2.metadata.contact.email=max@junit.test ## Service Provider configuration -eidas.ms.sp.0.uniqueID= +eidas.ms.sp.0.uniqueID=https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata eidas.ms.sp.0.pvp2.metadata.truststore=keys/junit.jks eidas.ms.sp.0.pvp2.metadata.truststore.password=password diff --git a/connector/src/test/resources/config/keys/Metadata.pem b/connector/src/test/resources/config/keys/Metadata.pem new file mode 100644 index 00000000..b544c194 --- /dev/null +++ b/connector/src/test/resources/config/keys/Metadata.pem @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC+jCCAeKgAwIBAgIEXjF+fTANBgkqhkiG9w0BAQsFADA/MQswCQYDVQQGEwJB +VDENMAsGA1UEBwwERUdJWjEOMAwGA1UECgwFalVuaXQxETAPBgNVBAMMCE1ldGFk +YXRhMB4XDTIwMDEyOTEyNDU0OVoXDTI2MDEyODEyNDU0OVowPzELMAkGA1UEBhMC +QVQxDTALBgNVBAcMBEVHSVoxDjAMBgNVBAoMBWpVbml0MREwDwYDVQQDDAhNZXRh +ZGF0YTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK230G3dxNbNlSYA +O5Kx/Js0aBAgxMt7q9m+dA35fK/dOvF/GjrqjWsMCnax+no9gLnq6x0gXiJclz6H +rp/YDOfLrJjMpNL/r0FWT947vbnEj7eT8TdY5d6Yi8AZulZmjiCI5nbZh2zwrP4+ +WqRroLoPhXQj8mDyp26M4xHBBUhLMRc2HV4S+XH4uNZ/vTmb8vBg31XGHCY33gl7 +/KA54JNGxJdN8Dxv6yHYsm91ZfVrX39W0iYLUNhUCkolwuQmjDVfrExM8BTLIONb +f+erJoCm3A9ghZyDYRQ/e69/UEUqDa6XOzykr88INkQscEiAXCDS+EBPMpKo+t3l +PIA9r7kCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAh/2mg4S03bdZy1OVtEAudBT9 +YZb9OF34hxPtNbkB/V04wSIg1d4TBr5KDhV7CdiUOxPZzHpS8LUCgfGX306FB6NX +zh/b67uTOPaE72AB4VIT/Np0fsM7k5WhG9k9NoprIGiqCz2lXcfpZiT+LtSO1vWS +YI87wR9KOSWjcw/5i5qZIAJuwvLCQj5JtUsmrhHK75222J3TJf4dS/gfN4xfY2rW +9vcXtH6//8WdWp/zx9V7Z1ZsDb8TDKtBCEGuFDgVeU5ScKtVq8qRoUKD3Ve76cZi +purO3KrRrVAuZP2EfLkZdHEHqe8GPigNnZ5kTn8V2VJ3iRAQ73hpJRR98tFd0A== +-----END CERTIFICATE----- diff --git a/connector/src/test/resources/data/metadata.xml b/connector/src/test/resources/data/metadata.xml new file mode 100644 index 00000000..16364c05 --- /dev/null +++ b/connector/src/test/resources/data/metadata.xml @@ -0,0 +1,106 @@ + + + + + + + + + + + + + 00SaL0XjeknOb/DttutP50lTyAux1jaRPJIVdSupWvU= + + + PfEBmLMX/ZgL6ViXghyWtal5MaMoW8k3zjw+54+WK1OAtVsVgOsIDRJE0M/a/VXBbMSifgY6J1gN23xhr61jkrjRQEkbDzLpWZLzWAJ65YqqUQo8wsKI2Gz0j12yY5D8/GOamKOH9KDi5ba1veXR/fnxRINoy7nZo4tcUWZChdl8BWkMN5ugr6dORNIQg/Ym3GabQ/hR5z+9FmveAKphdH63MC6qW3EgM9EMvOVkrLBTP92sNMAAJeaawui9tlxi9anVQ0OqwZsgKLvI7fyV4CM/0sd/ELjeReIlWlHk07Nz4eltMq3eOx3q1YurYvhE8XapHiQMehOtCS+Fzh10sw== + + + MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH +SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W +ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w +CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ +RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq +UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ +M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F +Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt +1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq +nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC +VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq +itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc +2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O +fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy +4jpXrp77JXFRSDWddb0yePc= + + + + + + + + MIIBbTCCARKgAwIBAgIEXjF+qTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJBVDEN +MAsGA1UEBwwERUdJWjEOMAwGA1UECgwFalVuaXQxEDAOBgNVBAMMB3NpZ25pbmcw +HhcNMjAwMTI5MTI0NjMzWhcNMjcwMTI4MTI0NjMzWjA+MQswCQYDVQQGEwJBVDEN +MAsGA1UEBwwERUdJWjEOMAwGA1UECgwFalVuaXQxEDAOBgNVBAMMB3NpZ25pbmcw +WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASRt7gZRrr4rSEE7Q922oKQJF+mlkwC +LZnv8ZzHtH54s4VdyQFIBjQF1PPf9PTn+5tid8QJehZPndcoeD7J8fPJMAoGCCqG +SM49BAMCA0kAMEYCIQDFUO0owvqMVRO2FmD+vb8mqJBpWCE6Cl5pEHaygTa5LwIh +ANsmjI2azWiTSFjb7Ou5fnCfbeiJUP0s66m8qS4rYl9L + + + + + + + MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH +SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W +ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w +CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ +RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq +UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ +M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F +Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt +1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq +nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC +VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq +itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc +2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O +fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy +4jpXrp77JXFRSDWddb0yePc= + + + + urn:oasis:names:tc:SAML:2.0:nameid-format:persistent + + + + Default Service + + + + + + + + + + + + + + + + + + EGIZ + E-Government Innovationszentrum + http://www.egiz.gv.at + + + E-Government Innovationszentrum + Lenz + Thomas + thomas.lenz@egiz.gv.at + +43 316 873 5525 + + diff --git a/connector/src/test/resources/data/pvp2_authn_1.xml b/connector/src/test/resources/data/pvp2_authn_1.xml index ff5f08a5..1275b200 100644 --- a/connector/src/test/resources/data/pvp2_authn_1.xml +++ b/connector/src/test/resources/data/pvp2_authn_1.xml @@ -1,5 +1,5 @@ - + https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata diff --git a/connector/src/test/resources/data/test_idl_1.xml b/connector/src/test/resources/data/test_idl_1.xml new file mode 100644 index 00000000..8151468b --- /dev/null +++ b/connector/src/test/resources/data/test_idl_1.xml @@ -0,0 +1,46 @@ + + + + + urn:oasis:names:tc:SAML:1.0:cm:sender-vouches + + AT/CZ/xWE0vFWarzpzSL4LYlpst9b6vg0=urn:publicid:gv.at:eidasid+AT+CZXXXMaria-Theresia KunigundaXXXHabsburg-Lothringen1980-02-29 + + + + 1BFOitiQUc1lAHDGksneXWZGKGaFBcu03HEiIFsjHjNt/IfRZ4IzqHotUKItxnCdNtsFc1MkMJg+ +g0AXHsuU6MNgcbcXPaPfmHp+8+BJh+amDF3FnAN4ceG8oFAGVEZteOgfdWk1r5RQ2SK+0PuXPuLp +Tee7IzXtksReZkVEadUCxn/hiRXZa0dABgkFe3kSXbDr5tKXOF0FCtLKhZBI9z+NbX+aTSKOmAOq +4jyymoo5EP3L+iPecrUwHijD0Bm89h1JjxP521fkYe3Si+0J40okrmCCQHBr+IzB1uX98pKhvs7X +6rPjOJ6lBwP7XjK7D128P/cg4eH6v58cCfbLcQ==AQAB + +E+BXH0C2F6EYHjdJrOUKr+DsKT8=Hvj40m9ridp2HOz81MTAqzf0q+sZC5YeKpJP43eK5G1HNH1/DNGU/r/6IVPibU9Y +YGYJoXpznxRFibEQ6dFCHAaNPyADmdGHyJSWryI5ypAap4Y8MJnaUGSWY49IZbht +PjfKWB2jUNzj1T2u6ebIifAThAK8ZqIE+e5uaR+qrrLicxIhXcSZoyScbKxMuT1Q +p6zNsNBOHujbVAfKFUE8WmGInyvuoDgerUrA0XstWWg2M9ghytcDJwZpTYwXvmmo +GV47ue0ITrtM+QqWVbt+dHO8369JFnGQ9h/6h/4j9iyNuxfG7u/EyHQiSuy0+FP8 +1lkLsg1YX+2pN0HElyXVqw==MIIEqzCCBBSgAwIBAgIHANux81oNezANBgkqhkiG9w0BAQUFADBAMSIwIAYDVQQD +ExlJQUlLIFRlc3QgSW50ZXJtZWRpYXRlIENBMQ0wCwYDVQQKEwRJQUlLMQswCQYD +VQQGEwJBVDAeFw0xMzA5MjcwNTMzMzdaFw0yMzA5MjcwNTMzMzdaMIHkMQswCQYD +VQQGEwJBVDENMAsGA1UEBxMER3JhejEmMCQGA1UEChMdR3JheiBVbml2ZXJzaXR5 +IG9mIFRlY2hub2xvZ3kxSDBGBgNVBAsTP0luc3RpdHV0ZSBmb3IgQXBwbGllZCBJ +bmZvcm1hdGlvbiBQcm9jZXNzaW5nIGFuZCBDb21tdW5pY2F0aW9uczEUMBIGA1UE +BBMLTU9BLVNTIFRlc3QxGDAWBgNVBCoTD0VHSVogVGVzdHBvcnRhbDEkMCIGA1UE +AxMbRUdJWiBUZXN0cG9ydGFsIE1PQS1TUyBUZXN0MIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEAuDjOyf+mY+oQL2FQzzuaiC8C23vVKbq/n2Zi7BqSibZH +mtqMJfmj4pT+hWSNHvVvWsaxFcx4KeNqdCMzwnw1r4P3Sf+2o5uFku5KHEMLMokR +yYQG9VqY/KkB94ye7Pv6zT8gvKqxGFg96UamECep4swPaSZrA8AOER5WAtyGDzKI +Tz+a5zfFaTXDoba7f98PCWR96yKiFjVOhzp38WVz4VJgz+b8ZSY7Xsv5Kn7DXjOL +STX4MevFLki3rFPup3+4vGToaMBW3PEj67HXBdqR855Le6+E6rVxORqsXqlVwhsI +6nuS0CO2LWYmBNR1IB0mXteeYH/HfxvuZc+7yDjdPQIDAQABo4IBhDCCAYAwDgYD +VR0PAQH/BAQDAgbAMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEmcH6VY4BG1EAGB +TLoNR9vH/g6yMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jYS5pYWlrLnR1Z3Jh +ei5hdC9jYXBzby9jcmxzL0lBSUtUZXN0X0ludGVybWVkaWF0ZUNBLmNybDCBqgYI +KwYBBQUHAQEEgZ0wgZowSgYIKwYBBQUHMAGGPmh0dHA6Ly9jYS5pYWlrLnR1Z3Jh +ei5hdC9jYXBzby9PQ1NQP2NhPUlBSUtUZXN0X0ludGVybWVkaWF0ZUNBMEwGCCsG +AQUFBzAChkBodHRwOi8vY2EuaWFpay50dWdyYXouYXQvY2Fwc28vY2VydHMvSUFJ +S1Rlc3RfSW50ZXJtZWRpYXRlQ0EuY2VyMCEGA1UdEQQaMBiBFnRob21hcy5sZW56 +QGVnaXouZ3YuYXQwHwYDVR0jBBgwFoAUaKJeEdreL4BrRES/jfplNoEkp28wDQYJ +KoZIhvcNAQEFBQADgYEAlFGjUxXLs7SAT8NtXSrv2WrjlklaRnHTFHLQwyVo8JWb +gvRkHHDUv2o8ofXUY2R2WJ38dxeDoccgbXrJb/Qhi8IY7YhCwv/TuIZDisyAqo8W +ORKSip/6HWlGCSR/Vgoet1GtCmF0FoUxFUIGSAuQ2yyt4fIzt5GJrU1X5ujjI1w= \ No newline at end of file -- cgit v1.2.3 From e50146d903bde90b9d90dd41f35b0652ff8345ae Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Mon, 14 Dec 2020 12:14:39 +0100 Subject: add some more jUnit tests --- .../connector/test/BasicConfigurationTest.java | 135 +++++++++++++++++++++ .../test/saml2/Pvp2SProfileEndPointTest.java | 43 ++++++- .../resources/config/junit_config_1.properties | 14 ++- connector/src/test/resources/data/metadata.xml | 106 ---------------- .../src/test/resources/data/metadata_expired.xml | 106 ++++++++++++++++ .../src/test/resources/data/metadata_valid.xml | 106 ++++++++++++++++ 6 files changed, 398 insertions(+), 112 deletions(-) create mode 100644 connector/src/test/java/at/asitplus/eidas/specific/connector/test/BasicConfigurationTest.java delete mode 100644 connector/src/test/resources/data/metadata.xml create mode 100644 connector/src/test/resources/data/metadata_expired.xml create mode 100644 connector/src/test/resources/data/metadata_valid.xml (limited to 'connector/src') diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/BasicConfigurationTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/BasicConfigurationTest.java new file mode 100644 index 00000000..6e52f113 --- /dev/null +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/BasicConfigurationTest.java @@ -0,0 +1,135 @@ +package at.asitplus.eidas.specific.connector.test; + +import java.net.MalformedURLException; +import java.net.URL; +import java.security.cert.CertificateException; + +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.opensaml.core.config.InitializationException; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.test.annotation.DirtiesContext; +import org.springframework.test.annotation.DirtiesContext.ClassMode; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.test.context.web.WebAppConfiguration; + +import at.asitplus.eidas.specific.connector.config.ServiceProviderConfiguration; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; +import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; +import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; +import at.gv.egiz.eaaf.core.exceptions.EaafException; +import net.shibboleth.utilities.java.support.component.ComponentInitializationException; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/applicationContext.xml", + "/specific_eIDAS_connector.beans.xml", + "/eaaf_core.beans.xml", + "/eaaf_pvp.beans.xml", + "/eaaf_pvp_idp.beans.xml", + "/spring/SpringTest-context_simple_storage.xml" }) +@WebAppConfiguration +@DirtiesContext(classMode = ClassMode.BEFORE_CLASS) +public class BasicConfigurationTest { + + @Autowired private IConfigurationWithSP basicConfig; + + /** + * jUnit class initializer. + * @throws ComponentInitializationException In case of an error + * @throws InitializationException In case of an error + * @throws CertificateException + * + */ + @BeforeClass + public static void classInitializer() throws InitializationException, + ComponentInitializationException, CertificateException { + final String current = new java.io.File(".").toURI().toString(); + System.setProperty("eidas.ms.configuration", current + "src/test/resources/config/junit_config_1.properties"); + + } + + + @Test + public void basicConfig() throws MalformedURLException, EaafException { + Assert.assertEquals("validate req. URL", "http://localhost", + basicConfig.validateIdpUrl(new URL("http://junit/test"))); + + Assert.assertEquals("validate req. URL", "http://localhost", + basicConfig.validateIdpUrl(new URL("http://localhost/test1/test"))); + + } + + @Test + public void loadSpNotExist() throws EaafConfigurationException { + //check + ISpConfiguration sp = basicConfig.getServiceProviderConfiguration( + "https://not/exist"); + + //validate state + Assert.assertNull("spConfig", sp); + + + } + + @Test + public void loadSpDefault() throws EaafConfigurationException { + //check + ISpConfiguration sp = basicConfig.getServiceProviderConfiguration( + "https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata"); + + //validate state + Assert.assertNotNull("spConfig", sp); + Assert.assertEquals("BaseId transfare restrication", true, sp.hasBaseIdTransferRestriction()); + Assert.assertEquals("BaseId process restrication", false, sp.hasBaseIdInternalProcessingRestriction()); + + Assert.assertEquals("req. LoA size", 1, sp.getRequiredLoA().size()); + Assert.assertEquals("req. LoA", EaafConstants.EIDAS_LOA_HIGH, sp.getRequiredLoA().get(0)); + Assert.assertEquals("LoA matching mode", + EaafConstants.EIDAS_LOA_MATCHING_MINIMUM, sp.getLoAMatchingMode()); + + } + + @Test + public void loadSpNoBaseIdTransferRestriction() throws EaafException { + //check + ServiceProviderConfiguration sp = basicConfig.getServiceProviderConfiguration( + "https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata", ServiceProviderConfiguration.class); + + //validate state + Assert.assertNotNull("spConfig", sp); + Assert.assertNull("bPKTarget already set", sp.getAreaSpecificTargetIdentifier()); + + //validate baseId transfer restriction + sp.setBpkTargetIdentifier(EaafConstants.URN_PREFIX_CDID + "ZP"); + Assert.assertEquals("BaseId restrication", false, sp.hasBaseIdTransferRestriction()); + Assert.assertEquals("bPKTarget", EaafConstants.URN_PREFIX_CDID + "ZP", sp.getAreaSpecificTargetIdentifier()); + + sp.setBpkTargetIdentifier(EaafConstants.URN_PREFIX_WBPK_TARGET_WITH_X + "FN+123456h"); + Assert.assertEquals("BaseId restrication", true, sp.hasBaseIdTransferRestriction()); + + } + + @Test + public void loadSpWithMsSpecificConfig() throws EaafConfigurationException { + //check + ServiceProviderConfiguration sp = basicConfig.getServiceProviderConfiguration( + "https://demo.egiz.gv.at/junit_test", ServiceProviderConfiguration.class); + + //validate state + Assert.assertNotNull("spConfig", sp); + Assert.assertEquals("friendlyName", "jUnit test", sp.getFriendlyName()); + Assert.assertEquals("UniqueId", "https://demo.egiz.gv.at/junit_test", sp.getUniqueIdentifier()); + Assert.assertEquals("BaseId restrication", true, sp.hasBaseIdTransferRestriction()); + Assert.assertEquals("generic config value", false, + sp.isConfigurationValue("policy.allowed.requested.targets")); + Assert.assertEquals("generic config value", "test", + sp.getConfigurationValue("policy.allowed.requested.targets")); + Assert.assertEquals("not_exist_value", "true", sp.getConfigurationValue("not.exist", "true")); + + } +} diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/saml2/Pvp2SProfileEndPointTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/saml2/Pvp2SProfileEndPointTest.java index da5693f3..81ee2625 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/saml2/Pvp2SProfileEndPointTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/saml2/Pvp2SProfileEndPointTest.java @@ -135,7 +135,7 @@ public class Pvp2SProfileEndPointTest { httpReq.setParameter("SAMLRequest", b64); final org.springframework.core.io.Resource resource = resourceLoader.getResource( - "classpath:/data/metadata.xml"); + "classpath:/data/metadata_valid.xml"); Timer timer = new Timer("PVP metadata-resolver refresh"); ResourceBackedMetadataResolver fileSystemResolver = new ResourceBackedMetadataResolver(timer, new OpenSaml3ResourceAdapter(resource)); @@ -172,7 +172,44 @@ public class Pvp2SProfileEndPointTest { httpReq.setParameter("SAMLRequest", b64); final org.springframework.core.io.Resource resource = resourceLoader.getResource( - "classpath:/data/metadata.xml"); + "classpath:/data/metadata_valid.xml"); + Timer timer = new Timer("PVP metadata-resolver refresh"); + ResourceBackedMetadataResolver fileSystemResolver = + new ResourceBackedMetadataResolver(timer, new OpenSaml3ResourceAdapter(resource)); + fileSystemResolver.setId("test"); + fileSystemResolver.setParserPool(XMLObjectProviderRegistrySupport.getParserPool()); + fileSystemResolver.initialize(); + metadataProvider.addMetadataResolverIntoChain(fileSystemResolver); + + + //request SAML2 authentication + try { + controller.pvpIdpPostRequest(httpReq, httpResp); + Assert.fail("wrong AuthnRequest not detected"); + + }catch (EaafException e) { + Assert.assertEquals("wrong errorId", "pvp2.21", e.getErrorId()); + + } + } + + @Test + public void authnReqMetadataExpired() throws EaafException, XMLParserException, UnmarshallingException, + UnsupportedEncodingException, TransformerException, IOException, MarshallingException, + ComponentInitializationException { + //initialize test + final RequestAbstractType authnReq = (RequestAbstractType) XMLObjectSupport.unmarshallFromInputStream( + XMLObjectProviderRegistrySupport.getParserPool(), + Pvp2SProfileEndPointTest.class.getResourceAsStream("/data/pvp2_authn_1.xml")); + authnReq.setIssueInstant(DateTime.now()); + RequestAbstractType signedAuthnReq = + Saml2Utils.signSamlObject(authnReq, credentialProvider.getMetaDataSigningCredential(), true); + String b64 = Base64Utils.encodeToString(DomUtils.serializeNode( + XMLObjectSupport.getMarshaller(signedAuthnReq).marshall(signedAuthnReq)).getBytes("UTF-8")); + httpReq.setParameter("SAMLRequest", b64); + + final org.springframework.core.io.Resource resource = resourceLoader.getResource( + "classpath:/data/metadata_expired.xml"); Timer timer = new Timer("PVP metadata-resolver refresh"); ResourceBackedMetadataResolver fileSystemResolver = new ResourceBackedMetadataResolver(timer, new OpenSaml3ResourceAdapter(resource)); @@ -209,7 +246,7 @@ public class Pvp2SProfileEndPointTest { httpReq.setParameter("SAMLRequest", b64); final org.springframework.core.io.Resource resource = resourceLoader.getResource( - "classpath:/data/metadata.xml"); + "classpath:/data/metadata_valid.xml"); Timer timer = new Timer("PVP metadata-resolver refresh"); ResourceBackedMetadataResolver fileSystemResolver = new ResourceBackedMetadataResolver(timer, new OpenSaml3ResourceAdapter(resource)); diff --git a/connector/src/test/resources/config/junit_config_1.properties b/connector/src/test/resources/config/junit_config_1.properties index ab6782a7..78981b6a 100644 --- a/connector/src/test/resources/config/junit_config_1.properties +++ b/connector/src/test/resources/config/junit_config_1.properties @@ -100,16 +100,24 @@ eidas.ms.pvp2.metadata.contact.email=max@junit.test eidas.ms.sp.0.uniqueID=https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata eidas.ms.sp.0.pvp2.metadata.truststore=keys/junit.jks eidas.ms.sp.0.pvp2.metadata.truststore.password=password - -#eidas.ms.sp.0.friendlyName= +eidas.ms.sp.0.friendlyName=jUnit test #eidas.ms.sp.0.pvp2.metadata.url= #eidas.ms.sp.0.policy.allowed.requested.targets=.* #eidas.ms.sp.0.policy.hasBaseIdTransferRestriction=false +## Service Provider configuration +eidas.ms.sp.1.uniqueID=https://demo.egiz.gv.at/junit_test +eidas.ms.sp.1.pvp2.metadata.truststore=keys/junit.jks +eidas.ms.sp.1.pvp2.metadata.truststore.password=password +eidas.ms.sp.1.friendlyName=jUnit test +eidas.ms.sp.1.pvp2.metadata.url=http://junit.test/metadata +eidas.ms.sp.1.policy.allowed.requested.targets=test +eidas.ms.sp.1.policy.hasBaseIdTransferRestriction=true + ##only for advanced config eidas.ms.configuration.sp.disableRegistrationRequirement= -eidas.ms.configuration.restrictions.baseID.spTransmission= +#eidas.ms.configuration.restrictions.baseID.spTransmission= eidas.ms.configuration.auth.default.countrycode= eidas.ms.configuration.pvp.scheme.validation= eidas.ms.configuration.pvp.enable.entitycategories= \ No newline at end of file diff --git a/connector/src/test/resources/data/metadata.xml b/connector/src/test/resources/data/metadata.xml deleted file mode 100644 index 16364c05..00000000 --- a/connector/src/test/resources/data/metadata.xml +++ /dev/null @@ -1,106 +0,0 @@ - - - - - - - - - - - - - 00SaL0XjeknOb/DttutP50lTyAux1jaRPJIVdSupWvU= - - - PfEBmLMX/ZgL6ViXghyWtal5MaMoW8k3zjw+54+WK1OAtVsVgOsIDRJE0M/a/VXBbMSifgY6J1gN23xhr61jkrjRQEkbDzLpWZLzWAJ65YqqUQo8wsKI2Gz0j12yY5D8/GOamKOH9KDi5ba1veXR/fnxRINoy7nZo4tcUWZChdl8BWkMN5ugr6dORNIQg/Ym3GabQ/hR5z+9FmveAKphdH63MC6qW3EgM9EMvOVkrLBTP92sNMAAJeaawui9tlxi9anVQ0OqwZsgKLvI7fyV4CM/0sd/ELjeReIlWlHk07Nz4eltMq3eOx3q1YurYvhE8XapHiQMehOtCS+Fzh10sw== - - - MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH -SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W -ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w -CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ -RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq -UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ -M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F -Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt -1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq -nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC -VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq -itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc -2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O -fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy -4jpXrp77JXFRSDWddb0yePc= - - - - - - - - MIIBbTCCARKgAwIBAgIEXjF+qTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJBVDEN -MAsGA1UEBwwERUdJWjEOMAwGA1UECgwFalVuaXQxEDAOBgNVBAMMB3NpZ25pbmcw -HhcNMjAwMTI5MTI0NjMzWhcNMjcwMTI4MTI0NjMzWjA+MQswCQYDVQQGEwJBVDEN -MAsGA1UEBwwERUdJWjEOMAwGA1UECgwFalVuaXQxEDAOBgNVBAMMB3NpZ25pbmcw -WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASRt7gZRrr4rSEE7Q922oKQJF+mlkwC -LZnv8ZzHtH54s4VdyQFIBjQF1PPf9PTn+5tid8QJehZPndcoeD7J8fPJMAoGCCqG -SM49BAMCA0kAMEYCIQDFUO0owvqMVRO2FmD+vb8mqJBpWCE6Cl5pEHaygTa5LwIh -ANsmjI2azWiTSFjb7Ou5fnCfbeiJUP0s66m8qS4rYl9L - - - - - - - MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH -SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W -ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w -CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ -RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq -UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ -M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F -Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt -1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq -nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC -VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq -itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc -2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O -fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy -4jpXrp77JXFRSDWddb0yePc= - - - - urn:oasis:names:tc:SAML:2.0:nameid-format:persistent - - - - Default Service - - - - - - - - - - - - - - - - - - EGIZ - E-Government Innovationszentrum - http://www.egiz.gv.at - - - E-Government Innovationszentrum - Lenz - Thomas - thomas.lenz@egiz.gv.at - +43 316 873 5525 - - diff --git a/connector/src/test/resources/data/metadata_expired.xml b/connector/src/test/resources/data/metadata_expired.xml new file mode 100644 index 00000000..16364c05 --- /dev/null +++ b/connector/src/test/resources/data/metadata_expired.xml @@ -0,0 +1,106 @@ + + + + + + + + + + + + + 00SaL0XjeknOb/DttutP50lTyAux1jaRPJIVdSupWvU= + + + PfEBmLMX/ZgL6ViXghyWtal5MaMoW8k3zjw+54+WK1OAtVsVgOsIDRJE0M/a/VXBbMSifgY6J1gN23xhr61jkrjRQEkbDzLpWZLzWAJ65YqqUQo8wsKI2Gz0j12yY5D8/GOamKOH9KDi5ba1veXR/fnxRINoy7nZo4tcUWZChdl8BWkMN5ugr6dORNIQg/Ym3GabQ/hR5z+9FmveAKphdH63MC6qW3EgM9EMvOVkrLBTP92sNMAAJeaawui9tlxi9anVQ0OqwZsgKLvI7fyV4CM/0sd/ELjeReIlWlHk07Nz4eltMq3eOx3q1YurYvhE8XapHiQMehOtCS+Fzh10sw== + + + MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH +SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W +ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w +CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ +RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq +UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ +M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F +Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt +1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq +nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC +VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq +itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc +2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O +fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy +4jpXrp77JXFRSDWddb0yePc= + + + + + + + + MIIBbTCCARKgAwIBAgIEXjF+qTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJBVDEN +MAsGA1UEBwwERUdJWjEOMAwGA1UECgwFalVuaXQxEDAOBgNVBAMMB3NpZ25pbmcw +HhcNMjAwMTI5MTI0NjMzWhcNMjcwMTI4MTI0NjMzWjA+MQswCQYDVQQGEwJBVDEN +MAsGA1UEBwwERUdJWjEOMAwGA1UECgwFalVuaXQxEDAOBgNVBAMMB3NpZ25pbmcw +WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASRt7gZRrr4rSEE7Q922oKQJF+mlkwC +LZnv8ZzHtH54s4VdyQFIBjQF1PPf9PTn+5tid8QJehZPndcoeD7J8fPJMAoGCCqG +SM49BAMCA0kAMEYCIQDFUO0owvqMVRO2FmD+vb8mqJBpWCE6Cl5pEHaygTa5LwIh +ANsmjI2azWiTSFjb7Ou5fnCfbeiJUP0s66m8qS4rYl9L + + + + + + + MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH +SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W +ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w +CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ +RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq +UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ +M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F +Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt +1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq +nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC +VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq +itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc +2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O +fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy +4jpXrp77JXFRSDWddb0yePc= + + + + urn:oasis:names:tc:SAML:2.0:nameid-format:persistent + + + + Default Service + + + + + + + + + + + + + + + + + + EGIZ + E-Government Innovationszentrum + http://www.egiz.gv.at + + + E-Government Innovationszentrum + Lenz + Thomas + thomas.lenz@egiz.gv.at + +43 316 873 5525 + + diff --git a/connector/src/test/resources/data/metadata_valid.xml b/connector/src/test/resources/data/metadata_valid.xml new file mode 100644 index 00000000..06e1e785 --- /dev/null +++ b/connector/src/test/resources/data/metadata_valid.xml @@ -0,0 +1,106 @@ + + + + + + + + + + + + + 00SaL0XjeknOb/DttutP50lTyAux1jaRPJIVdSupWvU= + + + PfEBmLMX/ZgL6ViXghyWtal5MaMoW8k3zjw+54+WK1OAtVsVgOsIDRJE0M/a/VXBbMSifgY6J1gN23xhr61jkrjRQEkbDzLpWZLzWAJ65YqqUQo8wsKI2Gz0j12yY5D8/GOamKOH9KDi5ba1veXR/fnxRINoy7nZo4tcUWZChdl8BWkMN5ugr6dORNIQg/Ym3GabQ/hR5z+9FmveAKphdH63MC6qW3EgM9EMvOVkrLBTP92sNMAAJeaawui9tlxi9anVQ0OqwZsgKLvI7fyV4CM/0sd/ELjeReIlWlHk07Nz4eltMq3eOx3q1YurYvhE8XapHiQMehOtCS+Fzh10sw== + + + MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH +SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W +ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w +CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ +RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq +UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ +M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F +Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt +1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq +nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC +VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq +itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc +2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O +fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy +4jpXrp77JXFRSDWddb0yePc= + + + + + + + + MIIBbTCCARKgAwIBAgIEXjF+qTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJBVDEN +MAsGA1UEBwwERUdJWjEOMAwGA1UECgwFalVuaXQxEDAOBgNVBAMMB3NpZ25pbmcw +HhcNMjAwMTI5MTI0NjMzWhcNMjcwMTI4MTI0NjMzWjA+MQswCQYDVQQGEwJBVDEN +MAsGA1UEBwwERUdJWjEOMAwGA1UECgwFalVuaXQxEDAOBgNVBAMMB3NpZ25pbmcw +WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASRt7gZRrr4rSEE7Q922oKQJF+mlkwC +LZnv8ZzHtH54s4VdyQFIBjQF1PPf9PTn+5tid8QJehZPndcoeD7J8fPJMAoGCCqG +SM49BAMCA0kAMEYCIQDFUO0owvqMVRO2FmD+vb8mqJBpWCE6Cl5pEHaygTa5LwIh +ANsmjI2azWiTSFjb7Ou5fnCfbeiJUP0s66m8qS4rYl9L + + + + + + + MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH +SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W +ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w +CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ +RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq +UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ +M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F +Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt +1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq +nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC +VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq +itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc +2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O +fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy +4jpXrp77JXFRSDWddb0yePc= + + + + urn:oasis:names:tc:SAML:2.0:nameid-format:persistent + + + + Default Service + + + + + + + + + + + + + + + + + + EGIZ + E-Government Innovationszentrum + http://www.egiz.gv.at + + + E-Government Innovationszentrum + Lenz + Thomas + thomas.lenz@egiz.gv.at + +43 316 873 5525 + + -- cgit v1.2.3 From 9fd7ba09ba2a5a827ef8530967aa0bfefc412f42 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Tue, 22 Dec 2020 14:15:14 +0100 Subject: add jUnit tests for configuration-operations --- .../ProcessEngineSignalControllerTest.java | 75 ++++++++++++++++++++++ 1 file changed, 75 insertions(+) create mode 100644 connector/src/test/java/at/asitplus/eidas/specific/connector/test/controller/ProcessEngineSignalControllerTest.java (limited to 'connector/src') diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/controller/ProcessEngineSignalControllerTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/controller/ProcessEngineSignalControllerTest.java new file mode 100644 index 00000000..cd502c48 --- /dev/null +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/controller/ProcessEngineSignalControllerTest.java @@ -0,0 +1,75 @@ +package at.asitplus.eidas.specific.connector.test.controller; + +import java.io.IOException; +import java.net.URISyntaxException; + +import org.junit.Assert; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.mock.web.MockHttpServletRequest; +import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.test.context.web.WebAppConfiguration; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; + +import at.asitplus.eidas.specific.connector.controller.ProcessEngineSignalController; +import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/applicationContext.xml", + "/specific_eIDAS_connector.beans.xml", + "/eaaf_core.beans.xml", + "/eaaf_pvp.beans.xml", + "/eaaf_pvp_idp.beans.xml", + "/spring/SpringTest-context_simple_storage.xml" }) +@WebAppConfiguration +public class ProcessEngineSignalControllerTest { + + @Autowired private ProcessEngineSignalController controller; + + private MockHttpServletRequest httpReq; + private MockHttpServletResponse httpResp; + + @BeforeClass + public static void classInitializer() { + final String current = new java.io.File(".").toURI().toString(); + System.setProperty("eidas.ms.configuration", current + "src/test/resources/config/junit_config_1.properties"); + + } + + /** + * jUnit test set-up. + */ + @Before + public void setUp() throws EaafStorageException, URISyntaxException { + httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler"); + httpResp = new MockHttpServletResponse(); + RequestContextHolder.resetRequestAttributes(); + RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); + + } + + @Test + public void noPendingRequestId() throws IOException, EaafException { + //set-up + + //execute test + controller.performGenericAuthenticationProcess(httpReq, httpResp); + + //validate state + Assert.assertEquals("http StatusCode", 302, httpResp.getStatus()); + Assert.assertNotNull("redirect header", httpResp.getHeaderValue("Location")); + Assert.assertTrue("wrong redirect header", + httpResp.getHeader("Location").startsWith("http://localhost/errorHandling?errorid=")); + + } + + +} -- cgit v1.2.3 From 6b098e7070dedb5692325f6d330a20de696b9edc Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Tue, 22 Dec 2020 15:36:42 +0100 Subject: switch from Spring to Spring-Boot --- .../MsSpecificEidasNodeSpringResourceProvider.java | 10 +- ...ficSpringBootApplicationContextInitializer.java | 82 +++++ .../SpringBootApplicationInitializer.java | 60 ++++ .../connector/SpringContextCloseHandler.java | 224 +++++++++++++ .../config/StaticResourceConfiguration.java | 87 ++--- .../storage/SimpleInMemoryTransactionStorage.java | 2 - .../src/main/resources/application.properties | 144 +++++++++ .../src/main/resources/applicationContext.xml | 23 +- connector/src/main/resources/log4j.properties | 55 ---- connector/src/main/resources/logback.xml | 20 +- .../resources/specific_eIDAS_connector.beans.xml | 21 +- connector/src/main/resources/tomcat.properties | 15 + .../test/AuthenticationDataBuilderTest.java | 352 --------------------- .../connector/test/AuthnRequestValidatorTest.java | 329 ------------------- .../connector/test/BasicConfigurationTest.java | 135 -------- .../test/CountrySelectionProcessImplTest.java | 120 ------- .../test/MainClassExecutableModeTest.java | 109 +++++++ .../connector/test/MainClassWebAppModeTest.java | 129 ++++++++ .../test/config/BasicConfigurationTest.java | 135 ++++++++ .../test/utils/AuthenticationDataBuilderTest.java | 352 +++++++++++++++++++++ .../test/utils/AuthnRequestValidatorTest.java | 329 +++++++++++++++++++ .../utils/CountrySelectionProcessImplTest.java | 120 +++++++ .../resources/config/junit_config_1.properties | 1 + .../config/junit_config_1_springboot.properties | 81 +++++ .../src/test/resources/config/keys/teststore.jks | Bin 0 -> 2028 bytes 25 files changed, 1869 insertions(+), 1066 deletions(-) create mode 100644 connector/src/main/java/at/asitplus/eidas/specific/connector/MsSpecificSpringBootApplicationContextInitializer.java create mode 100644 connector/src/main/java/at/asitplus/eidas/specific/connector/SpringBootApplicationInitializer.java create mode 100644 connector/src/main/java/at/asitplus/eidas/specific/connector/SpringContextCloseHandler.java create mode 100644 connector/src/main/resources/application.properties delete mode 100644 connector/src/main/resources/log4j.properties create mode 100644 connector/src/main/resources/tomcat.properties delete mode 100644 connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthenticationDataBuilderTest.java delete mode 100644 connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthnRequestValidatorTest.java delete mode 100644 connector/src/test/java/at/asitplus/eidas/specific/connector/test/BasicConfigurationTest.java delete mode 100644 connector/src/test/java/at/asitplus/eidas/specific/connector/test/CountrySelectionProcessImplTest.java create mode 100644 connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java create mode 100644 connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java create mode 100644 connector/src/test/java/at/asitplus/eidas/specific/connector/test/config/BasicConfigurationTest.java create mode 100644 connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java create mode 100644 connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthnRequestValidatorTest.java create mode 100644 connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/CountrySelectionProcessImplTest.java create mode 100644 connector/src/test/resources/config/junit_config_1_springboot.properties create mode 100644 connector/src/test/resources/config/keys/teststore.jks (limited to 'connector/src') diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/MsSpecificEidasNodeSpringResourceProvider.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/MsSpecificEidasNodeSpringResourceProvider.java index 6e8e06ef..40ed283b 100644 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/MsSpecificEidasNodeSpringResourceProvider.java +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/MsSpecificEidasNodeSpringResourceProvider.java @@ -32,11 +32,15 @@ public class MsSpecificEidasNodeSpringResourceProvider implements SpringResource @Override public Resource[] getResourcesToLoad() { - final ClassPathResource msEidasNode = new ClassPathResource("/specific_eIDAS_connector.beans.xml", - MsSpecificEidasNodeSpringResourceProvider.class); + final ClassPathResource generic = + new ClassPathResource("/applicationContext.xml", MsSpecificEidasNodeSpringResourceProvider.class); + + final ClassPathResource msEidasNode = new ClassPathResource( + "/specific_eIDAS_connector.beans.xml", MsSpecificEidasNodeSpringResourceProvider.class); + final ClassPathResource msEidasNodeStorage = new ClassPathResource( "/specific_eIDAS_connector.storage.beans.xml", MsSpecificEidasNodeSpringResourceProvider.class); - return new Resource[] { msEidasNode, msEidasNodeStorage }; + return new Resource[] { generic, msEidasNode, msEidasNodeStorage }; } @Override diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/MsSpecificSpringBootApplicationContextInitializer.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/MsSpecificSpringBootApplicationContextInitializer.java new file mode 100644 index 00000000..5160bdf5 --- /dev/null +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/MsSpecificSpringBootApplicationContextInitializer.java @@ -0,0 +1,82 @@ +package at.asitplus.eidas.specific.connector; + +import java.io.File; +import java.io.FileInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.nio.file.Files; +import java.nio.file.Path; +import java.nio.file.Paths; +import java.util.Properties; + +import org.apache.commons.lang3.StringUtils; +import org.springframework.context.ConfigurableApplicationContext; +import org.springframework.core.env.MutablePropertySources; +import org.springframework.core.env.PropertiesPropertySource; + +import at.gv.egiz.components.spring.api.SpringBootApplicationContextInitializer; +import lombok.extern.slf4j.Slf4j; + +@Slf4j +public class MsSpecificSpringBootApplicationContextInitializer extends + SpringBootApplicationContextInitializer { + + private static final String SYSTEMD_PROP_NAME = "eidas.ms.configuration"; + private static final String PATH_FILE_PREFIX = "file:"; + + @Override + public void initialize(ConfigurableApplicationContext applicationContext) { + String configPath = System.getProperty(SYSTEMD_PROP_NAME); + if (StringUtils.isNotEmpty(configPath)) { + log.debug("Find configuration-source from SystemD Property: '{}' ...", SYSTEMD_PROP_NAME); + if (configPath.startsWith(PATH_FILE_PREFIX)) { + configPath = configPath.substring(PATH_FILE_PREFIX.length()); + + } + injectConfiguration(configPath, applicationContext); + + } else { + log.info("Find NO SystemD Property: '{}' Maybe no configuration available", SYSTEMD_PROP_NAME); + + } + + super.initialize(applicationContext); + + } + + private void injectConfiguration(String configPath, ConfigurableApplicationContext applicationContext) { + InputStream is = null; + try { + Path path = Paths.get(configPath); + if (Files.exists(path)) { + File file = new File(configPath); + Properties props = new Properties(); + is = new FileInputStream(file); + props.load(is); + MutablePropertySources sources = applicationContext.getEnvironment().getPropertySources(); + sources.addFirst(new PropertiesPropertySource(SYSTEMD_PROP_NAME, props)); + log.info("Set configuration-source from SystemD-Property: {}", SYSTEMD_PROP_NAME); + + } else { + log.error("Configuration from SystemD Property: '{}' at Location: {} DOES NOT exist", + SYSTEMD_PROP_NAME, configPath); + + } + + } catch (IOException e) { + log.error("Configuration from SystemD Property: '{}' at Location: {} CAN NOT be loaded", + SYSTEMD_PROP_NAME, configPath, e); + + } finally { + try { + if (is != null) { + is.close(); + + } + } catch (IOException e) { + log.error("Can not close InputStream of configLoader: {}", configPath, e); + + } + } + } +} diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringBootApplicationInitializer.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringBootApplicationInitializer.java new file mode 100644 index 00000000..0d3226bf --- /dev/null +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringBootApplicationInitializer.java @@ -0,0 +1,60 @@ +package at.asitplus.eidas.specific.connector; + +import org.springframework.boot.SpringApplication; +import org.springframework.boot.autoconfigure.SpringBootApplication; +import org.springframework.context.ConfigurableApplicationContext; + +import at.gv.egiz.eaaf.core.impl.logging.LogMessageProviderFactory; +import at.gv.egiz.eaaf.core.impl.logging.SimpleStatusMessager; +import lombok.extern.slf4j.Slf4j; + +@Slf4j +@SpringBootApplication(scanBasePackages = {"at.gv.egiz.eaaf.utils.springboot.ajp"}) +public class SpringBootApplicationInitializer { + + private static ConfigurableApplicationContext ctx; + + /** + * Starts MS-specific eIDAS-Implementation SpringBoot application. + * + * @param args Starting parameters + */ + public static void main(final String[] args) { + try { + log.info("=============== Initializing Spring-Boot context! ==============="); + LogMessageProviderFactory.setStatusMessager(new SimpleStatusMessager()); + final SpringApplication springApp = + new SpringApplication(SpringBootApplicationInitializer.class); + springApp.addInitializers(new MsSpecificSpringBootApplicationContextInitializer()); + + log.debug("Run SpringBoot initialization process ... "); + ctx = springApp.run(args); + + log.info("Initialization of MS-specific eIDAS-Implementation finished."); + + } catch (final Throwable e) { + log.error("MS-specific eIDAS-Implementation initialization FAILED!", e); + throw e; + + } + + } + + /** + * Stops SpringBoot application of MS-specific eIDAS-Implementation. + * + */ + public static void exit() { + if (ctx != null) { + log.info("Stopping SpringBoot application ... "); + SpringApplication.exit(ctx, () -> 0); + ctx = null; + + } else { + log.info("No SpringBoot context. Nothing todo"); + + } + + } + +} diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringContextCloseHandler.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringContextCloseHandler.java new file mode 100644 index 00000000..2a3b659a --- /dev/null +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringContextCloseHandler.java @@ -0,0 +1,224 @@ +package at.asitplus.eidas.specific.connector; + +import java.util.Iterator; +import java.util.Map; +import java.util.Map.Entry; + +import org.slf4j.Logger; +import org.springframework.beans.BeansException; +import org.springframework.beans.factory.config.BeanPostProcessor; +import org.springframework.context.ApplicationContext; +import org.springframework.context.ApplicationContextAware; +import org.springframework.context.ApplicationListener; +import org.springframework.context.event.ContextClosedEvent; +import org.springframework.context.event.EventListener; +import org.springframework.scheduling.concurrent.ThreadPoolTaskExecutor; +import org.springframework.scheduling.concurrent.ThreadPoolTaskScheduler; + +import at.gv.egiz.components.spring.api.IDestroyableObject; +import eu.eidas.auth.cache.IgniteInstanceInitializerSpecificCommunication; + +/** + * SpringContext CloseHandler. + * + * @author tlenz + * + */ + +public class SpringContextCloseHandler + implements ApplicationListener, ApplicationContextAware, BeanPostProcessor { + + private static final Logger log = + org.slf4j.LoggerFactory.getLogger(SpringContextCloseHandler.class); + + private ApplicationContext context; + + /* + * (non-Javadoc) + * + * @see org.springframework.context.ApplicationListener#onApplicationEvent(org. + * springframework.context. ApplicationEvent) + */ + @Override + @EventListener + public void onApplicationEvent(final ContextClosedEvent arg0) { + log.info("MS-specific eIDAS-Node shutdown process started ..."); + + try { + log.debug("CleanUp objects with implements the IDestroyable interface ... "); + final Map objectsToDestroy = + context.getBeansOfType(IDestroyableObject.class); + internalIDestroyableObject(objectsToDestroy); + log.info("Object cleanUp complete"); + + log.debug("Stopping Spring Thread-Pools ... "); + // shut-down task schedulers + final Map schedulers = + context.getBeansOfType(ThreadPoolTaskScheduler.class); + internalThreadPoolTaskScheduler(schedulers); + + // shut-down task executors + final Map executers = + context.getBeansOfType(ThreadPoolTaskExecutor.class); + internalThreadPoolTaskExecutor(executers); + log.debug("Spring Thread-Pools stopped"); + + + //clean-up eIDAS node + Map nodeIgnite = + context.getBeansOfType(IgniteInstanceInitializerSpecificCommunication.class); + log.info("Find #{} Apache Ignite instances from eIDAS Ref. impl.", nodeIgnite.size()); + for (Entry el : nodeIgnite.entrySet()) { + if (el.getValue().getInstance() != null) { + el.getValue().getInstance().close(); + el.getValue().destroyInstance(); + log.debug("Shutdown Apache-Ignite: {}", el.getKey()); + + } + } + + log.info("MS-specific eIDAS-Node shutdown process finished"); + + } catch (final Exception e) { + log.warn("MS-specific eIDAS-Node shutdown process has an error.", e); + + } + + } + + /* + * (non-Javadoc) + * + * @see org.springframework.beans.factory.config.BeanPostProcessor# + * postProcessAfterInitialization(java. lang.Object, java.lang.String) + */ + @Override + public Object postProcessAfterInitialization(final Object arg0, final String arg1) + throws BeansException { + if (arg0 instanceof ThreadPoolTaskScheduler) { + ((ThreadPoolTaskScheduler) arg0).setWaitForTasksToCompleteOnShutdown(true); + } + if (arg0 instanceof ThreadPoolTaskExecutor) { + ((ThreadPoolTaskExecutor) arg0).setWaitForTasksToCompleteOnShutdown(true); + } + return arg0; + + } + + /* + * (non-Javadoc) + * + * @see org.springframework.beans.factory.config.BeanPostProcessor# + * postProcessBeforeInitialization(java .lang.Object, java.lang.String) + */ + @Override + public Object postProcessBeforeInitialization(final Object arg0, final String arg1) + throws BeansException { + return arg0; + + } + + /* + * (non-Javadoc) + * + * @see + * org.springframework.context.ApplicationContextAware#setApplicationContext(org + * .springframework. context.ApplicationContext) + */ + @Override + public void setApplicationContext(final ApplicationContext arg0) throws BeansException { + this.context = arg0; + + } + + private void internalThreadPoolTaskExecutor(final Map executers) { + for (final ThreadPoolTaskExecutor executor : executers.values()) { + // Not needed yet + // int retryCount = 0; + // while(executor.getActiveCount()>0 && ++retryCount<51){ + // try { + // log.debug("Executer {} is still working with active {} work. Retry count is + // {}", + // executor.getThreadNamePrefix(), + // executor.getActiveCount(), + // retryCount); + // Thread.sleep(1000); + // + // } catch (final InterruptedException e) { + // e.printStackTrace(); + // } + // } + // + // if(!(retryCount<51)) + // log.debug("Executer {} is still working. Since Retry count exceeded max value + // {}, will be + // killed immediately", + // executor.getThreadNamePrefix(), + // retryCount); + + executor.shutdown(); + log.debug("Executer {} with active {} work has killed", executor.getThreadNamePrefix(), + executor.getActiveCount()); + + } + + } + + // Not required at the moment + private void internalThreadPoolTaskScheduler( + final Map schedulers) { + log.trace("Stopping #{} task-schedulers", schedulers.size()); + + // for (final ThreadPoolTaskScheduler scheduler : schedulers.values()) { + // scheduler.getScheduledExecutor().shutdown(); + // try { + // scheduler.getScheduledExecutor().awaitTermination(20000, + // TimeUnit.MILLISECONDS); + // if(scheduler.getScheduledExecutor().isTerminated() || + // scheduler.getScheduledExecutor().isShutdown()) + // log.debug("Scheduler {} has stoped", scheduler.getThreadNamePrefix()); + // + // else{ + // log.debug("Scheduler {} has not stoped normally and will be shut down + // immediately", + // scheduler.getThreadNamePrefix()); + // scheduler.getScheduledExecutor().shutdownNow(); + // log.info("Scheduler {} has shut down immediately", + // scheduler.getThreadNamePrefix()); + // + // } + // + // } catch (final IllegalStateException e) { + // e.printStackTrace(); + // + // } catch (final InterruptedException e) { + // e.printStackTrace(); + // + // } finally { + // scheduler.shutdown(); + // + // } + // } + + } + + private void internalIDestroyableObject(final Map objectsToDestroy) { + if (objectsToDestroy != null) { + final Iterator> interator = + objectsToDestroy.entrySet().iterator(); + while (interator.hasNext()) { + final Entry object = interator.next(); + try { + object.getValue().fullyDestroy(); + log.debug("Object with ID: {} is destroyed", object.getKey()); + + } catch (final Exception e) { + log.warn("Destroing object with ID: {} FAILED!", object.getKey(), null, e); + + } + } + } + + } + +} diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/config/StaticResourceConfiguration.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/config/StaticResourceConfiguration.java index 2a10031b..a1e953f1 100644 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/config/StaticResourceConfiguration.java +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/config/StaticResourceConfiguration.java @@ -24,6 +24,7 @@ package at.asitplus.eidas.specific.connector.config; import java.net.MalformedURLException; +import java.util.List; import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; @@ -35,11 +36,11 @@ import org.springframework.context.support.ReloadableResourceBundleMessageSource import org.springframework.web.servlet.config.annotation.EnableWebMvc; import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; -import org.springframework.web.servlet.i18n.CookieLocaleResolver; import org.thymeleaf.templateresolver.FileTemplateResolver; import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.api.logging.IMessageSourceLocation; import at.gv.egiz.eaaf.core.impl.utils.FileUtils; /** @@ -90,43 +91,63 @@ public class StaticResourceConfiguration implements WebMvcConfigurer { } /** - * Internal i18n message source. - * + * Get a message source with only internal message properties. + * + * @param ressourceLocations List of source-locations * @return */ @Bean - public ReloadableResourceBundleMessageSource internalMessageSource() { - final ReloadableResourceBundleMessageSource messageSource = new ReloadableResourceBundleMessageSource(); + public ReloadableResourceBundleMessageSource internalMessageSource( + @Autowired(required = false) final List ressourceLocations) { + final ReloadableResourceBundleMessageSource messageSource = + new ReloadableResourceBundleMessageSource(); // add default message source messageSource.setBasename(DEFAULT_MESSAGE_SOURCE); + + if (ressourceLocations != null) { + // load more message sources + for (final IMessageSourceLocation el : ressourceLocations) { + if (el.getMessageSourceLocation() != null) { + for (final String source : el.getMessageSourceLocation()) { + messageSource.addBasenames(source); + log.debug("Add additional messageSources: {}", el.getMessageSourceLocation().toArray()); + + } + } + } + } + messageSource.setDefaultEncoding("UTF-8"); return messageSource; } /** - * External i18n message source. - * + * Get full message source with internal and external message-properties files. + * + * @param ressourceLocations List of source-locations * @return */ @Bean - public ReloadableResourceBundleMessageSource messageSource() { - final ReloadableResourceBundleMessageSource messageSource = new ReloadableResourceBundleMessageSource(); + public ReloadableResourceBundleMessageSource messageSource( + @Autowired(required = false) final List ressourceLocations) { + final ReloadableResourceBundleMessageSource messageSource = + new ReloadableResourceBundleMessageSource(); messageSource.setDefaultEncoding("UTF-8"); - messageSource.setParentMessageSource(internalMessageSource()); + messageSource.setParentMessageSource(internalMessageSource(ressourceLocations)); - final String staticResources = basicConfig.getBasicConfiguration( - MsEidasNodeConstants.PROP_CONFIG_WEBCONTENT_PROPERTIES_PATH); + final String staticResources = basicConfig + .getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_WEBCONTENT_PROPERTIES_PATH); try { if (StringUtils.isNotEmpty(staticResources)) { - final String absPath = FileUtils.makeAbsoluteUrl(staticResources, basicConfig - .getConfigurationRootDirectory()); + final String absPath = + FileUtils.makeAbsoluteUrl(staticResources, basicConfig.getConfigurationRootDirectory()); messageSource.setBasename(absPath); - messageSource.setFallbackToSystemLocale(false); } else { log.debug("No Ressourcefolder for dynamic Web content templates"); + } } catch (final MalformedURLException e) { @@ -137,40 +158,28 @@ public class StaticResourceConfiguration implements WebMvcConfigurer { return messageSource; } - + /** - * Cookie based i18n language selector. - * - * @return - */ - @Bean - public CookieLocaleResolver localeResolver() { - final CookieLocaleResolver localeResolver = new CookieLocaleResolver(); - localeResolver.setCookieName("currentLanguage"); - localeResolver.setCookieMaxAge(3600); - return localeResolver; - } - - - /** - * Thymeleaf based template resolver. - * + * Get a Tyhmeleaf Template-Resolver with external configuration path. + * * @return */ @Bean(name = "templateResolver") public FileTemplateResolver templateResolver() { - final String staticResources = basicConfig.getBasicConfiguration( - MsEidasNodeConstants.PROP_CONFIG_WEBCONTENT_TEMPLATES_PATH); + final String staticResources = basicConfig + .getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_WEBCONTENT_TEMPLATES_PATH); try { if (StringUtils.isNotEmpty(staticResources)) { - String absPath = FileUtils.makeAbsoluteUrl(staticResources, basicConfig - .getConfigurationRootDirectory()); + String absPath = + FileUtils.makeAbsoluteUrl(staticResources, basicConfig.getConfigurationRootDirectory()); if (!absPath.endsWith("/")) { absPath += "/"; + } if (absPath.startsWith("file:")) { absPath = absPath.substring("file:".length()); + } final FileTemplateResolver viewResolver = new FileTemplateResolver(); @@ -179,11 +188,12 @@ public class StaticResourceConfiguration implements WebMvcConfigurer { viewResolver.setTemplateMode("HTML"); viewResolver.setCacheable(false); - log.info("Add Ressourcefolder: " + absPath + " for dynamic Web content templates"); + log.info("Add Ressourcefolder: {} for dynamic Web content templates", absPath); return viewResolver; } else { log.debug("No Ressourcefolder for dynamic Web content templates"); + } } catch (final MalformedURLException e) { @@ -191,8 +201,7 @@ public class StaticResourceConfiguration implements WebMvcConfigurer { } - // TODO: implement some backup solution - return null; + throw new RuntimeException("Can NOT initialize HTML template resolver"); } } diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/storage/SimpleInMemoryTransactionStorage.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/storage/SimpleInMemoryTransactionStorage.java index 26d442cb..3bda2932 100644 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/storage/SimpleInMemoryTransactionStorage.java +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/storage/SimpleInMemoryTransactionStorage.java @@ -33,13 +33,11 @@ import java.util.concurrent.ConcurrentHashMap; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import org.springframework.stereotype.Service; import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage; import at.gv.egiz.eaaf.core.exceptions.EaafException; import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; -@Service("SimpleInMemoryTransactionStorage") public class SimpleInMemoryTransactionStorage implements ITransactionStorage { private static final Logger log = LoggerFactory.getLogger(SimpleInMemoryTransactionStorage.class); diff --git a/connector/src/main/resources/application.properties b/connector/src/main/resources/application.properties new file mode 100644 index 00000000..2cb0c83a --- /dev/null +++ b/connector/src/main/resources/application.properties @@ -0,0 +1,144 @@ +## Set Spring-Boot profile-configuration to 2.3 style +spring.config.use-legacy-processing=true + +## ApplicationServer configuration +server.servlet.contextPath=/ms_connector +#server.port=7080 + +app.build.artifactId=ms_connector + + +############################################################################# +## SpringBoot Admin client +spring.boot.admin.client.enabled=false + + +############################################################################# +## MS-speccific eIDAS-Connector configuration +#proxy.context.url.prefix= +eidas.ms.context.url.request.validation=false +#proxy.configRootDir=file:/.../config/ +eidas.ms.context.use.clustermode=true + + +##Monitoring +eidas.ms.monitoring.eIDASNode.metadata.url= + + +##Specific logger configuration +eidas.ms.technicallog.write.MDS.into.techlog=true +eidas.ms.revisionlog.write.MDS.into.revisionlog=true +eidas.ms.revisionlog.logIPAddressOfUser=true + + +##Directory for static Web content +eidas.ms.webcontent.static.directory=webcontent/ +eidas.ms.webcontent.templates=templates/ +eidas.ms.webcontent.properties=properties/messages +eidas.ms.webcontent.templates.countryselection=countrySelection.html + + +## extended validation of pending-request Id's +eidas.ms.core.pendingrequestid.maxlifetime=300 +eidas.ms.core.pendingrequestid.digist.algorithm=HmacSHA256 +#eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret + + +## eIDAS Ref. Implementation connector ### +eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector +#eidas.ms.auth.eIDAS.node_v2.forward.endpoint= +eidas.ms.auth.eIDAS.node_v2.forward.method=POST +eidas.ms.auth.eIDAS.node_v2.countrycode=AT +eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=.