From 26e422ff90f2a4fb9d2d25c0b2328b365fe5f0d7 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 11 Dec 2020 16:33:00 +0100 Subject: add 'findSecBugs' plug-in into 'spotBugs' module and solve bugs or exclude false-positive update gitlab-ci configuration to display jUnit test-coverage --- .../eidas/specific/connector/controller/MonitoringController.java | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'connector/src') diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/MonitoringController.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/MonitoringController.java index aa45c836..f2d9fc8c 100644 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/MonitoringController.java +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/MonitoringController.java @@ -34,6 +34,7 @@ import org.apache.commons.text.StringEscapeUtils; import org.apache.http.client.methods.CloseableHttpResponse; import org.apache.http.client.methods.HttpGet; import org.apache.http.client.methods.HttpUriRequest; +import org.apache.http.client.utils.URIBuilder; import org.apache.http.impl.client.CloseableHttpClient; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -250,9 +251,9 @@ public class MonitoringController { } // create HTTP client - // TODO: update if we switch to openSAML3 - CloseableHttpClient httpClient = httpClientFactory.getHttpClient(); - HttpUriRequest request = new HttpGet(urlString); + CloseableHttpClient httpClient = httpClientFactory.getHttpClient(); + URIBuilder uriBuilder = new URIBuilder(urlString); + HttpUriRequest request = new HttpGet(uriBuilder.build()); final CloseableHttpResponse respCode = httpClient.execute(request); if (respCode.getStatusLine().getStatusCode() != 200) { -- cgit v1.2.3 From 583c57b9eb692c7db34b618116294796e527eafe Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 11 Dec 2020 22:15:27 +0100 Subject: add more jUnit tests for stabilisation --- .../builder/AuthenticationDataBuilder.java | 77 +++--- .../test/AuthenticationDataBuilderTest.java | 297 ++++++++++++++++++-- .../attributes/AuthBlockAttributeBuilderTest.java | 14 + .../attributes/EidasBindAttributeBuilderTest.java | 32 ++- .../test/saml2/Pvp2SProfileEndPointTest.java | 298 +++++++++++++++++++++ .../resources/config/junit_config_1.properties | 2 +- .../src/test/resources/config/keys/Metadata.pem | 18 ++ connector/src/test/resources/data/metadata.xml | 106 ++++++++ connector/src/test/resources/data/pvp2_authn_1.xml | 2 +- connector/src/test/resources/data/test_idl_1.xml | 46 ++++ .../eidas/v2/tasks/CreateIdentityLinkTask.java | 2 + .../tasks/CreateIdentityLinkTaskEidNewTest.java | 52 ++-- 12 files changed, 851 insertions(+), 95 deletions(-) create mode 100644 connector/src/test/java/at/asitplus/eidas/specific/connector/test/saml2/Pvp2SProfileEndPointTest.java create mode 100644 connector/src/test/resources/config/keys/Metadata.pem create mode 100644 connector/src/test/resources/data/metadata.xml create mode 100644 connector/src/test/resources/data/test_idl_1.xml (limited to 'connector/src') diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java index 13cceafb..c41660ce 100644 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java @@ -25,70 +25,63 @@ package at.asitplus.eidas.specific.connector.builder; import java.util.Date; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; import org.springframework.stereotype.Service; -import org.w3c.dom.DOMException; import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions; import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.api.idp.auth.data.IAuthProcessDataContainer; -import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException; import at.gv.egiz.eaaf.core.exceptions.EaafBuilderException; -import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; import at.gv.egiz.eaaf.core.exceptions.EaafException; -import at.gv.egiz.eaaf.core.exceptions.EaafParserException; -import at.gv.egiz.eaaf.core.exceptions.XPathException; import at.gv.egiz.eaaf.core.impl.data.Pair; import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData; import at.gv.egiz.eaaf.core.impl.idp.auth.builder.AbstractAuthenticationDataBuilder; import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; +import lombok.extern.slf4j.Slf4j; @Service("AuthenticationDataBuilder") +@Slf4j public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder { - private static final Logger log = LoggerFactory.getLogger(AuthenticationDataBuilder.class); - + @Override - public IAuthData buildAuthenticationData(IRequest pendingReq) throws EaafAuthenticationException { - - final IAuthProcessDataContainer authProcessData = pendingReq.getSessionData(AuthProcessDataWrapper.class); + protected IAuthData buildDeprecatedAuthData(IRequest pendingReq) throws EaafException { + final IAuthProcessDataContainer authProcessData = + pendingReq.getSessionData(AuthProcessDataWrapper.class); AuthenticationData authData = new AuthenticationData(); - - boolean isEidModeNew = pendingReq.getServiceProviderConfiguration() - .isConfigurationValue(MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE, false); - - if (isEidModeNew) { - authData = (AuthenticationData) super.buildAuthenticationData(pendingReq); - } else { - try { - generateDeprecatedBasicAuthData(authData, pendingReq, authProcessData); - - // set specific informations - authData.setSsoSessionValidTo( - new Date(new Date().getTime() + MsEidasNodeConstants.DEFAULT_PVP_ASSERTION_VALIDITY * 60 * 1000)); - - } catch (EaafBuilderException | EaafParserException - | EaafConfigurationException | XPathException | DOMException e) { - log.warn("Can not build authentication data from auth. process information"); - throw new EaafAuthenticationException("builder.11", new Object[]{e.getMessage()}, e); - - } - } + + //set basis infos + super.generateDeprecatedBasicAuthData(authData, pendingReq, authProcessData); + + // set specific informations + authData.setSsoSessionValidTo( + new Date(new Date().getTime() + MsEidasNodeConstants.DEFAULT_PVP_ASSERTION_VALIDITY * 60 * 1000)); + return authData; - } - - @Override - protected IAuthData buildDeprecatedAuthData(IRequest arg0) throws EaafException { - return new AuthenticationData(); } @Override - protected void buildServiceSpecificAuthenticationData(IAuthData arg0, IRequest arg1) throws EaafException { - // TODO Auto-generated method stub - + protected void buildServiceSpecificAuthenticationData(IAuthData authData, IRequest pendingReq) + throws EaafException { + if (authData instanceof AuthenticationData) { + ((AuthenticationData)authData).setGenericData( + ExtendedPvpAttributeDefinitions.EID_PII_TRANSACTION_ID_NAME, + pendingReq.getUniquePiiTransactionIdentifier()); + log.trace("Inject piiTransactionId: {} into AuthData", pendingReq.getUniquePiiTransactionIdentifier()); + + // set specific informations + ((AuthenticationData)authData).setSsoSessionValidTo( + new Date(new Date().getTime() + MsEidasNodeConstants.DEFAULT_PVP_ASSERTION_VALIDITY * 60 * 1000)); + + + } else { + throw new RuntimeException("Can not inject PiiTransactionId because AuthData is of unknown type: " + + authData.getClass().getName()); + + } + } @Override @@ -100,8 +93,6 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder @Override protected Pair buildOAspecificbPK(IRequest pendingReq, AuthenticationData authData) throws EaafBuilderException { - // TODO: check if bPK already exists - return super.buildOAspecificbPK(pendingReq, authData); } diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthenticationDataBuilderTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthenticationDataBuilderTest.java index 1721fe61..316dcb5f 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthenticationDataBuilderTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthenticationDataBuilderTest.java @@ -1,18 +1,15 @@ package at.asitplus.eidas.specific.connector.test; +import static at.asitplus.eidas.specific.connector.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE; + +import java.io.IOException; +import java.security.PublicKey; +import java.util.Date; +import java.util.HashMap; +import java.util.Map; + +import javax.xml.transform.TransformerException; -import at.asitplus.eidas.specific.connector.builder.AuthenticationDataBuilder; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; -import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; -import at.gv.egiz.eaaf.core.api.idp.IAuthData; -import at.gv.egiz.eaaf.core.api.idp.IConfiguration; -import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException; -import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; -import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; -import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration; -import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; -import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer; -import net.shibboleth.utilities.java.support.component.ComponentInitializationException; import org.apache.commons.lang3.RandomStringUtils; import org.junit.Assert; import org.junit.Before; @@ -29,14 +26,32 @@ import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import org.springframework.test.context.web.WebAppConfiguration; import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.ServletRequestAttributes; +import org.w3c.dom.Element; -import java.util.HashMap; -import java.util.Map; - -import static at.asitplus.eidas.specific.connector.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE; +import at.asitplus.eidas.specific.connector.builder.AuthenticationDataBuilder; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; +import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; +import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.idp.IAuthData; +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink; +import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException; +import at.gv.egiz.eaaf.core.exceptions.EaafBuilderException; +import at.gv.egiz.eaaf.core.exceptions.EaafParserException; +import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; +import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BpkBuilder; +import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; +import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser; +import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration; +import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; +import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer; +import net.shibboleth.utilities.java.support.component.ComponentInitializationException; @RunWith(SpringJUnit4ClassRunner.class) -@ContextConfiguration({"/applicationContext.xml", "/SpringTest_connector.beans.xml", "/eaaf_core.beans.xml", "/eaaf_pvp.beans.xml", "/eaaf_pvp_idp.beans.xml", "/spring/SpringTest-context_simple_storage.xml"}) +@ContextConfiguration({ "/applicationContext.xml", "/SpringTest_connector.beans.xml", "/eaaf_core.beans.xml", + "/eaaf_pvp.beans.xml", "/eaaf_pvp_idp.beans.xml", "/spring/SpringTest-context_simple_storage.xml" }) @WebAppConfiguration public class AuthenticationDataBuilderTest { @@ -55,11 +70,11 @@ public class AuthenticationDataBuilderTest { private String eidasBind; private String authBlock; - @BeforeClass public static void classInitializer() throws InitializationException, ComponentInitializationException { final String current = new java.io.File(".").toURI().toString(); - System.setProperty("eidas.ms.configuration", current + "src/test/resources/config/junit_config_3.properties"); + System.setProperty("eidas.ms.configuration", current + + "src/test/resources/config/junit_config_3.properties"); EaafOpenSaml3xInitializer.eaafInitialize(); } @@ -80,28 +95,258 @@ public class AuthenticationDataBuilderTest { pendingReq = new TestRequestImpl(); pendingReq.setAuthUrl("https://localhost/ms_connector"); pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10)); + pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10)); pendingReq.setSpConfig(oaParam); - pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(true); authBlock = RandomStringUtils.randomAlphanumeric(20); eidasBind = RandomStringUtils.randomAlphanumeric(20); - pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession(Constants.SZR_AUTHBLOCK, authBlock); - pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession(Constants.EIDAS_BIND, eidasBind); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(Constants.SZR_AUTHBLOCK, authBlock); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(Constants.EIDAS_BIND, eidasBind); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setQaaLevel(EaafConstants.EIDAS_LOA_PREFIX + RandomStringUtils.randomAlphabetic(5)); + pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( + PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, + RandomStringUtils.randomAlphabetic(2)); + LocaleContextHolder.resetLocaleContext(); + } @Test - public void first() throws EaafAuthenticationException { + public void eidMode() throws EaafAuthenticationException { + // initialize state + pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(true); + + // execute IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq); + // validate state Assert.assertNotNull("AuthData null", authData); Assert.assertNotNull("authBlock null", authData.getGenericData(Constants.SZR_AUTHBLOCK, String.class)); Assert.assertNotNull("eidasBind null", authData.getGenericData(Constants.EIDAS_BIND, String.class)); - Assert.assertNotNull("eidasBind null", authData.getEidasQaaLevel()); + Assert.assertNotNull("LoA null", authData.getEidasQaaLevel()); + String authBlock = authData.getGenericData(Constants.SZR_AUTHBLOCK, String.class); String eidasBind = authData.getGenericData(Constants.EIDAS_BIND, String.class); - Assert.assertEquals("authBlock not equal", authBlock, this.authBlock); - Assert.assertEquals("eidasBind not equal", eidasBind, this.eidasBind); + Assert.assertEquals("authBlock not equal", this.authBlock, authBlock); + Assert.assertEquals("eidasBind not equal", this.eidasBind, eidasBind); + Assert.assertEquals("piiTransactionId", + authData.getGenericData(ExtendedPvpAttributeDefinitions.EID_PII_TRANSACTION_ID_NAME, String.class), + this.pendingReq.getUniquePiiTransactionIdentifier()); + Assert.assertNotNull("assertion validTo", authData.getSsoSessionValidTo()); + Assert.assertEquals("LoA", pendingReq.getSessionData(AuthProcessDataWrapper.class).getQaaLevel(), + authData.getEidasQaaLevel()); + Assert.assertEquals("EID-ISSUING-NATION", + pendingReq.getSessionData(AuthProcessDataWrapper.class).getGenericDataFromSession( + PvpAttributeDefinitions.EID_ISSUING_NATION_NAME), + authData.getCiticenCountryCode()); + + Assert.assertNull("bPK", authData.getBpk()); + Assert.assertNull("bPKType", authData.getBpkType()); + Assert.assertNull("FamilyName", authData.getFamilyName()); + Assert.assertNull("GivenName", authData.getGivenName()); + Assert.assertNull("DateOfBirth", authData.getDateOfBirth()); + Assert.assertNull("baseId", authData.getIdentificationValue()); + Assert.assertNull("baseIdType", authData.getIdentificationType()); + Assert.assertNull("IDL", authData.getIdentityLink()); + + } + + @Test + public void moaIdMode() throws EaafAuthenticationException, EaafBuilderException { + //initialize state + pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(false); + IIdentityLink idl = buildDummyIdl(); + pendingReq.getSessionData(AuthProcessDataWrapper.class).setIdentityLink(idl); + + //execute + IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq); + + //validate state + Assert.assertNotNull("AuthData null", authData); + Assert.assertNull("authBlock null", authData.getGenericData(Constants.SZR_AUTHBLOCK, String.class)); + Assert.assertNull("eidasBind null", authData.getGenericData(Constants.EIDAS_BIND, String.class)); + Assert.assertNull("piiTransactionId", + authData.getGenericData(ExtendedPvpAttributeDefinitions.EID_PII_TRANSACTION_ID_NAME, String.class)); + + + Assert.assertNotNull("assertion validTo", authData.getSsoSessionValidTo()); + Assert.assertNotNull("LoA null", authData.getEidasQaaLevel()); + Assert.assertEquals("LoA", pendingReq.getSessionData(AuthProcessDataWrapper.class).getQaaLevel(), + authData.getEidasQaaLevel()); + Assert.assertEquals("EID-ISSUING-NATION", + pendingReq.getSessionData(AuthProcessDataWrapper.class).getGenericDataFromSession( + PvpAttributeDefinitions.EID_ISSUING_NATION_NAME), + authData.getCiticenCountryCode()); + + Assert.assertEquals("FamilyName", idl.getFamilyName(), authData.getFamilyName()); + Assert.assertEquals("GivenName", idl.getGivenName(), authData.getGivenName()); + Assert.assertEquals("DateOfBirth", idl.getDateOfBirth(), authData.getFormatedDateOfBirth()); + Assert.assertEquals("bPK", + BpkBuilder.generateAreaSpecificPersonIdentifier( + idl.getIdentificationValue(), EaafConstants.URN_PREFIX_CDID + "XX").getFirst(), + authData.getBpk()); + Assert.assertEquals("bPKType", EaafConstants.URN_PREFIX_CDID + "XX", authData.getBpkType()); + Assert.assertNotNull("IDL", authData.getIdentityLink()); + + + } + + private IIdentityLink buildDummyIdl() { + return new IIdentityLink() { + + String familyName = RandomStringUtils.randomAlphabetic(10); + String givenName = RandomStringUtils.randomAlphabetic(10); + String dateOfBirth = "1955-02-03"; + String baseId = RandomStringUtils.randomAlphanumeric(20); + String saml2Serialized = RandomStringUtils.randomAlphanumeric(150); + + + + @Override + public void setSamlAssertion(Element arg0) throws TransformerException, IOException { + + } + + @Override + public void setPublicKey(PublicKey[] arg0) { + // TODO Auto-generated method stub + + } + + @Override + public void setPrPerson(Element arg0) { + // TODO Auto-generated method stub + + } + + @Override + public void setIssueInstant(String arg0) { + // TODO Auto-generated method stub + + } + + @Override + public void setIdentificationValue(String arg0) { + // TODO Auto-generated method stub + + } + + @Override + public void setIdentificationType(String arg0) { + // TODO Auto-generated method stub + + } + + @Override + public void setGivenName(String arg0) { + // TODO Auto-generated method stub + + } + + @Override + public void setFamilyName(String arg0) { + // TODO Auto-generated method stub + + } + + @Override + public void setDsigReferenceTransforms(Element[] arg0) { + // TODO Auto-generated method stub + + } + + @Override + public void setDateOfBirth(String arg0) { + // TODO Auto-generated method stub + + } + + @Override + public String getSerializedSamlAssertion() { + return this.saml2Serialized; + } + + @Override + public Element getSamlAssertion() { + IIdentityLink fullIdl; + try { + fullIdl = new SimpleIdentityLinkAssertionParser( + AuthenticationDataBuilderTest.class.getResourceAsStream("/data/test_idl_1.xml")).parseIdentityLink(); + return fullIdl.getSamlAssertion(); + + } catch (EaafParserException e) { + e.printStackTrace(); + } + + return null; + + } + + @Override + public PublicKey[] getPublicKey() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Element getPrPerson() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getName() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Date getIssueInstantDate() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getIssueInstant() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getIdentificationValue() { + return this.baseId; + } + + @Override + public String getIdentificationType() { + return EaafConstants.URN_PREFIX_BASEID; + } + + @Override + public String getGivenName() { + return this.givenName; + } + + @Override + public String getFamilyName() { + return this.familyName; + } + + @Override + public Element[] getDsigReferenceTransforms() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getDateOfBirth() { + return this.dateOfBirth; + + } + }; } } diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/attributes/AuthBlockAttributeBuilderTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/attributes/AuthBlockAttributeBuilderTest.java index b7c6cd44..f6d22c98 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/attributes/AuthBlockAttributeBuilderTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/attributes/AuthBlockAttributeBuilderTest.java @@ -13,6 +13,7 @@ import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import at.asitplus.eidas.specific.connector.attributes.AuthBlockAttributeBuilder; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; +import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions; import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder; import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException; @@ -41,6 +42,19 @@ public class AuthBlockAttributeBuilderTest extends AbstractAttributeBuilderTest log.info("setting up"); } + @Test + public void checkName() { + Assert.assertEquals("Wrong attr. name", + ExtendedPvpAttributeDefinitions.EID_AUTHBLOCK_SIGNED_NAME, attrBuilde.getName()); + + } + + @Test + public void checkEmptyAttribute() { + Assert.assertNull("empty attr.", attrBuilde.buildEmpty(gen)); + + } + @Test public void okTest() { log.info("starting: " + mTestName); diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/attributes/EidasBindAttributeBuilderTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/attributes/EidasBindAttributeBuilderTest.java index 254efb59..9a2c6cdc 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/attributes/EidasBindAttributeBuilderTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/attributes/EidasBindAttributeBuilderTest.java @@ -1,13 +1,7 @@ package at.asitplus.eidas.specific.connector.test.attributes; -import at.asitplus.eidas.specific.connector.attributes.EidasBindAttributeBuilder; -import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions; -import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder; -import at.gv.egiz.eaaf.core.api.idp.IAuthData; -import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException; -import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData; -import at.gv.egiz.eaaf.core.impl.idp.auth.attributes.AbstractAttributeBuilderTest; -import lombok.extern.slf4j.Slf4j; +import static at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants.EIDAS_BIND; + import org.junit.Assert; import org.junit.Before; import org.junit.Rule; @@ -17,7 +11,14 @@ import org.junit.runner.RunWith; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -import static at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants.EIDAS_BIND; +import at.asitplus.eidas.specific.connector.attributes.EidasBindAttributeBuilder; +import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder; +import at.gv.egiz.eaaf.core.api.idp.IAuthData; +import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException; +import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData; +import at.gv.egiz.eaaf.core.impl.idp.auth.attributes.AbstractAttributeBuilderTest; +import lombok.extern.slf4j.Slf4j; @Slf4j @@ -35,6 +36,19 @@ public class EidasBindAttributeBuilderTest extends AbstractAttributeBuilderTest log.info("setting up"); } + @Test + public void checkName() { + Assert.assertEquals("Wrong attr. name", + ExtendedPvpAttributeDefinitions.EID_EIDBIND_NAME, attrBuilde.getName()); + + } + + @Test + public void checkEmptyAttribute() { + Assert.assertNull("empty attr.", attrBuilde.buildEmpty(gen)); + + } + @Test public void okTest() { log.info("starting: " + mTestName); diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/saml2/Pvp2SProfileEndPointTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/saml2/Pvp2SProfileEndPointTest.java new file mode 100644 index 00000000..da5693f3 --- /dev/null +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/saml2/Pvp2SProfileEndPointTest.java @@ -0,0 +1,298 @@ +package at.asitplus.eidas.specific.connector.test.saml2; + +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.io.UnsupportedEncodingException; +import java.security.cert.CertificateException; +import java.security.cert.CertificateFactory; +import java.security.cert.X509Certificate; +import java.util.List; +import java.util.Timer; + +import javax.xml.transform.TransformerException; + +import org.joda.time.DateTime; +import org.junit.Assert; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.opensaml.core.config.InitializationException; +import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport; +import org.opensaml.core.xml.io.MarshallingException; +import org.opensaml.core.xml.io.UnmarshallingException; +import org.opensaml.core.xml.util.XMLObjectSupport; +import org.opensaml.saml.metadata.resolver.impl.ResourceBackedMetadataResolver; +import org.opensaml.saml.saml2.core.RequestAbstractType; +import org.opensaml.saml.saml2.metadata.EntityDescriptor; +import org.opensaml.saml.saml2.metadata.IDPSSODescriptor; +import org.opensaml.saml.saml2.metadata.RoleDescriptor; +import org.opensaml.saml.saml2.metadata.SPSSODescriptor; +import org.opensaml.saml.security.impl.SAMLSignatureProfileValidator; +import org.opensaml.security.credential.Credential; +import org.opensaml.security.x509.BasicX509Credential; +import org.opensaml.xmlsec.signature.support.SignatureException; +import org.opensaml.xmlsec.signature.support.SignatureValidator; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.core.io.ResourceLoader; +import org.springframework.mock.web.MockHttpServletRequest; +import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.test.annotation.DirtiesContext; +import org.springframework.test.annotation.DirtiesContext.ClassMode; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.test.context.web.WebAppConfiguration; +import org.springframework.util.Base64Utils; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; + +import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; +import at.asitplus.eidas.specific.connector.controller.Pvp2SProfileEndpoint; +import at.asitplus.eidas.specific.connector.provider.PvpEndPointCredentialProvider; +import at.asitplus.eidas.specific.connector.provider.PvpMetadataProvider; +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.IRequestStorage; +import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.core.impl.utils.DomUtils; +import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.OpenSaml3ResourceAdapter; +import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer; +import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; +import net.shibboleth.utilities.java.support.component.ComponentInitializationException; +import net.shibboleth.utilities.java.support.xml.XMLParserException; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/applicationContext.xml", + "/specific_eIDAS_connector.beans.xml", + "/eaaf_core.beans.xml", + "/eaaf_pvp.beans.xml", + "/eaaf_pvp_idp.beans.xml", + "/spring/SpringTest-context_simple_storage.xml" }) +@WebAppConfiguration +@DirtiesContext(classMode = ClassMode.BEFORE_CLASS) +public class Pvp2SProfileEndPointTest { + + + @Autowired private Pvp2SProfileEndpoint controller; + @Autowired private PvpEndPointCredentialProvider credentialProvider; + @Autowired private PvpMetadataProvider metadataProvider; + @Autowired private ResourceLoader resourceLoader; + @Autowired private IRequestStorage storage; + + private static CertificateFactory fact; + + + private MockHttpServletRequest httpReq; + private MockHttpServletResponse httpResp; + + + /** + * jUnit class initializer. + * @throws ComponentInitializationException In case of an error + * @throws InitializationException In case of an error + * @throws CertificateException + * + */ + @BeforeClass + public static void classInitializer() throws InitializationException, + ComponentInitializationException, CertificateException { + final String current = new java.io.File(".").toURI().toString(); + System.setProperty("eidas.ms.configuration", current + "src/test/resources/config/junit_config_1.properties"); + + EaafOpenSaml3xInitializer.eaafInitialize(); + + fact = CertificateFactory.getInstance("X.509"); + + } + + /** + * jUnit test set-up. + * @throws EaafException + * + */ + @Before + public void initialize() throws EaafException { + httpReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector"); + httpResp = new MockHttpServletResponse(); + RequestContextHolder.resetRequestAttributes(); + RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); + + } + + @Test + public void authnReqWrongEndpoint() throws EaafException, XMLParserException, UnmarshallingException, + UnsupportedEncodingException, TransformerException, IOException, MarshallingException, + ComponentInitializationException { + //initialize test + final RequestAbstractType authnReq = (RequestAbstractType) XMLObjectSupport.unmarshallFromInputStream( + XMLObjectProviderRegistrySupport.getParserPool(), + Pvp2SProfileEndPointTest.class.getResourceAsStream("/data/pvp2_authn_3.xml")); + authnReq.setIssueInstant(DateTime.now()); + RequestAbstractType signedAuthnReq = + Saml2Utils.signSamlObject(authnReq, credentialProvider.getMetaDataSigningCredential(), true); + String b64 = Base64Utils.encodeToString(DomUtils.serializeNode( + XMLObjectSupport.getMarshaller(signedAuthnReq).marshall(signedAuthnReq)).getBytes("UTF-8")); + httpReq.setParameter("SAMLRequest", b64); + + final org.springframework.core.io.Resource resource = resourceLoader.getResource( + "classpath:/data/metadata.xml"); + Timer timer = new Timer("PVP metadata-resolver refresh"); + ResourceBackedMetadataResolver fileSystemResolver = + new ResourceBackedMetadataResolver(timer, new OpenSaml3ResourceAdapter(resource)); + fileSystemResolver.setId("test"); + fileSystemResolver.setParserPool(XMLObjectProviderRegistrySupport.getParserPool()); + fileSystemResolver.initialize(); + metadataProvider.addMetadataResolverIntoChain(fileSystemResolver); + + + //request SAML2 authentication + try { + controller.pvpIdpPostRequest(httpReq, httpResp); + Assert.fail("wrong AuthnRequest not detected"); + + }catch (EaafException e) { + Assert.assertEquals("wrong errorId", "pvp2.22", e.getErrorId()); + + } + } + + @Test + public void authnReqWrongSigned() throws EaafException, XMLParserException, UnmarshallingException, + UnsupportedEncodingException, TransformerException, IOException, MarshallingException, + ComponentInitializationException { + //initialize test + final RequestAbstractType authnReq = (RequestAbstractType) XMLObjectSupport.unmarshallFromInputStream( + XMLObjectProviderRegistrySupport.getParserPool(), + Pvp2SProfileEndPointTest.class.getResourceAsStream("/data/pvp2_authn_1.xml")); + authnReq.setIssueInstant(DateTime.now()); + RequestAbstractType signedAuthnReq = + Saml2Utils.signSamlObject(authnReq, credentialProvider.getMetaDataSigningCredential(), true); + String b64 = Base64Utils.encodeToString(DomUtils.serializeNode( + XMLObjectSupport.getMarshaller(signedAuthnReq).marshall(signedAuthnReq)).getBytes("UTF-8")); + httpReq.setParameter("SAMLRequest", b64); + + final org.springframework.core.io.Resource resource = resourceLoader.getResource( + "classpath:/data/metadata.xml"); + Timer timer = new Timer("PVP metadata-resolver refresh"); + ResourceBackedMetadataResolver fileSystemResolver = + new ResourceBackedMetadataResolver(timer, new OpenSaml3ResourceAdapter(resource)); + fileSystemResolver.setId("test"); + fileSystemResolver.setParserPool(XMLObjectProviderRegistrySupport.getParserPool()); + fileSystemResolver.initialize(); + metadataProvider.addMetadataResolverIntoChain(fileSystemResolver); + + + //request SAML2 authentication + try { + controller.pvpIdpPostRequest(httpReq, httpResp); + Assert.fail("wrong AuthnRequest not detected"); + + }catch (EaafException e) { + Assert.assertEquals("wrong errorId", "pvp2.21", e.getErrorId()); + + } + } + + @Test + public void authnReqValid() throws EaafException, XMLParserException, UnmarshallingException, + UnsupportedEncodingException, TransformerException, IOException, MarshallingException, + ComponentInitializationException { + //initialize test + final RequestAbstractType authnReq = (RequestAbstractType) XMLObjectSupport.unmarshallFromInputStream( + XMLObjectProviderRegistrySupport.getParserPool(), + Pvp2SProfileEndPointTest.class.getResourceAsStream("/data/pvp2_authn_1.xml")); + authnReq.setIssueInstant(DateTime.now()); + RequestAbstractType signedAuthnReq = + Saml2Utils.signSamlObject(authnReq, credentialProvider.getMessageSigningCredential(), true); + String b64 = Base64Utils.encodeToString(DomUtils.serializeNode( + XMLObjectSupport.getMarshaller(signedAuthnReq).marshall(signedAuthnReq)).getBytes("UTF-8")); + httpReq.setParameter("SAMLRequest", b64); + + final org.springframework.core.io.Resource resource = resourceLoader.getResource( + "classpath:/data/metadata.xml"); + Timer timer = new Timer("PVP metadata-resolver refresh"); + ResourceBackedMetadataResolver fileSystemResolver = + new ResourceBackedMetadataResolver(timer, new OpenSaml3ResourceAdapter(resource)); + fileSystemResolver.setId("test"); + fileSystemResolver.setParserPool(XMLObjectProviderRegistrySupport.getParserPool()); + fileSystemResolver.initialize(); + metadataProvider.addMetadataResolverIntoChain(fileSystemResolver); + + + //request SAML2 authentication + controller.pvpIdpPostRequest(httpReq, httpResp); + + + //validate state + Assert.assertEquals("http statuscode", 200, httpResp.getStatus()); + Assert.assertEquals("Wrong http ContentType", "text/html;charset=UTF-8", httpResp.getContentType()); + + String html = httpResp.getContentAsString(); + Assert.assertNotNull("html result is null", html); + Assert.assertFalse("html result is empty", html.isEmpty()); + Assert.assertTrue("Wrong page", html.contains("action=\"/myHomeCountry\"")); + + String pattern = " idp = entity.getRoleDescriptors(IDPSSODescriptor.DEFAULT_ELEMENT_NAME); + Assert.assertEquals("IDP descr. size", 1, idp.size()); + Assert.assertEquals("IDP descr. endpoints", 2, idp.get(0).getEndpoints().size()); + Assert.assertEquals("IDP descr. keyDescr", 1, idp.get(0).getKeyDescriptors().size()); + + } + +} diff --git a/connector/src/test/resources/config/junit_config_1.properties b/connector/src/test/resources/config/junit_config_1.properties index 3350f947..ab6782a7 100644 --- a/connector/src/test/resources/config/junit_config_1.properties +++ b/connector/src/test/resources/config/junit_config_1.properties @@ -97,7 +97,7 @@ eidas.ms.pvp2.metadata.contact.surname=Mustermann eidas.ms.pvp2.metadata.contact.email=max@junit.test ## Service Provider configuration -eidas.ms.sp.0.uniqueID= +eidas.ms.sp.0.uniqueID=https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata eidas.ms.sp.0.pvp2.metadata.truststore=keys/junit.jks eidas.ms.sp.0.pvp2.metadata.truststore.password=password diff --git a/connector/src/test/resources/config/keys/Metadata.pem b/connector/src/test/resources/config/keys/Metadata.pem new file mode 100644 index 00000000..b544c194 --- /dev/null +++ b/connector/src/test/resources/config/keys/Metadata.pem @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC+jCCAeKgAwIBAgIEXjF+fTANBgkqhkiG9w0BAQsFADA/MQswCQYDVQQGEwJB +VDENMAsGA1UEBwwERUdJWjEOMAwGA1UECgwFalVuaXQxETAPBgNVBAMMCE1ldGFk +YXRhMB4XDTIwMDEyOTEyNDU0OVoXDTI2MDEyODEyNDU0OVowPzELMAkGA1UEBhMC +QVQxDTALBgNVBAcMBEVHSVoxDjAMBgNVBAoMBWpVbml0MREwDwYDVQQDDAhNZXRh +ZGF0YTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK230G3dxNbNlSYA +O5Kx/Js0aBAgxMt7q9m+dA35fK/dOvF/GjrqjWsMCnax+no9gLnq6x0gXiJclz6H +rp/YDOfLrJjMpNL/r0FWT947vbnEj7eT8TdY5d6Yi8AZulZmjiCI5nbZh2zwrP4+ +WqRroLoPhXQj8mDyp26M4xHBBUhLMRc2HV4S+XH4uNZ/vTmb8vBg31XGHCY33gl7 +/KA54JNGxJdN8Dxv6yHYsm91ZfVrX39W0iYLUNhUCkolwuQmjDVfrExM8BTLIONb +f+erJoCm3A9ghZyDYRQ/e69/UEUqDa6XOzykr88INkQscEiAXCDS+EBPMpKo+t3l +PIA9r7kCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAh/2mg4S03bdZy1OVtEAudBT9 +YZb9OF34hxPtNbkB/V04wSIg1d4TBr5KDhV7CdiUOxPZzHpS8LUCgfGX306FB6NX +zh/b67uTOPaE72AB4VIT/Np0fsM7k5WhG9k9NoprIGiqCz2lXcfpZiT+LtSO1vWS +YI87wR9KOSWjcw/5i5qZIAJuwvLCQj5JtUsmrhHK75222J3TJf4dS/gfN4xfY2rW +9vcXtH6//8WdWp/zx9V7Z1ZsDb8TDKtBCEGuFDgVeU5ScKtVq8qRoUKD3Ve76cZi +purO3KrRrVAuZP2EfLkZdHEHqe8GPigNnZ5kTn8V2VJ3iRAQ73hpJRR98tFd0A== +-----END CERTIFICATE----- diff --git a/connector/src/test/resources/data/metadata.xml b/connector/src/test/resources/data/metadata.xml new file mode 100644 index 00000000..16364c05 --- /dev/null +++ b/connector/src/test/resources/data/metadata.xml @@ -0,0 +1,106 @@ + + + + + + + + + + + + + 00SaL0XjeknOb/DttutP50lTyAux1jaRPJIVdSupWvU= + + + PfEBmLMX/ZgL6ViXghyWtal5MaMoW8k3zjw+54+WK1OAtVsVgOsIDRJE0M/a/VXBbMSifgY6J1gN23xhr61jkrjRQEkbDzLpWZLzWAJ65YqqUQo8wsKI2Gz0j12yY5D8/GOamKOH9KDi5ba1veXR/fnxRINoy7nZo4tcUWZChdl8BWkMN5ugr6dORNIQg/Ym3GabQ/hR5z+9FmveAKphdH63MC6qW3EgM9EMvOVkrLBTP92sNMAAJeaawui9tlxi9anVQ0OqwZsgKLvI7fyV4CM/0sd/ELjeReIlWlHk07Nz4eltMq3eOx3q1YurYvhE8XapHiQMehOtCS+Fzh10sw== + + + MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH +SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W +ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w +CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ +RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq +UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ +M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F +Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt +1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq +nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC +VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq +itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc +2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O +fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy +4jpXrp77JXFRSDWddb0yePc= + + + + + + + + MIIBbTCCARKgAwIBAgIEXjF+qTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJBVDEN +MAsGA1UEBwwERUdJWjEOMAwGA1UECgwFalVuaXQxEDAOBgNVBAMMB3NpZ25pbmcw +HhcNMjAwMTI5MTI0NjMzWhcNMjcwMTI4MTI0NjMzWjA+MQswCQYDVQQGEwJBVDEN +MAsGA1UEBwwERUdJWjEOMAwGA1UECgwFalVuaXQxEDAOBgNVBAMMB3NpZ25pbmcw +WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASRt7gZRrr4rSEE7Q922oKQJF+mlkwC +LZnv8ZzHtH54s4VdyQFIBjQF1PPf9PTn+5tid8QJehZPndcoeD7J8fPJMAoGCCqG +SM49BAMCA0kAMEYCIQDFUO0owvqMVRO2FmD+vb8mqJBpWCE6Cl5pEHaygTa5LwIh +ANsmjI2azWiTSFjb7Ou5fnCfbeiJUP0s66m8qS4rYl9L + + + + + + + MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH +SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W +ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w +CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ +RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq +UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ +M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F +Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt +1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq +nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC +VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq +itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc +2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O +fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy +4jpXrp77JXFRSDWddb0yePc= + + + + urn:oasis:names:tc:SAML:2.0:nameid-format:persistent + + + + Default Service + + + + + + + + + + + + + + + + + + EGIZ + E-Government Innovationszentrum + http://www.egiz.gv.at + + + E-Government Innovationszentrum + Lenz + Thomas + thomas.lenz@egiz.gv.at + +43 316 873 5525 + + diff --git a/connector/src/test/resources/data/pvp2_authn_1.xml b/connector/src/test/resources/data/pvp2_authn_1.xml index ff5f08a5..1275b200 100644 --- a/connector/src/test/resources/data/pvp2_authn_1.xml +++ b/connector/src/test/resources/data/pvp2_authn_1.xml @@ -1,5 +1,5 @@ - + https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata diff --git a/connector/src/test/resources/data/test_idl_1.xml b/connector/src/test/resources/data/test_idl_1.xml new file mode 100644 index 00000000..8151468b --- /dev/null +++ b/connector/src/test/resources/data/test_idl_1.xml @@ -0,0 +1,46 @@ + + + + + urn:oasis:names:tc:SAML:1.0:cm:sender-vouches + + AT/CZ/xWE0vFWarzpzSL4LYlpst9b6vg0=urn:publicid:gv.at:eidasid+AT+CZXXXMaria-Theresia KunigundaXXXHabsburg-Lothringen1980-02-29 + + + + 1BFOitiQUc1lAHDGksneXWZGKGaFBcu03HEiIFsjHjNt/IfRZ4IzqHotUKItxnCdNtsFc1MkMJg+ +g0AXHsuU6MNgcbcXPaPfmHp+8+BJh+amDF3FnAN4ceG8oFAGVEZteOgfdWk1r5RQ2SK+0PuXPuLp +Tee7IzXtksReZkVEadUCxn/hiRXZa0dABgkFe3kSXbDr5tKXOF0FCtLKhZBI9z+NbX+aTSKOmAOq +4jyymoo5EP3L+iPecrUwHijD0Bm89h1JjxP521fkYe3Si+0J40okrmCCQHBr+IzB1uX98pKhvs7X +6rPjOJ6lBwP7XjK7D128P/cg4eH6v58cCfbLcQ==AQAB + +E+BXH0C2F6EYHjdJrOUKr+DsKT8=Hvj40m9ridp2HOz81MTAqzf0q+sZC5YeKpJP43eK5G1HNH1/DNGU/r/6IVPibU9Y +YGYJoXpznxRFibEQ6dFCHAaNPyADmdGHyJSWryI5ypAap4Y8MJnaUGSWY49IZbht +PjfKWB2jUNzj1T2u6ebIifAThAK8ZqIE+e5uaR+qrrLicxIhXcSZoyScbKxMuT1Q +p6zNsNBOHujbVAfKFUE8WmGInyvuoDgerUrA0XstWWg2M9ghytcDJwZpTYwXvmmo +GV47ue0ITrtM+QqWVbt+dHO8369JFnGQ9h/6h/4j9iyNuxfG7u/EyHQiSuy0+FP8 +1lkLsg1YX+2pN0HElyXVqw==MIIEqzCCBBSgAwIBAgIHANux81oNezANBgkqhkiG9w0BAQUFADBAMSIwIAYDVQQD +ExlJQUlLIFRlc3QgSW50ZXJtZWRpYXRlIENBMQ0wCwYDVQQKEwRJQUlLMQswCQYD +VQQGEwJBVDAeFw0xMzA5MjcwNTMzMzdaFw0yMzA5MjcwNTMzMzdaMIHkMQswCQYD +VQQGEwJBVDENMAsGA1UEBxMER3JhejEmMCQGA1UEChMdR3JheiBVbml2ZXJzaXR5 +IG9mIFRlY2hub2xvZ3kxSDBGBgNVBAsTP0luc3RpdHV0ZSBmb3IgQXBwbGllZCBJ +bmZvcm1hdGlvbiBQcm9jZXNzaW5nIGFuZCBDb21tdW5pY2F0aW9uczEUMBIGA1UE +BBMLTU9BLVNTIFRlc3QxGDAWBgNVBCoTD0VHSVogVGVzdHBvcnRhbDEkMCIGA1UE +AxMbRUdJWiBUZXN0cG9ydGFsIE1PQS1TUyBUZXN0MIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEAuDjOyf+mY+oQL2FQzzuaiC8C23vVKbq/n2Zi7BqSibZH +mtqMJfmj4pT+hWSNHvVvWsaxFcx4KeNqdCMzwnw1r4P3Sf+2o5uFku5KHEMLMokR +yYQG9VqY/KkB94ye7Pv6zT8gvKqxGFg96UamECep4swPaSZrA8AOER5WAtyGDzKI +Tz+a5zfFaTXDoba7f98PCWR96yKiFjVOhzp38WVz4VJgz+b8ZSY7Xsv5Kn7DXjOL +STX4MevFLki3rFPup3+4vGToaMBW3PEj67HXBdqR855Le6+E6rVxORqsXqlVwhsI +6nuS0CO2LWYmBNR1IB0mXteeYH/HfxvuZc+7yDjdPQIDAQABo4IBhDCCAYAwDgYD +VR0PAQH/BAQDAgbAMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEmcH6VY4BG1EAGB +TLoNR9vH/g6yMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jYS5pYWlrLnR1Z3Jh +ei5hdC9jYXBzby9jcmxzL0lBSUtUZXN0X0ludGVybWVkaWF0ZUNBLmNybDCBqgYI +KwYBBQUHAQEEgZ0wgZowSgYIKwYBBQUHMAGGPmh0dHA6Ly9jYS5pYWlrLnR1Z3Jh +ei5hdC9jYXBzby9PQ1NQP2NhPUlBSUtUZXN0X0ludGVybWVkaWF0ZUNBMEwGCCsG +AQUFBzAChkBodHRwOi8vY2EuaWFpay50dWdyYXouYXQvY2Fwc28vY2VydHMvSUFJ +S1Rlc3RfSW50ZXJtZWRpYXRlQ0EuY2VyMCEGA1UdEQQaMBiBFnRob21hcy5sZW56 +QGVnaXouZ3YuYXQwHwYDVR0jBBgwFoAUaKJeEdreL4BrRES/jfplNoEkp28wDQYJ +KoZIhvcNAQEFBQADgYEAlFGjUxXLs7SAT8NtXSrv2WrjlklaRnHTFHLQwyVo8JWb +gvRkHHDUv2o8ofXUY2R2WJ38dxeDoccgbXrJb/Qhi8IY7YhCwv/TuIZDisyAqo8W +ORKSip/6HWlGCSR/Vgoet1GtCmF0FoUxFUIGSAuQ2yyt4fIzt5GJrU1X5ujjI1w= \ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java index f9142f8e..11f8fc04 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java @@ -162,6 +162,7 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask { //inject personal-data into session authProcessData.setGenericDataToSession(Constants.SZR_AUTHBLOCK, jwsSignature); authProcessData.setGenericDataToSession(Constants.EIDAS_BIND, signedEidasBind); + authProcessData.setEidProcess(true); } else { //request SZR @@ -182,6 +183,7 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask { //inject personal-data into session authProcessData.setIdentityLink(idlResult.getIdentityLink()); + authProcessData.setEidProcess(false); // set bPK and bPKType into auth session authProcessData.setGenericDataToSession(PvpAttributeDefinitions.BPK_NAME, extendBpkByPrefix( diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java index 34f641a7..44fa01e8 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java @@ -50,13 +50,15 @@ import com.skjolberg.mockito.soap.SoapServiceRule; import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.AuthBlockSigningService; import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry; import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask; import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils; import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils.JwsResult; +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.IRequestStorage; import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; import at.gv.egiz.eaaf.core.api.data.EaafConstants; +import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; import at.gv.egiz.eaaf.core.api.idp.IConfiguration; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.exceptions.EaafException; @@ -70,6 +72,7 @@ import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration; import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; +import at.gv.egiz.eaaf.core.impl.utils.Random; import eu.eidas.auth.commons.attribute.AttributeDefinition; import eu.eidas.auth.commons.attribute.ImmutableAttributeMap; import eu.eidas.auth.commons.attribute.PersonType; @@ -101,7 +104,7 @@ public class CreateIdentityLinkTaskEidNewTest { EaafKeyStoreFactory keyStoreFactory; @Autowired - private AuthBlockSigningService authBlockSigner; + private IRequestStorage requestStorage; final ExecutionContext executionContext = new ExecutionContextImpl(); private MockHttpServletRequest httpReq; @@ -188,15 +191,29 @@ public class CreateIdentityLinkTaskEidNewTest { //perform test task.execute(pendingReq, executionContext); - //validate state - final AuthProcessDataWrapper authProcessData = pendingReq.getSessionData(AuthProcessDataWrapper.class); + //validate state + // check if pendingRequest was stored + IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId()); + Assert.assertNotNull("pendingReq not stored", storedPendingReq); + + //check data in session + final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class); Assert.assertNotNull("AuthProcessData", authProcessData); Assert.assertNotNull("eidasBind", authProcessData.getGenericDataFromSession(Constants.EIDAS_BIND, String.class)); String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class); Assert.assertNotNull("AuthBlock", authBlock); - - //check authblock signature + + Assert.assertTrue("EID process", authProcessData.isEidProcess()); + Assert.assertTrue("foreigner process", authProcessData.isForeigner()); + Assert.assertEquals("EID-ISSUING_NATION", "LU", + authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class)); + Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel()); + Assert.assertEquals("LoA", response.getLevelOfAssurance(), + authProcessData.getQaaLevel()); + + + // check authblock signature final AlgorithmConstraints constraints = new AlgorithmConstraints(ConstraintType.PERMIT, BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.toArray(new String[BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.size()])); Pair keyStore = getKeyStore(); @@ -208,15 +225,15 @@ public class CreateIdentityLinkTaskEidNewTest { Assert.assertNotNull("deserialized AuthBlock", authBlockJson); Assert.assertNotNull("no piiTransactionId in pendingRequesdt", - pendingReq.getUniquePiiTransactionIdentifier()); - Assert.assertEquals("piiTransactionId", pendingReq.getUniquePiiTransactionIdentifier(), + storedPendingReq.getUniquePiiTransactionIdentifier()); + Assert.assertEquals("piiTransactionId", storedPendingReq.getUniquePiiTransactionIdentifier(), authBlockJson.get("piiTransactionId").asText()); Assert.assertEquals("appId", randomTestSp, authBlockJson.get("appId").asText()); Assert.assertFalse("'challenge' is null", authBlockJson.get("challenge").asText().isEmpty()); Assert.assertFalse("'timestamp' is null", authBlockJson.get("timestamp").asText().isEmpty()); - //check vsz request + // check vsz request ArgumentCaptor argument4 = ArgumentCaptor.forClass(PersonInfoType.class); ArgumentCaptor argument5 = ArgumentCaptor.forClass(Boolean.class); verify(szrMock, times(1)).getStammzahlEncrypted(argument4.capture(), argument5.capture()); @@ -246,10 +263,8 @@ public class CreateIdentityLinkTaskEidNewTest { response.getAttributes().getDefinitionsByFriendlyName("PersonIdentifier").iterator().next()) .toString().split("/")[2], person.getTravelDocument().getDocumentNumber()); - - - - //check bcBind singing request + + // check bcBind singing request ArgumentCaptor argument1 = ArgumentCaptor.forClass(Boolean.class); ArgumentCaptor> argument2 = ArgumentCaptor.forClass(List.class); ArgumentCaptor> argument3 = ArgumentCaptor.forClass(List.class); @@ -364,7 +379,14 @@ public class CreateIdentityLinkTaskEidNewTest { .put(attributeDef3, RandomStringUtils.randomAlphabetic(10)).put(attributeDef4, "2001-01-01").build(); val b = new AuthenticationResponse.Builder(); - return b.id("aasdf").issuer("asd").subject("asf").statusCode("200").inResponseTo("asdf").subjectNameIdFormat("afaf") - .attributes(attributeMap).build(); + return b.id("_".concat(Random.nextHexRandom16())) + .issuer(RandomStringUtils.randomAlphabetic(10)) + .subject(RandomStringUtils.randomAlphabetic(10)) + .statusCode("200") + .inResponseTo("_".concat(Random.nextHexRandom16())) + .subjectNameIdFormat("afaf") + .levelOfAssurance(EaafConstants.EIDAS_LOA_PREFIX + RandomStringUtils.randomAlphabetic(5)) + .attributes(attributeMap) + .build(); } } -- cgit v1.2.3 From e50146d903bde90b9d90dd41f35b0652ff8345ae Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Mon, 14 Dec 2020 12:14:39 +0100 Subject: add some more jUnit tests --- basicConfig/default_config.properties | 2 +- .../connector/test/BasicConfigurationTest.java | 135 +++++++++++++++++++++ .../test/saml2/Pvp2SProfileEndPointTest.java | 43 ++++++- .../resources/config/junit_config_1.properties | 14 ++- connector/src/test/resources/data/metadata.xml | 106 ---------------- .../src/test/resources/data/metadata_expired.xml | 106 ++++++++++++++++ .../src/test/resources/data/metadata_valid.xml | 106 ++++++++++++++++ .../config/ServiceProviderConfiguration.java | 4 +- 8 files changed, 402 insertions(+), 114 deletions(-) create mode 100644 connector/src/test/java/at/asitplus/eidas/specific/connector/test/BasicConfigurationTest.java delete mode 100644 connector/src/test/resources/data/metadata.xml create mode 100644 connector/src/test/resources/data/metadata_expired.xml create mode 100644 connector/src/test/resources/data/metadata_valid.xml (limited to 'connector/src') diff --git a/basicConfig/default_config.properties b/basicConfig/default_config.properties index 483e9c97..fabfdfef 100644 --- a/basicConfig/default_config.properties +++ b/basicConfig/default_config.properties @@ -119,7 +119,7 @@ eidas.ms.sp.0.pvp2.metadata.truststore.password= ##only for advanced config eidas.ms.configuration.sp.disableRegistrationRequirement= -eidas.ms.configuration.restrictions.baseID.spTransmission= +#eidas.ms.configuration.restrictions.baseID.spTransmission= eidas.ms.configuration.auth.default.countrycode= eidas.ms.configuration.pvp.scheme.validation= eidas.ms.configuration.pvp.enable.entitycategories= \ No newline at end of file diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/BasicConfigurationTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/BasicConfigurationTest.java new file mode 100644 index 00000000..6e52f113 --- /dev/null +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/BasicConfigurationTest.java @@ -0,0 +1,135 @@ +package at.asitplus.eidas.specific.connector.test; + +import java.net.MalformedURLException; +import java.net.URL; +import java.security.cert.CertificateException; + +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.opensaml.core.config.InitializationException; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.test.annotation.DirtiesContext; +import org.springframework.test.annotation.DirtiesContext.ClassMode; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.test.context.web.WebAppConfiguration; + +import at.asitplus.eidas.specific.connector.config.ServiceProviderConfiguration; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; +import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; +import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; +import at.gv.egiz.eaaf.core.exceptions.EaafException; +import