* +eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName=true +eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier=true +eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs=true + +eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/substantial + +#eidas.ms.auth.eIDAS.szrclient.useTestService=true +#eidas.ms.auth.eIDAS.szrclient.endpoint.prod= +#eidas.ms.auth.eIDAS.szrclient.endpoint.test=http://localhost:1234/demoszr +#eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.path=keys/junit.jks +#eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.password=password +#eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.path= +#eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.password= +eidas.ms.auth.eIDAS.szrclient.timeout.connection=15 +eidas.ms.auth.eIDAS.szrclient.timeout.response=30 +eidas.ms.auth.eIDAS.szrclient.params.vkz= + +eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation=false + + +# tech. AuthBlock signing for E-ID process +#eidas.ms.auth.eIDAS.authblock.keystore.password=f/+saJBc3a}*/T^s +#eidas.ms.auth.eIDAS.authblock.keystore.friendlyName=connectorkeypair +#eidas.ms.auth.eIDAS.authblock.keystore.path=keys/teststore.jks +#eidas.ms.auth.eIDAS.authblock.keystore.type=jks +#eidas.ms.auth.eIDAS.authblock.key.alias=connectorkeypair +#eidas.ms.auth.eIDAS.authblock.key.password=f/+saJBc3a}*/T^s + + +#Raw eIDAS Id data storage +eidas.ms.auth.eIDAS.szrclient.workarounds.eidmapping.revisionlog.active=true + +eidas.ms.auth.eIDAS.szrclient.params.setPlaceOfBirthIfAvailable=true +eidas.ms.auth.eIDAS.szrclient.params.setBirthNameIfAvailable=true + +eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=false +eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=false + +##without mandates +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.0=PersonIdentifier,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.1=FamilyName,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.2=FirstName,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.3=DateOfBirth,true + +eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.4=PlaceOfBirth,false +eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.5=BirthName,false +eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.6=Gender,false +eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.7=CurrentAddress,false + +##with mandates ---- NOT FULLY SUPPORTED AT THE MOMENT ----- +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.0=PersonIdentifier,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.1=FamilyName,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.2=FirstName,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.3=DateOfBirth,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.4=LegalPerson,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.5=LegalName,true + + +## PVP2 S-Profile end-point configuration +#eidas.ms.pvp2.keystore.type=jks +#eidas.ms.pvp2.keystore.path=keys/junit.jks +#eidas.ms.pvp2.keystore.password=password +#eidas.ms.pvp2.key.metadata.alias=meta +#eidas.ms.pvp2.key.metadata.password=password +#eidas.ms.pvp2.key.signing.alias=sig +#eidas.ms.pvp2.key.signing.password=password +#eidas.ms.pvp2.metadata.validity=24 + +#eidas.ms.pvp2.metadata.organisation.name=JUnit +#eidas.ms.pvp2.metadata.organisation.friendyname=For testing with jUnit +#eidas.ms.pvp2.metadata.organisation.url=http://junit.test +#eidas.ms.pvp2.metadata.contact.givenname=Max +#eidas.ms.pvp2.metadata.contact.surname=Mustermann +#eidas.ms.pvp2.metadata.contact.email=max@junit.test + + +## Service Provider configuration +#eidas.ms.sp.0.uniqueID=https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata +#eidas.ms.sp.0.pvp2.metadata.truststore=keys/junit.jks +#eidas.ms.sp.0.pvp2.metadata.truststore.password=password +#eidas.ms.sp.0.friendlyName=jUnit test +#eidas.ms.sp.0.pvp2.metadata.url= +#eidas.ms.sp.0.policy.allowed.requested.targets=.* +#eidas.ms.sp.0.policy.hasBaseIdTransferRestriction=false + + +##only for advanced config +eidas.ms.configuration.sp.disableRegistrationRequirement= +#eidas.ms.configuration.restrictions.baseID.spTransmission= +eidas.ms.configuration.auth.default.countrycode= +eidas.ms.configuration.pvp.scheme.validation= +eidas.ms.configuration.pvp.enable.entitycategories= \ No newline at end of file diff --git a/connector/src/main/resources/applicationContext.xml b/connector/src/main/resources/applicationContext.xml index 76682a2e..8a21e68f 100644 --- a/connector/src/main/resources/applicationContext.xml +++ b/connector/src/main/resources/applicationContext.xml @@ -14,10 +14,14 @@ http://www.springframework.org/schema/tx/spring-tx.xsd"> - + + + @@ -27,13 +31,24 @@ + + + + - + + + + + + diff --git a/connector/src/main/resources/log4j.properties b/connector/src/main/resources/log4j.properties deleted file mode 100644 index 81e54aae..00000000 --- a/connector/src/main/resources/log4j.properties +++ /dev/null @@ -1,55 +0,0 @@ -# commons-logging setup -org.apache.commons.logging.LogFactory=org.apache.commons.logging.impl.Log4jFactory - -# define log4j root loggers -log4j.rootLogger=info,stdout, console - -log4j.logger.at.gv.egiz.eaaf=info, msnode -log4j.logger.at.gv.egiz.eidas.specific=info, msnode -log4j.logger.at.gv.egiz.eidas.specific.connector.logger.RevisionLogger=info, reversion -log4j.logger.at.gv.egiz.eidas.specific.connector.logger.StatisticLogger=info, statistic -log4j.logger.eu.eidas=info, EIDASNODE - -log4j.additivity.at.gv.egiz.eidas.specific=false -log4j.additivity.at.gv.egiz.eidas.specific.connector.logger.RevisionLogger=false -log4j.additivity.at.gv.egiz.eidas.specific.connector.logger.StatisticLogger=false -log4j.additivity.eu.eidas=false - -log4j.appender.console=org.apache.log4j.ConsoleAppender -log4j.appender.console.layout=org.apache.log4j.PatternLayout -log4j.appender.console.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %20c | %10t | %m%n - -log4j.appender.stdout=org.apache.log4j.RollingFileAppender -log4j.appender.stdout.File=${catalina.base}/logs/console.log -log4j.appender.stdout.MaxFileSize=10000KB -log4j.appender.stdout.MaxBackupIndex=9999 -log4j.appender.stdout.layout=org.apache.log4j.PatternLayout -log4j.appender.stdout.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n - -log4j.appender.msnode=org.apache.log4j.RollingFileAppender -log4j.appender.msnode.File=${catalina.base}/logs/eidas-ms-reversion.log -log4j.appender.msnode.MaxFileSize=10000KB -log4j.appender.msnode.MaxBackupIndex=9999 -log4j.appender.msnode.layout=org.apache.log4j.PatternLayout -log4j.appender.msnode.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n - -log4j.appender.reversion=org.apache.log4j.RollingFileAppender -log4j.appender.reversion.File=${catalina.base}/logs/eidas-ms-reversion.log -log4j.appender.reversion.MaxFileSize=10000KB -log4j.appender.reversion.MaxBackupIndex=9999 -log4j.appender.reversion.layout=org.apache.log4j.PatternLayout -log4j.appender.reversion.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n - -log4j.appender.statistic=org.apache.log4j.RollingFileAppender -log4j.appender.statistic.File=${catalina.base}/logs/eidas-ms-statistic.log -log4j.appender.statistic.MaxFileSize=10000KB -log4j.appender.statistic.MaxBackupIndex=9999 -log4j.appender.statistic.layout=org.apache.log4j.PatternLayout -log4j.appender.statistic.layout.ConversionPattern=%m%n - -log4j.appender.EIDASNODE=org.apache.log4j.RollingFileAppender -log4j.appender.EIDASNODE.File=${catalina.base}/logs/eIDAS_node.log -log4j.appender.EIDASNODE.MaxFileSize=10000KB -log4j.appender.EIDASNODE.MaxBackupIndex=9999 -log4j.appender.EIDASNODE.layout=org.apache.log4j.PatternLayout -log4j.appender.EIDASNODE.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n \ No newline at end of file diff --git a/connector/src/main/resources/logback.xml b/connector/src/main/resources/logback.xml index a0a9995e..7aa2d0cc 100644 --- a/connector/src/main/resources/logback.xml +++ b/connector/src/main/resources/logback.xml @@ -11,14 +11,14 @@ - ${catalina.base}/logs/eidas-ms-reversion.log + logs/eidas-ms-specific.log %5p | %d{dd HH:mm:ss,SSS} | %t | %m%n 9999 - ${catalina.base}/logs/eidas-ms-reversion.log.%i + logs/eidas-ms-specific.log.%i - ${catalina.base}/logs/eIDAS_node.log + logs/eIDAS_node.log %5p | %d{dd HH:mm:ss,SSS} | %t | %m%n 9999 - ${catalina.base}/logs/eIDAS_node.log.%i + logs/eIDAS_node.log.%i - ${catalina.base}/logs/eidas-ms-reversion.log + logs/eidas-ms-reversion.log %5p | %d{dd HH:mm:ss,SSS} | %t | %m%n 9999 - ${catalina.base}/logs/eidas-ms-reversion.log.%i + logs/eidas-ms-reversion.log.%i - ${catalina.base}/logs/eidas-ms-statistic.log + logs/eidas-ms-statistic.log %m%n 9999 - ${catalina.base}/logs/eidas-ms-statistic.log.%i + logs/eidas-ms-statistic.log.%i - ${catalina.base}/logs/console.log + logs/console.log %5p | %d{dd HH:mm:ss,SSS} | %t | %m%n 9999 - ${catalina.base}/logs/console.log.%i + logs/console.log.%i - - - + - - @@ -43,7 +41,7 @@ - @@ -96,17 +94,6 @@ - - - - - - - - - - diff --git a/connector/src/main/resources/tomcat.properties b/connector/src/main/resources/tomcat.properties new file mode 100644 index 00000000..38ab5a64 --- /dev/null +++ b/connector/src/main/resources/tomcat.properties @@ -0,0 +1,15 @@ +tomcat.ajp.enabled=true +#tomcat.ajp.port=41009 +#tomcat.ajp.additionalAttributes.secretrequired=true +#tomcat.ajp.additionalAttributes.secret= + +server.tomcat.accesslog.buffered=false +server.tomcat.accesslog.prefix=tomcat-access_log +server.tomcat.accesslog.directory=logs/ +server.tomcat.accesslog.enabled=true +server.tomcat.accesslog.file-date-format=.yyyy-MM-dd +server.tomcat.accesslog.pattern=common +server.tomcat.accesslog.rename-on-rotate=false +server.tomcat.accesslog.request-attributes-enabled=true +server.tomcat.accesslog.rotate=true +server.tomcat.accesslog.suffix=.log \ No newline at end of file diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthenticationDataBuilderTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthenticationDataBuilderTest.java deleted file mode 100644 index 316dcb5f..00000000 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthenticationDataBuilderTest.java +++ /dev/null @@ -1,352 +0,0 @@ -package at.asitplus.eidas.specific.connector.test; - -import static at.asitplus.eidas.specific.connector.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE; - -import java.io.IOException; -import java.security.PublicKey; -import java.util.Date; -import java.util.HashMap; -import java.util.Map; - -import javax.xml.transform.TransformerException; - -import org.apache.commons.lang3.RandomStringUtils; -import org.junit.Assert; -import org.junit.Before; -import org.junit.BeforeClass; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.opensaml.core.config.InitializationException; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.i18n.LocaleContextHolder; -import org.springframework.mock.web.MockHttpServletRequest; -import org.springframework.mock.web.MockHttpServletResponse; -import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -import org.springframework.test.context.web.WebAppConfiguration; -import org.springframework.web.context.request.RequestContextHolder; -import org.springframework.web.context.request.ServletRequestAttributes; -import org.w3c.dom.Element; - -import at.asitplus.eidas.specific.connector.builder.AuthenticationDataBuilder; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; -import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; -import at.gv.egiz.eaaf.core.api.data.EaafConstants; -import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions; -import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; -import at.gv.egiz.eaaf.core.api.idp.IAuthData; -import at.gv.egiz.eaaf.core.api.idp.IConfiguration; -import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink; -import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException; -import at.gv.egiz.eaaf.core.exceptions.EaafBuilderException; -import at.gv.egiz.eaaf.core.exceptions.EaafParserException; -import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; -import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BpkBuilder; -import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; -import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser; -import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration; -import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; -import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer; -import net.shibboleth.utilities.java.support.component.ComponentInitializationException; - -@RunWith(SpringJUnit4ClassRunner.class) -@ContextConfiguration({ "/applicationContext.xml", "/SpringTest_connector.beans.xml", "/eaaf_core.beans.xml", - "/eaaf_pvp.beans.xml", "/eaaf_pvp_idp.beans.xml", "/spring/SpringTest-context_simple_storage.xml" }) -@WebAppConfiguration -public class AuthenticationDataBuilderTest { - - @Autowired - private AuthenticationDataBuilder authenticationDataBuilder; - - @Autowired(required = true) - private IConfiguration basicConfig; - - private MockHttpServletRequest httpReq; - private MockHttpServletResponse httpResp; - private TestRequestImpl pendingReq; - - private DummySpConfiguration oaParam; - - private String eidasBind; - private String authBlock; - - @BeforeClass - public static void classInitializer() throws InitializationException, ComponentInitializationException { - final String current = new java.io.File(".").toURI().toString(); - System.setProperty("eidas.ms.configuration", current - + "src/test/resources/config/junit_config_3.properties"); - - EaafOpenSaml3xInitializer.eaafInitialize(); - } - - @Before - public void initialize() throws EaafStorageException { - httpReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector"); - httpResp = new MockHttpServletResponse(); - RequestContextHolder.resetRequestAttributes(); - RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); - - final Map spConfig = new HashMap<>(); - spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp"); - spConfig.put("target", "urn:publicid:gv.at:cdid+XX"); - spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "true"); - oaParam = new DummySpConfiguration(spConfig, basicConfig); - - pendingReq = new TestRequestImpl(); - pendingReq.setAuthUrl("https://localhost/ms_connector"); - pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10)); - pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10)); - pendingReq.setSpConfig(oaParam); - authBlock = RandomStringUtils.randomAlphanumeric(20); - eidasBind = RandomStringUtils.randomAlphanumeric(20); - pendingReq.getSessionData(AuthProcessDataWrapper.class) - .setGenericDataToSession(Constants.SZR_AUTHBLOCK, authBlock); - pendingReq.getSessionData(AuthProcessDataWrapper.class) - .setGenericDataToSession(Constants.EIDAS_BIND, eidasBind); - pendingReq.getSessionData(AuthProcessDataWrapper.class) - .setQaaLevel(EaafConstants.EIDAS_LOA_PREFIX + RandomStringUtils.randomAlphabetic(5)); - pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( - PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, - RandomStringUtils.randomAlphabetic(2)); - - LocaleContextHolder.resetLocaleContext(); - - } - - @Test - public void eidMode() throws EaafAuthenticationException { - // initialize state - pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(true); - - // execute - IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq); - - // validate state - Assert.assertNotNull("AuthData null", authData); - Assert.assertNotNull("authBlock null", authData.getGenericData(Constants.SZR_AUTHBLOCK, String.class)); - Assert.assertNotNull("eidasBind null", authData.getGenericData(Constants.EIDAS_BIND, String.class)); - Assert.assertNotNull("LoA null", authData.getEidasQaaLevel()); - - String authBlock = authData.getGenericData(Constants.SZR_AUTHBLOCK, String.class); - String eidasBind = authData.getGenericData(Constants.EIDAS_BIND, String.class); - - Assert.assertEquals("authBlock not equal", this.authBlock, authBlock); - Assert.assertEquals("eidasBind not equal", this.eidasBind, eidasBind); - Assert.assertEquals("piiTransactionId", - authData.getGenericData(ExtendedPvpAttributeDefinitions.EID_PII_TRANSACTION_ID_NAME, String.class), - this.pendingReq.getUniquePiiTransactionIdentifier()); - Assert.assertNotNull("assertion validTo", authData.getSsoSessionValidTo()); - Assert.assertEquals("LoA", pendingReq.getSessionData(AuthProcessDataWrapper.class).getQaaLevel(), - authData.getEidasQaaLevel()); - Assert.assertEquals("EID-ISSUING-NATION", - pendingReq.getSessionData(AuthProcessDataWrapper.class).getGenericDataFromSession( - PvpAttributeDefinitions.EID_ISSUING_NATION_NAME), - authData.getCiticenCountryCode()); - - Assert.assertNull("bPK", authData.getBpk()); - Assert.assertNull("bPKType", authData.getBpkType()); - Assert.assertNull("FamilyName", authData.getFamilyName()); - Assert.assertNull("GivenName", authData.getGivenName()); - Assert.assertNull("DateOfBirth", authData.getDateOfBirth()); - Assert.assertNull("baseId", authData.getIdentificationValue()); - Assert.assertNull("baseIdType", authData.getIdentificationType()); - Assert.assertNull("IDL", authData.getIdentityLink()); - - } - - @Test - public void moaIdMode() throws EaafAuthenticationException, EaafBuilderException { - //initialize state - pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(false); - IIdentityLink idl = buildDummyIdl(); - pendingReq.getSessionData(AuthProcessDataWrapper.class).setIdentityLink(idl); - - //execute - IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq); - - //validate state - Assert.assertNotNull("AuthData null", authData); - Assert.assertNull("authBlock null", authData.getGenericData(Constants.SZR_AUTHBLOCK, String.class)); - Assert.assertNull("eidasBind null", authData.getGenericData(Constants.EIDAS_BIND, String.class)); - Assert.assertNull("piiTransactionId", - authData.getGenericData(ExtendedPvpAttributeDefinitions.EID_PII_TRANSACTION_ID_NAME, String.class)); - - - Assert.assertNotNull("assertion validTo", authData.getSsoSessionValidTo()); - Assert.assertNotNull("LoA null", authData.getEidasQaaLevel()); - Assert.assertEquals("LoA", pendingReq.getSessionData(AuthProcessDataWrapper.class).getQaaLevel(), - authData.getEidasQaaLevel()); - Assert.assertEquals("EID-ISSUING-NATION", - pendingReq.getSessionData(AuthProcessDataWrapper.class).getGenericDataFromSession( - PvpAttributeDefinitions.EID_ISSUING_NATION_NAME), - authData.getCiticenCountryCode()); - - Assert.assertEquals("FamilyName", idl.getFamilyName(), authData.getFamilyName()); - Assert.assertEquals("GivenName", idl.getGivenName(), authData.getGivenName()); - Assert.assertEquals("DateOfBirth", idl.getDateOfBirth(), authData.getFormatedDateOfBirth()); - Assert.assertEquals("bPK", - BpkBuilder.generateAreaSpecificPersonIdentifier( - idl.getIdentificationValue(), EaafConstants.URN_PREFIX_CDID + "XX").getFirst(), - authData.getBpk()); - Assert.assertEquals("bPKType", EaafConstants.URN_PREFIX_CDID + "XX", authData.getBpkType()); - Assert.assertNotNull("IDL", authData.getIdentityLink()); - - - } - - private IIdentityLink buildDummyIdl() { - return new IIdentityLink() { - - String familyName = RandomStringUtils.randomAlphabetic(10); - String givenName = RandomStringUtils.randomAlphabetic(10); - String dateOfBirth = "1955-02-03"; - String baseId = RandomStringUtils.randomAlphanumeric(20); - String saml2Serialized = RandomStringUtils.randomAlphanumeric(150); - - - - @Override - public void setSamlAssertion(Element arg0) throws TransformerException, IOException { - - } - - @Override - public void setPublicKey(PublicKey[] arg0) { - // TODO Auto-generated method stub - - } - - @Override - public void setPrPerson(Element arg0) { - // TODO Auto-generated method stub - - } - - @Override - public void setIssueInstant(String arg0) { - // TODO Auto-generated method stub - - } - - @Override - public void setIdentificationValue(String arg0) { - // TODO Auto-generated method stub - - } - - @Override - public void setIdentificationType(String arg0) { - // TODO Auto-generated method stub - - } - - @Override - public void setGivenName(String arg0) { - // TODO Auto-generated method stub - - } - - @Override - public void setFamilyName(String arg0) { - // TODO Auto-generated method stub - - } - - @Override - public void setDsigReferenceTransforms(Element[] arg0) { - // TODO Auto-generated method stub - - } - - @Override - public void setDateOfBirth(String arg0) { - // TODO Auto-generated method stub - - } - - @Override - public String getSerializedSamlAssertion() { - return this.saml2Serialized; - } - - @Override - public Element getSamlAssertion() { - IIdentityLink fullIdl; - try { - fullIdl = new SimpleIdentityLinkAssertionParser( - AuthenticationDataBuilderTest.class.getResourceAsStream("/data/test_idl_1.xml")).parseIdentityLink(); - return fullIdl.getSamlAssertion(); - - } catch (EaafParserException e) { - e.printStackTrace(); - } - - return null; - - } - - @Override - public PublicKey[] getPublicKey() { - // TODO Auto-generated method stub - return null; - } - - @Override - public Element getPrPerson() { - // TODO Auto-generated method stub - return null; - } - - @Override - public String getName() { - // TODO Auto-generated method stub - return null; - } - - @Override - public Date getIssueInstantDate() { - // TODO Auto-generated method stub - return null; - } - - @Override - public String getIssueInstant() { - // TODO Auto-generated method stub - return null; - } - - @Override - public String getIdentificationValue() { - return this.baseId; - } - - @Override - public String getIdentificationType() { - return EaafConstants.URN_PREFIX_BASEID; - } - - @Override - public String getGivenName() { - return this.givenName; - } - - @Override - public String getFamilyName() { - return this.familyName; - } - - @Override - public Element[] getDsigReferenceTransforms() { - // TODO Auto-generated method stub - return null; - } - - @Override - public String getDateOfBirth() { - return this.dateOfBirth; - - } - }; - } - -} diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthnRequestValidatorTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthnRequestValidatorTest.java deleted file mode 100644 index 389f561e..00000000 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthnRequestValidatorTest.java +++ /dev/null @@ -1,329 +0,0 @@ -package at.asitplus.eidas.specific.connector.test; - -import java.io.IOException; -import java.util.HashMap; -import java.util.Map; - -import javax.xml.parsers.ParserConfigurationException; - -import org.apache.commons.lang3.RandomStringUtils; -import org.junit.Assert; -import org.junit.Before; -import org.junit.BeforeClass; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.opensaml.core.config.InitializationException; -import org.opensaml.core.xml.io.Unmarshaller; -import org.opensaml.core.xml.io.UnmarshallingException; -import org.opensaml.core.xml.util.XMLObjectSupport; -import org.opensaml.saml.saml2.core.AuthnRequest; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.mock.web.MockHttpServletRequest; -import org.springframework.mock.web.MockHttpServletResponse; -import org.springframework.test.annotation.DirtiesContext; -import org.springframework.test.annotation.DirtiesContext.ClassMode; -import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -import org.springframework.test.context.web.WebAppConfiguration; -import org.springframework.web.context.request.RequestContextHolder; -import org.springframework.web.context.request.ServletRequestAttributes; -import org.w3c.dom.Element; -import org.xml.sax.SAXException; - -import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; -import at.asitplus.eidas.specific.connector.config.ServiceProviderConfiguration; -import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; -import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; -import at.gv.egiz.eaaf.core.exceptions.AuthnRequestValidatorException; -import at.gv.egiz.eaaf.core.exceptions.EaafException; -import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl; -import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; -import at.gv.egiz.eaaf.core.impl.utils.DomUtils; -import at.gv.egiz.eaaf.modules.pvp2.api.validation.IAuthnRequestPostProcessor; -import at.gv.egiz.eaaf.modules.pvp2.idp.impl.PvpSProfilePendingRequest; -import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer; -import net.shibboleth.utilities.java.support.component.ComponentInitializationException; - -@RunWith(SpringJUnit4ClassRunner.class) -@ContextConfiguration({ - "/applicationContext.xml", - "/specific_eIDAS_connector.beans.xml", - "/eaaf_core.beans.xml", - "/eaaf_pvp.beans.xml", - "/eaaf_pvp_idp.beans.xml", - "/spring/SpringTest-context_simple_storage.xml" }) -@WebAppConfiguration -@DirtiesContext(classMode = ClassMode.BEFORE_CLASS) -public class AuthnRequestValidatorTest { - - @Autowired private IConfigurationWithSP basicConfig; - @Autowired protected IAuthnRequestPostProcessor authRequestValidator; - - private MockHttpServletRequest httpReq; - private MockHttpServletResponse httpResp; - private PvpSProfilePendingRequest pendingReq; - - /** - * jUnit class initializer. - * @throws ComponentInitializationException In case of an error - * @throws InitializationException In case of an error - * - */ - @BeforeClass - public static void classInitializer() throws InitializationException, ComponentInitializationException { - final String current = new java.io.File(".").toURI().toString(); - System.setProperty("eidas.ms.configuration", current + "src/test/resources/config/junit_config_1.properties"); - - EaafOpenSaml3xInitializer.eaafInitialize(); - } - - /** - * jUnit test set-up. - * @throws EaafException - * - */ - @Before - public void initialize() throws EaafException { - httpReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector"); - httpResp = new MockHttpServletResponse(); - RequestContextHolder.resetRequestAttributes(); - RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); - - Map spConfig = new HashMap<>(); - spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphabetic(10)); - - pendingReq = new PvpSProfilePendingRequest(); - pendingReq.initialize(httpReq, basicConfig); - pendingReq.setPendingRequestId(RandomStringUtils.randomAlphanumeric(10)); - pendingReq.setOnlineApplicationConfiguration(new ServiceProviderConfiguration(spConfig, basicConfig)); - ((RequestImpl)pendingReq).setUniqueTransactionIdentifier(null); - - } - - @Test - public void loaLowRequested() throws AuthnRequestValidatorException, ParserConfigurationException, - SAXException, IOException, UnmarshallingException { - AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_1.xml"); - - //test - authRequestValidator.process(httpReq, pendingReq, authReq, null); - - //validate - Assert.assertNotNull("spEntityId is null", pendingReq.getRawData(MsEidasNodeConstants.DATA_REQUESTERID)); - Assert.assertEquals("SP EntityId not match", - "https://demo.egiz.gv.at/demoportal-openID_demo", - pendingReq.getRawData(MsEidasNodeConstants.DATA_REQUESTERID)); - - Assert.assertNotNull("SP ProviderName is null", pendingReq.getRawData(MsEidasNodeConstants.DATA_PROVIDERNAME)); - Assert.assertEquals("SP ProviderName not match", - "OpenID Connect Demo", - pendingReq.getRawData(MsEidasNodeConstants.DATA_PROVIDERNAME)); - - Assert.assertNotNull("Requested SP LoA is null", - pendingReq.getServiceProviderConfiguration().getRequiredLoA()); - Assert.assertFalse("Requested SP LoA is null", - pendingReq.getServiceProviderConfiguration().getRequiredLoA().isEmpty()); - Assert.assertEquals("SP LoA count not match", 1, - pendingReq.getServiceProviderConfiguration().getRequiredLoA().size()); - Assert.assertEquals("SP LoA not match", - "http://eidas.europa.eu/LoA/substantial", - pendingReq.getServiceProviderConfiguration().getRequiredLoA().get(0)); - - Assert.assertNotNull("bPK Target is null", - pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()); - Assert.assertEquals("bPK target not match", "urn:publicid:gv.at:cdid+BF", - pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()); - - Assert.assertNull("wrong transactionId", pendingReq.getUniqueTransactionIdentifier()); - - } - - @Test - public void loaSubstentialRequested() throws AuthnRequestValidatorException, ParserConfigurationException, - SAXException, IOException, UnmarshallingException { - AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_2.xml"); - - //test - authRequestValidator.process(httpReq, pendingReq, authReq, null); - - //validate - Assert.assertNotNull("spEntityId is null", pendingReq.getRawData(MsEidasNodeConstants.DATA_REQUESTERID)); - Assert.assertEquals("SP EntityId not match", - "https://demo.egiz.gv.at/demoportal-openID_demo", - pendingReq.getRawData(MsEidasNodeConstants.DATA_REQUESTERID)); - - Assert.assertNotNull("SP ProviderName is null", pendingReq.getRawData(MsEidasNodeConstants.DATA_PROVIDERNAME)); - Assert.assertEquals("SP ProviderName not match", - "OpenID Connect Demo", - pendingReq.getRawData(MsEidasNodeConstants.DATA_PROVIDERNAME)); - - Assert.assertNotNull("Requested SP LoA is null", - pendingReq.getServiceProviderConfiguration().getRequiredLoA()); - Assert.assertFalse("Requested SP LoA is null", - pendingReq.getServiceProviderConfiguration().getRequiredLoA().isEmpty()); - Assert.assertEquals("SP LoA count not match", 