net.shibboleth.utilities.java.support.component.ComponentInitializationException; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/applicationContext.xml", + "/specific_eIDAS_connector.beans.xml", + "/eaaf_core.beans.xml", + "/eaaf_pvp.beans.xml", + "/eaaf_pvp_idp.beans.xml", + "/spring/SpringTest-context_simple_storage.xml" }) +@WebAppConfiguration +@DirtiesContext(classMode = ClassMode.BEFORE_CLASS) +public class BasicConfigurationTest { + + @Autowired private IConfigurationWithSP basicConfig; + + /** + * jUnit class initializer. + * @throws ComponentInitializationException In case of an error + * @throws InitializationException In case of an error + * @throws CertificateException + * + */ + @BeforeClass + public static void classInitializer() throws InitializationException, + ComponentInitializationException, CertificateException { + final String current = new java.io.File(".").toURI().toString(); + System.setProperty("eidas.ms.configuration", current + "src/test/resources/config/junit_config_1.properties"); + + } + + + @Test + public void basicConfig() throws MalformedURLException, EaafException { + Assert.assertEquals("validate req. URL", "http://localhost", + basicConfig.validateIdpUrl(new URL("http://junit/test"))); + + Assert.assertEquals("validate req. URL", "http://localhost", + basicConfig.validateIdpUrl(new URL("http://localhost/test1/test"))); + + } + + @Test + public void loadSpNotExist() throws EaafConfigurationException { + //check + ISpConfiguration sp = basicConfig.getServiceProviderConfiguration( + "https://not/exist"); + + //validate state + Assert.assertNull("spConfig", sp); + + + } + + @Test + public void loadSpDefault() throws EaafConfigurationException { + //check + ISpConfiguration sp = basicConfig.getServiceProviderConfiguration( + "https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata"); + + //validate state + Assert.assertNotNull("spConfig", sp); + Assert.assertEquals("BaseId transfare restrication", true, sp.hasBaseIdTransferRestriction()); + Assert.assertEquals("BaseId process restrication", false, sp.hasBaseIdInternalProcessingRestriction()); + + Assert.assertEquals("req. LoA size", 1, sp.getRequiredLoA().size()); + Assert.assertEquals("req. LoA", EaafConstants.EIDAS_LOA_HIGH, sp.getRequiredLoA().get(0)); + Assert.assertEquals("LoA matching mode", + EaafConstants.EIDAS_LOA_MATCHING_MINIMUM, sp.getLoAMatchingMode()); + + } + + @Test + public void loadSpNoBaseIdTransferRestriction() throws EaafException { + //check + ServiceProviderConfiguration sp = basicConfig.getServiceProviderConfiguration( + "https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata", ServiceProviderConfiguration.class); + + //validate state + Assert.assertNotNull("spConfig", sp); + Assert.assertNull("bPKTarget already set", sp.getAreaSpecificTargetIdentifier()); + + //validate baseId transfer restriction + sp.setBpkTargetIdentifier(EaafConstants.URN_PREFIX_CDID + "ZP"); + Assert.assertEquals("BaseId restrication", false, sp.hasBaseIdTransferRestriction()); + Assert.assertEquals("bPKTarget", EaafConstants.URN_PREFIX_CDID + "ZP", sp.getAreaSpecificTargetIdentifier()); + + sp.setBpkTargetIdentifier(EaafConstants.URN_PREFIX_WBPK_TARGET_WITH_X + "FN+123456h"); + Assert.assertEquals("BaseId restrication", true, sp.hasBaseIdTransferRestriction()); + + } + + @Test + public void loadSpWithMsSpecificConfig() throws EaafConfigurationException { + //check + ServiceProviderConfiguration sp = basicConfig.getServiceProviderConfiguration( + "https://demo.egiz.gv.at/junit_test", ServiceProviderConfiguration.class); + + //validate state + Assert.assertNotNull("spConfig", sp); + Assert.assertEquals("friendlyName", "jUnit test", sp.getFriendlyName()); + Assert.assertEquals("UniqueId", "https://demo.egiz.gv.at/junit_test", sp.getUniqueIdentifier()); + Assert.assertEquals("BaseId restrication", true, sp.hasBaseIdTransferRestriction()); + Assert.assertEquals("generic config value", false, + sp.isConfigurationValue("policy.allowed.requested.targets")); + Assert.assertEquals("generic config value", "test", + sp.getConfigurationValue("policy.allowed.requested.targets")); + Assert.assertEquals("not_exist_value", "true", sp.getConfigurationValue("not.exist", "true")); + + } +} diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/saml2/Pvp2SProfileEndPointTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/saml2/Pvp2SProfileEndPointTest.java index da5693f3..81ee2625 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/saml2/Pvp2SProfileEndPointTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/saml2/Pvp2SProfileEndPointTest.java @@ -135,7 +135,7 @@ public class Pvp2SProfileEndPointTest { httpReq.setParameter("SAMLRequest", b64); final org.springframework.core.io.Resource resource = resourceLoader.getResource( - "classpath:/data/metadata.xml"); + "classpath:/data/metadata_valid.xml"); Timer timer = new Timer("PVP metadata-resolver refresh"); ResourceBackedMetadataResolver fileSystemResolver = new ResourceBackedMetadataResolver(timer, new OpenSaml3ResourceAdapter(resource)); @@ -172,7 +172,44 @@ public class Pvp2SProfileEndPointTest { httpReq.setParameter("SAMLRequest", b64); final org.springframework.core.io.Resource resource = resourceLoader.getResource( - "classpath:/data/metadata.xml"); + "classpath:/data/metadata_valid.xml"); + Timer timer = new Timer("PVP metadata-resolver refresh"); + ResourceBackedMetadataResolver fileSystemResolver = + new ResourceBackedMetadataResolver(timer, new OpenSaml3ResourceAdapter(resource)); + fileSystemResolver.setId("test"); + fileSystemResolver.setParserPool(XMLObjectProviderRegistrySupport.getParserPool()); + fileSystemResolver.initialize(); + metadataProvider.addMetadataResolverIntoChain(fileSystemResolver); + + + //request SAML2 authentication + try { + controller.pvpIdpPostRequest(httpReq, httpResp); + Assert.fail("wrong AuthnRequest not detected"); + + }catch (EaafException e) { + Assert.assertEquals("wrong errorId", "pvp2.21", e.getErrorId()); + + } + } + + @Test + public void authnReqMetadataExpired() throws EaafException, XMLParserException, UnmarshallingException, + UnsupportedEncodingException, TransformerException, IOException, MarshallingException, + ComponentInitializationException { + //initialize test + final RequestAbstractType authnReq = (RequestAbstractType) XMLObjectSupport.unmarshallFromInputStream( + XMLObjectProviderRegistrySupport.getParserPool(), + Pvp2SProfileEndPointTest.class.getResourceAsStream("/data/pvp2_authn_1.xml")); + authnReq.setIssueInstant(DateTime.now()); + RequestAbstractType signedAuthnReq = + Saml2Utils.signSamlObject(authnReq, credentialProvider.getMetaDataSigningCredential(), true); + String b64 = Base64Utils.encodeToString(DomUtils.serializeNode( + XMLObjectSupport.getMarshaller(signedAuthnReq).marshall(signedAuthnReq)).getBytes("UTF-8")); + httpReq.setParameter("SAMLRequest", b64); + + final org.springframework.core.io.Resource resource = resourceLoader.getResource( + "classpath:/data/metadata_expired.xml"); Timer timer = new Timer("PVP metadata-resolver refresh"); ResourceBackedMetadataResolver fileSystemResolver = new ResourceBackedMetadataResolver(timer, new OpenSaml3ResourceAdapter(resource)); @@ -209,7 +246,7 @@ public class Pvp2SProfileEndPointTest { httpReq.setParameter("SAMLRequest", b64); final org.springframework.core.io.Resource resource = resourceLoader.getResource( - "classpath:/data/metadata.xml"); + "classpath:/data/metadata_valid.xml"); Timer timer = new Timer("PVP metadata-resolver refresh"); ResourceBackedMetadataResolver fileSystemResolver = new ResourceBackedMetadataResolver(timer, new OpenSaml3ResourceAdapter(resource)); diff --git a/connector/src/test/resources/config/junit_config_1.properties b/connector/src/test/resources/config/junit_config_1.properties index ab6782a7..78981b6a 100644 --- a/connector/src/test/resources/config/junit_config_1.properties +++ b/connector/src/test/resources/config/junit_config_1.properties @@ -100,16 +100,24 @@ eidas.ms.pvp2.metadata.contact.email=max@junit.test eidas.ms.sp.0.uniqueID=https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata eidas.ms.sp.0.pvp2.metadata.truststore=keys/junit.jks eidas.ms.sp.0.pvp2.metadata.truststore.password=password - -#eidas.ms.sp.0.friendlyName= +eidas.ms.sp.0.friendlyName=jUnit test #eidas.ms.sp.0.pvp2.metadata.url= #eidas.ms.sp.0.policy.allowed.requested.targets=.* #eidas.ms.sp.0.policy.hasBaseIdTransferRestriction=false +## Service Provider configuration +eidas.ms.sp.1.uniqueID=https://demo.egiz.gv.at/junit_test +eidas.ms.sp.1.pvp2.metadata.truststore=keys/junit.jks +eidas.ms.sp.1.pvp2.metadata.truststore.password=password +eidas.ms.sp.1.friendlyName=jUnit test +eidas.ms.sp.1.pvp2.metadata.url=http://junit.test/metadata +eidas.ms.sp.1.policy.allowed.requested.targets=test +eidas.ms.sp.1.policy.hasBaseIdTransferRestriction=true + ##only for advanced config eidas.ms.configuration.sp.disableRegistrationRequirement= -eidas.ms.configuration.restrictions.baseID.spTransmission= +#eidas.ms.configuration.restrictions.baseID.spTransmission= eidas.ms.configuration.auth.default.countrycode= eidas.ms.configuration.pvp.scheme.validation= eidas.ms.configuration.pvp.enable.entitycategories= \ No newline at end of file diff --git a/connector/src/test/resources/data/metadata.xml b/connector/src/test/resources/data/metadata.xml deleted file mode 100644 index 16364c05..00000000 --- a/connector/src/test/resources/data/metadata.xml +++ /dev/null @@ -1,106 +0,0 @@ - - - - - - - - - - - - - 00SaL0XjeknOb/DttutP50lTyAux1jaRPJIVdSupWvU= - - - PfEBmLMX/ZgL6ViXghyWtal5MaMoW8k3zjw+54+WK1OAtVsVgOsIDRJE0M/a/VXBbMSifgY6J1gN23xhr61jkrjRQEkbDzLpWZLzWAJ65YqqUQo8wsKI2Gz0j12yY5D8/GOamKOH9KDi5ba1veXR/fnxRINoy7nZo4tcUWZChdl8BWkMN5ugr6dORNIQg/Ym3GabQ/hR5z+9FmveAKphdH63MC6qW3EgM9EMvOVkrLBTP92sNMAAJeaawui9tlxi9anVQ0OqwZsgKLvI7fyV4CM/0sd/ELjeReIlWlHk07Nz4eltMq3eOx3q1YurYvhE8XapHiQMehOtCS+Fzh10sw== - - - MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH -SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W -ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w -CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ -RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq -UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ -M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F -Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt -1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq -nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC -VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq -itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc -2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O -fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy -4jpXrp77JXFRSDWddb0yePc= - - - - - - - - MIIBbTCCARKgAwIBAgIEXjF+qTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJBVDEN -MAsGA1UEBwwERUdJWjEOMAwGA1UECgwFalVuaXQxEDAOBgNVBAMMB3NpZ25pbmcw -HhcNMjAwMTI5MTI0NjMzWhcNMjcwMTI4MTI0NjMzWjA+MQswCQYDVQQGEwJBVDEN -MAsGA1UEBwwERUdJWjEOMAwGA1UECgwFalVuaXQxEDAOBgNVBAMMB3NpZ25pbmcw -WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASRt7gZRrr4rSEE7Q922oKQJF+mlkwC -LZnv8ZzHtH54s4VdyQFIBjQF1PPf9PTn+5tid8QJehZPndcoeD7J8fPJMAoGCCqG -SM49BAMCA0kAMEYCIQDFUO0owvqMVRO2FmD+vb8mqJBpWCE6Cl5pEHaygTa5LwIh -ANsmjI2azWiTSFjb7Ou5fnCfbeiJUP0s66m8qS4rYl9L - - - - - - - MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH -SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W -ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w -CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ -RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq -UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ -M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F -Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt -1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq -nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC -VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq -itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc -2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O -fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy -4jpXrp77JXFRSDWddb0yePc= - - - - urn:oasis:names:tc:SAML:2.0:nameid-format:persistent - - - - Default Service - - - - - - - - - - - - - - - - - - EGIZ - E-Government Innovationszentrum - http://www.egiz.gv.at - - - E-Government Innovationszentrum - Lenz - Thomas - thomas.lenz@egiz.gv.at - +43 316 873 5525 - - diff --git a/connector/src/test/resources/data/metadata_expired.xml b/connector/src/test/resources/data/metadata_expired.xml new file mode 100644 index 00000000..16364c05 --- /dev/null +++ b/connector/src/test/resources/data/metadata_expired.xml @@ -0,0 +1,106 @@ + + + + + + + + + + + + + 00SaL0XjeknOb/DttutP50lTyAux1jaRPJIVdSupWvU= + + + PfEBmLMX/ZgL6ViXghyWtal5MaMoW8k3zjw+54+WK1OAtVsVgOsIDRJE0M/a/VXBbMSifgY6J1gN23xhr61jkrjRQEkbDzLpWZLzWAJ65YqqUQo8wsKI2Gz0j12yY5D8/GOamKOH9KDi5ba1veXR/fnxRINoy7nZo4tcUWZChdl8BWkMN5ugr6dORNIQg/Ym3GabQ/hR5z+9FmveAKphdH63MC6qW3EgM9EMvOVkrLBTP92sNMAAJeaawui9tlxi9anVQ0OqwZsgKLvI7fyV4CM/0sd/ELjeReIlWlHk07Nz4eltMq3eOx3q1YurYvhE8XapHiQMehOtCS+Fzh10sw== + + + MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH +SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W +ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w +CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ +RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq +UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ +M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F +Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt +1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq +nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC +VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq +itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc +2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O +fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy +4jpXrp77JXFRSDWddb0yePc= + + + + + + + + MIIBbTCCARKgAwIBAgIEXjF+qTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJBVDEN +MAsGA1UEBwwERUdJWjEOMAwGA1UECgwFalVuaXQxEDAOBgNVBAMMB3NpZ25pbmcw +HhcNMjAwMTI5MTI0NjMzWhcNMjcwMTI4MTI0NjMzWjA+MQswCQYDVQQGEwJBVDEN +MAsGA1UEBwwERUdJWjEOMAwGA1UECgwFalVuaXQxEDAOBgNVBAMMB3NpZ25pbmcw +WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASRt7gZRrr4rSEE7Q922oKQJF+mlkwC +LZnv8ZzHtH54s4VdyQFIBjQF1PPf9PTn+5tid8QJehZPndcoeD7J8fPJMAoGCCqG +SM49BAMCA0kAMEYCIQDFUO0owvqMVRO2FmD+vb8mqJBpWCE6Cl5pEHaygTa5LwIh +ANsmjI2azWiTSFjb7Ou5fnCfbeiJUP0s66m8qS4rYl9L + + + + + + + MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH +SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W +ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w +CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ +RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq +UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ +M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F +Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt +1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq +nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC +VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq +itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc +2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O +fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy +4jpXrp77JXFRSDWddb0yePc= + + + + urn:oasis:names:tc:SAML:2.0:nameid-format:persistent + + + + Default Service + + + + + + + + + + + + + + + + + + EGIZ + E-Government Innovationszentrum + http://www.egiz.gv.at + + + E-Government Innovationszentrum + Lenz + Thomas + thomas.lenz@egiz.gv.at + +43 316 873 5525 + + diff --git a/connector/src/test/resources/data/metadata_valid.xml b/connector/src/test/resources/data/metadata_valid.xml new file mode 100644 index 00000000..06e1e785 --- /dev/null +++ b/connector/src/test/resources/data/metadata_valid.xml @@ -0,0 +1,106 @@ + + + + + + + + + + + + + 00SaL0XjeknOb/DttutP50lTyAux1jaRPJIVdSupWvU= + + + PfEBmLMX/ZgL6ViXghyWtal5MaMoW8k3zjw+54+WK1OAtVsVgOsIDRJE0M/a/VXBbMSifgY6J1gN23xhr61jkrjRQEkbDzLpWZLzWAJ65YqqUQo8wsKI2Gz0j12yY5D8/GOamKOH9KDi5ba1veXR/fnxRINoy7nZo4tcUWZChdl8BWkMN5ugr6dORNIQg/Ym3GabQ/hR5z+9FmveAKphdH63MC6qW3EgM9EMvOVkrLBTP92sNMAAJeaawui9tlxi9anVQ0OqwZsgKLvI7fyV4CM/0sd/ELjeReIlWlHk07Nz4eltMq3eOx3q1YurYvhE8XapHiQMehOtCS+Fzh10sw== + + + MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH +SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W +ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w +CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ +RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq +UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ +M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F +Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt +1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq +nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC +VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq +itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc +2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O +fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy +4jpXrp77JXFRSDWddb0yePc= + + + + + + + + MIIBbTCCARKgAwIBAgIEXjF+qTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJBVDEN +MAsGA1UEBwwERUdJWjEOMAwGA1UECgwFalVuaXQxEDAOBgNVBAMMB3NpZ25pbmcw +HhcNMjAwMTI5MTI0NjMzWhcNMjcwMTI4MTI0NjMzWjA+MQswCQYDVQQGEwJBVDEN +MAsGA1UEBwwERUdJWjEOMAwGA1UECgwFalVuaXQxEDAOBgNVBAMMB3NpZ25pbmcw +WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASRt7gZRrr4rSEE7Q922oKQJF+mlkwC +LZnv8ZzHtH54s4VdyQFIBjQF1PPf9PTn+5tid8QJehZPndcoeD7J8fPJMAoGCCqG +SM49BAMCA0kAMEYCIQDFUO0owvqMVRO2FmD+vb8mqJBpWCE6Cl5pEHaygTa5LwIh +ANsmjI2azWiTSFjb7Ou5fnCfbeiJUP0s66m8qS4rYl9L + + + + + + + MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH +SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W +ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w +CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ +RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq +UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ +M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F +Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt +1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq +nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC +VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq +itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc +2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O +fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy +4jpXrp77JXFRSDWddb0yePc= + + + + urn:oasis:names:tc:SAML:2.0:nameid-format:persistent + + + + Default Service + + + + + + + + + + + + + + + + + + EGIZ + E-Government Innovationszentrum + http://www.egiz.gv.at + + + E-Government Innovationszentrum + Lenz + Thomas + thomas.lenz@egiz.gv.at + +43 316 873 5525 + + diff --git a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/ServiceProviderConfiguration.java b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/ServiceProviderConfiguration.java index 6f7eace3..362d0244 100644 --- a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/ServiceProviderConfiguration.java +++ b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/ServiceProviderConfiguration.java @@ -57,12 +57,14 @@ public class ServiceProviderConfiguration extends SpConfigurationImpl { } + @Override public boolean hasBaseIdTransferRestriction() { final Boolean spConfigPolicy = isConfigurationValue( MsEidasNodeConstants.PROP_CONFIG_SP_POLICY_BASEIDTRANSFER_RESTRICTION); - if (spConfigPolicy != null) { + if (spConfigPolicy) { return spConfigPolicy; + } else { log.trace("SP configuration defines no baseID transfer restriction. Enforce default policy ..."); for (final String el : getTargetsWithNoBaseIdTransferRestriction()) { -- cgit v1.2.3 From 9fd7ba09ba2a5a827ef8530967aa0bfefc412f42 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Tue, 22 Dec 2020 14:15:14 +0100 Subject: add jUnit tests for configuration-operations --- .../ProcessEngineSignalControllerTest.java | 75 ++++++++++ connector_lib/pom.xml | 5 + .../specific/connector/MsConnectorEventCodes.java | 4 + .../specific/connector/MsEidasNodeConstants.java | 4 + .../test/config/BasicConfigProviderTest.java | 156 +++++++++++++++++++++ .../test/config/MsConnectorDummyConfigMap.java | 112 --------------- .../config/MsConnectorDummySpConfiguration.java | 28 ---- .../config/ServiceProviderConfigurationTest.java | 54 +++++++ .../config/dummy/MsConnectorDummyConfigMap.java | 112 +++++++++++++++ .../dummy/MsConnectorDummySpConfiguration.java | 28 ++++ .../SpringTest-context_basic_realConfig.xml | 20 +++ .../resources/config/junit_config_1.properties | 123 ++++++++++++++++ .../auth/eidas/v2/test/EidasSignalServletTest.java | 4 +- .../tasks/CreateIdentityLinkTaskEidNewTest.java | 2 +- .../v2/test/tasks/CreateIdentityLinkTaskTest.java | 2 +- .../test/tasks/GenerateAuthnRequestTaskTest.java | 2 +- .../test/tasks/ReceiveEidasResponseTaskTest.java | 4 +- .../EidasRequestPreProcessingSecondTest.java | 2 +- .../validation/EidasResponseValidatorTest.java | 4 +- .../SpringTest-context_basic_mapConfig.xml | 2 +- 20 files changed, 592 insertions(+), 151 deletions(-) create mode 100644 connector/src/test/java/at/asitplus/eidas/specific/connector/test/controller/ProcessEngineSignalControllerTest.java create mode 100644 connector_lib/src/test/java/at/asitplus/eidas/specific/connector/test/config/BasicConfigProviderTest.java delete mode 100644 connector_lib/src/test/java/at/asitplus/eidas/specific/connector/test/config/MsConnectorDummyConfigMap.java delete mode 100644 connector_lib/src/test/java/at/asitplus/eidas/specific/connector/test/config/MsConnectorDummySpConfiguration.java create mode 100644 connector_lib/src/test/java/at/asitplus/eidas/specific/connector/test/config/ServiceProviderConfigurationTest.java create mode 100644 connector_lib/src/test/java/at/asitplus/eidas/specific/connector/test/config/dummy/MsConnectorDummyConfigMap.java create mode 100644 connector_lib/src/test/java/at/asitplus/eidas/specific/connector/test/config/dummy/MsConnectorDummySpConfiguration.java create mode 100644 connector_lib/src/test/resources/SpringTest-context_basic_realConfig.xml create mode 100644 connector_lib/src/test/resources/config/junit_config_1.properties (limited to 'connector/src') diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/controller/ProcessEngineSignalControllerTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/controller/ProcessEngineSignalControllerTest.java new file mode 100644 index 00000000..cd502c48 --- /dev/null +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/controller/ProcessEngineSignalControllerTest.java @@ -0,0 +1,75 @@ +package at.asitplus.eidas.specific.connector.test.controller; + +import java.io.IOException; +import java.net.URISyntaxException; + +import org.junit.Assert; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.mock.web.MockHttpServletRequest; +import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.test.context.web.WebAppConfiguration; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; + +import at.asitplus.eidas.specific.connector.controller.ProcessEngineSignalController; +import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/applicationContext.xml", + "/specific_eIDAS_connector.beans.xml", + "/eaaf_core.beans.xml", + "/eaaf_pvp.beans.xml", + "/eaaf_pvp_idp.beans.xml", + "/spring/SpringTest-context_simple_storage.xml" }) +@WebAppConfiguration +public class ProcessEngineSignalControllerTest { + + @Autowired private ProcessEngineSignalController controller; + + private MockHttpServletRequest httpReq; + private MockHttpServletResponse httpResp; + + @BeforeClass + public static void classInitializer() { + final String current = new java.io.File(".").toURI().toString(); + System.setProperty("eidas.ms.configuration", current + "src/test/resources/config/junit_config_1.properties"); + + } + + /** + * jUnit test set-up. + */ + @Before + public void setUp() throws EaafStorageException, URISyntaxException { + httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler"); + httpResp = new MockHttpServletResponse(); + RequestContextHolder.resetRequestAttributes(); + RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); + + } + + @Test + public void noPendingRequestId() throws IOException, EaafException { + //set-up + + //execute test + controller.performGenericAuthenticationProcess(httpReq, httpResp); + + //validate state + Assert.assertEquals("http StatusCode", 302, httpResp.getStatus()); + Assert.assertNotNull("redirect header", httpResp.getHeaderValue("Location")); + Assert.assertTrue("wrong redirect header", + httpResp.getHeader("Location").startsWith("http://localhost/errorHandling?errorid=")); + + } + + +} diff --git a/connector_lib/pom.xml b/connector_lib/pom.xml index 267a01e8..b6a2e060 100644 --- a/connector_lib/pom.xml +++ b/connector_lib/pom.xml @@ -40,6 +40,11 @@ junit test + + org.springframework + spring-test + test + at.gv.egiz.eaaf eaaf_core_utils diff --git a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MsConnectorEventCodes.java b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MsConnectorEventCodes.java index 35bafd67..cfc434c4 100644 --- a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MsConnectorEventCodes.java +++ b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MsConnectorEventCodes.java @@ -45,4 +45,8 @@ public class MsConnectorEventCodes { public static final int SZR_ERNB_EIDAS_RAW_ID = 6210; public static final int SZR_ERNB_EIDAS_ERNB_ID = 6211; + + private MsConnectorEventCodes() { + // hidden constructor for class with static values only. + } } diff --git a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MsEidasNodeConstants.java b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MsEidasNodeConstants.java index b1ef799f..8d1dcc0b 100644 --- a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MsEidasNodeConstants.java +++ b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MsEidasNodeConstants.java @@ -169,4 +169,8 @@ public class MsEidasNodeConstants { public static final List COUNTRY_SELECTION_PARAM_WHITELIST = Arrays.asList(REQ_PARAM_SELECTED_COUNTRY, REQ_PARAM_SELECTED_ENVIRONMENT); + private MsEidasNodeConstants() { + //hidden Constructor for class with static values only. + } + } diff --git a/connector_lib/src/test/java/at/asitplus/eidas/specific/connector/test/config/BasicConfigProviderTest.java b/connector_lib/src/test/java/at/asitplus/eidas/specific/connector/test/config/BasicConfigProviderTest.java new file mode 100644 index 00000000..d1623b00 --- /dev/null +++ b/connector_lib/src/test/java/at/asitplus/eidas/specific/connector/test/config/BasicConfigProviderTest.java @@ -0,0 +1,156 @@ +package at.asitplus.eidas.specific.connector.test.config; + +import java.net.MalformedURLException; +import java.net.URL; +import java.util.Map; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.test.annotation.DirtiesContext; +import org.springframework.test.annotation.DirtiesContext.ClassMode; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + +import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; +import at.asitplus.eidas.specific.connector.config.ServiceProviderConfiguration; +import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; +import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; +import at.gv.egiz.eaaf.core.exceptions.EaafException; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration(locations = { + "/SpringTest-context_basic_realConfig.xml"}) +@DirtiesContext(classMode = ClassMode.BEFORE_CLASS) +public class BasicConfigProviderTest { + + @Autowired private IConfigurationWithSP basicConfig; + + /** + * jUnit class initializer. + * + */ + @BeforeClass + public static void classInitializer() { + final String current = new java.io.File(".").toURI().toString(); + System.setProperty("eidas.ms.configuration", current + "src/test/resources/config/junit_config_1.properties"); + + } + + @Test + public void configPropInfos() { + Assert.assertEquals("size", 2, MsEidasNodeConstants.COUNTRY_SELECTION_PARAM_WHITELIST.size()); + + } + + @Test + public void loadSpNoExist() throws EaafConfigurationException { + ISpConfiguration spConfig = basicConfig.getServiceProviderConfiguration( + RandomStringUtils.randomAlphabetic(5)); + Assert.assertNull("spConfig", spConfig); + + } + + @Test + public void loadSpConfigBasicMode() throws EaafConfigurationException { + ISpConfiguration spConfig = basicConfig.getServiceProviderConfiguration("jUnitTest1"); + + Assert.assertNotNull("spConfig", spConfig); + Assert.assertEquals("uniqueId", "jUnitTest1", spConfig.getUniqueIdentifier()); + Assert.assertEquals("friendlyName", "NO FRIENDLYNAME SET", spConfig.getFriendlyName()); + Assert.assertEquals("pvp2.truststore", "", spConfig.getConfigurationValue("pvp2.metadata.truststore")); + String test = RandomStringUtils.randomAlphabetic(5); + Assert.assertEquals("pvp2.password", "1234pass", + spConfig.getConfigurationValue("pvp2.metadata.truststore.password", test)); + Assert.assertEquals("eidMode", true, spConfig.isConfigurationValue("newEidMode")); + Assert.assertEquals("notexistflag", false, spConfig.isConfigurationValue("notexist", false)); + Assert.assertNotNull("fullConfig", spConfig.getFullConfiguration()); + Assert.assertEquals("fullConfig", 4, spConfig.getFullConfiguration().size()); + + } + + @Test + public void loadSpConfigAdvancedMode() throws EaafConfigurationException { + ISpConfiguration spConfig = basicConfig.getServiceProviderConfiguration( + "jUnitTest2", ServiceProviderConfiguration.class); + + Assert.assertNotNull("spConfig", spConfig); + Assert.assertEquals("uniqueId", "jUnitTest2", spConfig.getUniqueIdentifier()); + Assert.assertEquals("friendlyName", "jUnit tester 2", spConfig.getFriendlyName()); + Assert.assertEquals("pvp2.truststore", "", spConfig.getConfigurationValue("pvp2.metadata.truststore")); + String test = RandomStringUtils.randomAlphabetic(5); + Assert.assertEquals("pvp2.password", test, + spConfig.getConfigurationValue("pvp2.metadata.truststore.notexist", test)); + Assert.assertEquals("eidMode", false, spConfig.isConfigurationValue("newEidMode")); + Assert.assertEquals("notexistflag", false, spConfig.isConfigurationValue("notexist", false)); + Assert.assertNotNull("fullConfig", spConfig.getFullConfiguration()); + Assert.assertEquals("fullConfig", 5, spConfig.getFullConfiguration().size()); + Assert.assertFalse("baseIdInternal", spConfig.hasBaseIdInternalProcessingRestriction()); + Assert.assertTrue("baseIdTransfer", spConfig.hasBaseIdTransferRestriction()); + + } + + @Test + public void loadSpConfigAdvancedModeWrongDecorator() throws EaafConfigurationException { + ISpConfiguration spConfig1 = basicConfig.getServiceProviderConfiguration( + "jUnitTest2", null); + Assert.assertNull("spConfig", spConfig1); + + String spConfig2 = basicConfig.getServiceProviderConfiguration( + "jUnitTest2", String.class); + Assert.assertNull("spConfig", spConfig2); + + } + + @Test + public void loadConfigValuesString() { + Assert.assertEquals("without default", "ownSpecificConnector", + basicConfig.getBasicConfiguration("auth.eIDAS.node_v2.entityId")); + + Assert.assertEquals("with default", "", + basicConfig.getBasicConfiguration("auth.eIDAS.szrclient.endpoint.prod", + RandomStringUtils.randomAlphabetic(5))); + + String rand1 = RandomStringUtils.randomAlphanumeric(5); + Assert.assertEquals("unknown with default", rand1, + basicConfig.getBasicConfiguration("notexist", rand1)); + + } + + @Test + public void loadConfigValuesBoolean() { + Assert.assertEquals("without default", true, + basicConfig.getBasicConfigurationBoolean("auth.eIDAS.szrclient.useTestService")); + + Assert.assertEquals("with default", false, + basicConfig.getBasicConfigurationBoolean("auth.notexist", + false)); + + Assert.assertEquals("unknown with default", false, + basicConfig.getBasicConfigurationBoolean("auth.eIDAS.szrclient.params.vkz", true)); + + } + + @Test + public void loadConfigMap() { + Map entries = basicConfig.getBasicConfigurationWithPrefix("auth.eIDAS.szrclient"); + Assert.assertEquals("wrong size", 16, entries.size()); + Assert.assertTrue("missing element", entries.containsKey("endpoint.test")); + Assert.assertEquals("wrong entry", "http://localhost:1234/demoszr", entries.get("endpoint.test")); + + } + + @Test + public void validateUrl() throws MalformedURLException, EaafException { + Assert.assertEquals("wrong URL", "http://localhost/test", + basicConfig.validateIdpUrl(new URL("http://localhost/test/" + RandomStringUtils.randomAlphabetic(5)))); + + Assert.assertNull("wrong URL", + basicConfig.validateIdpUrl(new URL("http://localhost/wrong/" + RandomStringUtils.randomAlphabetic(5)))); + + } +} diff --git a/connector_lib/src/test/java/at/asitplus/eidas/specific/connector/test/config/MsConnectorDummyConfigMap.java b/connector_lib/src/test/java/at/asitplus/eidas/specific/connector/test/config/MsConnectorDummyConfigMap.java deleted file mode 100644 index ab390731..00000000 --- a/connector_lib/src/test/java/at/asitplus/eidas/specific/connector/test/config/MsConnectorDummyConfigMap.java +++ /dev/null @@ -1,112 +0,0 @@ -package at.asitplus.eidas.specific.connector.test.config; - -import java.io.IOException; -import java.io.InputStream; -import java.net.URI; -import java.net.URISyntaxException; -import java.util.Map; - -import org.apache.commons.lang3.StringUtils; - -import at.gv.egiz.eaaf.core.test.dummy.DummyAuthConfigMap; -import lombok.Setter; - -/** - * MS-Connector specific dummy basic-config implementation. - * - * @author tlenz - * - */ -public class MsConnectorDummyConfigMap extends DummyAuthConfigMap { - - private static final String CONFIG_PREFIX = "eidas.ms."; - - @Setter - private String configRootDirSufix; - - /** - * Creates an emptry configuration. - * - */ - public MsConnectorDummyConfigMap() { - - } - - /** - * Dummy Application-configuration. - * - * @param configIs Property based configuration - * @throws IOException In case of an configuration read error - */ - public MsConnectorDummyConfigMap(final InputStream configIs) throws IOException { - super(configIs); - - } - - /** - * Dummy Application-configuration. - * - * @param path Path to property based configuration - * @throws IOException In case of an configuration read error - */ - public MsConnectorDummyConfigMap(final String path) throws IOException { - super(path); - - } - - - @Override - public