1, - pendingReq.getServiceProviderConfiguration().getRequiredLoA().size()); - Assert.assertEquals("SP LoA not match", - "http://eidas.europa.eu/LoA/substantial", - pendingReq.getServiceProviderConfiguration().getRequiredLoA().get(0)); - - Assert.assertNotNull("bPK Target is null", - pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()); - Assert.assertEquals("bPK target not match", "urn:publicid:gv.at:cdid+BF", - pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()); - - Assert.assertNull("wrong transactionId", pendingReq.getUniqueTransactionIdentifier()); - - } - - @Test - public void loaHighRequested() throws AuthnRequestValidatorException, ParserConfigurationException, - SAXException, IOException, UnmarshallingException { - AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_3.xml"); - - //test - authRequestValidator.process(httpReq, pendingReq, authReq, null); - - //validate - Assert.assertNotNull("spEntityId is null", pendingReq.getRawData(MsEidasNodeConstants.DATA_REQUESTERID)); - Assert.assertEquals("SP EntityId not match", - "https://demo.egiz.gv.at/demoportal-openID_demo", - pendingReq.getRawData(MsEidasNodeConstants.DATA_REQUESTERID)); - - Assert.assertNotNull("SP ProviderName is null", pendingReq.getRawData(MsEidasNodeConstants.DATA_PROVIDERNAME)); - Assert.assertEquals("SP ProviderName not match", - "OpenID Connect Demo", - pendingReq.getRawData(MsEidasNodeConstants.DATA_PROVIDERNAME)); - - Assert.assertNotNull("Requested SP LoA is null", - pendingReq.getServiceProviderConfiguration().getRequiredLoA()); - Assert.assertFalse("Requested SP LoA is null", - pendingReq.getServiceProviderConfiguration().getRequiredLoA().isEmpty()); - Assert.assertEquals("SP LoA count not match", 1, - pendingReq.getServiceProviderConfiguration().getRequiredLoA().size()); - Assert.assertEquals("SP LoA not match", - "http://eidas.europa.eu/LoA/high", - pendingReq.getServiceProviderConfiguration().getRequiredLoA().get(0)); - - Assert.assertNotNull("bPK Target is null", - pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()); - Assert.assertEquals("bPK target not match", "urn:publicid:gv.at:cdid+XX", - pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()); - - Assert.assertEquals("wrong transactionId", "transId_11223344556677aabbcc", - pendingReq.getUniqueTransactionIdentifier()); - - } - - @Test - public void transactionIdWrongPendingReqType() throws AuthnRequestValidatorException, ParserConfigurationException, - SAXException, IOException, UnmarshallingException { - - Map spConfig = new HashMap<>(); - spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphabetic(10)); - - TestRequestImpl pendingReqLocal = new TestRequestImpl(); - pendingReqLocal.setPendingReqId(RandomStringUtils.randomAlphanumeric(10)); - pendingReqLocal.setSpConfig(new ServiceProviderConfiguration(spConfig, basicConfig)); - - AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_3.xml"); - - //test - authRequestValidator.process(httpReq, pendingReqLocal, authReq, null); - - //validate - Assert.assertNull("wrong transactionId", pendingReqLocal.getUniqueTransactionIdentifier()); - - } - - @Test - public void invalidBpkTarget_1() throws ParserConfigurationException, - SAXException, IOException, UnmarshallingException { - AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_4.xml"); - - //test - try { - authRequestValidator.process(httpReq, pendingReq, authReq, null); - Assert.fail("Invalid or missing bPK target not detected"); - - } catch (AuthnRequestValidatorException e) { - Assert.assertEquals("Wrong errorCode", "pvp2.22", e.getErrorId()); - - } - } - - @Test - public void invalidBpkTarget_2() throws ParserConfigurationException, - SAXException, IOException, UnmarshallingException { - AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_5.xml"); - - //test - try { - authRequestValidator.process(httpReq, pendingReq, authReq, null); - Assert.fail("Invalid or missing bPK target not detected"); - - } catch (AuthnRequestValidatorException e) { - Assert.assertEquals("Wrong errorCode", "pvp2.22", e.getErrorId()); - - } - } - - @Test - public void invalidBpkTarget_3() throws ParserConfigurationException, - SAXException, IOException, UnmarshallingException { - AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_6.xml"); - - //test - try { - authRequestValidator.process(httpReq, pendingReq, authReq, null); - Assert.fail("Invalid or missing bPK target not detected"); - - } catch (AuthnRequestValidatorException e) { - Assert.assertEquals("Wrong errorCode", "pvp2.22", e.getErrorId()); - - } - } - - @Test - public void invalidBpkTarget_4() throws ParserConfigurationException, - SAXException, IOException, UnmarshallingException { - AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_7.xml"); - - //test - try { - authRequestValidator.process(httpReq, pendingReq, authReq, null); - Assert.fail("Invalid or missing bPK target not detected"); - - } catch (AuthnRequestValidatorException e) { - Assert.assertEquals("Wrong errorCode", "pvp2.22", e.getErrorId()); - - } - } - - @Test - public void invalidBpkTarget_5() throws ParserConfigurationException, - SAXException, IOException, UnmarshallingException { - AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_8.xml"); - - //test - try { - authRequestValidator.process(httpReq, pendingReq, authReq, null); - Assert.fail("Invalid or missing bPK target not detected"); - - } catch (AuthnRequestValidatorException e) { - Assert.assertEquals("Wrong errorCode", "pvp2.22", e.getErrorId()); - - } - } - - - private AuthnRequest getAuthRequest(String resource) throws - ParserConfigurationException, SAXException, IOException, UnmarshallingException { - final Element authBlockDom = - DomUtils.parseXmlValidating(AuthnRequestValidatorTest.class.getResourceAsStream(resource)); - - final Unmarshaller unmarshaller = XMLObjectSupport.getUnmarshaller(authBlockDom); - return (AuthnRequest) unmarshaller.unmarshall(authBlockDom); - - } -} diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/BasicConfigurationTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/BasicConfigurationTest.java deleted file mode 100644 index 6e52f113..00000000 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/BasicConfigurationTest.java +++ /dev/null @@ -1,135 +0,0 @@ -package at.asitplus.eidas.specific.connector.test; - -import java.net.MalformedURLException; -import java.net.URL; -import java.security.cert.CertificateException; - -import org.junit.Assert; -import org.junit.BeforeClass; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.opensaml.core.config.InitializationException; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.test.annotation.DirtiesContext; -import org.springframework.test.annotation.DirtiesContext.ClassMode; -import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -import org.springframework.test.context.web.WebAppConfiguration; - -import at.asitplus.eidas.specific.connector.config.ServiceProviderConfiguration; -import at.gv.egiz.eaaf.core.api.data.EaafConstants; -import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; -import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; -import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; -import at.gv.egiz.eaaf.core.exceptions.EaafException; -import net.shibboleth.utilities.java.support.component.ComponentInitializationException; - -@RunWith(SpringJUnit4ClassRunner.class) -@ContextConfiguration({ - "/applicationContext.xml", - "/specific_eIDAS_connector.beans.xml", - "/eaaf_core.beans.xml", - "/eaaf_pvp.beans.xml", - "/eaaf_pvp_idp.beans.xml", - "/spring/SpringTest-context_simple_storage.xml" }) -@WebAppConfiguration -@DirtiesContext(classMode = ClassMode.BEFORE_CLASS) -public class BasicConfigurationTest { - - @Autowired private IConfigurationWithSP basicConfig; - - /** - * jUnit class initializer. - * @throws ComponentInitializationException In case of an error - * @throws InitializationException In case of an error - * @throws CertificateException - * - */ - @BeforeClass - public static void classInitializer() throws InitializationException, - ComponentInitializationException, CertificateException { - final String current = new java.io.File(".").toURI().toString(); - System.setProperty("eidas.ms.configuration", current + "src/test/resources/config/junit_config_1.properties"); - - } - - - @Test - public void basicConfig() throws MalformedURLException, EaafException { - Assert.assertEquals("validate req. URL", "http://localhost", - basicConfig.validateIdpUrl(new URL("http://junit/test"))); - - Assert.assertEquals("validate req. URL", "http://localhost", - basicConfig.validateIdpUrl(new URL("http://localhost/test1/test"))); - - } - - @Test - public void loadSpNotExist() throws EaafConfigurationException { - //check - ISpConfiguration sp = basicConfig.getServiceProviderConfiguration( - "https://not/exist"); - - //validate state - Assert.assertNull("spConfig", sp); - - - } - - @Test - public void loadSpDefault() throws EaafConfigurationException { - //check - ISpConfiguration sp = basicConfig.getServiceProviderConfiguration( - "https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata"); - - //validate state - Assert.assertNotNull("spConfig", sp); - Assert.assertEquals("BaseId transfare restrication", true, sp.hasBaseIdTransferRestriction()); - Assert.assertEquals("BaseId process restrication", false, sp.hasBaseIdInternalProcessingRestriction()); - - Assert.assertEquals("req. LoA size", 1, sp.getRequiredLoA().size()); - Assert.assertEquals("req. LoA", EaafConstants.EIDAS_LOA_HIGH, sp.getRequiredLoA().get(0)); - Assert.assertEquals("LoA matching mode", - EaafConstants.EIDAS_LOA_MATCHING_MINIMUM, sp.getLoAMatchingMode()); - - } - - @Test - public void loadSpNoBaseIdTransferRestriction() throws EaafException { - //check - ServiceProviderConfiguration sp = basicConfig.getServiceProviderConfiguration( - "https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata", ServiceProviderConfiguration.class); - - //validate state - Assert.assertNotNull("spConfig", sp); - Assert.assertNull("bPKTarget already set", sp.getAreaSpecificTargetIdentifier()); - - //validate baseId transfer restriction - sp.setBpkTargetIdentifier(EaafConstants.URN_PREFIX_CDID + "ZP"); - Assert.assertEquals("BaseId restrication", false, sp.hasBaseIdTransferRestriction()); - Assert.assertEquals("bPKTarget", EaafConstants.URN_PREFIX_CDID + "ZP", sp.getAreaSpecificTargetIdentifier()); - - sp.setBpkTargetIdentifier(EaafConstants.URN_PREFIX_WBPK_TARGET_WITH_X + "FN+123456h"); - Assert.assertEquals("BaseId restrication", true, sp.hasBaseIdTransferRestriction()); - - } - - @Test - public void loadSpWithMsSpecificConfig() throws EaafConfigurationException { - //check - ServiceProviderConfiguration sp = basicConfig.getServiceProviderConfiguration( - "https://demo.egiz.gv.at/junit_test", ServiceProviderConfiguration.class); - - //validate state - Assert.assertNotNull("spConfig", sp); - Assert.assertEquals("friendlyName", "jUnit test", sp.getFriendlyName()); - Assert.assertEquals("UniqueId", "https://demo.egiz.gv.at/junit_test", sp.getUniqueIdentifier()); - Assert.assertEquals("BaseId restrication", true, sp.hasBaseIdTransferRestriction()); - Assert.assertEquals("generic config value", false, - sp.isConfigurationValue("policy.allowed.requested.targets")); - Assert.assertEquals("generic config value", "test", - sp.getConfigurationValue("policy.allowed.requested.targets")); - Assert.assertEquals("not_exist_value", "true", sp.getConfigurationValue("not.exist", "true")); - - } -} diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/CountrySelectionProcessImplTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/CountrySelectionProcessImplTest.java deleted file mode 100644 index 455288f5..00000000 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/CountrySelectionProcessImplTest.java +++ /dev/null @@ -1,120 +0,0 @@ -package at.asitplus.eidas.specific.connector.test; - -import java.util.HashMap; -import java.util.Map; - -import org.apache.commons.lang3.RandomStringUtils; -import org.junit.Assert; -import org.junit.Before; -import org.junit.BeforeClass; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.core.io.Resource; -import org.springframework.core.io.ResourceLoader; -import org.springframework.test.annotation.DirtiesContext; -import org.springframework.test.annotation.DirtiesContext.ClassMode; -import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; - -import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; -import at.asitplus.eidas.specific.connector.processes.CountrySelectionProcessImpl; -import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; -import at.gv.egiz.eaaf.core.api.idp.IConfiguration; -import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; -import at.gv.egiz.eaaf.core.impl.idp.auth.modules.ModuleRegistration; -import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyConfiguration; -import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration; -import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; -import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; - -@RunWith(SpringJUnit4ClassRunner.class) -@ContextConfiguration("/spring/SpringTest-context_basic_test.xml") -@DirtiesContext(classMode = ClassMode.BEFORE_CLASS) -public class CountrySelectionProcessImplTest { - - @Autowired ModuleRegistration moduleReg; - @Autowired ResourceLoader loader; - - private final ExecutionContext executionContext = new ExecutionContextImpl(); - private DummySpConfiguration oaParam; - private TestRequestImpl pendingReq; - private CountrySelectionProcessImpl authProcess = new CountrySelectionProcessImpl(); - - /** - * jUnit class initializer. - * - */ - @BeforeClass - public static void classInitializer() { - final String current = new java.io.File(".").toURI().toString(); - System.setProperty("eidas.ms.configuration", current + "../basicConfig/default_config.properties"); - - } - - /** - * jUnit test set-up. - * - */ - @Before - public void initialize() { - Map configMap = new HashMap(); - configMap.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "http://test.com/test"); - IConfiguration basicConfig = new DummyConfiguration(); - oaParam = new DummySpConfiguration(configMap, basicConfig); - pendingReq = new TestRequestImpl(); - pendingReq.setSpConfig(oaParam); - } - - @Test - public void checkProcessDefinition() { - Assert.assertNotNull("AuthModule is null", authProcess); - Assert.assertNotNull("AuthModule process is null", authProcess.getProcessDefinitions()); - - for (String el : authProcess.getProcessDefinitions()) { - Resource res = loader.getResource(el); - Assert.assertTrue("AuthProcess description not extist", res.exists()); - - } - } - - @Test - public void noCountrySelected() throws Exception { - final String result = - moduleReg.selectProcess(executionContext, pendingReq); - Assert.assertNotNull("Process is null", result); - Assert.assertEquals("Process Id not match", "CountrySelectionProcess", result); - - } - - @Test - public void selectCountryValid() throws Exception { - executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, RandomStringUtils.randomAlphanumeric(2)); - final String result = - moduleReg.selectProcess(executionContext, pendingReq); - - Assert.assertNull("Select wrong process", result); - - } - - @Test - public void selectCountryWrongType() throws Exception { - executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, 1); - final String result = - moduleReg.selectProcess(executionContext, pendingReq); - Assert.assertNotNull("Process is null", result); - Assert.assertEquals("Process Id not match", "CountrySelectionProcess", result); - - } - - @Test - public void selectCountryEmpty() throws Exception { - executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, ""); - final String result = - moduleReg.selectProcess(executionContext, pendingReq); - Assert.assertNotNull("Process is null", result); - Assert.assertEquals("Process Id not match", "CountrySelectionProcess", result); - - } - -} diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java new file mode 100644 index 00000000..66147971 --- /dev/null +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java @@ -0,0 +1,109 @@ +package at.asitplus.eidas.specific.connector.test; + +import java.io.IOException; +import java.lang.reflect.Field; + +import org.apache.http.client.ClientProtocolException; +import org.apache.http.client.methods.CloseableHttpResponse; +import org.apache.http.client.methods.HttpGet; +import org.apache.http.client.methods.HttpUriRequest; +import org.apache.http.impl.client.CloseableHttpClient; +import org.apache.http.impl.client.HttpClientBuilder; +import org.apache.http.impl.client.HttpClients; +import org.apache.ignite.Ignition; +import org.junit.After; +import org.junit.AfterClass; +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.BlockJUnit4ClassRunner; + +import at.asitplus.eidas.specific.connector.SpringBootApplicationInitializer; +import at.gv.egiz.eaaf.core.impl.logging.DummyStatusMessager; +import at.gv.egiz.eaaf.core.impl.logging.LogMessageProviderFactory; +import lombok.extern.slf4j.Slf4j; + +@Slf4j +@RunWith(BlockJUnit4ClassRunner.class) +public class MainClassExecutableModeTest { + + /** + * jUnit class initializer. + * @throws InterruptedException In case of an error + * + */ + @BeforeClass + public static void classInitializer() throws InterruptedException { + final String current = new java.io.File(".").toURI().toString(); + System.clearProperty("eidas.ms.configuration"); + + //eIDAS Ref. Impl. properties + System.setProperty("EIDAS_CONFIG_REPOSITORY", current.substring("file:".length()) + + "../basicConfig/eIDAS/"); + System.setProperty("SPECIFIC_CONNECTOR_CONFIG_REPOSITORY", current.substring("file:".length()) + + "../basicConfig/eIDAS/"); + System.setProperty("SPECIFIC_PROXY_SERVICE_CONFIG_REPOSITORY", current.substring("file:".length()) + + "../basicConfig/eIDAS/"); + + } + + /** + * Initializer. + * @throws InterruptedException In case of an error + * + */ + @AfterClass + public static void closeIgniteNode() throws InterruptedException { + System.out.println("Closing Ignite Node ... "); + + log.info("Stopping already running Apache Ignite nodes ... "); + Ignition.stopAll(true); + Thread.sleep(1000); + + } + + /** + * Test reseter. + * + */ + @After + public void cleanJvmState() throws NoSuchFieldException, SecurityException, + IllegalArgumentException, IllegalAccessException { + final Field field = LogMessageProviderFactory.class.getDeclaredField("internalMessager"); + field.setAccessible(true); + field.set(null, new DummyStatusMessager()); + + System.clearProperty("eidas.ms.configuration"); + SpringBootApplicationInitializer.exit(); + + } + + + @Test + public void validConfigLocation() throws ClientProtocolException, IOException { + SpringBootApplicationInitializer + .main(new String[] { + "--spring.config.location=src/test/resources/config/junit_config_1_springboot.properties,classpath:/application.properties", + "--spring.profiles.active=jUnitTestMode,springBoot" }); + + System.out.println("Is started!"); + + // test Spring-Actuator http Basic-Auth + testSpringActuatorSecurity(); + + } + + private void testSpringActuatorSecurity() throws ClientProtocolException, IOException { + // check if authentication works on actuator end-point + final HttpClientBuilder builder = HttpClients.custom(); + final CloseableHttpClient client = builder.build(); + Assert.assertNotNull("httpClient", client); + + final HttpUriRequest httpGet1 = new HttpGet("http://localhost:8080/ms_connector/actuator/info"); + final CloseableHttpResponse httpResp1 = client.execute(httpGet1); + Assert.assertEquals("http statusCode", 200, httpResp1.getStatusLine().getStatusCode()); + + } + +} diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java new file mode 100644 index 00000000..265edfb6 --- /dev/null +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java @@ -0,0 +1,129 @@ +package at.asitplus.eidas.specific.connector.test; + +import java.io.IOException; +import java.lang.reflect.Field; + +import org.apache.http.client.ClientProtocolException; +import org.apache.http.client.methods.CloseableHttpResponse; +import org.apache.http.client.methods.HttpGet; +import org.apache.http.client.methods.HttpUriRequest; +import org.apache.http.impl.client.CloseableHttpClient; +import org.apache.http.impl.client.HttpClientBuilder; +import org.apache.http.impl.client.HttpClients; +import org.apache.ignite.Ignition; +import org.junit.After; +import org.junit.AfterClass; +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.BlockJUnit4ClassRunner; + +import at.asitplus.eidas.specific.connector.SpringBootApplicationInitializer; +import at.gv.egiz.eaaf.core.impl.logging.DummyStatusMessager; +import at.gv.egiz.eaaf.core.impl.logging.LogMessageProviderFactory; + +@RunWith(BlockJUnit4ClassRunner.class) +public class MainClassWebAppModeTest { + + /** + * jUnit class initializer. + * + */ + @BeforeClass + public static void classInitializer() { + final String current = new java.io.File(".").toURI().toString(); + + //eIDAS Ref. Impl. properties + System.setProperty("EIDAS_CONFIG_REPOSITORY", current.substring("file:".length()) + + "../basicConfig/eIDAS/"); + System.setProperty("SPECIFIC_CONNECTOR_CONFIG_REPOSITORY", current.substring("file:".length()) + + "../basicConfig/eIDAS/"); + System.setProperty("SPECIFIC_PROXY_SERVICE_CONFIG_REPOSITORY", current.substring("file:".length()) + + "../basicConfig/eIDAS/"); + + } + + /** + * Initializer. + * + */ + @AfterClass + public static void closeIgniteNode() { + System.out.println("Closing Ignite Node ... "); + Ignition.stopAll(true); + + } + + /** + * Test reseter. + * + */ + @After + public void cleanJvmState() throws NoSuchFieldException, SecurityException, + IllegalArgumentException, IllegalAccessException { + final Field field = LogMessageProviderFactory.class.getDeclaredField("internalMessager"); + field.setAccessible(true); + field.set(null, new DummyStatusMessager()); + + System.clearProperty("eidas.ms.configuration"); + SpringBootApplicationInitializer.exit(); + + } + + @Test + public void wrongConfigLocation() { + //MS-specific connector property + final String current = new java.io.File(".").toURI().toString(); + System.setProperty("eidas.ms.configuration", current + + "src/test/resources/config/notextist.properties"); + + try { + //starting application + SpringBootApplicationInitializer + .main(new String[] { + "--spring.profiles.active=jUnitTestMode,springBoot" }); + Assert.fail("Missing configuration not detected"); + + } catch (final Exception e) { + Assert.assertNotNull("Exception is null", e); + + } + } + + + @Test + public void systemdConfigLocation() throws ClientProtocolException, IOException { + //MS-specific connector property + final String current = new java.io.File(".").toURI().toString(); + System.setProperty("eidas.ms.configuration", current + + "src/test/resources/config/junit_config_1_springboot.properties"); + + //starting application + SpringBootApplicationInitializer + .main(new String[] { + "--spring.profiles.active=jUnitTestMode,springBoot" }); + + System.out.println("Is started!"); + + // test Spring-Actuator http Basic-Auth + testSpringActuatorSecurity(); + + + + + } + + private void testSpringActuatorSecurity() throws ClientProtocolException, IOException { + // check if authentication works on actuator end-point + final HttpClientBuilder builder = HttpClients.custom(); + final CloseableHttpClient client = builder.build(); + Assert.assertNotNull("httpClient", client); + + final HttpUriRequest httpGet1 = new HttpGet("http://localhost:8080/ms_connector/actuator/info"); + final CloseableHttpResponse httpResp1 = client.execute(httpGet1); + Assert.assertEquals("http statusCode", 200, httpResp1.getStatusLine().getStatusCode()); + + } + +} diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/config/BasicConfigurationTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/config/BasicConfigurationTest.java new file mode 100644 index 00000000..86342f99 --- /dev/null +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/config/BasicConfigurationTest.java @@ -0,0 +1,135 @@ +package at.asitplus.eidas.specific.connector.test.config; + +import java.net.MalformedURLException; +import java.net.URL; +import java.security.cert.CertificateException; + +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.opensaml.core.config.InitializationException; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.test.annotation.DirtiesContext; +import org.springframework.test.annotation.DirtiesContext.ClassMode; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.test.context.web.WebAppConfiguration; + +import at.asitplus.eidas.specific.connector.config.ServiceProviderConfiguration; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; +import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; +import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; +import at.gv.egiz.eaaf.core.exceptions.EaafException; +import net.shibboleth.utilities.java.support.component.ComponentInitializationException; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/applicationContext.xml", + "/specific_eIDAS_connector.beans.xml", + "/eaaf_core.beans.xml", + "/eaaf_pvp.beans.xml", + "/eaaf_pvp_idp.beans.xml", + "/spring/SpringTest-context_simple_storage.xml" }) +@WebAppConfiguration +@DirtiesContext(classMode = ClassMode.BEFORE_CLASS) +public class BasicConfigurationTest { + + @Autowired private IConfigurationWithSP basicConfig; + + /** + * jUnit class initializer. + * @throws ComponentInitializationException In case of an error + * @throws InitializationException In case of an error + * @throws CertificateException + * + */ + @BeforeClass + public static void classInitializer() throws InitializationException, + ComponentInitializationException, CertificateException { + final String current = new java.io.File(".").toURI().toString(); + System.setProperty("eidas.ms.configuration", current + "src/test/resources/config/junit_config_1.properties"); + + } + + + @Test + public void basicConfig() throws MalformedURLException, EaafException { + Assert.assertEquals("validate req. URL", "http://localhost", + basicConfig.validateIdpUrl(new URL("http://junit/test"))); + + Assert.assertEquals("validate req. URL", "http://localhost", + basicConfig.validateIdpUrl(new URL("http://localhost/test1/test"))); + + } + + @Test + public void loadSpNotExist() throws EaafConfigurationException { + //check + ISpConfiguration sp = basicConfig.getServiceProviderConfiguration( + "https://not/exist"); + + //validate state + Assert.assertNull("spConfig", sp); + + + } + + @Test + public void loadSpDefault() throws EaafConfigurationException { + //check + ISpConfiguration sp = basicConfig.getServiceProviderConfiguration( + "https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata"); + + //validate state + Assert.assertNotNull("spConfig", sp); + Assert.assertEquals("BaseId transfare restrication", true, sp.hasBaseIdTransferRestriction()); + Assert.assertEquals("BaseId process restrication", false, sp.hasBaseIdInternalProcessingRestriction()); + + Assert.assertEquals("req. LoA size", 1, sp.getRequiredLoA().size()); + Assert.assertEquals("req. LoA", EaafConstants.EIDAS_LOA_HIGH, sp.getRequiredLoA().get(0)); + Assert.assertEquals("LoA matching mode", + EaafConstants.EIDAS_LOA_MATCHING_MINIMUM, sp.getLoAMatchingMode()); + + } + + @Test + public void loadSpNoBaseIdTransferRestriction() throws EaafException { + //check + ServiceProviderConfiguration sp = basicConfig.getServiceProviderConfiguration( + "https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata", ServiceProviderConfiguration.class); + + //validate state + Assert.assertNotNull("spConfig", sp); + Assert.assertNull("bPKTarget already set", sp.getAreaSpecificTargetIdentifier()); + + //validate baseId transfer restriction + sp.setBpkTargetIdentifier(EaafConstants.URN_PREFIX_CDID + "ZP"); + Assert.assertEquals("BaseId restrication", false, sp.hasBaseIdTransferRestriction()); + Assert.assertEquals("bPKTarget", EaafConstants.URN_PREFIX_CDID + "ZP", sp.getAreaSpecificTargetIdentifier()); + + sp.setBpkTargetIdentifier(EaafConstants.URN_PREFIX_WBPK_TARGET_WITH_X + "FN+123456h"); + Assert.assertEquals("BaseId restrication", true, sp.hasBaseIdTransferRestriction()); + + } + + @Test + public void loadSpWithMsSpecificConfig() throws EaafConfigurationException { + //check + ServiceProviderConfiguration sp = basicConfig.getServiceProviderConfiguration( + "https://demo.egiz.gv.at/junit_test", ServiceProviderConfiguration.class); + + //validate state + Assert.assertNotNull("spConfig", sp); + Assert.assertEquals("friendlyName", "jUnit test", sp.getFriendlyName()); + Assert.assertEquals("UniqueId", "https://demo.egiz.gv.at/junit_test", sp.getUniqueIdentifier()); + Assert.assertEquals("BaseId restrication", true, sp.hasBaseIdTransferRestriction()); + Assert.assertEquals("generic config value", false, + sp.isConfigurationValue("policy.allowed.requested.targets")); + Assert.assertEquals("generic config value", "test", + sp.getConfigurationValue("policy.allowed.requested.targets")); + Assert.assertEquals("not_exist_value", "true", sp.getConfigurationValue("not.exist", "true")); + + } +} diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java new file mode 100644 index 00000000..87abb06f --- /dev/null +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java @@ -0,0 +1,352 @@ +package at.asitplus.eidas.specific.connector.test.utils; + +import static at.asitplus.eidas.specific.connector.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE; + +import java.io.IOException; +import java.security.PublicKey; +import java.util.Date; +import java.util.HashMap; +import java.util.Map; + +import javax.xml.transform.TransformerException; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Assert; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.opensaml.core.config.InitializationException; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.i18n.LocaleContextHolder; +import org.springframework.mock.web.MockHttpServletRequest; +import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.test.context.web.WebAppConfiguration; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; +import org.w3c.dom.Element; + +import at.asitplus.eidas.specific.connector.builder.AuthenticationDataBuilder; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; +import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; +import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.idp.IAuthData; +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink; +import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException; +import at.gv.egiz.eaaf.core.exceptions.EaafBuilderException; +import at.gv.egiz.eaaf.core.exceptions.EaafParserException; +import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; +import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BpkBuilder; +import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; +import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser; +import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration; +import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; +import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer; +import net.shibboleth.utilities.java.support.component.ComponentInitializationException; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ "/applicationContext.xml", "/SpringTest_connector.beans.xml", "/eaaf_core.beans.xml", + "/eaaf_pvp.beans.xml", "/eaaf_pvp_idp.beans.xml", "/spring/SpringTest-context_simple_storage.xml" }) +@WebAppConfiguration +public class AuthenticationDataBuilderTest { + + @Autowired + private AuthenticationDataBuilder authenticationDataBuilder; + + @Autowired(required = true) + private IConfiguration basicConfig; + + private MockHttpServletRequest httpReq; + private MockHttpServletResponse httpResp; + private TestRequestImpl pendingReq; + + private DummySpConfiguration oaParam; + + private String eidasBind; + private String authBlock; + + @BeforeClass + public static void classInitializer() throws InitializationException, ComponentInitializationException { + final String current = new java.io.File(".").toURI().toString(); + System.setProperty("eidas.ms.configuration", current + + "src/test/resources/config/junit_config_3.properties"); + + EaafOpenSaml3xInitializer.eaafInitialize(); + } + + @Before + public void initialize() throws EaafStorageException { + httpReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector"); + httpResp = new MockHttpServletResponse(); + RequestContextHolder.resetRequestAttributes(); + RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); + + final Map spConfig = new HashMap<>(); + spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp"); + spConfig.put("target", "urn:publicid:gv.at:cdid+XX"); + spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "true"); + oaParam = new DummySpConfiguration(spConfig, basicConfig); + + pendingReq = new TestRequestImpl(); + pendingReq.setAuthUrl("https://localhost/ms_connector"); + pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10)); + pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10)); + pendingReq.setSpConfig(oaParam); + authBlock = RandomStringUtils.randomAlphanumeric(20); + eidasBind = RandomStringUtils.randomAlphanumeric(20); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(Constants.SZR_AUTHBLOCK, authBlock); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(Constants.EIDAS_BIND, eidasBind); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setQaaLevel(EaafConstants.EIDAS_LOA_PREFIX + RandomStringUtils.randomAlphabetic(5)); + pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( + PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, + RandomStringUtils.randomAlphabetic(2)); + + LocaleContextHolder.resetLocaleContext(); + + } + + @Test + public void eidMode() throws EaafAuthenticationException { + // initialize state + pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(true); + + // execute + IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq); + + // validate state + Assert.assertNotNull("AuthData null", authData); + Assert.assertNotNull("authBlock null", authData.getGenericData(Constants.SZR_AUTHBLOCK, String.class)); + Assert.assertNotNull("eidasBind null", authData.getGenericData(Constants.EIDAS_BIND, String.class)); + Assert.assertNotNull("LoA null", authData.getEidasQaaLevel()); + + String authBlock = authData.getGenericData(Constants.SZR_AUTHBLOCK, String.class); + String eidasBind = authData.getGenericData(Constants.EIDAS_BIND, String.class); + + Assert.assertEquals("authBlock not equal", this.authBlock, authBlock); + Assert.assertEquals("eidasBind not equal", this.eidasBind, eidasBind); + Assert.assertEquals("piiTransactionId", + authData.getGenericData(ExtendedPvpAttributeDefinitions.EID_PII_TRANSACTION_ID_NAME, String.class), + this.pendingReq.getUniquePiiTransactionIdentifier()); + Assert.assertNotNull("assertion validTo", authData.getSsoSessionValidTo()); + Assert.assertEquals("LoA", pendingReq.getSessionData(AuthProcessDataWrapper.class).getQaaLevel(), + authData.getEidasQaaLevel()); + Assert.assertEquals("EID-ISSUING-NATION", + pendingReq.getSessionData(AuthProcessDataWrapper.class).getGenericDataFromSession( + PvpAttributeDefinitions.EID_ISSUING_NATION_NAME), + authData.getCiticenCountryCode()); + + Assert.assertNull("bPK", authData.getBpk()); + Assert.assertNull("bPKType", authData.getBpkType()); + Assert.assertNull("FamilyName", authData.getFamilyName()); + Assert.assertNull("GivenName", authData.getGivenName()); + Assert.assertNull("DateOfBirth", authData.getDateOfBirth()); + Assert.assertNull("baseId", authData.getIdentificationValue()); + Assert.assertNull("baseIdType", authData.getIdentificationType()); + Assert.assertNull("IDL", authData.getIdentityLink()); + + } + + @Test + public void moaIdMode() throws EaafAuthenticationException, EaafBuilderException { + //initialize state + pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(false); + IIdentityLink idl = buildDummyIdl(); + pendingReq.getSessionData(AuthProcessDataWrapper.class).setIdentityLink(idl); + + //execute + IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq); + + //validate state + Assert.assertNotNull("AuthData null", authData); + Assert.assertNull("authBlock null", authData.getGenericData(Constants.SZR_AUTHBLOCK, String.class)); + Assert.assertNull("eidasBind null", authData.getGenericData(Constants.EIDAS_BIND, String.class)); + Assert.assertNull("piiTransactionId", + authData.getGenericData(ExtendedPvpAttributeDefinitions.EID_PII_TRANSACTION_ID_NAME, String.class)); + + + Assert.assertNotNull("assertion validTo", authData.getSsoSessionValidTo()); + Assert.assertNotNull("LoA null", authData.getEidasQaaLevel()); + Assert.assertEquals("LoA", pendingReq.getSessionData(AuthProcessDataWrapper.class).getQaaLevel(), + authData.getEidasQaaLevel()); + Assert.assertEquals("EID-ISSUING-NATION", + pendingReq.getSessionData(AuthProcessDataWrapper.class).getGenericDataFromSession( + PvpAttributeDefinitions.EID_ISSUING_NATION_NAME), + authData.getCiticenCountryCode()); + + Assert.assertEquals("FamilyName", idl.getFamilyName(), authData.getFamilyName()); + Assert.assertEquals("GivenName", idl.getGivenName(), authData.getGivenName()); + Assert.assertEquals("DateOfBirth", idl.getDateOfBirth(), authData.getFormatedDateOfBirth()); + Assert.assertEquals("bPK", + BpkBuilder.generateAreaSpecificPersonIdentifier( + idl.getIdentificationValue(), EaafConstants.URN_PREFIX_CDID + "XX").getFirst(), + authData.getBpk()); + Assert.assertEquals("bPKType", EaafConstants.URN_PREFIX_CDID + "XX", authData.getBpkType()); + Assert.assertNotNull("IDL", authData.getIdentityLink()); + + + } + + private IIdentityLink buildDummyIdl() { + return new IIdentityLink() { + + String familyName = RandomStringUtils.randomAlphabetic(10); + String givenName = RandomStringUtils.randomAlphabetic(10); + String dateOfBirth = "1955-02-03"; + String baseId = RandomStringUtils.randomAlphanumeric(20); + String saml2Serialized = RandomStringUtils.randomAlphanumeric(150); + + + + @Override + public void setSamlAssertion(Element arg0) throws TransformerException, IOException { + + } + + @Override + public void setPublicKey(PublicKey[] arg0) { + // TODO Auto-generated method stub + + } + + @Override + public void setPrPerson(Element arg0) { + // TODO Auto-generated method stub + + } + + @Override + public void setIssueInstant(String arg0) { + // TODO Auto-generated method stub + + } + + @Override + public void setIdentificationValue(String arg0) { + // TODO Auto-generated method stub + + } + + @Override + public void setIdentificationType(String arg0) { + // TODO Auto-generated method stub + + } + + @Override + public void setGivenName(String arg0) { + // TODO Auto-generated method stub + + } + + @Override + public void setFamilyName(String arg0) { + // TODO Auto-generated method stub + + } + + @Override + public void setDsigReferenceTransforms(Element[] arg0) { + // TODO Auto-generated method stub + + } + + @Override + public void setDateOfBirth(String arg0) { + // TODO Auto-generated method stub + + } + + @Override + public String getSerializedSamlAssertion() { + return this.saml2Serialized; + } + + @Override + public Element getSamlAssertion() { + IIdentityLink fullIdl; + try { + fullIdl = new SimpleIdentityLinkAssertionParser( + AuthenticationDataBuilderTest.class.getResourceAsStream("/data/test_idl_1.xml")).parseIdentityLink(); + return fullIdl.getSamlAssertion(); + + } catch (EaafParserException e) { + e.printStackTrace(); + } + + return null; + + } + + @Override + public PublicKey[] getPublicKey() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Element getPrPerson() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getName() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Date getIssueInstantDate() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getIssueInstant() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getIdentificationValue() { + return this.baseId; + } + + @Override + public String getIdentificationType() { + return EaafConstants.URN_PREFIX_BASEID; + } + + @Override + public String getGivenName() { + return this.givenName; + } + + @Override + public String getFamilyName() { + return this.familyName; + } + + @Override + public Element[] getDsigReferenceTransforms() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getDateOfBirth() { + return this.dateOfBirth; + + } + }; + } + +} diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthnRequestValidatorTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthnRequestValidatorTest.java new file mode 100644 index 00000000..a9929a01 --- /dev/null +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthnRequestValidatorTest.java @@ -0,0 +1,329 @@ +package at.asitplus.eidas.specific.connector.test.utils; + +import java.io.IOException; +import java.util.HashMap; +import java.util.Map; + +import javax.xml.parsers.ParserConfigurationException; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Assert; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.opensaml.core.config.InitializationException; +import org.opensaml.core.xml.io.Unmarshaller; +import org.opensaml.core.xml.io.UnmarshallingException; +import org.opensaml.core.xml.util.XMLObjectSupport; +import org.opensaml.saml.saml2.core.AuthnRequest; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.mock.web.MockHttpServletRequest; +import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.test.annotation.DirtiesContext; +import org.springframework.test.annotation.DirtiesContext.ClassMode; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.test.context.web.WebAppConfiguration; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; +import org.w3c.dom.Element; +import org.xml.sax.SAXException; + +import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; +import at.asitplus.eidas.specific.connector.config.ServiceProviderConfiguration; +import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; +import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; +import at.gv.egiz.eaaf.core.exceptions.AuthnRequestValidatorException; +import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl; +import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; +import at.gv.egiz.eaaf.core.impl.utils.DomUtils; +import at.gv.egiz.eaaf.modules.pvp2.api.validation.IAuthnRequestPostProcessor; +import at.gv.egiz.eaaf.modules.pvp2.idp.impl.PvpSProfilePendingRequest; +import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer; +import net.shibboleth.utilities.java.support.component.ComponentInitializationException; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/applicationContext.xml", + "/specific_eIDAS_connector.beans.xml", + "/eaaf_core.beans.xml", + "/eaaf_pvp.beans.xml", + "/eaaf_pvp_idp.beans.xml", + "/spring/SpringTest-context_simple_storage.xml" }) +@WebAppConfiguration +@DirtiesContext(classMode = ClassMode.BEFORE_CLASS) +public class AuthnRequestValidatorTest { + + @Autowired private IConfigurationWithSP basicConfig; + @Autowired protected IAuthnRequestPostProcessor authRequestValidator; + + private MockHttpServletRequest httpReq; + private MockHttpServletResponse httpResp; + private PvpSProfilePendingRequest pendingReq; + + /** + * jUnit class initializer. + * @throws ComponentInitializationException In case of an error + * @throws InitializationException In case of an error + * + */ + @BeforeClass + public static void classInitializer() throws InitializationException, ComponentInitializationException { + final String current = new java.io.File(".").toURI().toString(); + System.setProperty("eidas.ms.configuration", current + "src/test/resources/config/junit_config_1.properties"); + + EaafOpenSaml3xInitializer.eaafInitialize(); + } + + /** + * jUnit test set-up. + * @throws EaafException + * + */ + @Before + public void initialize() throws EaafException { + httpReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector"); + httpResp = new MockHttpServletResponse(); + RequestContextHolder.resetRequestAttributes(); + RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); + + Map spConfig = new HashMap<>(); + spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphabetic(10)); + + pendingReq = new PvpSProfilePendingRequest(); + pendingReq.initialize(httpReq, basicConfig); + pendingReq.setPendingRequestId(RandomStringUtils.randomAlphanumeric(10)); + pendingReq.setOnlineApplicationConfiguration(new ServiceProviderConfiguration(spConfig, basicConfig)); + ((RequestImpl)pendingReq).setUniqueTransactionIdentifier(null); + + } + + @Test + public void loaLowRequested() throws AuthnRequestValidatorException, ParserConfigurationException, + SAXException, IOException, UnmarshallingException { + AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_1.xml"); + + //test + authRequestValidator.process(httpReq, pendingReq, authReq, null); + + //validate + Assert.assertNotNull("spEntityId is null", pendingReq.getRawData(MsEidasNodeConstants.DATA_REQUESTERID)); + Assert.assertEquals("SP EntityId not match", + "https://demo.egiz.gv.at/demoportal-openID_demo", + pendingReq.getRawData(MsEidasNodeConstants.DATA_REQUESTERID)); + + Assert.assertNotNull("SP ProviderName is null", pendingReq.getRawData(MsEidasNodeConstants.DATA_PROVIDERNAME)); + Assert.assertEquals("SP ProviderName not match", + "OpenID Connect Demo", + pendingReq.getRawData(MsEidasNodeConstants.DATA_PROVIDERNAME)); + + Assert.assertNotNull("Requested SP LoA is null", + pendingReq.getServiceProviderConfiguration().getRequiredLoA()); + Assert.assertFalse("Requested SP LoA is null", + pendingReq.getServiceProviderConfiguration().getRequiredLoA().isEmpty()); + Assert.assertEquals("SP LoA count not match", 1, + pendingReq.getServiceProviderConfiguration().getRequiredLoA().size()); + Assert.assertEquals("SP LoA not match", + "http://eidas.europa.eu/LoA/substantial", + pendingReq.getServiceProviderConfiguration().getRequiredLoA().get(0)); + + Assert.assertNotNull("bPK Target is null", + pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()); + Assert.assertEquals("bPK target not match", "urn:publicid:gv.at:cdid+BF", + pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()); + + Assert.assertNull("wrong transactionId", pendingReq.getUniqueTransactionIdentifier()); + + } + + @Test + public void loaSubstentialRequested() throws AuthnRequestValidatorException, ParserConfigurationException, + SAXException, IOException, UnmarshallingException { + AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_2.xml"); + + //test + authRequestValidator.process(httpReq, pendingReq, authReq, null); + + //validate + Assert.assertNotNull("spEntityId is null", pendingReq.getRawData(MsEidasNodeConstants.DATA_REQUESTERID)); + Assert.assertEquals("SP EntityId not match", + "https://demo.egiz.gv.at/demoportal-openID_demo", + pendingReq.getRawData(MsEidasNodeConstants.DATA_REQUESTERID)); + + Assert.assertNotNull("SP ProviderName is null", pendingReq.getRawData(MsEidasNodeConstants.DATA_PROVIDERNAME)); + Assert.assertEquals("SP ProviderName not match", + "OpenID Connect Demo", + pendingReq.getRawData(MsEidasNodeConstants.DATA_PROVIDERNAME)); + + Assert.assertNotNull("Requested SP LoA is null", + pendingReq.getServiceProviderConfiguration().getRequiredLoA()); + Assert.assertFalse("Requested SP LoA is null", + pendingReq.getServiceProviderConfiguration().getRequiredLoA().isEmpty()); + Assert.assertEquals("SP LoA count not match", 1, + pendingReq.getServiceProviderConfiguration().getRequiredLoA().size()); + Assert.assertEquals("SP LoA not match", + "http://eidas.europa.eu/LoA/substantial", + pendingReq.getServiceProviderConfiguration().getRequiredLoA().get(0)); + + Assert.assertNotNull("bPK Target is null", + pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()); + Assert.assertEquals("bPK target not match", "urn:publicid:gv.at:cdid+BF", + pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()); + + Assert.assertNull("wrong transactionId", pendingReq.getUniqueTransactionIdentifier()); + + } + + @Test + public void loaHighRequested() throws AuthnRequestValidatorException, ParserConfigurationException, + SAXException, IOException, UnmarshallingException { + AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_3.xml"); + + //test + authRequestValidator.process(httpReq, pendingReq, authReq, null); + + //validate + Assert.assertNotNull("spEntityId is null", pendingReq.getRawData(MsEidasNodeConstants.DATA_REQUESTERID)); + Assert.assertEquals("SP EntityId not match", + "https://demo.egiz.gv.at/demoportal-openID_demo", + pendingReq.getRawData(MsEidasNodeConstants.DATA_REQUESTERID)); + + Assert.assertNotNull("SP ProviderName is null", pendingReq.getRawData(MsEidasNodeConstants.DATA_PROVIDERNAME)); + Assert.assertEquals("SP ProviderName not match", + "OpenID Connect Demo", + pendingReq.getRawData(MsEidasNodeConstants.DATA_PROVIDERNAME)); + + Assert.assertNotNull("Requested SP LoA is null", + pendingReq.getServiceProviderConfiguration().getRequiredLoA()); + Assert.assertFalse("Requested SP LoA is null", + pendingReq.getServiceProviderConfiguration().getRequiredLoA().isEmpty()); + Assert.assertEquals("SP LoA count not match", 1, + pendingReq.getServiceProviderConfiguration().getRequiredLoA().size()); + Assert.assertEquals("SP LoA not match", + "http://eidas.europa.eu/LoA/high", + pendingReq.getServiceProviderConfiguration().getRequiredLoA().get(0)); + + Assert.assertNotNull("bPK Target is null", + pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()); + Assert.assertEquals("bPK target not match", "urn:publicid:gv.at:cdid+XX", + pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()); + + Assert.assertEquals("wrong transactionId", "transId_11223344556677aabbcc", + pendingReq.getUniqueTransactionIdentifier()); + + } + + @Test + public void transactionIdWrongPendingReqType() throws AuthnRequestValidatorException, ParserConfigurationException, + SAXException, IOException, UnmarshallingException { + + Map spConfig = new HashMap<>(); + spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphabetic(10)); + + TestRequestImpl pendingReqLocal = new TestRequestImpl(); + pendingReqLocal.setPendingReqId(RandomStringUtils.randomAlphanumeric(10)); + pendingReqLocal.setSpConfig(new ServiceProviderConfiguration(spConfig, basicConfig)); + + AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_3.xml"); + + //test + authRequestValidator.process(httpReq, pendingReqLocal, authReq, null); + + //validate + Assert.assertNull("wrong transactionId", pendingReqLocal.getUniqueTransactionIdentifier()); + + } + + @Test + public void invalidBpkTarget_1() throws ParserConfigurationException, + SAXException, IOException, UnmarshallingException { + AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_4.xml"); + + //test + try { + authRequestValidator.process(httpReq, pendingReq, authReq, null); + Assert.fail("Invalid or missing bPK target not detected"); + + } catch (AuthnRequestValidatorException e) { + Assert.assertEquals("Wrong errorCode", "pvp2.22", e.getErrorId()); + + } + } + + @Test + public void invalidBpkTarget_2() throws ParserConfigurationException, + SAXException, IOException, UnmarshallingException { + AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_5.xml"); + + //test + try { + authRequestValidator.process(httpReq, pendingReq, authReq, null); + Assert.fail("Invalid or missing bPK target not detected"); + + } catch (AuthnRequestValidatorException e) { + Assert.assertEquals("Wrong errorCode", "pvp2.22", e.getErrorId()); + + } + } + + @Test + public void invalidBpkTarget_3() throws ParserConfigurationException, + SAXException, IOException, UnmarshallingException { + AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_6.xml"); + + //test + try { + authRequestValidator.process(httpReq, pendingReq, authReq, null); + Assert.fail("Invalid or missing bPK target not detected"); + + } catch (AuthnRequestValidatorException e) { + Assert.assertEquals("Wrong errorCode", "pvp2.22", e.getErrorId()); + + } + } + + @Test + public void invalidBpkTarget_4() throws ParserConfigurationException, + SAXException, IOException, UnmarshallingException { + AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_7.xml"); + + //test + try { + authRequestValidator.process(httpReq, pendingReq, authReq, null); + Assert.fail("Invalid or missing bPK target not detected"); + + } catch (AuthnRequestValidatorException e) { + Assert.assertEquals("Wrong errorCode", "pvp2.22", e.getErrorId()); + + } + } + + @Test + public void invalidBpkTarget_5() throws ParserConfigurationException, + SAXException, IOException, UnmarshallingException { + AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_8.xml"); + + //test + try { + authRequestValidator.process(httpReq, pendingReq, authReq, null); + Assert.fail("Invalid or missing bPK target not detected"); + + } catch (AuthnRequestValidatorException e) { + Assert.assertEquals("Wrong errorCode", "pvp2.22", e.getErrorId()); + + } + } + + + private AuthnRequest getAuthRequest(String resource) throws + ParserConfigurationException, SAXException, IOException, UnmarshallingException { + final Element authBlockDom = + DomUtils.parseXmlValidating(AuthnRequestValidatorTest.class.getResourceAsStream(resource)); + + final Unmarshaller unmarshaller = XMLObjectSupport.getUnmarshaller(authBlockDom); + return (AuthnRequest) unmarshaller.unmarshall(authBlockDom); + + } +} diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/CountrySelectionProcessImplTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/CountrySelectionProcessImplTest.java new file mode 100644 index 00000000..d0343eba --- /dev/null +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/CountrySelectionProcessImplTest.java @@ -0,0 +1,120 @@ +package at.asitplus.eidas.specific.connector.test.utils; + +import java.util.HashMap; +import java.util.Map; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Assert; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.core.io.Resource; +import org.springframework.core.io.ResourceLoader; +import org.springframework.test.annotation.DirtiesContext; +import org.springframework.test.annotation.DirtiesContext.ClassMode; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + +import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; +import at.asitplus.eidas.specific.connector.processes.CountrySelectionProcessImpl; +import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; +import at.gv.egiz.eaaf.core.impl.idp.auth.modules.ModuleRegistration; +import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyConfiguration; +import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration; +import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; +import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration("/spring/SpringTest-context_basic_test.xml") +@DirtiesContext(classMode = ClassMode.BEFORE_CLASS) +public class CountrySelectionProcessImplTest { + + @Autowired ModuleRegistration moduleReg; + @Autowired ResourceLoader loader; + + private final ExecutionContext executionContext = new ExecutionContextImpl(); + private DummySpConfiguration oaParam; + private TestRequestImpl pendingReq; + private CountrySelectionProcessImpl authProcess = new CountrySelectionProcessImpl(); + + /** + * jUnit class initializer. + * + */ + @BeforeClass + public static void classInitializer() { + final String current = new java.io.File(".").toURI().toString(); + System.setProperty("eidas.ms.configuration", current + "../basicConfig/default_config.properties"); + + } + + /** + * jUnit test set-up. + * + */ + @Before + public void initialize() { + Map configMap = new HashMap(); + configMap.