String getBasicConfiguration(final String key) { - return super.getBasicConfiguration(addPrefixToKey(key)); - - } - - @Override - public Map getBasicConfigurationWithPrefix(final String prefix) { - return super.getBasicConfigurationWithPrefix(addPrefixToKey(prefix)); - - } - - @Override - public void putConfigValue(final String key, final String value) { - super.putConfigValue(addPrefixToKey(key), value); - } - - @Override - public void removeConfigValue(final String key) { - super.removeConfigValue(addPrefixToKey(key)); - - } - - @Override - public URI getConfigurationRootDirectory() { - URI basePath = super.getConfigurationRootDirectory(); - if (StringUtils.isNotEmpty(configRootDirSufix)) { - try { - return new URI(basePath.toString() + configRootDirSufix); - - } catch (URISyntaxException e) { - throw new RuntimeException("Wrong Dummyconfig", e); - - } - - } else { - return basePath; - - } - - - } - - private String addPrefixToKey(final String key) { - if (key.startsWith(CONFIG_PREFIX)) { - return key; - - } else { - return CONFIG_PREFIX + key; - - } - } - - -} diff --git a/connector_lib/src/test/java/at/asitplus/eidas/specific/connector/test/config/MsConnectorDummySpConfiguration.java b/connector_lib/src/test/java/at/asitplus/eidas/specific/connector/test/config/MsConnectorDummySpConfiguration.java deleted file mode 100644 index e6e35ab1..00000000 --- a/connector_lib/src/test/java/at/asitplus/eidas/specific/connector/test/config/MsConnectorDummySpConfiguration.java +++ /dev/null @@ -1,28 +0,0 @@ -package at.asitplus.eidas.specific.connector.test.config; - -import java.util.List; -import java.util.Map; - -import at.gv.egiz.eaaf.core.api.idp.IConfiguration; -import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration; -import lombok.Setter; - -public class MsConnectorDummySpConfiguration extends DummySpConfiguration { - - private static final long serialVersionUID = -3249018889871026127L; - - @Setter - private List loa; - - public MsConnectorDummySpConfiguration(Map spConfig, IConfiguration authConfig) { - super(spConfig, authConfig); - - } - - @Override - public List getRequiredLoA() { - return loa; - - } - -} diff --git a/connector_lib/src/test/java/at/asitplus/eidas/specific/connector/test/config/ServiceProviderConfigurationTest.java b/connector_lib/src/test/java/at/asitplus/eidas/specific/connector/test/config/ServiceProviderConfigurationTest.java new file mode 100644 index 00000000..d95e2882 --- /dev/null +++ b/connector_lib/src/test/java/at/asitplus/eidas/specific/connector/test/config/ServiceProviderConfigurationTest.java @@ -0,0 +1,54 @@ +package at.asitplus.eidas.specific.connector.test.config; + +import java.util.Arrays; +import java.util.HashMap; +import java.util.Map; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Assert; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.BlockJUnit4ClassRunner; + +import at.asitplus.eidas.specific.connector.config.ServiceProviderConfiguration; +import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.exceptions.EaafException; + +@RunWith(BlockJUnit4ClassRunner.class) +public class ServiceProviderConfigurationTest { + + + + @Test + public void spConfigLoad() throws EaafException { + IConfiguration authConfig = new MsConnectorDummyConfigMap(); + + Map map = new HashMap<>(); + map.put("uniqueID", RandomStringUtils.randomAlphabetic(10)); + map.put("policy.allowed.requested.targets", "urn:publicid:gv.at:cdid\\+.*"); + + ServiceProviderConfiguration spConfig = new ServiceProviderConfiguration(map, authConfig); + + spConfig.setRequiredLoA(Arrays.asList(EaafConstants.EIDAS_LOA_LOW)); + Assert.assertEquals("LoA", 1, spConfig.getRequiredLoA().size()); + Assert.assertEquals("LoA", "http://eidas.europa.eu/LoA/low", spConfig.getRequiredLoA().get(0)); + + spConfig.setLoAMachtingMode("exact"); + Assert.assertEquals("wrong machtingMode", "exact", spConfig.getLoAMatchingMode()); + + String bpkTarget = EaafConstants.URN_PREFIX_CDID + RandomStringUtils.randomAlphabetic(2); + spConfig.setBpkTargetIdentifier(bpkTarget); + Assert.assertEquals("wrong bPK", bpkTarget, spConfig.getAreaSpecificTargetIdentifier()); + + + try { + spConfig.setBpkTargetIdentifier(EaafConstants.URN_PREFIX_WBPK + RandomStringUtils.randomAlphabetic(2)); + + } catch (EaafException e) { + Assert.assertEquals("ErrorId", "auth.37", e.getErrorId()); + } + + } +} diff --git a/connector_lib/src/test/java/at/asitplus/eidas/specific/connector/test/config/dummy/MsConnectorDummyConfigMap.java b/connector_lib/src/test/java/at/asitplus/eidas/specific/connector/test/config/dummy/MsConnectorDummyConfigMap.java new file mode 100644 index 00000000..42e31377 --- /dev/null +++ b/connector_lib/src/test/java/at/asitplus/eidas/specific/connector/test/config/dummy/MsConnectorDummyConfigMap.java @@ -0,0 +1,112 @@ +package at.asitplus.eidas.specific.connector.test.config.dummy; + +import java.io.IOException; +import java.io.InputStream; +import java.net.URI; +import java.net.URISyntaxException; +import java.util.Map; + +import org.apache.commons.lang3.StringUtils; + +import at.gv.egiz.eaaf.core.test.dummy.DummyAuthConfigMap; +import lombok.Setter; + +/** + * MS-Connector specific dummy basic-config implementation. + * + * @author tlenz + * + */ +public class MsConnectorDummyConfigMap extends DummyAuthConfigMap { + + private static final String CONFIG_PREFIX = "eidas.ms."; + + @Setter + private String configRootDirSufix; + + /** + * Creates an emptry configuration. + * + */ + public MsConnectorDummyConfigMap() { + + } + + /** + * Dummy Application-configuration. + * + * @param configIs Property based configuration + * @throws IOException In case of an configuration read error + */ + public MsConnectorDummyConfigMap(final InputStream configIs) throws IOException { + super(configIs); + + } + + /** + * Dummy Application-configuration. + * + * @param path Path to property based configuration + * @throws IOException In case of an configuration read error + */ + public MsConnectorDummyConfigMap(final String path) throws IOException { + super(path); + + } + + + @Override + public String getBasicConfiguration(final String key) { + return super.getBasicConfiguration(addPrefixToKey(key)); + + } + + @Override + public Map getBasicConfigurationWithPrefix(final String prefix) { + return super.getBasicConfigurationWithPrefix(addPrefixToKey(prefix)); + + } + + @Override + public void putConfigValue(final String key, final String value) { + super.putConfigValue(addPrefixToKey(key), value); + } + + @Override + public void removeConfigValue(final String key) { + super.removeConfigValue(addPrefixToKey(key)); + + } + + @Override + public URI getConfigurationRootDirectory() { + URI basePath = super.getConfigurationRootDirectory(); + if (StringUtils.isNotEmpty(configRootDirSufix)) { + try { + return new URI(basePath.toString() + configRootDirSufix); + + } catch (URISyntaxException e) { + throw new RuntimeException("Wrong Dummyconfig", e); + + } + + } else { + return basePath; + + } + + + } + + private String addPrefixToKey(final String key) { + if (key.startsWith(CONFIG_PREFIX)) { + return key; + + } else { + return CONFIG_PREFIX + key; + + } + } + + +} diff --git a/connector_lib/src/test/java/at/asitplus/eidas/specific/connector/test/config/dummy/MsConnectorDummySpConfiguration.java b/connector_lib/src/test/java/at/asitplus/eidas/specific/connector/test/config/dummy/MsConnectorDummySpConfiguration.java new file mode 100644 index 00000000..b379080d --- /dev/null +++ b/connector_lib/src/test/java/at/asitplus/eidas/specific/connector/test/config/dummy/MsConnectorDummySpConfiguration.java @@ -0,0 +1,28 @@ +package at.asitplus.eidas.specific.connector.test.config.dummy; + +import java.util.List; +import java.util.Map; + +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration; +import lombok.Setter; + +public class MsConnectorDummySpConfiguration extends DummySpConfiguration { + + private static final long serialVersionUID = -3249018889871026127L; + + @Setter + private List loa; + + public MsConnectorDummySpConfiguration(Map spConfig, IConfiguration authConfig) { + super(spConfig, authConfig); + + } + + @Override + public List getRequiredLoA() { + return loa; + + } + +} diff --git a/connector_lib/src/test/resources/SpringTest-context_basic_realConfig.xml b/connector_lib/src/test/resources/SpringTest-context_basic_realConfig.xml new file mode 100644 index 00000000..bcca90b5 --- /dev/null +++ b/connector_lib/src/test/resources/SpringTest-context_basic_realConfig.xml @@ -0,0 +1,20 @@ + + + + + + + + + + \ No newline at end of file diff --git a/connector_lib/src/test/resources/config/junit_config_1.properties b/connector_lib/src/test/resources/config/junit_config_1.properties new file mode 100644 index 00000000..01dcf842 --- /dev/null +++ b/connector_lib/src/test/resources/config/junit_config_1.properties @@ -0,0 +1,123 @@ +## Basic service configuration +eidas.ms.context.url.prefix=http://localhost/test/ +eidas.ms.context.url.request.validation=true + +eidas.ms.context.use.clustermode=true + +##Monitoring +eidas.ms.monitoring.eIDASNode.metadata.url= + + +##Specific logger configuration +eidas.ms.technicallog.write.MDS.into.techlog=true +eidas.ms.revisionlog.write.MDS.into.revisionlog=true +eidas.ms.revisionlog.logIPAddressOfUser=true + +##Directory for static Web content +eidas.ms.webcontent.static.directory=webcontent/ +eidas.ms.webcontent.templates=templates/ +eidas.ms.webcontent.properties=properties/messages + +## extended validation of pending-request Id's +eidas.ms.core.pendingrequestid.maxlifetime=300 +eidas.ms.core.pendingrequestid.digist.algorithm=HmacSHA256 +eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret + +## eIDAS Ref. Implementation connector ### +eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector +eidas.ms.auth.eIDAS.node_v2.forward.endpoint= +eidas.ms.auth.eIDAS.node_v2.forward.method=POST +eidas.ms.auth.eIDAS.node_v2.countrycode=AT +eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=.* +eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName=true +eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier=true +eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs=true +eidas.ms.auth.eIDAS.node_v2.staticProviderNameForPublicSPs=myNode + +eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/high + +eidas.ms.auth.eIDAS.szrclient.useTestService=true +eidas.ms.auth.eIDAS.szrclient.endpoint.prod= +eidas.ms.auth.eIDAS.szrclient.endpoint.test=http://localhost:1234/demoszr +eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.path=keys/..... +eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.password= +eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.path= +eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.password= +eidas.ms.auth.eIDAS.szrclient.timeout.connection=15 +eidas.ms.auth.eIDAS.szrclient.timeout.response=30 +eidas.ms.auth.eIDAS.szrclient.params.vkz= + +eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation=false + + +eidas.ms.auth.eIDAS.authblock.keystore.password=f/+saJBc3a}*/T^s +eidas.ms.auth.eIDAS.authblock.keystore.friendlyName=connectorkeypair +eidas.ms.auth.eIDAS.authblock.keystore.path=./../keystore/teststore.jks +eidas.ms.auth.eIDAS.authblock.keystore.type=jks +eidas.ms.auth.eIDAS.authblock.key.alias=connectorkeypair +eidas.ms.auth.eIDAS.authblock.key.password=f/+saJBc3a}*/T^s + + +#Raw eIDAS Id data storage +eidas.ms.auth.eIDAS.szrclient.workarounds.eidmapping.revisionlog.active=true + +eidas.ms.auth.eIDAS.szrclient.params.setPlaceOfBirthIfAvailable=true +eidas.ms.auth.eIDAS.szrclient.params.setBirthNameIfAvailable=true + +eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=true +eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=true + +##without mandates +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.0=PersonIdentifier,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.1=FamilyName,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.2=FirstName,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.3=DateOfBirth,true + +eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.4=PlaceOfBirth,false +eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.5=BirthName,false +eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.6=Gender,false +eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.7=CurrentAddress,false +eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.8=testtest,false + +##with mandates ---- NOT FULLY SUPPORTED AT THE MOMENT ----- +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.0=PersonIdentifier,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.1=FamilyName,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.2=FirstName,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.3=DateOfBirth,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.4=LegalPerson,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.5=LegalName,true + + +## PVP2 S-Profile end-point configuration +eidas.ms.pvp2.keystore.path=keys/..... +eidas.ms.pvp2.keystore.password= +eidas.ms.pvp2.key.metadata.alias= +eidas.ms.pvp2.key.metadata.password= +eidas.ms.pvp2.key.signing.alias= +eidas.ms.pvp2.key.signing.password= +eidas.ms.pvp2.metadata.validity=24 + +## Service Provider configuration +eidas.ms.sp.0.uniqueID=jUnitTest1 +eidas.ms.sp.0.pvp2.metadata.truststore= +eidas.ms.sp.0.pvp2.metadata.truststore.password=1234pass +eidas.ms.sp.0.newEidMode=true + +eidas.ms.sp.1.uniqueID=jUnitTest2 +eidas.ms.sp.1.friendlyName=jUnit tester 2 +eidas.ms.sp.1.pvp2.metadata.truststore= +eidas.ms.sp.1.pvp2.metadata.truststore.password= +eidas.ms.sp.1.newEidMode=false + +#eidas.ms.sp.0.friendlyName= +#eidas.ms.sp.0.pvp2.metadata.url= +#eidas.ms.sp.0.policy.allowed.requested.targets=.* +#eidas.ms.sp.0.policy.hasBaseIdTransferRestriction=false + + +##only for advanced config +eidas.ms.configuration.sp.disableRegistrationRequirement= +eidas.ms.configuration.restrictions.baseID.spTransmission= +eidas.ms.configuration.auth.default.countrycode= +eidas.ms.configuration.pvp.scheme.validation= +eidas.ms.configuration.pvp.enable.entitycategories= \ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java index d2973e1d..62d5c556 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java @@ -25,8 +25,8 @@ import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.ServletRequestAttributes; import org.springframework.web.servlet.config.annotation.EnableWebMvc; -import at.asitplus.eidas.specific.connector.test.config.MsConnectorDummyConfigMap; -import at.asitplus.eidas.specific.connector.test.config.MsConnectorDummySpConfiguration; +import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap; +import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummySpConfiguration; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; import at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasSignalServlet; import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask; diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java index 8cda745a..2e6790c5 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java @@ -43,7 +43,7 @@ import com.fasterxml.jackson.databind.ObjectMapper; import com.skjolberg.mockito.soap.SoapServiceRule; import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; -import at.asitplus.eidas.specific.connector.test.config.MsConnectorDummyConfigMap; +import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry; diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java index 382041e5..8c7558dd 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java @@ -31,7 +31,7 @@ import org.springframework.web.context.request.ServletRequestAttributes; import com.skjolberg.mockito.soap.SoapServiceRule; import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; -import at.asitplus.eidas.specific.connector.test.config.MsConnectorDummyConfigMap; +import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry; import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask; diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java index 83ac6044..c416b515 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java @@ -20,7 +20,7 @@ import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.ServletRequestAttributes; import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; -import at.asitplus.eidas.specific.connector.test.config.MsConnectorDummyConfigMap; +import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateAuthnRequestTask; diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java index f5ae9b01..de9b2d3b 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java @@ -24,8 +24,8 @@ import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.ServletRequestAttributes; import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; -import at.asitplus.eidas.specific.connector.test.config.MsConnectorDummyConfigMap; -import at.asitplus.eidas.specific.connector.test.config.MsConnectorDummySpConfiguration; +import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap; +import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummySpConfiguration; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry; import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask; diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java index 6d46f6e0..c44e803b 