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "http://test.com/test"); + IConfiguration basicConfig = new DummyConfiguration(); + oaParam = new DummySpConfiguration(configMap, basicConfig); + pendingReq = new TestRequestImpl(); + pendingReq.setSpConfig(oaParam); + } + + @Test + public void checkProcessDefinition() { + Assert.assertNotNull("AuthModule is null", authProcess); + Assert.assertNotNull("AuthModule process is null", authProcess.getProcessDefinitions()); + + for (String el : authProcess.getProcessDefinitions()) { + Resource res = loader.getResource(el); + Assert.assertTrue("AuthProcess description not extist", res.exists()); + + } + } + + @Test + public void noCountrySelected() throws Exception { + final String result = + moduleReg.selectProcess(executionContext, pendingReq); + Assert.assertNotNull("Process is null", result); + Assert.assertEquals("Process Id not match", "CountrySelectionProcess", result); + + } + + @Test + public void selectCountryValid() throws Exception { + executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, RandomStringUtils.randomAlphanumeric(2)); + final String result = + moduleReg.selectProcess(executionContext, pendingReq); + + Assert.assertNull("Select wrong process", result); + + } + + @Test + public void selectCountryWrongType() throws Exception { + executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, 1); + final String result = + moduleReg.selectProcess(executionContext, pendingReq); + Assert.assertNotNull("Process is null", result); + Assert.assertEquals("Process Id not match", "CountrySelectionProcess", result); + + } + + @Test + public void selectCountryEmpty() throws Exception { + executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, ""); + final String result = + moduleReg.selectProcess(executionContext, pendingReq); + Assert.assertNotNull("Process is null", result); + Assert.assertEquals("Process Id not match", "CountrySelectionProcess", result); + + } + +} diff --git a/connector/src/test/resources/config/junit_config_1.properties b/connector/src/test/resources/config/junit_config_1.properties index 78981b6a..429d3538 100644 --- a/connector/src/test/resources/config/junit_config_1.properties +++ b/connector/src/test/resources/config/junit_config_1.properties @@ -1,6 +1,7 @@ ## Basic service configuration eidas.ms.context.url.prefix=http://localhost eidas.ms.context.url.request.validation=false +eidas.ms.core.configRootDir=file:./ eidas.ms.context.use.clustermode=true diff --git a/connector/src/test/resources/config/junit_config_1_springboot.properties b/connector/src/test/resources/config/junit_config_1_springboot.properties new file mode 100644 index 00000000..7257df9b --- /dev/null +++ b/connector/src/test/resources/config/junit_config_1_springboot.properties @@ -0,0 +1,81 @@ +## embbeded Tomcat +tomcat.workingdir=./target/work +tomcat.ajp.enabled=true +tomcat.ajp.port=8009 +tomcat.ajp.networkAddress=127.0.0.1 +tomcat.ajp.additionalAttributes.secretrequired=true +tomcat.ajp.additionalAttributes.secret=junit + +## Basic service configuration +eidas.ms.context.url.prefix=http://localhost +eidas.ms.core.configRootDir=file:./src/test/resources/config/ + +eidas.ms.context.use.clustermode=true + +##Monitoring +eidas.ms.monitoring.eIDASNode.metadata.url= + +## extended validation of pending-request Id's +eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret + +## eIDAS Ref. Implementation connector ### +eidas.ms.auth.eIDAS.node_v2.forward.endpoint= + +eidas.ms.auth.eIDAS.szrclient.useTestService=true +eidas.ms.auth.eIDAS.szrclient.endpoint.prod= +eidas.ms.auth.eIDAS.szrclient.endpoint.test=http://localhost:1234/demoszr +eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.path=keys/junit.jks +eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.password=password +eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.path= +eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.password= + +#tech. AuthBlock signing for E-ID process +eidas.ms.auth.eIDAS.authblock.keystore.password=f/+saJBc3a}*/T^s +eidas.ms.auth.eIDAS.authblock.keystore.friendlyName=connectorkeypair +eidas.ms.auth.eIDAS.authblock.keystore.path=keys/teststore.jks +eidas.ms.auth.eIDAS.authblock.keystore.type=jks +eidas.ms.auth.eIDAS.authblock.key.alias=connectorkeypair +eidas.ms.auth.eIDAS.authblock.key.password=f/+saJBc3a}*/T^s + + +#Raw eIDAS Id data storage +eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=true +eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=true + + + +## PVP2 S-Profile end-point configuration +eidas.ms.pvp2.keystore.type=jks +eidas.ms.pvp2.keystore.path=keys/junit.jks +eidas.ms.pvp2.keystore.password=password +eidas.ms.pvp2.key.metadata.alias=meta +eidas.ms.pvp2.key.metadata.password=password +eidas.ms.pvp2.key.signing.alias=sig +eidas.ms.pvp2.key.signing.password=password +eidas.ms.pvp2.metadata.validity=24 + +eidas.ms.pvp2.metadata.organisation.name=JUnit +eidas.ms.pvp2.metadata.organisation.friendyname=For testing with jUnit +eidas.ms.pvp2.metadata.organisation.url=http://junit.test +eidas.ms.pvp2.metadata.contact.givenname=Max +eidas.ms.pvp2.metadata.contact.surname=Mustermann +eidas.ms.pvp2.metadata.contact.email=max@junit.test + +## Service Provider configuration +eidas.ms.sp.0.uniqueID=https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata +eidas.ms.sp.0.pvp2.metadata.truststore=keys/junit.jks +eidas.ms.sp.0.pvp2.metadata.truststore.password=password +eidas.ms.sp.0.friendlyName=jUnit test +#eidas.ms.sp.0.pvp2.metadata.url= +#eidas.ms.sp.0.policy.allowed.requested.targets=.* +#eidas.ms.sp.0.policy.hasBaseIdTransferRestriction=false + +## Service Provider configuration +eidas.ms.sp.1.uniqueID=https://demo.egiz.gv.at/junit_test +eidas.ms.sp.1.pvp2.metadata.truststore=keys/junit.jks +eidas.ms.sp.1.pvp2.metadata.truststore.password=password +eidas.ms.sp.1.friendlyName=jUnit test +eidas.ms.sp.1.pvp2.metadata.url=http://junit.test/metadata +eidas.ms.sp.1.policy.allowed.requested.targets=test +eidas.ms.sp.1.policy.hasBaseIdTransferRestriction=true + diff --git a/connector/src/test/resources/config/keys/teststore.jks b/connector/src/test/resources/config/keys/teststore.jks new file mode 100644 index 00000000..fcc6400c Binary files /dev/null and b/connector/src/test/resources/config/keys/teststore.jks differ -- cgit v1.2.3 From 293f67a641f8acdef54745c85969827807404fc2 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Sat, 26 Dec 2020 17:44:29 +0100 Subject: fix wrong-template paramters in error GUI --- connector/src/test/resources/config/templates/error_message.html | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'connector/src') diff --git a/connector/src/test/resources/config/templates/error_message.html b/connector/src/test/resources/config/templates/error_message.html index da423592..86f9d29d 100644 --- a/connector/src/test/resources/config/templates/error_message.html +++ b/connector/src/test/resources/config/templates/error_message.html @@ -21,8 +21,8 @@

Error Information


-

Code :

-

Msg :

+

Code :

+

Msg :

-- cgit v1.2.3 From f06839fb716ff61bf94a32f8e23e3f313245f7e7 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Sat, 26 Dec 2020 17:45:38 +0100 Subject: add jUnit test that simulates a full eIDAS authentication --- ...ficSpringBootApplicationContextInitializer.java | 2 +- .../SpringBootApplicationInitializer.java | 15 +- .../connector/provider/StatusMessageProvider.java | 4 +- .../src/main/resources/application.properties | 4 +- .../connector/test/FullStartUpAndProcessTest.java | 485 +++++++++++++++++++++ .../test/MainClassExecutableModeTest.java | 2 +- .../connector/test/MainClassWebAppModeTest.java | 4 +- .../config/junit_config_1_springboot.properties | 6 +- .../data/metadata_valid_without_encryption.xml | 88 ++++ 9 files changed, 600 insertions(+), 10 deletions(-) create mode 100644 connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java create mode 100644 connector/src/test/resources/data/metadata_valid_without_encryption.xml (limited to 'connector/src') diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/MsSpecificSpringBootApplicationContextInitializer.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/MsSpecificSpringBootApplicationContextInitializer.java index 5160bdf5..399d1286 100644 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/MsSpecificSpringBootApplicationContextInitializer.java +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/MsSpecificSpringBootApplicationContextInitializer.java @@ -41,7 +41,7 @@ public class MsSpecificSpringBootApplicationContextInitializer extends } super.initialize(applicationContext); - + } private void injectConfiguration(String configPath, ConfigurableApplicationContext applicationContext) { diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringBootApplicationInitializer.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringBootApplicationInitializer.java index 0d3226bf..f0cf8698 100644 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringBootApplicationInitializer.java +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringBootApplicationInitializer.java @@ -4,8 +4,11 @@ import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.context.ConfigurableApplicationContext; +import at.gv.egiz.eaaf.core.api.IStatusMessenger; import at.gv.egiz.eaaf.core.impl.logging.LogMessageProviderFactory; import at.gv.egiz.eaaf.core.impl.logging.SimpleStatusMessager; +import at.gv.egiz.eaaf.core.impl.utils.Random; +import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer; import lombok.extern.slf4j.Slf4j; @Slf4j @@ -18,8 +21,9 @@ public class SpringBootApplicationInitializer { * Starts MS-specific eIDAS-Implementation SpringBoot application. * * @param args Starting parameters + * @throws Throwable In case of a start-up error */ - public static void main(final String[] args) { + public static void main(final String[] args) throws Throwable { try { log.info("=============== Initializing Spring-Boot context! ==============="); LogMessageProviderFactory.setStatusMessager(new SimpleStatusMessager()); @@ -27,9 +31,18 @@ public class SpringBootApplicationInitializer { new SpringApplication(SpringBootApplicationInitializer.class); springApp.addInitializers(new MsSpecificSpringBootApplicationContextInitializer()); + log.info("Bootstrap openSAML .... "); + EaafOpenSaml3xInitializer.eaafInitialize(); + log.debug("Run SpringBoot initialization process ... "); ctx = springApp.run(args); + // initialize status messenger + LogMessageProviderFactory.setStatusMessager(ctx.getBean(IStatusMessenger.class)); + + log.info("Seed random number generator ... "); + Random.seedRandom(); + log.info("Initialization of MS-specific eIDAS-Implementation finished."); } catch (final Throwable e) { diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/StatusMessageProvider.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/StatusMessageProvider.java index d38da6fe..073f7513 100644 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/StatusMessageProvider.java +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/StatusMessageProvider.java @@ -94,8 +94,8 @@ public class StatusMessageProvider implements IStatusMessenger { public String getResponseErrorCode(Throwable throwable) { String errorCode = IStatusMessenger.CODES_EXTERNAL_ERROR_GENERIC; if (throwable instanceof EaafException) { - errorCode = ((EaafException) throwable).getErrorId(); - + errorCode = mapInternalErrorToExternalError(((EaafException) throwable).getErrorId()); + } // TODO: maybe more internal switches are required diff --git a/connector/src/main/resources/application.properties b/connector/src/main/resources/application.properties index 2cb0c83a..68e07714 100644 --- a/connector/src/main/resources/application.properties +++ b/connector/src/main/resources/application.properties @@ -13,13 +13,15 @@ app.build.artifactId=ms_connector spring.boot.admin.client.enabled=false + + ############################################################################# ## MS-speccific eIDAS-Connector configuration #proxy.context.url.prefix= eidas.ms.context.url.request.validation=false #proxy.configRootDir=file:/.../config/ eidas.ms.context.use.clustermode=true - +eidas.ms.core.logging.level.info.errorcodes=auth.21 ##Monitoring eidas.ms.monitoring.eIDASNode.metadata.url= diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java new file mode 100644 index 00000000..5206c2e5 --- /dev/null +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java @@ -0,0 +1,485 @@ +package at.asitplus.eidas.specific.connector.test; + +import static org.mockito.ArgumentMatchers.any; +import static org.powermock.api.mockito.PowerMockito.when; + +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.io.UnsupportedEncodingException; +import java.net.URISyntaxException; +import java.util.Map; +import java.util.Timer; + +import javax.xml.transform.TransformerException; + +import org.apache.commons.lang3.RandomStringUtils; +import org.apache.ignite.Ignition; +import org.joda.time.DateTime; +import org.junit.AfterClass; +import org.junit.Assert; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Rule; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.opensaml.core.config.InitializationException; +import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport; +import org.opensaml.core.xml.io.MarshallingException; +import org.opensaml.core.xml.io.UnmarshallingException; +import org.opensaml.core.xml.util.XMLObjectSupport; +import org.opensaml.saml.metadata.resolver.impl.ResourceBackedMetadataResolver; +import org.opensaml.saml.saml2.core.RequestAbstractType; +import org.opensaml.saml.saml2.core.StatusResponseType; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.test.context.SpringBootTest; +import org.springframework.boot.web.servlet.FilterRegistrationBean; +import org.springframework.core.io.ResourceLoader; +import org.springframework.mock.web.MockHttpServletRequest; +import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.test.annotation.DirtiesContext; +import org.springframework.test.annotation.DirtiesContext.ClassMode; +import org.springframework.test.context.ActiveProfiles; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.TestPropertySource; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.test.web.servlet.setup.DefaultMockMvcBuilder; +import org.springframework.test.web.servlet.setup.MockMvcBuilders; +import org.springframework.util.Base64Utils; +import org.springframework.web.context.WebApplicationContext; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; + +import com.skjolberg.mockito.soap.SoapServiceRule; + +import at.asitplus.eidas.specific.connector.controller.ProcessEngineSignalController; +import at.asitplus.eidas.specific.connector.controller.Pvp2SProfileEndpoint; +import at.asitplus.eidas.specific.connector.provider.PvpEndPointCredentialProvider; +import at.asitplus.eidas.specific.connector.provider.PvpMetadataProvider; +import at.asitplus.eidas.specific.connector.test.saml2.Pvp2SProfileEndPointTest; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasSignalServlet; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry; +import at.gv.egiz.components.spring.api.SpringBootApplicationContextInitializer; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; +import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.core.impl.idp.controller.ProtocolFinalizationController; +import at.gv.egiz.eaaf.core.impl.utils.DomUtils; +import at.gv.egiz.eaaf.core.impl.utils.Random; +import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException; +import at.gv.egiz.eaaf.modules.pvp2.exception.SamlSigningException; +import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.OpenSaml3ResourceAdapter; +import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer; +import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; +import at.gv.egiz.eaaf.modules.pvp2.sp.impl.utils.AssertionAttributeExtractor; +import eu.eidas.auth.commons.attribute.AttributeDefinition; +import eu.eidas.auth.commons.attribute.ImmutableAttributeMap; +import eu.eidas.auth.commons.light.ILightRequest; +import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse; +import eu.eidas.auth.commons.tx.BinaryLightToken; +import eu.eidas.specificcommunication.SpecificCommunicationDefinitionBeanNames; +import eu.eidas.specificcommunication.exception.SpecificCommunicationException; +import eu.eidas.specificcommunication.protocol.SpecificCommunicationService; +import lombok.val; +import net.shibboleth.utilities.java.support.component.ComponentInitializationException; +import net.shibboleth.utilities.java.support.xml.XMLParserException; +import szrservices.SZR; +import szrservices.SignContentEntry; +import szrservices.SignContentResponseType; + +@RunWith(SpringJUnit4ClassRunner.class) +@SpringBootTest +@ContextConfiguration(initializers = { + org.springframework.boot.context.config.DelegatingApplicationContextInitializer.class, + SpringBootApplicationContextInitializer.class + }) +@TestPropertySource(locations = { "file:src/test/resources/config/junit_config_1_springboot.properties" }) +@DirtiesContext(classMode = ClassMode.AFTER_CLASS) +@ActiveProfiles(profiles = {"JUNIT", "jUnitTestMode", "springBoot"}) +public class FullStartUpAndProcessTest { + + private static final String FINAL_REDIRECT = "http://localhost/finalizeAuthProtocol?pendingid="; + + @Autowired private WebApplicationContext wac; + @Autowired private PvpEndPointCredentialProvider credentialProvider; + @Autowired private PvpMetadataProvider metadataProvider; + @Autowired private ResourceLoader resourceLoader; + @Autowired private EidasAttributeRegistry attrRegistry; + + @Autowired private Pvp2SProfileEndpoint sProfile; + @Autowired private ProcessEngineSignalController signal; + @Autowired private EidasSignalServlet eidasSignal; + @Autowired private ProtocolFinalizationController finalize; + + @Rule + public final SoapServiceRule soap = SoapServiceRule.newInstance(); + + private SZR szrMock; + + private String cc; + private String givenName; + private String familyName; + private String dateOfBirth; + private String personalId; + private String vsz; + private String eidasBind; + + + /** + * jUnit class initializer. + * @throws InterruptedException In case of an error + * @throws ComponentInitializationException In case of an error + * @throws InitializationException In case of an error + * + */ + @BeforeClass + public static void classInitializer() throws InterruptedException, InitializationException, ComponentInitializationException { + final String current = new java.io.File(".").toURI().toString(); + System.clearProperty("eidas.ms.configuration"); + + //eIDAS Ref. Impl. properties + System.setProperty("EIDAS_CONFIG_REPOSITORY", current.substring("file:".length()) + + "../basicConfig/eIDAS/"); + System.setProperty("SPECIFIC_CONNECTOR_CONFIG_REPOSITORY", current.substring("file:".length()) + + "../basicConfig/eIDAS/"); + System.setProperty("SPECIFIC_PROXY_SERVICE_CONFIG_REPOSITORY", current.substring("file:".length()) + + "../basicConfig/eIDAS/"); + + EaafOpenSaml3xInitializer.eaafInitialize(); + + } + + /** + * Test shut-down. + * + * @throws IOException In case of an error + */ + @AfterClass + public static void closeIgniteNode() throws IOException { + System.out.println("Closiong Ignite Node ... "); + Ignition.stopAll(true); + + } + + /** + * jUnit test set-up. + * + * + */ + @Before + public void setup() throws IOException { + DefaultMockMvcBuilder builder = MockMvcBuilders.webAppContextSetup(this.wac); + @SuppressWarnings("rawtypes") + Map filters = wac.getBeansOfType(FilterRegistrationBean.class); + for (FilterRegistrationBean filter : filters.values()) { + if (filter.isEnabled()) { + builder.addFilter(filter.getFilter(), "/*"); + + } + } + + szrMock = soap.mock(SZR.class, "http://localhost:1234/demoszr"); + + + + cc = RandomStringUtils.randomAlphabetic(2).toUpperCase(); + personalId = cc + "/AT/" + RandomStringUtils.randomNumeric(64); + familyName = RandomStringUtils.randomAlphabetic(10); + givenName = RandomStringUtils.randomAlphabetic(10); + dateOfBirth = "2015-10-12"; + + vsz = RandomStringUtils.randomNumeric(10); + eidasBind = RandomStringUtils.randomAlphanumeric(50); + + } + + @Test + public void userStopProcess() throws UnsupportedEncodingException, XMLParserException, UnmarshallingException, + TransformerException, IOException, MarshallingException, ComponentInitializationException, EaafException { + //start authentication process by sending a SAML2 Authn-Request + MockHttpServletRequest saml2Req = new MockHttpServletRequest("POST", "https://localhost/ms_connector"); + injectSaml2AuthnReq(saml2Req); + MockHttpServletResponse selectCountryResp = new MockHttpServletResponse(); + RequestContextHolder.resetRequestAttributes(); + RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(saml2Req, selectCountryResp)); + + // send SAML2 AuthnRequest + sProfile.pvpIdpPostRequest(saml2Req, selectCountryResp); + + //check country-selection response + Assert.assertEquals("no country-selection page", 200, selectCountryResp.getStatus()); + Assert.assertEquals("cc-selection page", "text/html;charset=UTF-8", selectCountryResp.getContentType()); + String selectionPage = selectCountryResp.getContentAsString(); + Assert.assertNotNull("selectionPage is null", selectionPage); + Assert.assertFalse("selectionPage is empty", selectionPage.isEmpty()); + + String pendingReqId = extractRequestToken(selectionPage, + " 0); + int end = selectionPage.indexOf("\"", start + selector.length()); + Assert.assertTrue("find no pendingReqId location end", end > 0); + return selectionPage.substring(start + selector.length(), end); + + } + + private void injectSaml2AuthnReq(MockHttpServletRequest saml2Req) throws XMLParserException, UnmarshallingException, + SamlSigningException, CredentialsNotAvailableException, UnsupportedEncodingException, TransformerException, + IOException, MarshallingException, ComponentInitializationException { + final RequestAbstractType authnReq = (RequestAbstractType) XMLObjectSupport.unmarshallFromInputStream( + XMLObjectProviderRegistrySupport.getParserPool(), + Pvp2SProfileEndPointTest.class.getResourceAsStream("/data/pvp2_authn_1.xml")); + authnReq.setIssueInstant(DateTime.now()); + RequestAbstractType signedAuthnReq = + Saml2Utils.signSamlObject(authnReq, credentialProvider.getMessageSigningCredential(), true); + String b64 = Base64Utils.encodeToString(DomUtils.serializeNode( + XMLObjectSupport.getMarshaller(signedAuthnReq).marshall(signedAuthnReq)).getBytes("UTF-8")); + saml2Req.setParameter("SAMLRequest", b64); + + final org.springframework.core.io.Resource resource = resourceLoader.getResource( + "classpath:/data/metadata_valid_without_encryption.xml"); + Timer timer = new Timer("PVP metadata-resolver refresh"); + ResourceBackedMetadataResolver fileSystemResolver = + new ResourceBackedMetadataResolver(timer, new OpenSaml3ResourceAdapter(resource)); + fileSystemResolver.setId("test"); + fileSystemResolver.setParserPool(XMLObjectProviderRegistrySupport.getParserPool()); + fileSystemResolver.initialize(); + metadataProvider.addMetadataResolverIntoChain(fileSystemResolver); + + } +} diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java index 66147971..5fd39383 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java @@ -81,7 +81,7 @@ public class MainClassExecutableModeTest { @Test - public void validConfigLocation() throws ClientProtocolException, IOException { + public void validConfigLocation() throws Throwable { SpringBootApplicationInitializer .main(new String[] { "--spring.config.location=src/test/resources/config/junit_config_1_springboot.properties,classpath:/application.properties", diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java index 265edfb6..ae0a45db 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java @@ -72,7 +72,7 @@ public class MainClassWebAppModeTest { } @Test - public void wrongConfigLocation() { + public void wrongConfigLocation() throws Throwable { //MS-specific connector property final String current = new java.io.File(".").toURI().toString(); System.setProperty("eidas.ms.configuration", current @@ -93,7 +93,7 @@ public class MainClassWebAppModeTest { @Test - public void systemdConfigLocation() throws ClientProtocolException, IOException { + public void systemdConfigLocation() throws Throwable { //MS-specific connector property final String current = new java.io.File(".").toURI().toString(); System.setProperty("eidas.ms.configuration", current diff --git a/connector/src/test/resources/config/junit_config_1_springboot.properties b/connector/src/test/resources/config/junit_config_1_springboot.properties index 7257df9b..ecb22dec 100644 --- a/connector/src/test/resources/config/junit_config_1_springboot.properties +++ b/connector/src/test/resources/config/junit_config_1_springboot.properties @@ -19,7 +19,7 @@ eidas.ms.monitoring.eIDASNode.metadata.url= eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret ## eIDAS Ref. Implementation connector ### -eidas.ms.auth.eIDAS.node_v2.forward.endpoint= +eidas.ms.auth.eIDAS.node_v2.forward.endpoint=http://eidas.node/junit eidas.ms.auth.eIDAS.szrclient.useTestService=true eidas.ms.auth.eIDAS.szrclient.endpoint.prod= @@ -40,7 +40,7 @@ eidas.ms.auth.eIDAS.authblock.key.password=f/+saJBc3a}*/T^s #Raw eIDAS Id data storage eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=true -eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=true +eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=false @@ -66,6 +66,8 @@ eidas.ms.sp.0.uniqueID=https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/met eidas.ms.sp.0.pvp2.metadata.truststore=keys/junit.jks eidas.ms.sp.0.pvp2.metadata.truststore.password=password eidas.ms.sp.0.friendlyName=jUnit test +eidas.ms.sp.0.newEidMode=true + #eidas.ms.sp.0.pvp2.metadata.url= #eidas.ms.sp.0.policy.allowed.requested.targets=.* #eidas.ms.sp.0.policy.hasBaseIdTransferRestriction=false diff --git a/connector/src/test/resources/data/metadata_valid_without_encryption.xml b/connector/src/test/resources/data/metadata_valid_without_encryption.xml new file mode 100644 index 00000000..b224c336 --- /dev/null +++ b/connector/src/test/resources/data/metadata_valid_without_encryption.xml @@ -0,0 +1,88 @@ + + + + + + + + + + + + + 00SaL0XjeknOb/DttutP50lTyAux1jaRPJIVdSupWvU= + + + PfEBmLMX/ZgL6ViXghyWtal5MaMoW8k3zjw+54+WK1OAtVsVgOsIDRJE0M/a/VXBbMSifgY6J1gN23xhr61jkrjRQEkbDzLpWZLzWAJ65YqqUQo8wsKI2Gz0j12yY5D8/GOamKOH9KDi5ba1veXR/fnxRINoy7nZo4tcUWZChdl8BWkMN5ugr6dORNIQg/Ym3GabQ/hR5z+9FmveAKphdH63MC6qW3EgM9EMvOVkrLBTP92sNMAAJeaawui9tlxi9anVQ0OqwZsgKLvI7fyV4CM/0sd/ELjeReIlWlHk07Nz4eltMq3eOx3q1YurYvhE8XapHiQMehOtCS+Fzh10sw== + + + MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH +SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W +ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w +CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ +RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq +UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ +M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F +Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt +1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq +nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC +VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq +itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc +2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O +fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy +4jpXrp77JXFRSDWddb0yePc= + + + + + + + + MIIBbTCCARKgAwIBAgIEXjF+qTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJBVDEN +MAsGA1UEBwwERUdJWjEOMAwGA1UECgwFalVuaXQxEDAOBgNVBAMMB3NpZ25pbmcw +HhcNMjAwMTI5MTI0NjMzWhcNMjcwMTI4MTI0NjMzWjA+MQswCQYDVQQGEwJBVDEN +MAsGA1UEBwwERUdJWjEOMAwGA1UECgwFalVuaXQxEDAOBgNVBAMMB3NpZ25pbmcw +WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASRt7gZRrr4rSEE7Q922oKQJF+mlkwC +LZnv8ZzHtH54s4VdyQFIBjQF1PPf9PTn+5tid8QJehZPndcoeD7J8fPJMAoGCCqG +SM49BAMCA0kAMEYCIQDFUO0owvqMVRO2FmD+vb8mqJBpWCE6Cl5pEHaygTa5LwIh +ANsmjI2azWiTSFjb7Ou5fnCfbeiJUP0s66m8qS4rYl9L + + + + urn:oasis:names:tc:SAML:2.0:nameid-format:persistent + + + + Default Service + + + + + + + + + + + + + + + + + + + + + EGIZ + E-Government Innovationszentrum + http://www.egiz.gv.at + + + E-Government Innovationszentrum + Lenz + Thomas + thomas.lenz@egiz.gv.at + +43 316 873 5525 + + -- cgit v1.2.3 From 063e6279147b1c532a8e8afae7209756b7f8b175 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Sat, 26 Dec 2020 19:16:41 +0100 Subject: switch to SpringBoot as default --- .../connector/SpringContextCloseHandler.java | 56 +------ .../specific/connector/SpringInitializer.java | 186 --------------------- .../src/main/resources/applicationContext.xml | 4 +- .../connector/test/FullStartUpAndProcessTest.java | 12 +- .../test/MainClassExecutableModeTest.java | 2 +- .../connector/test/MainClassWebAppModeTest.java | 2 +- 6 files changed, 11 insertions(+), 251 deletions(-) delete mode 100644 connector/src/main/java/at/asitplus/eidas/specific/connector/SpringInitializer.java (limited to 'connector/src') diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringContextCloseHandler.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringContextCloseHandler.java index 2a3b659a..e884b5c6 100644 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringContextCloseHandler.java +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringContextCloseHandler.java @@ -133,29 +133,6 @@ public class SpringContextCloseHandler private void internalThreadPoolTaskExecutor(final Map executers) { for (final ThreadPoolTaskExecutor executor : executers.values()) { - // Not needed yet - // int retryCount = 0; - // while(executor.getActiveCount()>0 && ++retryCount<51){ - // try { - // log.debug("Executer {} is still working with active {} work. Retry count is - // {}", - // executor.getThreadNamePrefix(), - // executor.getActiveCount(), - // retryCount); - // Thread.sleep(1000); - // - // } catch (final InterruptedException e) { - // e.printStackTrace(); - // } - // } - // - // if(!(retryCount<51)) - // log.debug("Executer {} is still working. Since Retry count exceeded max value - // {}, will be - // killed immediately", - // executor.getThreadNamePrefix(), - // retryCount); - executor.shutdown(); log.debug("Executer {} with active {} work has killed", executor.getThreadNamePrefix(), executor.getActiveCount()); @@ -168,38 +145,7 @@ public class SpringContextCloseHandler private void internalThreadPoolTaskScheduler( final Map schedulers) { log.trace("Stopping #{} task-schedulers", schedulers.size()); - - // for (final ThreadPoolTaskScheduler scheduler : schedulers.values()) { - // scheduler.getScheduledExecutor().shutdown(); - // try { - // scheduler.getScheduledExecutor().awaitTermination(20000, - // TimeUnit.MILLISECONDS); - // if(scheduler.getScheduledExecutor().isTerminated() || - // scheduler.getScheduledExecutor().isShutdown()) - // log.debug("Scheduler {} has stoped", scheduler.getThreadNamePrefix()); - // - // else{ - // log.debug("Scheduler {} has not stoped normally and will be shut down - // immediately", - // scheduler.getThreadNamePrefix()); - // scheduler.getScheduledExecutor().shutdownNow(); - // log.info("Scheduler {} has shut down immediately", - // scheduler.getThreadNamePrefix()); - // - // } - // - // } catch (final IllegalStateException e) { - // e.printStackTrace(); - // - // } catch (final InterruptedException e) { - // e.printStackTrace(); - // - // } finally { - // scheduler.shutdown(); - // - // } - // } - + } private void internalIDestroyableObject(final Map objectsToDestroy) { diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringInitializer.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringInitializer.java deleted file mode 100644 index 417828a6..00000000 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringInitializer.java +++ /dev/null @@ -1,186 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. -*/ - -package at.asitplus.eidas.specific.connector; - -import java.util.Arrays; - -import javax.servlet.ServletContext; -import javax.servlet.ServletException; -import javax.servlet.ServletRegistration; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.config.BeanDefinition; -import org.springframework.beans.factory.xml.XmlBeanDefinitionReader; -import org.springframework.context.ApplicationContext; -import org.springframework.context.support.ClassPathXmlApplicationContext; -import org.springframework.context.support.GenericApplicationContext; -import org.springframework.core.io.ClassPathResource; -import org.springframework.web.WebApplicationInitializer; -import org.springframework.web.context.ContextLoaderListener; -import org.springframework.web.context.request.RequestContextListener; -import org.springframework.web.context.support.GenericWebApplicationContext; -import org.springframework.web.context.support.ServletContextResource; -import org.springframework.web.servlet.DispatcherServlet; - -import at.gv.egiz.components.spring.api.SpringLoader; -import at.gv.egiz.eaaf.core.api.IStatusMessenger; -import at.gv.egiz.eaaf.core.impl.logging.LogMessageProviderFactory; -import at.gv.egiz.eaaf.core.impl.utils.Random; -import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer; - -/** - * Web application initializer. - * - * @author Thomas Lenz - */ -public class SpringInitializer implements WebApplicationInitializer { - - private static final Logger log = LoggerFactory.getLogger(SpringInitializer.class); - - private String[] rootServletContexts = null; - private String[] servletContexts = null; - - /** - * Application specific Spring initializer. - * - */ - public SpringInitializer() { - this.rootServletContexts = null; - this.servletContexts = new String[] { - "/applicationContext.xml", - - }; - } - - /* - * (non-Javadoc) - * - * @see - * org.springframework.web.WebApplicationInitializer#onStartup(javax.servlet. - * ServletContext) - */ - @Override - public void onStartup(ServletContext servletContext) throws ServletException { - try { - log.info("=============== Loading Config Root Context! ==============="); - final ApplicationContext cfgRootContext = - new ClassPathXmlApplicationContext(new String[] { - "/applicationContext.xml" - }); - - log.info("=============== Loading Root Context! ==============="); - final GenericWebApplicationContext rootContext = new GenericWebApplicationContext(); - rootContext.setServletContext(servletContext); - rootContext.setParent(cfgRootContext); - - log.info("Spring-context was initialized with active profiles: {}", - Arrays.asList(rootContext.getEnvironment().getActiveProfiles())); - - log.info("=============== Loading Local Contexts! ==============="); - final XmlBeanDefinitionReader xmlReader = new XmlBeanDefinitionReader( - rootContext); - if (rootServletContexts != null) { - for (final String rootServletContext : rootServletContexts) { - log.debug("Loading: " + rootServletContext); - xmlReader.loadBeanDefinitions(new ServletContextResource( - servletContext, rootServletContext)); - } - } - // Manage the lifecycle of the root application context - servletContext.addListener(new ContextLoaderListener(rootContext)); - - // log.debug("Beans after logAMQP in {}", rootContext); - // dumpBeanDefinitions(rootContext); - - log.info("=============== Loading SPI Context! ==============="); - log.debug("Loading modules and components"); - SpringLoader.loadSpringServices(rootContext); - - log.trace("Beans after SPI in " + rootContext); - dumpBeanDefinitions(rootContext); - - log.debug("Loading servlet config in " + rootContext); - if (servletContexts != null) { - for (final String servletContextString : servletContexts) { - xmlReader.loadBeanDefinitions(new ClassPathResource(servletContextString, SpringInitializer.class)); - } - - } - - log.debug("Refreshing context " + rootContext); - rootContext.refresh(); - - log.info("=============== Register Dispatcher Servlet! ==============="); - - log.trace("Final Beans in " + rootContext); - dumpBeanDefinitions(rootContext); - - log.info("Registering dispatcher configuration"); - final ServletRegistration.Dynamic dispatcher = servletContext.addServlet("dispatcher", - new DispatcherServlet(rootContext)); - if (dispatcher != null) { - dispatcher.setLoadOnStartup(1); - dispatcher.addMapping("/"); - dispatcher.setAsyncSupported(true); - - } else { - log.error("Failed to register dispatcher server in servlet context!"); - } - - log.info("=============== Register RequestContextListener! ==============="); - servletContext.addListener(new RequestContextListener()); - - // initialize status messenger - LogMessageProviderFactory.setStatusMessager(rootContext.getBean(IStatusMessenger.class)); - - log.info("Bootstrap openSAML .... "); - EaafOpenSaml3xInitializer.eaafInitialize(); - - log.info("Seed random number generator ... "); - Random.seedRandom(); - - log.info("Initialization of MS-specific eIDAS-connector finished."); - - } catch (final Throwable e) { - log.error("MS-specific eIDAS-connector initialization FAILED!", e); - - } - - } - - private void dumpBeanDefinitions(GenericApplicationContext context) { - log.trace("Registered Bean in context " + context.toString()); - - final String[] registeredBeans = context.getBeanDefinitionNames(); - for (final String registeredBean : registeredBeans) { - final BeanDefinition beanDefinition = context - .getBeanDefinition(registeredBean); - log.trace(registeredBean + " -> " + beanDefinition.getBeanClassName()); - - } - - log.trace("Registered Bean in context --" + context); - } -} diff --git a/connector/src/main/resources/applicationContext.xml b/connector/src/main/resources/applicationContext.xml index 8a21e68f..15ce0a55 100644 --- a/connector/src/main/resources/applicationContext.xml +++ b/connector/src/main/resources/applicationContext.xml @@ -39,13 +39,13 @@ location="${eidas.ms.configuration}" /> --> - + - + diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java index 5206c2e5..77037415 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java @@ -94,7 +94,7 @@ import szrservices.SignContentResponseType; }) @TestPropertySource(locations = { "file:src/test/resources/config/junit_config_1_springboot.properties" }) @DirtiesContext(classMode = ClassMode.AFTER_CLASS) -@ActiveProfiles(profiles = {"JUNIT", "jUnitTestMode", "springBoot"}) +@ActiveProfiles(profiles = {"JUNIT", "jUnitTestMode"}) public class FullStartUpAndProcessTest { private static final String FINAL_REDIRECT = "http://localhost/finalizeAuthProtocol?pendingid="; @@ -410,7 +410,7 @@ public class FullStartUpAndProcessTest { Assert.assertNotNull("eIDAS Node req", req); Assert.assertEquals("Wrong CC", cc, req.getCitizenCountryCode()); - Assert.assertEquals("Wrong CC", EaafConstants.EIDAS_LOA_SUBSTANTIAL, req.getLevelOfAssurance()); + Assert.assertEquals("Wrong CC", EaafConstants.EIDAS_LOA_HIGH, req.getLevelOfAssurance()); //set response from eIDAS node @@ -421,13 +421,13 @@ public class FullStartUpAndProcessTest { } private AuthenticationResponse buildDummyAuthResponse(String statusCode, String reqId) throws URISyntaxException { - final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first(); - final AttributeDefinition attributeDef2 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + final AttributeDefinition attributeDef2 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( Constants.eIDAS_ATTR_CURRENTFAMILYNAME).first(); - final AttributeDefinition attributeDef3 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + final AttributeDefinition attributeDef3 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( Constants.eIDAS_ATTR_CURRENTGIVENNAME).first(); - final AttributeDefinition attributeDef4 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + final AttributeDefinition attributeDef4 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( Constants.eIDAS_ATTR_DATEOFBIRTH).first(); final ImmutableAttributeMap attributeMap = ImmutableAttributeMap.builder() diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java index 5fd39383..a865c8bd 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java @@ -85,7 +85,7 @@ public class MainClassExecutableModeTest { SpringBootApplicationInitializer .main(new String[] { "--spring.config.location=src/test/resources/config/junit_config_1_springboot.properties,classpath:/application.properties", - "--spring.profiles.active=jUnitTestMode,springBoot" }); + "--spring.profiles.active=jUnitTestMode" }); System.out.println("Is started!"); diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java index ae0a45db..c390184b 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java @@ -82,7 +82,7 @@ public class MainClassWebAppModeTest { //starting application SpringBootApplicationInitializer .main(new String[] { - "--spring.profiles.active=jUnitTestMode,springBoot" }); + "--spring.profiles.active=jUnitTestMode" }); Assert.fail("Missing configuration not detected"); } catch (final Exception e) { -- cgit v1.2.3 From 85c0c06c4ccd513a32f9f562deeba4038dcb95f4 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Sat, 26 Dec 2020 19:17:15 +0100 Subject: update default-configuration and example configuration --- connector/src/main/resources/application.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'connector/src') diff --git a/connector/src/main/resources/application.properties b/connector/src/main/resources/application.properties index 68e07714..ef83d435 100644 --- a/connector/src/main/resources/application.properties +++ b/connector/src/main/resources/application.properties @@ -56,7 +56,7 @@ eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName=true eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier=true eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs=true -eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/substantial +eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/high #eidas.ms.auth.eIDAS.szrclient.useTestService=true #eidas.ms.auth.eIDAS.szrclient.endpoint.prod= -- cgit v1.2.3 From e229b7d5acafec28568fd8d45fbe86d8f215da69 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Sat, 26 Dec 2020 19:58:24 +0100 Subject: fix broken jUnit tests --- .../eidas/specific/connector/test/config/BasicConfigurationTest.java | 2 ++ .../connector/test/controller/ProcessEngineSignalControllerTest.java | 2 ++ .../eidas/specific/connector/test/saml2/Pvp2SProfileEndPointTest.java | 2 ++ .../specific/connector/test/task/EvaluateCountrySelectionTaskTest.java | 2 ++ .../connector/test/task/GenerateCountrySelectionFrameTaskTest.java | 2 ++ .../specific/connector/test/utils/AuthenticationDataBuilderTest.java | 2 ++ .../eidas/specific/connector/test/utils/AuthnRequestValidatorTest.java | 2 ++ connector/src/test/resources/config/junit_config_1.properties | 2 +- connector/src/test/resources/config/junit_config_3.properties | 1 + 9 files changed, 16 insertions(+), 1 deletion(-) (limited to 'connector/src') diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/config/BasicConfigurationTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/config/BasicConfigurationTest.java index 86342f99..80307ea2 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/config/BasicConfigurationTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/config/BasicConfigurationTest.java @@ -12,6 +12,7 @@ import org.opensaml.core.config.InitializationException; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.test.annotation.DirtiesContext; import org.springframework.test.annotation.DirtiesContext.ClassMode; +import org.springframework.test.context.ActiveProfiles; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import org.springframework.test.context.web.WebAppConfiguration; @@ -34,6 +35,7 @@ import net.shibboleth.utilities.java.support.component.ComponentInitializationEx "/spring/SpringTest-context_simple_storage.xml" }) @WebAppConfiguration @DirtiesContext(classMode = ClassMode.BEFORE_CLASS) +@ActiveProfiles(profiles = {"deprecatedConfig"}) public class BasicConfigurationTest { @Autowired private IConfigurationWithSP basicConfig; diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/controller/ProcessEngineSignalControllerTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/controller/ProcessEngineSignalControllerTest.java index cd502c48..d2c4aff2 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/controller/ProcessEngineSignalControllerTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/controller/ProcessEngineSignalControllerTest.java @@ -11,6 +11,7 @@ import org.junit.runner.RunWith; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.test.context.ActiveProfiles; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import org.springframework.test.context.web.WebAppConfiguration; @@ -29,6 +30,7 @@ import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; "/eaaf_pvp.beans.xml", "/eaaf_pvp_idp.beans.xml", "/spring/SpringTest-context_simple_storage.xml" }) +@ActiveProfiles(profiles = {"deprecatedConfig"}) @WebAppConfiguration public class ProcessEngineSignalControllerTest { diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/saml2/Pvp2SProfileEndPointTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/saml2/Pvp2SProfileEndPointTest.java index 81ee2625..bcba3e11 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/saml2/Pvp2SProfileEndPointTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/saml2/Pvp2SProfileEndPointTest.java @@ -39,6 +39,7 @@ import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.test.annotation.DirtiesContext; import org.springframework.test.annotation.DirtiesContext.ClassMode; +import org.springframework.test.context.ActiveProfiles; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import org.springframework.test.context.web.WebAppConfiguration; @@ -68,6 +69,7 @@ import net.shibboleth.utilities.java.support.xml.XMLParserException; "/eaaf_pvp.beans.xml", "/eaaf_pvp_idp.beans.xml", "/spring/SpringTest-context_simple_storage.xml" }) +@ActiveProfiles(profiles = {"deprecatedConfig"}) @WebAppConfiguration @DirtiesContext(classMode = ClassMode.BEFORE_CLASS) public class Pvp2SProfileEndPointTest { diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/task/EvaluateCountrySelectionTaskTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/task/EvaluateCountrySelectionTaskTest.java index 9d590055..4bff9416 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/task/EvaluateCountrySelectionTaskTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/task/EvaluateCountrySelectionTaskTest.java @@ -12,6 +12,7 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.i18n.LocaleContextHolder; import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.test.context.ActiveProfiles; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import org.springframework.test.context.web.WebAppConfiguration; @@ -34,6 +35,7 @@ import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; "/eaaf_pvp.beans.xml", "/eaaf_pvp_idp.beans.xml", "/spring/SpringTest-context_simple_storage.xml" }) +@ActiveProfiles(profiles = {"deprecatedConfig"}) @WebAppConfiguration public class EvaluateCountrySelectionTaskTest { diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/task/GenerateCountrySelectionFrameTaskTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/task/GenerateCountrySelectionFrameTaskTest.java index 2a1d7cd4..d902f758 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/task/GenerateCountrySelectionFrameTaskTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/task/GenerateCountrySelectionFrameTaskTest.java @@ -13,6 +13,7 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.i18n.LocaleContextHolder; import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.test.context.ActiveProfiles; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import org.springframework.test.context.web.WebAppConfiguration; @@ -32,6 +33,7 @@ import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; "/eaaf_pvp.beans.xml", "/eaaf_pvp_idp.beans.xml", "/spring/SpringTest-context_simple_storage.xml" }) +@ActiveProfiles(profiles = {"deprecatedConfig"}) @WebAppConfiguration public class GenerateCountrySelectionFrameTaskTest { diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java index 87abb06f..a5876169 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java @@ -21,6 +21,7 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.i18n.LocaleContextHolder; import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.test.context.ActiveProfiles; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import org.springframework.test.context.web.WebAppConfiguration; @@ -52,6 +53,7 @@ import net.shibboleth.utilities.java.support.component.ComponentInitializationEx @RunWith(SpringJUnit4ClassRunner.class) @ContextConfiguration({ "/applicationContext.xml", "/SpringTest_connector.beans.xml", "/eaaf_core.beans.xml", "/eaaf_pvp.beans.xml", "/eaaf_pvp_idp.beans.xml", "/spring/SpringTest-context_simple_storage.xml" }) +@ActiveProfiles(profiles = {"deprecatedConfig"}) @WebAppConfiguration public class AuthenticationDataBuilderTest { diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthnRequestValidatorTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthnRequestValidatorTest.java index a9929a01..9aafb4b6 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthnRequestValidatorTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthnRequestValidatorTest.java @@ -22,6 +22,7 @@ import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.test.annotation.DirtiesContext; import org.springframework.test.annotation.DirtiesContext.ClassMode; +import org.springframework.test.context.ActiveProfiles; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import org.springframework.test.context.web.WebAppConfiguration; @@ -52,6 +53,7 @@ import net.shibboleth.utilities.java.support.component.ComponentInitializationEx "/eaaf_pvp.beans.xml", "/eaaf_pvp_idp.beans.xml", "/spring/SpringTest-context_simple_storage.xml" }) +@ActiveProfiles(profiles = {"deprecatedConfig"}) @WebAppConfiguration @DirtiesContext(classMode = ClassMode.BEFORE_CLASS) public class AuthnRequestValidatorTest { diff --git a/connector/src/test/resources/config/junit_config_1.properties b/connector/src/test/resources/config/junit_config_1.properties index 429d3538..f6b3e4c1 100644 --- a/connector/src/test/resources/config/junit_config_1.properties +++ b/connector/src/test/resources/config/junit_config_1.properties @@ -1,7 +1,7 @@ ## Basic service configuration eidas.ms.context.url.prefix=http://localhost eidas.ms.context.url.request.validation=false -eidas.ms.core.configRootDir=file:./ +eidas.ms.core.configRootDir=file:./src/test/resources/config/ eidas.ms.context.use.clustermode=true diff --git a/connector/src/test/resources/config/junit_config_3.properties b/connector/src/test/resources/config/junit_config_3.properties index 32e30790..8b2c63a8 100644 --- a/connector/src/test/resources/config/junit_config_3.properties +++ b/connector/src/test/resources/config/junit_config_3.properties @@ -1,6 +1,7 @@ ## Basic service configuration eidas.ms.context.url.prefix= eidas.ms.context.url.request.validation=false +eidas.ms.core.configRootDir=file:./src/test/resources/config/ eidas.ms.context.use.clustermode=true -- cgit v1.2.3 From d9c6a5c8bf3cab0311fc25b38b308b22ec852a3e Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Mon, 28 Dec 2020 16:34:05 +0100 Subject: update SpringBoot application-initializer to enable package-scanning in application packages --- .../eidas/specific/connector/SpringBootApplicationInitializer.java | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'connector/src') diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringBootApplicationInitializer.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringBootApplicationInitializer.java index f0cf8698..1e84cbb0 100644 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringBootApplicationInitializer.java +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringBootApplicationInitializer.java @@ -12,7 +12,10 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xIniti import lombok.extern.slf4j.Slf4j; @Slf4j -@SpringBootApplication(scanBasePackages = {"at.gv.egiz.eaaf.utils.springboot.ajp"}) +@SpringBootApplication(scanBasePackages = { + "at.asitplus.eidas.specific.connector", + "at.gv.egiz.eaaf.utils.springboot.ajp" + }) public class SpringBootApplicationInitializer { private static ConfigurableApplicationContext ctx; -- cgit v1.2.3 From 278c8a6d1f0518dc9d0875dbec84614b19800d5d Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Thu, 7 Jan 2021 20:03:54 +0100 Subject: switch from custom monitoring to Spring-Actuator healthchecks --- .../connector/controller/MonitoringController.java | 279 --------------------- .../health/EidasNodeMetadataHealthIndicator.java | 69 +++++ .../health/Saml2MetadataHealthIndicator.java | 44 ++++ .../tasks/GenerateCountrySelectionFrameTask.java | 11 +- .../EidasCacheTransactionStoreDecorator.java | 32 ++- .../main/resources/SpringTest_connector.beans.xml | 129 ---------- .../resources/specific_eIDAS_connector.beans.xml | 7 +- .../test/MainClassExecutableModeTest.java | 14 +- .../connector/test/MainClassWebAppModeTest.java | 11 +- ...sNodeMetadataHealthIndicatorNoEndpointTest.java | 70 ++++++ .../EidasNodeMetadataHealthIndicatorTest.java | 102 ++++++++ .../test/utils/AuthenticationDataBuilderTest.java | 2 +- .../config/junit_config_1_springboot.properties | 2 +- .../config/junit_config_2_springboot.properties | 83 ++++++ .../spring/SpringTest-context_healthcheck.xml | 22 ++ .../spring/SpringTest_connector.beans.xml | 122 +++++++++ 16 files changed, 567 insertions(+), 432 deletions(-) delete mode 100644 connector/src/main/java/at/asitplus/eidas/specific/connector/controller/MonitoringController.java create mode 100644 connector/src/main/java/at/asitplus/eidas/specific/connector/health/EidasNodeMetadataHealthIndicator.java create mode 100644 connector/src/main/java/at/asitplus/eidas/specific/connector/health/Saml2MetadataHealthIndicator.java delete mode 100644 connector/src/main/resources/SpringTest_connector.beans.xml create mode 100644 connector/src/test/java/at/asitplus/eidas/specific/connector/test/health/EidasNodeMetadataHealthIndicatorNoEndpointTest.java create mode 100644 connector/src/test/java/at/asitplus/eidas/specific/connector/test/health/EidasNodeMetadataHealthIndicatorTest.java create mode 100644 connector/src/test/resources/config/junit_config_2_springboot.properties create mode 100644 connector/src/test/resources/spring/SpringTest-context_healthcheck.xml create mode 100644 connector/src/test/resources/spring/SpringTest_connector.beans.xml (limited to 'connector/src') diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/MonitoringController.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/MonitoringController.java deleted file mode 100644 index f2d9fc8c..00000000 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/MonitoringController.java +++ /dev/null @@ -1,279 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. -*/ - -package at.asitplus.eidas.specific.connector.controller; - -import java.io.IOException; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.xml.transform.TransformerFactoryConfigurationError; - -import org.apache.commons.lang3.StringUtils; -import org.apache.commons.text.StringEscapeUtils; -import org.apache.http.client.methods.CloseableHttpResponse; -import org.apache.http.client.methods.HttpGet; -import org.apache.http.client.methods.HttpUriRequest; -import org.apache.http.client.utils.URIBuilder; -import org.apache.http.impl.client.CloseableHttpClient; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Controller; -import org.springframework.web.bind.annotation.ExceptionHandler; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RequestMethod; - -import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; -import at.gv.egiz.eaaf.core.api.data.EaafConstants; -import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; -import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage; -import at.gv.egiz.eaaf.core.exceptions.EaafException; -import at.gv.egiz.eaaf.core.impl.http.IHttpClientFactory; -import at.gv.egiz.eaaf.core.impl.utils.DomUtils; -import at.gv.egiz.eaaf.core.impl.utils.Random; -import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataBuilderConfiguration; -import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataConfigurationFactory; -import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PvpMetadataBuilder; -import at.gv.egiz.eaaf.modules.pvp2.impl.utils.AbstractCredentialProvider; - -@Controller -public class MonitoringController { - private static final Logger log = LoggerFactory.getLogger(MonitoringController.class); - - private static final String MESSAGE_OK = "OK"; - private static final String MESSAGE_ERROR = "ERROR"; - private static final String MESSAGE_SKIPPED = "SKIPPED"; - - private static final String TEST_STORAGE = "Storage: "; - private static final String TEST_CONFIG = "Config: "; - private static final String TEST_PVPMETADATA = "PVP_metadata: "; - private static final String TEST_EIDASNODEMETADATA = "eIDASNode_metadata: "; - - @Autowired - private ITransactionStorage storage; - @Autowired - private IConfigurationWithSP config; - - @Autowired private IHttpClientFactory httpClientFactory; - - @Autowired - private PvpMetadataBuilder metadatabuilder; - @Autowired - private IPvpMetadataConfigurationFactory configFactory; - private AbstractCredentialProvider pvpIdpCredentials; - - /** - * Sets a specific credential provider for PVP S-Profile IDP component. - * - * @param pvpIdpCredentials credential provider - */ - public void setPvpIdpCredentials(AbstractCredentialProvider pvpIdpCredentials) { - this.pvpIdpCredentials = pvpIdpCredentials; - - } - - /** - * Generic exception handling that wrote an error-message to html response. - * - * @param resp Http response object - * @param exception Error - * @throws IOException In case of a html response error. - */ - @ExceptionHandler({ Throwable.class }) - public void genericExceptionHandler(HttpServletResponse resp, Exception exception) throws IOException { - log.error("Monitoring Servlet receives an error.", exception); - resp.setContentType(EaafConstants.CONTENTTYPE_HTML_UTF8); - resp.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); - resp.getWriter().write("Reason: " - + StringEscapeUtils.escapeHtml4(StringEscapeUtils.escapeEcmaScript(exception.getMessage()))); - - } - - /** - * MS-Connector status-monitoring end-point. - * - * @param req http request - * @param resp http response - * @throws IOException In case of a general processing error - */ - @RequestMapping(value = { MsEidasNodeConstants.ENDPOINT_MONITORING_MONITOR }, - method = { RequestMethod.GET }) - public void startFullTest(HttpServletRequest req, HttpServletResponse resp) throws IOException { - resp.setContentType(EaafConstants.CONTENTTYPE_HTML_UTF8); - - try { - testConfig(); - testStorage(); - testPvpMetadata(); - testEidasNodeMetadata(); - resp.setStatus(HttpServletResponse.SC_OK); - resp.getWriter().write(MESSAGE_OK); - - } catch (final Exception e) { - resp.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); - resp.getWriter().write(MESSAGE_ERROR); - - } - - } - - /** - * MS-Connector internal verify monitoring end-point. - * - * @param req http request object - * @param resp http response object - * @throws IOException In case of an internal processing error - */ - @RequestMapping(value = { MsEidasNodeConstants.ENDPOINT_MONITORING_VERIFY }, - method = { RequestMethod.GET }) - - public void startSingleTests(HttpServletRequest req, HttpServletResponse resp) throws IOException { - String result = StringUtils.EMPTY; - try { - result += testConfig() + "
"; - } catch (final Exception e) { - result += e.getMessage() + "
"; - } - - try { - result += testStorage() + "
"; - } catch (final Exception e) { - result += e.getMessage() + "
"; - } - - try { - result += testPvpMetadata() + "
"; - } catch (final Exception e) { - result += e.getMessage() + "
"; - } - - try { - result += testEidasNodeMetadata() + "
"; - } catch (final Exception e) { - result += e.getMessage() + "
"; - } - - resp.setContentType(EaafConstants.CONTENTTYPE_HTML_UTF8); - resp.setStatus(HttpServletResponse.SC_OK); - resp.getWriter().write(result); - - } - - private String testStorage() throws Exception { - try { - final String key = Random.nextHexRandom16(); - final String value = Random.nextHexRandom16(); - - storage.put(key, value, -1); - final String result = storage.get(key, String.class); - storage.remove(key); - - if (result != null && result.equals(value)) { - return TEST_STORAGE + MESSAGE_OK; - } else { - log.warn("Montioring: TestValue: " + value + " does NOT match in Storage test"); - } - - } catch (final EaafException e) { - log.warn("Montioring: Can not read/write to storage.", e); - - } - - throw new Exception(TEST_STORAGE + MESSAGE_ERROR); - - } - - private String testConfig() throws Exception { - try { - if (config.getBasicConfigurationWithPrefix(MsEidasNodeConstants.PROP_CONFIG_SP_LIST_PREFIX) != null - && config.getBasicConfigurationWithPrefix(MsEidasNodeConstants.PROP_CONFIG_SP_LIST_PREFIX) - .size() > 0) { - return TEST_CONFIG + MESSAGE_OK; - } else { - log.warn("Montioring: Can not read from configuration file."); - } - - } catch (final Exception e) { - log.warn("Montioring: Can not read from configuration file.", e); - } - - throw new Exception(TEST_CONFIG + MESSAGE_ERROR); - - } - - private String testPvpMetadata() throws Exception { - try { - // build metadata - final IPvpMetadataBuilderConfiguration metadataConfig = - configFactory.generateMetadataBuilderConfiguration( - "http://localhost/monitoring", - pvpIdpCredentials); - metadatabuilder.buildPvpMetadata(metadataConfig); - return TEST_PVPMETADATA + MESSAGE_OK; - - } catch (Exception | TransformerFactoryConfigurationError e) { - log.warn("Monitoring: Has an error in '" + TEST_PVPMETADATA + "': " + e.getMessage(), e); - throw new Exception(TEST_PVPMETADATA + MESSAGE_ERROR, e); - - } - - } - - private String testEidasNodeMetadata() throws Exception { - try { - final String urlString = config.getBasicConfiguration( - MsEidasNodeConstants.PROP_CONFIG_MONITORING_EIDASNODE_METADATAURL); - if (StringUtils.isEmpty(urlString)) { - log.debug("No eIDASNode metadata URL. Skipping test ... "); - return TEST_EIDASNODEMETADATA + MESSAGE_SKIPPED; - - } - - // create HTTP client - CloseableHttpClient httpClient = httpClientFactory.getHttpClient(); - URIBuilder uriBuilder = new URIBuilder(urlString); - HttpUriRequest request = new HttpGet(uriBuilder.build()); - - final CloseableHttpResponse respCode = httpClient.execute(request); - if (respCode.getStatusLine().getStatusCode() != 200) { - log.warn("Monitoring: Has an error in '" + TEST_EIDASNODEMETADATA + "': " + " HTTP responsecode: " - + respCode); - throw new Exception(TEST_EIDASNODEMETADATA + MESSAGE_ERROR); - - } - - // parse metadata - DomUtils.parseXmlNonValidating(respCode.getEntity().getContent()); - - return TEST_EIDASNODEMETADATA + MESSAGE_OK; - - } catch (Exception | TransformerFactoryConfigurationError e) { - log.warn("Monitoring: Has an error in '" + TEST_EIDASNODEMETADATA + "': " + e.getMessage(), e); - throw new Exception(TEST_EIDASNODEMETADATA + MESSAGE_ERROR, e); - - } - - } - -} diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/health/EidasNodeMetadataHealthIndicator.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/health/EidasNodeMetadataHealthIndicator.java new file mode 100644 index 00000000..f160916c --- /dev/null +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/health/EidasNodeMetadataHealthIndicator.java @@ -0,0 +1,69 @@ +package at.asitplus.eidas.specific.connector.health; + +import java.io.ByteArrayInputStream; + +import javax.xml.transform.TransformerFactoryConfigurationError; + +import org.apache.commons.lang3.StringUtils; +import org.apache.http.StatusLine; +import org.apache.http.client.methods.HttpGet; +import org.apache.http.client.methods.HttpUriRequest; +import org.apache.http.client.utils.URIBuilder; +import org.apache.http.entity.ContentType; +import org.apache.http.impl.client.CloseableHttpClient; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.actuate.health.Health; +import org.springframework.boot.actuate.health.HealthIndicator; + +import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.impl.data.Triple; +import at.gv.egiz.eaaf.core.impl.http.HttpUtils; +import at.gv.egiz.eaaf.core.impl.http.IHttpClientFactory; +import at.gv.egiz.eaaf.core.impl.utils.DomUtils; +import lombok.extern.slf4j.Slf4j; + +@Slf4j +public class EidasNodeMetadataHealthIndicator implements HealthIndicator { + + @Autowired IConfiguration config; + @Autowired IHttpClientFactory httpClientFactory; + + @Override + public Health health() { + try { + final String urlString = config.getBasicConfiguration( + MsEidasNodeConstants.PROP_CONFIG_MONITORING_EIDASNODE_METADATAURL); + if (StringUtils.isEmpty(urlString)) { + log.trace("No eIDASNode metadata URL. Skipping test ... "); + return Health.unknown().build(); + + } + + // create HTTP client + CloseableHttpClient httpClient = httpClientFactory.getHttpClient(); + URIBuilder uriBuilder = new URIBuilder(urlString); + HttpUriRequest request = new HttpGet(uriBuilder.build()); + + final Triple respCode = httpClient.execute(request, + HttpUtils.bodyStatusCodeResponseHandler()); + if (respCode.getFirst().getStatusCode() != 200) { + log.warn("Monitoring: Get http StatusCode: {} from eIDAS-Node Metadata endpoint", + respCode.getFirst().getStatusCode()); + return Health.down().withDetail("http StatusCode", respCode.getFirst().getStatusCode()).build(); + + } + + // parse metadata + DomUtils.parseXmlNonValidating(respCode.getSecond()); + + return Health.up().build(); + + } catch (Exception | TransformerFactoryConfigurationError e) { + log.warn("Monitoring: Can not read SAML2 metadata from eIDAS-Node", e); + return Health.down().down(e).build(); + + } + } + +} diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/health/Saml2MetadataHealthIndicator.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/health/Saml2MetadataHealthIndicator.java new file mode 100644 index 00000000..592231b0 --- /dev/null +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/health/Saml2MetadataHealthIndicator.java @@ -0,0 +1,44 @@ +package at.asitplus.eidas.specific.connector.health; + +import javax.xml.transform.TransformerFactoryConfigurationError; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.actuate.health.Health; +import org.springframework.boot.actuate.health.HealthIndicator; + +import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataBuilderConfiguration; +import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataConfigurationFactory; +import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PvpMetadataBuilder; +import at.gv.egiz.eaaf.modules.pvp2.impl.utils.AbstractCredentialProvider; +import lombok.Setter; +import lombok.extern.slf4j.Slf4j; + +@Slf4j +public class Saml2MetadataHealthIndicator implements HealthIndicator { + + @Autowired + private PvpMetadataBuilder metadatabuilder; + @Autowired + private IPvpMetadataConfigurationFactory configFactory; + + @Setter + private AbstractCredentialProvider pvpIdpCredentials; + + @Override + public Health health() { + try { + // build metadata + final IPvpMetadataBuilderConfiguration metadataConfig = + configFactory.generateMetadataBuilderConfiguration( + "http://localhost/monitoring", + pvpIdpCredentials); + metadatabuilder.buildPvpMetadata(metadataConfig); + return Health.up().build(); + + } catch (Exception | TransformerFactoryConfigurationError e) { + return Health.down().down(e).build(); + + } + } + +} diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/processes/tasks/GenerateCountrySelectionFrameTask.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/processes/tasks/GenerateCountrySelectionFrameTask.java index 86808f01..d3b8116a 100644 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/processes/tasks/GenerateCountrySelectionFrameTask.java +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/processes/tasks/GenerateCountrySelectionFrameTask.java @@ -26,8 +26,6 @@ package at.asitplus.eidas.specific.connector.processes.tasks; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; @@ -39,7 +37,6 @@ import at.gv.egiz.eaaf.core.api.gui.ISpringMvcGuiFormBuilder; import at.gv.egiz.eaaf.core.api.idp.IConfiguration; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.exceptions.EaafException; -import at.gv.egiz.eaaf.core.exceptions.GuiBuildException; import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask; @@ -51,7 +48,6 @@ import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask; */ @Component("GenerateCountrySelectionFrameTask") public class GenerateCountrySelectionFrameTask extends AbstractAuthServletTask { - private static final Logger log = LoggerFactory.getLogger(GenerateCountrySelectionFrameTask.class); @Autowired ISpringMvcGuiFormBuilder guiBuilder; @@ -77,16 +73,11 @@ public class GenerateCountrySelectionFrameTask extends AbstractAuthServletTask { guiBuilder.build(request, response, config, "BKU-Selection form"); - } catch (final GuiBuildException e) { - log.warn("Can not build GUI:'BKU-Selection'. Msg:" + e.getMessage()); + } catch (final Exception e) { throw new TaskExecutionException(pendingReq, "Can not build GUI. Msg:" + e.getMessage(), new EaafException("gui.00", new Object[] { e.getMessage() }, e)); - } catch (final Exception e) { - log.warn("FinalizeAuthenticationTask has an internal error", e); - throw new TaskExecutionException(pendingReq, e.getMessage(), e); - } } diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/storage/EidasCacheTransactionStoreDecorator.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/storage/EidasCacheTransactionStoreDecorator.java index 557e245a..1ea5a280 100644 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/storage/EidasCacheTransactionStoreDecorator.java +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/storage/EidasCacheTransactionStoreDecorator.java @@ -30,17 +30,46 @@ import java.util.List; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.actuate.health.Health; +import org.springframework.boot.actuate.health.HealthIndicator; import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage; import at.gv.egiz.eaaf.core.exceptions.EaafException; import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; +import at.gv.egiz.eaaf.core.impl.utils.Random; -public class EidasCacheTransactionStoreDecorator implements ITransactionStorage { +public class EidasCacheTransactionStoreDecorator implements ITransactionStorage, HealthIndicator { private static final Logger log = LoggerFactory.getLogger(EidasCacheTransactionStoreDecorator.class); @Autowired(required = true) private CacheWithEidasBackend storage; + @Override + public Health health() { + try { + final String key = Random.nextHexRandom16(); + final String value = Random.nextHexRandom16(); + + this.put(key, value, -1); + final String result = this.get(key, String.class); + this.remove(key); + + if (result != null && result.equals(value)) { + return Health.up().build(); + + } else { + log.warn("Montioring: TestValue: " + value + " does NOT match in Storage test"); + return Health.down().build(); + + } + + } catch (final EaafException e) { + log.warn("Montioring: Can not read/write to storage.", e); + return Health.down().down(e).build(); + + } + } + @Override public void changeKey(String oldKey, String newKey, Object value) throws EaafException { if (containsKey(oldKey)) { @@ -148,5 +177,4 @@ public class EidasCacheTransactionStoreDecorator implements ITransactionStorage } } - } diff --git a/connector/src/main/resources/SpringTest_connector.beans.xml b/connector/src/main/resources/SpringTest_connector.beans.xml deleted file mode 100644 index 5cf0d5b8..00000000 --- a/connector/src/main/resources/SpringTest_connector.beans.xml +++ /dev/null @@ -1,129 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - \ No newline at end of file diff --git a/connector/src/main/resources/specific_eIDAS_connector.beans.xml b/connector/src/main/resources/specific_eIDAS_connector.beans.xml index aa5040fa..f6fdeefe 100644 --- a/connector/src/main/resources/specific_eIDAS_connector.beans.xml +++ b/connector/src/main/resources/specific_eIDAS_connector.beans.xml @@ -19,13 +19,16 @@ - + + + diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java index a865c8bd..9f4088f2 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java @@ -84,7 +84,7 @@ public class MainClassExecutableModeTest { public void validConfigLocation() throws Throwable { SpringBootApplicationInitializer .main(new String[] { - "--spring.config.location=src/test/resources/config/junit_config_1_springboot.properties,classpath:/application.properties", + "--spring.config.location=src/test/resources/config/junit_config_2_springboot.properties,classpath:/application.properties", "--spring.profiles.active=jUnitTestMode" }); System.out.println("Is started!"); @@ -100,10 +100,14 @@ public class MainClassExecutableModeTest { final CloseableHttpClient client = builder.build(); Assert.assertNotNull("httpClient", client); - final HttpUriRequest httpGet1 = new HttpGet("http://localhost:8080/ms_connector/actuator/info"); - final CloseableHttpResponse httpResp1 = client.execute(httpGet1); - Assert.assertEquals("http statusCode", 200, httpResp1.getStatusLine().getStatusCode()); - + final HttpUriRequest httpGetInfo = new HttpGet("http://localhost:8080/ms_connector/actuator/info"); + final CloseableHttpResponse httpRespInfo = client.execute(httpGetInfo); + Assert.assertEquals("http statusCode", 200, httpRespInfo.getStatusLine().getStatusCode()); + + final HttpUriRequest httpGetHealth = new HttpGet("http://localhost:8080/ms_connector/actuator/health"); + final CloseableHttpResponse httpRespHealth = client.execute(httpGetHealth); + Assert.assertEquals("http statusCode", 200, httpRespHealth.getStatusLine().getStatusCode()); + } } diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java index c390184b..07ef4968 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java @@ -120,10 +120,15 @@ public class MainClassWebAppModeTest { final CloseableHttpClient client = builder.build(); Assert.assertNotNull("httpClient", client); - final HttpUriRequest httpGet1 = new HttpGet("http://localhost:8080/ms_connector/actuator/info"); - final CloseableHttpResponse httpResp1 = client.execute(httpGet1); - Assert.assertEquals("http statusCode", 200, httpResp1.getStatusLine().getStatusCode()); + final HttpUriRequest httpGetInfo = new HttpGet("http://localhost:8080/ms_connector/actuator/info"); + final CloseableHttpResponse httpRespInfo = client.execute(httpGetInfo); + Assert.assertEquals("http statusCode", 200, httpRespInfo.getStatusLine().getStatusCode()); + + final HttpUriRequest httpGetHealth = new HttpGet("http://localhost:8080/ms_connector/actuator/health"); + final CloseableHttpResponse httpRespHealth = client.execute(httpGetHealth); + Assert.assertEquals("http statusCode", 503, httpRespHealth.getStatusLine().getStatusCode()); + } } diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/health/EidasNodeMetadataHealthIndicatorNoEndpointTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/health/EidasNodeMetadataHealthIndicatorNoEndpointTest.java new file mode 100644 index 00000000..b04a5bdb --- /dev/null +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/health/EidasNodeMetadataHealthIndicatorNoEndpointTest.java @@ -0,0 +1,70 @@ +package at.asitplus.eidas.specific.connector.test.health; + +import java.io.IOException; + +import org.apache.commons.io.IOUtils; +import org.junit.AfterClass; +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.actuate.health.Health; +import org.springframework.http.MediaType; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.TestPropertySource; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.test.context.web.WebAppConfiguration; + +import at.asitplus.eidas.specific.connector.health.EidasNodeMetadataHealthIndicator; +import okhttp3.mockwebserver.MockResponse; +import okhttp3.mockwebserver.MockWebServer; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/spring/SpringTest-context_healthcheck.xml" }) +@TestPropertySource(locations = {"classpath:/config/junit_config_2_springboot.properties"}) +@WebAppConfiguration +public class EidasNodeMetadataHealthIndicatorNoEndpointTest { + + @Autowired EidasNodeMetadataHealthIndicator health; + + private static MockWebServer mockWebServer = null; + + /** + * Testclass initializer. + * + * @throws IOException In case of an error + */ + @BeforeClass + public static void classInitializer() throws IOException { + mockWebServer = new MockWebServer(); + mockWebServer.start(40900); + mockWebServer.url("/mockup"); + + } + + @AfterClass + public static void resetTestEnviroment() throws NoSuchFieldException, SecurityException, + IllegalArgumentException, IllegalAccessException, IOException { + mockWebServer.shutdown(); + + } + + @Test + public void noEndpointInConfiguration() throws IOException { + //set-up status + mockWebServer.enqueue(new MockResponse().setResponseCode(200) + .setBody(IOUtils.toString(EidasNodeMetadataHealthIndicatorNoEndpointTest.class + .getResourceAsStream("/config/log4j.properties"), "UTF-8")) + .setHeader("Content-Type", MediaType.APPLICATION_XML)); + + //perform test + Health status = health.health(); + + //validate state + Assert.assertEquals("wrong healthState", Health.unknown().build().getStatus(), status.getStatus()); + + } + +} diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/health/EidasNodeMetadataHealthIndicatorTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/health/EidasNodeMetadataHealthIndicatorTest.java new file mode 100644 index 00000000..b044d4d2 --- /dev/null +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/health/EidasNodeMetadataHealthIndicatorTest.java @@ -0,0 +1,102 @@ +package at.asitplus.eidas.specific.connector.test.health; + +import java.io.IOException; + +import org.apache.commons.io.IOUtils; +import org.junit.AfterClass; +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.actuate.health.Health; +import org.springframework.http.MediaType; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.TestPropertySource; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.test.context.web.WebAppConfiguration; + +import at.asitplus.eidas.specific.connector.health.EidasNodeMetadataHealthIndicator; +import okhttp3.mockwebserver.MockResponse; +import okhttp3.mockwebserver.MockWebServer; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/spring/SpringTest-context_healthcheck.xml" }) +@TestPropertySource(locations = {"classpath:/config/junit_config_1_springboot.properties"}) +@WebAppConfiguration +public class EidasNodeMetadataHealthIndicatorTest { + + @Autowired EidasNodeMetadataHealthIndicator health; + + private static MockWebServer mockWebServer = null; + + /** + * Testclass initializer. + * + * @throws IOException In case of an error + */ + @BeforeClass + public static void classInitializer() throws IOException { + mockWebServer = new MockWebServer(); + mockWebServer.start(40900); + mockWebServer.url("/mockup"); + + } + + @AfterClass + public static void resetTestEnviroment() throws NoSuchFieldException, SecurityException, + IllegalArgumentException, IllegalAccessException, IOException { + mockWebServer.shutdown(); + + } + + @Test + public void httpStatusCode500() throws IOException { + //set-up status + mockWebServer.enqueue(new MockResponse().setResponseCode(500) + .setBody(IOUtils.toString(EidasNodeMetadataHealthIndicatorTest.class + .getResourceAsStream("/data/metadata_valid.xml"), "UTF-8")) + .setHeader("Content-Type", MediaType.APPLICATION_XML)); + + //perform test + Health status = health.health(); + + //validate state + Assert.assertEquals("wrong healthState", Health.down().build().getStatus(), status.getStatus()); + + } + + @Test + public void httpStatusCode200() throws IOException { + //set-up status + mockWebServer.enqueue(new MockResponse().setResponseCode(200) + .setBody(IOUtils.toString(EidasNodeMetadataHealthIndicatorTest.class + .getResourceAsStream("/data/metadata_valid.xml"), "UTF-8")) + .setHeader("Content-Type", MediaType.APPLICATION_XML)); + + //perform test + Health status = health.health(); + + //validate state + Assert.assertEquals("wrong healthState", Health.up().build().getStatus(), status.getStatus()); + + } + + @Test + public void noXmlResponse() throws IOException { + //set-up status + mockWebServer.enqueue(new MockResponse().setResponseCode(200) + .setBody(IOUtils.toString(EidasNodeMetadataHealthIndicatorTest.class + .getResourceAsStream("/config/log4j.properties"), "UTF-8")) + .setHeader("Content-Type", MediaType.APPLICATION_XML)); + + //perform test + Health status = health.health(); + + //validate state + Assert.assertEquals("wrong healthState", Health.down().build().getStatus(), status.getStatus()); + + } + +} diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java index a5876169..5f1c5dcf 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java @@ -51,7 +51,7 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xIniti import net.shibboleth.utilities.java.support.component.ComponentInitializationException; @RunWith(SpringJUnit4ClassRunner.class) -@ContextConfiguration({ "/applicationContext.xml", "/SpringTest_connector.beans.xml", "/eaaf_core.beans.xml", +@ContextConfiguration({ "/applicationContext.xml", "/spring/SpringTest_connector.beans.xml", "/eaaf_core.beans.xml", "/eaaf_pvp.beans.xml", "/eaaf_pvp_idp.beans.xml", "/spring/SpringTest-context_simple_storage.xml" }) @ActiveProfiles(profiles = {"deprecatedConfig"}) @WebAppConfiguration diff --git a/connector/src/test/resources/config/junit_config_1_springboot.properties b/connector/src/test/resources/config/junit_config_1_springboot.properties index ecb22dec..e63cda7b 100644 --- a/connector/src/test/resources/config/junit_config_1_springboot.properties +++ b/connector/src/test/resources/config/junit_config_1_springboot.properties @@ -13,7 +13,7 @@ eidas.ms.core.configRootDir=file:./src/test/resources/config/ eidas.ms.context.use.clustermode=true ##Monitoring -eidas.ms.monitoring.eIDASNode.metadata.url= +eidas.ms.monitoring.eIDASNode.metadata.url=http://localhost:40900/mockup ## extended validation of pending-request Id's eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret diff --git a/connector/src/test/resources/config/junit_config_2_springboot.properties b/connector/src/test/resources/config/junit_config_2_springboot.properties new file mode 100644 index 00000000..ecb22dec --- /dev/null +++ b/connector/src/test/resources/config/junit_config_2_springboot.properties @@ -0,0 +1,83 @@ +## embbeded Tomcat +tomcat.workingdir=./target/work +tomcat.ajp.enabled=true +tomcat.ajp.port=8009 +tomcat.ajp.networkAddress=127.0.0.1 +tomcat.ajp.additionalAttributes.secretrequired=true +tomcat.ajp.additionalAttributes.secret=junit + +## Basic service configuration +eidas.ms.context.url.prefix=http://localhost +eidas.ms.core.configRootDir=file:./src/test/resources/config/ + +eidas.ms.context.use.clustermode=true + +##Monitoring +eidas.ms.monitoring.eIDASNode.metadata.url= + +## extended validation of pending-request Id's +eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret + +## eIDAS Ref. Implementation connector ### +eidas.ms.auth.eIDAS.node_v2.forward.endpoint=http://eidas.node/junit + +eidas.ms.auth.eIDAS.szrclient.useTestService=true +eidas.ms.auth.eIDAS.szrclient.endpoint.prod= +eidas.ms.auth.eIDAS.szrclient.endpoint.test=http://localhost:1234/demoszr +eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.path=keys/junit.jks +eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.password=password +eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.path= +eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.password= + +#tech. AuthBlock signing for E-ID process +eidas.ms.auth.eIDAS.authblock.keystore.password=f/+saJBc3a}*/T^s +eidas.ms.auth.eIDAS.authblock.keystore.friendlyName=connectorkeypair +eidas.ms.auth.eIDAS.authblock.keystore.path=keys/teststore.jks +eidas.ms.auth.eIDAS.authblock.keystore.type=jks +eidas.ms.auth.eIDAS.authblock.key.alias=connectorkeypair +eidas.ms.auth.eIDAS.authblock.key.password=f/+saJBc3a}*/T^s + + +#Raw eIDAS Id data storage +eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=true +eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=false + + + +## PVP2 S-Profile end-point configuration +eidas.ms.pvp2.keystore.type=jks +eidas.ms.pvp2.keystore.path=keys/junit.jks +eidas.ms.pvp2.keystore.password=password +eidas.ms.pvp2.key.metadata.alias=meta +eidas.ms.pvp2.key.metadata.password=password +eidas.ms.pvp2.key.signing.alias=sig +eidas.ms.pvp2.key.signing.password=password +eidas.ms.pvp2.metadata.validity=24 + +eidas.ms.pvp2.metadata.organisation.name=JUnit +eidas.ms.pvp2.metadata.organisation.friendyname=For testing with jUnit +eidas.ms.pvp2.metadata.organisation.url=http://junit.test +eidas.ms.pvp2.metadata.contact.givenname=Max +eidas.ms.pvp2.metadata.contact.surname=Mustermann +eidas.ms.pvp2.metadata.contact.email=max@junit.test + +## Service Provider configuration +eidas.ms.sp.0.uniqueID=https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata +eidas.ms.sp.0.pvp2.metadata.truststore=keys/junit.jks +eidas.ms.sp.0.pvp2.metadata.truststore.password=password +eidas.ms.sp.0.friendlyName=jUnit test +eidas.ms.sp.0.newEidMode=true + +#eidas.ms.sp.0.pvp2.metadata.url= +#eidas.ms.sp.0.policy.allowed.requested.targets=.* +#eidas.ms.sp.0.policy.hasBaseIdTransferRestriction=false + +## Service Provider configuration +eidas.ms.sp.1.uniqueID=https://demo.egiz.gv.at/junit_test +eidas.ms.sp.1.pvp2.metadata.truststore=keys/junit.jks +eidas.ms.sp.1.pvp2.metadata.truststore.password=password +eidas.ms.sp.1.friendlyName=jUnit test +eidas.ms.sp.1.pvp2.metadata.url=http://junit.test/metadata +eidas.ms.sp.1.policy.allowed.requested.targets=test +eidas.ms.sp.1.policy.hasBaseIdTransferRestriction=true + diff --git a/connector/src/test/resources/spring/SpringTest-context_healthcheck.xml b/connector/src/test/resources/spring/SpringTest-context_healthcheck.xml new file mode 100644 index 00000000..3bac88e3 --- /dev/null +++ b/connector/src/test/resources/spring/SpringTest-context_healthcheck.xml @@ -0,0 +1,22 @@ + + + + + + + + + + + + \ No newline at end of file diff --git a/connector/src/test/resources/spring/SpringTest_connector.beans.xml b/connector/src/test/resources/spring/SpringTest_connector.beans.xml new file mode 100644 index 00000000..ba385cb9 --- /dev/null +++ b/connector/src/test/resources/spring/SpringTest_connector.beans.xml @@ -0,0 +1,122 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file -- cgit v1.2.3 From 8d8221ab72222bae0fe50bfd1e8b4266eec40e11 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Sat, 9 Jan 2021 18:55:15 +0100 Subject: add HealthIndicator to check Apache-Ignite cluster-state --- .../health/IgniteClusterHealthIndicator.java | 52 ++++++++++++++++++++++ .../specific_eIDAS_connector.storage.beans.xml | 9 ++-- .../test/MainClassExecutableModeTest.java | 2 +- 3 files changed, 59 insertions(+), 4 deletions(-) create mode 100644 connector/src/main/java/at/asitplus/eidas/specific/connector/health/IgniteClusterHealthIndicator.java (limited to 'connector/src') diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/health/IgniteClusterHealthIndicator.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/health/IgniteClusterHealthIndicator.java new file mode 100644 index 00000000..10517565 --- /dev/null +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/health/IgniteClusterHealthIndicator.java @@ -0,0 +1,52 @@ +package at.asitplus.eidas.specific.connector.health; + +import org.apache.ignite.Ignite; +import org.springframework.boot.actuate.health.Health; +import org.springframework.boot.actuate.health.HealthIndicator; + +import eu.eidas.auth.cache.IgniteInstanceInitializerSpecificCommunication; +import lombok.Setter; +import lombok.extern.slf4j.Slf4j; + +/** + * HealthCheck that validate Nodes in Apache-Ignite Cluster. + * + * @author tlenz + * + */ +@Slf4j +public class IgniteClusterHealthIndicator implements HealthIndicator { + + @Setter + protected IgniteInstanceInitializerSpecificCommunication igniteInstanceInitializerSpecificCommunication; + + @Override + public Health health() { + final Ignite instance = igniteInstanceInitializerSpecificCommunication.getInstance(); + + // check if Apache Ignite cluster is active + if (!instance.cluster().active()) { + return Health.outOfService().build(); + + } + + final Health.Builder healthBuilder; + // Status UP requires more than 1 node because MS-Connector and eIDAS-Node operations as + // micro-services + if (instance.cluster().nodes().size() > 1) { + healthBuilder = Health.up(); + + } else { + // Something looks wrong if only a single node was found because MS-Connector and eIDAS-Node + // operations as micro-services + healthBuilder = Health.outOfService(); + + } + + healthBuilder.withDetail("#Nodes", instance.cluster().nodes().size()); + log.trace("Ignite state. #Nodes: {}", instance.cluster().nodes().size()); + return healthBuilder.build(); + + } + +} diff --git a/connector/src/main/resources/specific_eIDAS_connector.storage.beans.xml b/connector/src/main/resources/specific_eIDAS_connector.storage.beans.xml index 08c7b672..2e4d1742 100644 --- a/connector/src/main/resources/specific_eIDAS_connector.storage.beans.xml +++ b/connector/src/main/resources/specific_eIDAS_connector.storage.beans.xml @@ -27,12 +27,15 @@ - + + + + +