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java @@ -37,7 +37,7 @@ import org.springframework.test.annotation.DirtiesContext.ClassMode; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -import at.asitplus.eidas.specific.connector.test.config.MsConnectorDummyConfigMap; +import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.CcSpecificEidProcessingService; import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java index d0e7a804..e0f15c8c 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java @@ -20,8 +20,8 @@ import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import com.google.common.collect.ImmutableSet; -import at.asitplus.eidas.specific.connector.test.config.MsConnectorDummyConfigMap; -import at.asitplus.eidas.specific.connector.test.config.MsConnectorDummySpConfiguration; +import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap; +import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummySpConfiguration; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasValidationException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry; diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_mapConfig.xml b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_mapConfig.xml index 3863df59..3a9214fb 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_mapConfig.xml +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_mapConfig.xml @@ -12,7 +12,7 @@ + class="at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap"> -- cgit v1.2.3 From 6b098e7070dedb5692325f6d330a20de696b9edc Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Tue, 22 Dec 2020 15:36:42 +0100 Subject: switch from Spring to Spring-Boot --- basicConfig/default_config.properties | 4 +- connector/checks/spotbugs-exclude.xml | 5 + connector/pom.xml | 92 +++++- .../MsSpecificEidasNodeSpringResourceProvider.java | 10 +- ...ficSpringBootApplicationContextInitializer.java | 82 +++++ .../SpringBootApplicationInitializer.java | 60 ++++ .../connector/SpringContextCloseHandler.java | 224 +++++++++++++ .../config/StaticResourceConfiguration.java | 87 ++--- .../storage/SimpleInMemoryTransactionStorage.java | 2 - .../src/main/resources/application.properties | 144 +++++++++ .../src/main/resources/applicationContext.xml | 23 +- connector/src/main/resources/log4j.properties | 55 ---- connector/src/main/resources/logback.xml | 20 +- .../resources/specific_eIDAS_connector.beans.xml | 21 +- connector/src/main/resources/tomcat.properties | 15 + .../test/AuthenticationDataBuilderTest.java | 352 --------------------- .../connector/test/AuthnRequestValidatorTest.java | 329 ------------------- .../connector/test/BasicConfigurationTest.java | 135 -------- .../test/CountrySelectionProcessImplTest.java | 120 ------- .../test/MainClassExecutableModeTest.java | 109 +++++++ .../connector/test/MainClassWebAppModeTest.java | 129 ++++++++ .../test/config/BasicConfigurationTest.java | 135 ++++++++ .../test/utils/AuthenticationDataBuilderTest.java | 352 +++++++++++++++++++++ .../test/utils/AuthnRequestValidatorTest.java | 329 +++++++++++++++++++ .../utils/CountrySelectionProcessImplTest.java | 120 +++++++ .../resources/config/junit_config_1.properties | 1 + .../config/junit_config_1_springboot.properties | 81 +++++ .../src/test/resources/config/keys/teststore.jks | Bin 0 -> 2028 bytes connector_lib/pom.xml | 22 +- .../specific/connector/MsEidasNodeConstants.java | 2 +- .../config/BasicConfigurationProvider.java | 4 +- .../SpringBootBasicConfigurationProvider.java | 122 +++++++ .../gui/DefaultVelocityGuiBuilderImpl.java | 2 +- .../src/main/resources/common_gui.beans.xml | 60 ++++ .../SpringBootBasicConfigurationProviderTest.java | 148 +++++++++ .../SpringTest-context_basic_realConfig.xml | 9 +- .../resources/config/junit_config_1.properties | 1 + pom.xml | 110 +++++-- 38 files changed, 2394 insertions(+), 1122 deletions(-) create mode 100644 connector/src/main/java/at/asitplus/eidas/specific/connector/MsSpecificSpringBootApplicationContextInitializer.java create mode 100644 connector/src/main/java/at/asitplus/eidas/specific/connector/SpringBootApplicationInitializer.java create mode 100644 connector/src/main/java/at/asitplus/eidas/specific/connector/SpringContextCloseHandler.java create mode 100644 connector/src/main/resources/application.properties delete mode 100644 connector/src/main/resources/log4j.properties create mode 100644 connector/src/main/resources/tomcat.properties delete mode 100644 connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthenticationDataBuilderTest.java delete mode 100644 connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthnRequestValidatorTest.java delete mode 100644 connector/src/test/java/at/asitplus/eidas/specific/connector/test/BasicConfigurationTest.java delete mode 100644 connector/src/test/java/at/asitplus/eidas/specific/connector/test/CountrySelectionProcessImplTest.java create mode 100644 connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java create mode 100644 connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java create mode 100644 connector/src/test/java/at/asitplus/eidas/specific/connector/test/config/BasicConfigurationTest.java create mode 100644 connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java create mode 100644 connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthnRequestValidatorTest.java create mode 100644 connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/CountrySelectionProcessImplTest.java create mode 100644 connector/src/test/resources/config/junit_config_1_springboot.properties create mode 100644 connector/src/test/resources/config/keys/teststore.jks create mode 100644 connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/SpringBootBasicConfigurationProvider.java create mode 100644 connector_lib/src/main/resources/common_gui.beans.xml create mode 100644 connector_lib/src/test/java/at/asitplus/eidas/specific/connector/test/config/SpringBootBasicConfigurationProviderTest.java (limited to 'connector/src') diff --git a/basicConfig/default_config.properties b/basicConfig/default_config.properties index fabfdfef..d6cc1317 100644 --- a/basicConfig/default_config.properties +++ b/basicConfig/default_config.properties @@ -66,8 +66,8 @@ eidas.ms.auth.eIDAS.szrclient.workarounds.eidmapping.revisionlog.active=true eidas.ms.auth.eIDAS.szrclient.params.setPlaceOfBirthIfAvailable=true eidas.ms.auth.eIDAS.szrclient.params.setBirthNameIfAvailable=true -eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=true -eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=true +eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=false +eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=false ##without mandates eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.0=PersonIdentifier,true diff --git a/connector/checks/spotbugs-exclude.xml b/connector/checks/spotbugs-exclude.xml index 5d4fd515..281e3796 100644 --- a/connector/checks/spotbugs-exclude.xml +++ b/connector/checks/spotbugs-exclude.xml @@ -19,4 +19,9 @@ + + + + + diff --git a/connector/pom.xml b/connector/pom.xml index dad27b38..7fbc2a36 100644 --- a/connector/pom.xml +++ b/connector/pom.xml @@ -49,7 +49,15 @@ authmodule-eIDAS-v2 - + + + org.springframework.boot + spring-boot-starter-actuator + + + de.codecentric + spring-boot-admin-starter-client + org.springframework spring-webmvc @@ -74,11 +82,10 @@ org.apache.commons commons-collections4 - - javax.servlet - javax.servlet-api - provided - + + org.hibernate.validator + hibernate-validator + @@ -104,8 +111,63 @@ test test-jar + + org.springframework.boot + spring-boot-starter-tomcat + test + + + at.gv.egiz.eaaf + eaaf-springboot-utils + test + + + + + default + + true + + default + + + + + org.springframework.boot + spring-boot-starter-web + + + org.springframework.boot + spring-boot-starter-tomcat + + + + + + javax.servlet + javax.servlet-api + provided + + + + + embbededTomcat + + + org.springframework.boot + spring-boot-starter-web + + + at.gv.egiz.eaaf + eaaf-springboot-utils + + + + + + ms_connector @@ -125,6 +187,24 @@ + + org.springframework.boot + spring-boot-maven-plugin + 2.2.6.RELEASE + + true + + + + + + build-info + repackage + + + + + org.apache.maven.plugins maven-assembly-plugin diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/MsSpecificEidasNodeSpringResourceProvider.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/MsSpecificEidasNodeSpringResourceProvider.java index 6e8e06ef..40ed283b 100644 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/MsSpecificEidasNodeSpringResourceProvider.java +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/MsSpecificEidasNodeSpringResourceProvider.java @@ -32,11 +32,15 @@ public class MsSpecificEidasNodeSpringResourceProvider implements SpringResource @Override public Resource[] getResourcesToLoad() { - final ClassPathResource msEidasNode = new ClassPathResource("/specific_eIDAS_connector.beans.xml", - MsSpecificEidasNodeSpringResourceProvider.class); + final ClassPathResource generic = + new ClassPathResource("/applicationContext.xml", MsSpecificEidasNodeSpringResourceProvider.class); + + final ClassPathResource msEidasNode = new ClassPathResource( + "/specific_eIDAS_connector.beans.xml", MsSpecificEidasNodeSpringResourceProvider.class); + final ClassPathResource msEidasNodeStorage = new ClassPathResource( "/specific_eIDAS_connector.storage.beans.xml", MsSpecificEidasNodeSpringResourceProvider.class); - return new Resource[] { msEidasNode, msEidasNodeStorage }; + return new Resource[] { generic, msEidasNode, msEidasNodeStorage }; } @Override diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/MsSpecificSpringBootApplicationContextInitializer.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/MsSpecificSpringBootApplicationContextInitializer.java new file mode 100644 index 00000000..5160bdf5 --- /dev/null +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/MsSpecificSpringBootApplicationContextInitializer.java @@ -0,0 +1,82 @@ +package at.asitplus.eidas.specific.connector; + +import java.io.File; +import java.io.FileInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.nio.file.Files; +import java.nio.file.Path; +import java.nio.file.Paths; +import java.util.Properties; + +import org.apache.commons.lang3.StringUtils; +import org.springframework.context.ConfigurableApplicationContext; +import org.springframework.core.env.MutablePropertySources; +import org.springframework.core.env.PropertiesPropertySource; + +import at.gv.egiz.components.spring.api.SpringBootApplicationContextInitializer; +import lombok.extern.slf4j.Slf4j; + +@Slf4j +public class MsSpecificSpringBootApplicationContextInitializer extends + SpringBootApplicationContextInitializer { + + private static final String SYSTEMD_PROP_NAME = "eidas.ms.configuration"; + private static final String PATH_FILE_PREFIX = "file:"; + + @Override + public void initialize(ConfigurableApplicationContext applicationContext) { + String configPath = System.getProperty(SYSTEMD_PROP_NAME); + if (StringUtils.isNotEmpty(configPath)) { + log.debug("Find configuration-source from SystemD Property: '{}' ...", SYSTEMD_PROP_NAME); + if (configPath.startsWith(PATH_FILE_PREFIX)) { + configPath = configPath.substring(PATH_FILE_PREFIX.length()); + + } + injectConfiguration(configPath, applicationContext); + + } else { + log.info("Find NO SystemD Property: '{}' Maybe no configuration available", SYSTEMD_PROP_NAME); + + } + + super.initialize(applicationContext); + + } + + private void injectConfiguration(String configPath, ConfigurableApplicationContext applicationContext) { + InputStream is = null; + try { + Path path = Paths.get(configPath); + if (Files.exists(path)) { + File file = new File(configPath); + Properties props = new Properties(); + is = new FileInputStream(file); + props.load(is); + MutablePropertySources sources = applicationContext.getEnvironment().getPropertySources(); + sources.addFirst(new PropertiesPropertySource(SYSTEMD_PROP_NAME, props)); + log.info("Set configuration-source from SystemD-Property: {}", SYSTEMD_PROP_NAME); + + } else { + log.error("Configuration from SystemD Property: '{}' at Location: {} DOES NOT exist", + SYSTEMD_PROP_NAME, configPath); + + } + + } catch (IOException e) { + log.error("Configuration from SystemD Property: '{}' at Location: {} CAN NOT be loaded", + SYSTEMD_PROP_NAME, configPath, e); + + } finally { + try { + if (is != null) { + is.close(); + + } + } catch (IOException e) { + log.error("Can not close InputStream of configLoader: {}", configPath, e); + + } + } + } +} diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringBootApplicationInitializer.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringBootApplicationInitializer.java new file mode 100644 index 00000000..0d3226bf --- /dev/null +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringBootApplicationInitializer.java @@ -0,0 +1,60 @@ +package at.asitplus.eidas.specific.connector; + +import org.springframework.boot.SpringApplication; +import org.springframework.boot.autoconfigure.SpringBootApplication; +import org.springframework.context.ConfigurableApplicationContext; + +import at.gv.egiz.eaaf.core.impl.logging.LogMessageProviderFactory; +import at.gv.egiz.eaaf.core.impl.logging.SimpleStatusMessager; +import lombok.extern.slf4j.Slf4j; + +@Slf4j +@SpringBootApplication(scanBasePackages = {"at.gv.egiz.eaaf.utils.springboot.ajp"}) +public class SpringBootApplicationInitializer { + + private static ConfigurableApplicationContext ctx; + + /** + * Starts MS-specific eIDAS-Implementation SpringBoot application. + * + * @param args Starting parameters + */ + public static void main(final String[] args) { + try { + log.info("=============== Initializing Spring-Boot context! ==============="); + LogMessageProviderFactory.setStatusMessager(new SimpleStatusMessager()); + final SpringApplication springApp = + new SpringApplication(SpringBootApplicationInitializer.class); + springApp.addInitializers(new MsSpecificSpringBootApplicationContextInitializer()); + + log.debug("Run SpringBoot initialization process ... "); + ctx = springApp.run(args); + + log.info("Initialization of MS-specific eIDAS-Implementation finished."); + + } catch (final Throwable e) { + log.error("MS-specific eIDAS-Implementation initialization FAILED!", e); + throw e; + + } + + } + + /** + * Stops SpringBoot application of MS-specific eIDAS-Implementation. + * + */ + public static void exit() { + if (ctx != null) { + log.info("Stopping SpringBoot application ... "); + SpringApplication.exit(ctx, () -> 0); + ctx = null; + + } else { + log.info("No SpringBoot context. Nothing todo"); + + } + + } + +} diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringContextCloseHandler.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringContextCloseHandler.java new file mode 100644 index 00000000..2a3b659a --- /dev/null +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringContextCloseHandler.java @@ -0,0 +1,224 @@ +package at.asitplus.eidas.specific.connector; + +import java.util.Iterator; +import java.util.Map; +import java.util.Map.Entry; + +import org.slf4j.Logger; +import org.springframework.beans.BeansException; +import org.springframework.beans.factory.config.BeanPostProcessor; +import org.springframework.context.ApplicationContext; +import org.springframework.context.ApplicationContextAware; +import org.springframework.context.ApplicationListener; +import org.springframework.context.event.ContextClosedEvent; +import org.springframework.context.event.EventListener; +import org.springframework.scheduling.concurrent.ThreadPoolTaskExecutor; +import org.springframework.scheduling.concurrent.ThreadPoolTaskScheduler; + +import at.gv.egiz.components.spring.api.IDestroyableObject; +import eu.eidas.auth.cache.IgniteInstanceInitializerSpecificCommunication; + +/** + * SpringContext CloseHandler. + * + * @author tlenz + * + */ + +public class SpringContextCloseHandler + implements ApplicationListener, ApplicationContextAware, BeanPostProcessor { + + private static final Logger log = + org.slf4j.LoggerFactory.getLogger(SpringContextCloseHandler.class); + + private ApplicationContext context; + + /* + * (non-Javadoc) + * + * @see org.springframework.context.ApplicationListener#onApplicationEvent(org. + * springframework.context. ApplicationEvent) + */ + @Override + @EventListener + public void onApplicationEvent(final ContextClosedEvent arg0) { + log.info("MS-specific eIDAS-Node shutdown process started ..."); + + try { + log.debug("CleanUp objects with implements the IDestroyable interface ... "); + final Map objectsToDestroy = + context.getBeansOfType(IDestroyableObject.class); + internalIDestroyableObject(objectsToDestroy); + log.info("Object cleanUp complete"); + + log.debug("Stopping Spring Thread-Pools ... "); + // shut-down task schedulers + final Map schedulers = + context.getBeansOfType(ThreadPoolTaskScheduler.class); + internalThreadPoolTaskScheduler(schedulers); + + // shut-down task executors + final Map executers = + context.getBeansOfType(ThreadPoolTaskExecutor.class); + internalThreadPoolTaskExecutor(executers); + log.debug("Spring Thread-Pools stopped"); + + + //clean-up eIDAS node + Map nodeIgnite = + context.getBeansOfType(IgniteInstanceInitializerSpecificCommunication.class); + log.info("Find #{} Apache Ignite instances from eIDAS Ref. impl.", nodeIgnite.size()); + for (Entry el : nodeIgnite.entrySet()) { + if (el.getValue().getInstance() != null) { + el.getValue().getInstance().close(); + el.getValue().destroyInstance(); + log.debug("Shutdown Apache-Ignite: {}", el.getKey()); + + } + } + + log.info("MS-specific eIDAS-Node shutdown process finished"); + + } catch (final Exception e) { + log.warn("MS-specific eIDAS-Node shutdown process has an error.", e); + + } + + } + + /* + * (non-Javadoc) + * + * @see org.springframework.beans.factory.config.BeanPostProcessor# + * postProcessAfterInitialization(java. lang.Object, java.lang.String) + */ + @Override + public Object postProcessAfterInitialization(final Object arg0, final String arg1) + throws BeansException { + if (arg0 instanceof ThreadPoolTaskScheduler) { + ((ThreadPoolTaskScheduler) arg0).setWaitForTasksToCompleteOnShutdown(true); + } + if (arg0 instanceof ThreadPoolTaskExecutor) { + ((ThreadPoolTaskExecutor) arg0).setWaitForTasksToCompleteOnShutdown(true); + } + return arg0; + + } + + /* + * (non-Javadoc) + * + * @see org.springframework.beans.factory.config.BeanPostProcessor# + * postProcessBeforeInitialization(java .lang.Object, java.lang.String) + */ + @Override + public Object postProcessBeforeInitialization(final Object arg0, final String arg1) + throws BeansException { + return arg0; + + } + + /* + * (non-Javadoc) + * + * @see + * org.springframework.context.ApplicationContextAware#setApplicationContext(org + * .springframework. context.ApplicationContext) + */ + @Override + public void setApplicationContext(final ApplicationContext arg0) throws BeansException { + this.context = arg0; + + } + + private void internalThreadPoolTaskExecutor(final Map executers) { + for (final ThreadPoolTaskExecutor executor : executers.values()) { + // Not needed yet + // int retryCount = 0; + // while(executor.getActiveCount()>0 && ++retryCount<51){ + // try { + // log.debug("Executer {} is still working with active {} work. Retry count is + // {}", + // executor.getThreadNamePrefix(), + // executor.getActiveCount(), + // retryCount); + // Thread.sleep(1000); + // + // } catch (final InterruptedException e) { + // e.printStackTrace(); + // } + // } + // + // if(!(retryCount<51)) + // log.debug("Executer {} is still working. Since Retry count exceeded max value + // {}, will be + // killed immediately", + // executor.getThreadNamePrefix(), + // retryCount); + + executor.shutdown(); + log.debug("Executer {} with active {} work has killed", executor.getThreadNamePrefix(), + executor.getActiveCount()); + + } + + } + + // Not required at the moment + private void internalThreadPoolTaskScheduler( + final Map schedulers) { + log.trace("Stopping #{} task-schedulers", schedulers.size()); + + // for (final ThreadPoolTaskScheduler scheduler : schedulers.values()) { + // scheduler.getScheduledExecutor().shutdown(); + // try { + // scheduler.getScheduledExecutor().awaitTermination(20000, + // TimeUnit.MILLISECONDS); + // if(scheduler.getScheduledExecutor().isTerminated() || + // scheduler.getScheduledExecutor().isShutdown()) + // log.debug("Scheduler {} has stoped", scheduler.getThreadNamePrefix()); + // + // else{ + // log.debug("Scheduler {} has not stoped normally and will be shut down + // immediately", + // scheduler.getThreadNamePrefix()); + // scheduler.getScheduledExecutor().shutdownNow(); + // log.info("Scheduler {} has shut down immediately", + // scheduler.getThreadNamePrefix()); + // + // } + // + // } catch (final IllegalStateException e) { + // e.printStackTrace(); + // + // } catch (final InterruptedException e) { + // e.printStackTrace(); + // + // } finally { + // scheduler.shutdown(); + // + // } + // } + + } + + private void internalIDestroyableObject(final Map objectsToDestroy) { + if (objectsToDestroy != null) { + final Iterator> interator = + objectsToDestroy.entrySet().iterator(); + while (interator.hasNext()) { + final Entry object = interator.next(); + try { + object.getValue().fullyDestroy(); + log.debug("Object with ID: {} is destroyed", object.getKey()); + + } catch (final Exception e) { + log.warn("Destroing object with ID: {} FAILED!", object.getKey(), null, e); + + } + } + } + + } + +} diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/config/StaticResourceConfiguration.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/config/StaticResourceConfiguration.java index 2a10031b..a1e953f1 100644 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/config/StaticResourceConfiguration.java +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/config/StaticResourceConfiguration.java @@ -24,6 +24,7 @@ package at.asitplus.eidas.specific.connector.config; import java.net.MalformedURLException; +import java.util.List; import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; @@ -35,11 +36,11 @@ import org.springframework.context.support.ReloadableResourceBundleMessageSource import org.springframework.web.servlet.config.annotation.EnableWebMvc; import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; -import org.springframework.web.servlet.i18n.CookieLocaleResolver; import org.thymeleaf.templateresolver.FileTemplateResolver; import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.api.logging.IMessageSourceLocation; import at.gv.egiz.eaaf.core.impl.utils.FileUtils; /** @@ -90,43 +91,63 @@ public class StaticResourceConfiguration implements WebMvcConfigurer { } /** - * Internal i18n message source. - * + * Get a message source with only internal message properties. + * + * @param ressourceLocations List of source-locations * @return */ @Bean - public ReloadableResourceBundleMessageSource internalMessageSource() { - final ReloadableResourceBundleMessageSource messageSource = new ReloadableResourceBundleMessageSource(); + public ReloadableResourceBundleMessageSource internalMessageSource( + @Autowired(required = false) final List ressourceLocations) { + final ReloadableResourceBundleMessageSource messageSource = + new ReloadableResourceBundleMessageSource(); // add default message source messageSource.setBasename(DEFAULT_MESSAGE_SOURCE); + + if (ressourceLocations != null) { + // load more message sources + for (final IMessageSourceLocation el : ressourceLocations) { + if (el.getMessageSourceLocation() != null) { + for (final String source : el.getMessageSourceLocation()) { + messageSource.addBasenames(source); + log.debug("Add additional messageSources: {}", el.getMessageSourceLocation().toArray()); + + } + } + } + } + messageSource.setDefaultEncoding("UTF-8"); return messageSource; } /** - * External i18n message source. - * + * Get full message source with internal and external message-properties files. + * + * @param ressourceLocations List of source-locations * @return */ @Bean - public ReloadableResourceBundleMessageSource messageSource() { - final ReloadableResourceBundleMessageSource messageSource = new ReloadableResourceBundleMessageSource(); + public ReloadableResourceBundleMessageSource messageSource( + @Autowired(required = false) final List ressourceLocations) { + final ReloadableResourceBundleMessageSource messageSource = + new ReloadableResourceBundleMessageSource(); messageSource.setDefaultEncoding("UTF-8"); - messageSource.setParentMessageSource(internalMessageSource()); + messageSource.setParentMessageSource(internalMessageSource(ressourceLocations)); - final String staticResources = basicConfig.getBasicConfiguration( - MsEidasNodeConstants.PROP_CONFIG_WEBCONTENT_PROPERTIES_PATH); + final String staticResources = basicConfig + .getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_WEBCONTENT_PROPERTIES_PATH); try { if (StringUtils.isNotEmpty(staticResources)) { - final String absPath = FileUtils.makeAbsoluteUrl(staticResources, basicConfig - .getConfigurationRootDirectory()); + final String absPath = + FileUtils.makeAbsoluteUrl(staticResources, basicConfig.getConfigurationRootDirectory()); messageSource.setBasename(absPath); - messageSource.setFallbackToSystemLocale(false); } else { log.debug("No Ressourcefolder for dynamic Web content templates"); + } } catch (final MalformedURLException e) { @@ -137,40 +158,28 @@ public class StaticResourceConfiguration implements WebMvcConfigurer { return messageSource; } - + /** - * Cookie based i18n language selector. - * - * @return - */ - @Bean - public CookieLocaleResolver localeResolver() { - final CookieLocaleResolver localeResolver = new CookieLocaleResolver(); - localeResolver.setCookieName("currentLanguage"); - localeResolver.setCookieMaxAge(3600); - return localeResolver; - } - - - /** - * Thymeleaf based template resolver. - * + * Get a Tyhmeleaf Template-Resolver with external configuration path. + * * @return */ @Bean(name = "templateResolver") public FileTemplateResolver templateResolver() { - final String staticResources = basicConfig.getBasicConfiguration( - MsEidasNodeConstants.PROP_CONFIG_WEBCONTENT_TEMPLATES_PATH); + final String staticResources = basicConfig + .getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_WEBCONTENT_TEMPLATES_PATH); try { if (StringUtils.isNotEmpty(staticResources)) { - String absPath = FileUtils.makeAbsoluteUrl(staticResources, basicConfig - .getConfigurationRootDirectory()); + String absPath = + FileUtils.makeAbsoluteUrl(staticResources, basicConfig.getConfigurationRootDirectory()); if (!absPath.endsWith("/")) { absPath += "/"; + } if (absPath.startsWith("file:")) { absPath = absPath.substring("file:".length()); + } final FileTemplateResolver viewResolver = new FileTemplateResolver(); @@ -179,11 +188,12 @@ public class StaticResourceConfiguration implements WebMvcConfigurer { viewResolver.setTemplateMode("HTML"); viewResolver.setCacheable(false); - log.info("Add Ressourcefolder: " + absPath + " for dynamic Web content templates"); + log.info("Add Ressourcefolder: {} for dynamic Web content templates", absPath); return viewResolver; } else { log.debug("No Ressourcefolder for dynamic Web content templates"); + } } catch (final MalformedURLException e) { @@ -191,8 +201,7 @@ public class StaticResourceConfiguration implements WebMvcConfigurer { } - // TODO: implement some backup solution - return null; + throw new RuntimeException("Can NOT initialize HTML template resolver"); } } diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/storage/SimpleInMemoryTransactionStorage.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/storage/SimpleInMemoryTransactionStorage.java index 26d442cb..3bda2932 100644 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/storage/SimpleInMemoryTransactionStorage.java +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/storage/SimpleInMemoryTransactionStorage.java @@ -33,13 +33,11 @@ import java.util.concurrent.ConcurrentHashMap; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import org.springframework.stereotype.Service; import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage; import at.gv.egiz.eaaf.core.exceptions.EaafException; import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; -@Service("SimpleInMemoryTransactionStorage") public class SimpleInMemoryTransactionStorage implements ITransactionStorage { private static final Logger log = LoggerFactory.getLogger(SimpleInMemoryTransactionStorage.class); diff --git a/connector/src/main/resources/application.properties b/connector/src/main/resources/application.properties new file mode 100644 index 00000000..2cb0c83a --- /dev/null +++ b/connector/src/main/resources/application.properties @@ -0,0 +1,144 @@ +## Set Spring-Boot profile-configuration to 2.3 style +spring.config.use-legacy-processing=true + +## ApplicationServer configuration +server.servlet.contextPath=/ms_connector +#server.port=7080 + +app.build.artifactId=ms_connector + + +############################################################################# +## SpringBoot Admin client +spring.boot.admin.client.enabled=false + + +############################################################################# +## MS-speccific eIDAS-Connector configuration +#proxy.context.url.prefix= +eidas.ms.context.url.request.validation=false +#proxy.configRootDir=file:/.../config/ +eidas.ms.context.use.clustermode=true + + +##Monitoring +eidas.ms.monitoring.eIDASNode.metadata.url= + + +##Specific logger configuration +eidas.ms.technicallog.write.MDS.into.techlog=true +eidas.ms.revisionlog.write.MDS.into.revisionlog=true +eidas.ms.revisionlog.logIPAddressOfUser=true + + +##Directory for static Web content +eidas.ms.webcontent.static.directory=webcontent/ +eidas.ms.webcontent.templates=templates/ +eidas.ms.webcontent.properties=properties/messages +eidas.ms.webcontent.templates.countryselection=countrySelection.html + + +## extended validation of pending-request Id's +eidas.ms.core.pendingrequestid.maxlifetime=300 +eidas.ms.core.pendingrequestid.digist.algorithm=HmacSHA256 +#eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret + + +## eIDAS Ref. Implementation connector ### +eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector +#eidas.ms.auth.eIDAS.node_v2.forward.endpoint= +eidas.ms.auth.eIDAS.node_v2.forward.method=POST +eidas.ms.auth.eIDAS.node_v2.countrycode=AT +eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=.* +eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName=true +eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier=true +eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs=true + +eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/substantial + +#eidas.ms.auth.eIDAS.szrclient.useTestService=true +#eidas.ms.auth.eIDAS.szrclient.endpoint.prod= +#eidas.ms.auth.eIDAS.szrclient.endpoint.test=http://localhost:1234/demoszr +#eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.path=keys/junit.jks +#eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.password=password +#eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.path= +#eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.password= +eidas.ms.auth.eIDAS.szrclient.timeout.connection=15 +eidas.ms.auth.eIDAS.szrclient.timeout.response=30 +eidas.ms.auth.eIDAS.szrclient.params.vkz= + +eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation=false + + +# tech. AuthBlock signing for E-ID process +#eidas.ms.auth.eIDAS.authblock.keystore.password=f/+saJBc3a}*/T^s +#eidas.ms.auth.eIDAS.authblock.keystore.friendlyName=connectorkeypair +#eidas.ms.auth.eIDAS.authblock.keystore.path=keys/teststore.jks +#eidas.ms.auth.eIDAS.authblock.keystore.type=jks +#eidas.ms.auth.eIDAS.authblock.key.alias=connectorkeypair +#eidas.ms.auth.eIDAS.authblock.key.password=f/+saJBc3a}*/T^s + + +#Raw eIDAS Id data storage +eidas.ms.auth.eIDAS.szrclient.workarounds.eidmapping.revisionlog.active=true + +eidas.ms.auth.eIDAS.szrclient.params.setPlaceOfBirthIfAvailable=true +eidas.ms.auth.eIDAS.szrclient.params.setBirthNameIfAvailable=true + +eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=false +eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=false + +##without mandates +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.0=PersonIdentifier,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.1=FamilyName,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.2=FirstName,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.3=DateOfBirth,true + +eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.4=PlaceOfBirth,false +eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.5=BirthName,false +eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.6=Gender,false +eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.7=CurrentAddress,false + +##with mandates ---- NOT FULLY SUPPORTED AT THE MOMENT ----- +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.0=PersonIdentifier,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.1=FamilyName,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.2=FirstName,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.3=DateOfBirth,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.4=LegalPerson,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.5=LegalName,true + + +## PVP2 S-Profile end-point configuration +#eidas.ms.pvp2.keystore.type=jks +#eidas.ms.pvp2.keystore.path=keys/junit.jks +#eidas.ms.pvp2.keystore.password=password +#eidas.ms.pvp2.key.metadata.alias=meta +#eidas.ms.pvp2.key.metadata.password=password +#eidas.ms.pvp2.key.signing.alias=sig +#eidas.ms.pvp2.key.signing.password=password +#eidas.ms.pvp2.metadata.validity=24 + +#eidas.ms.pvp2.metadata.organisation.name=JUnit +#eidas.ms.pvp2.metadata.organisation.friendyname=For testing with jUnit +#eidas.ms.pvp2.metadata.organisation.url=http://junit.test +#eidas.ms.pvp2.metadata.contact.givenname=Max +#eidas.ms.pvp2.metadata.contact.surname=Mustermann +#eidas.ms.pvp2.metadata.contact.email=max@junit.test + + +## Service Provider configuration +#eidas.ms.sp.0.uniqueID=https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata +#eidas.ms.sp.0.pvp2.metadata.truststore=keys/junit.jks +#eidas.ms.sp.0.pvp2.metadata.truststore.password=password +#eidas.ms.sp.0.friendlyName=jUnit test +#eidas.ms.sp.0.pvp2.metadata.url= +#eidas.ms.sp.0.policy.allowed.requested.targets=.* +#eidas.ms.sp.0.policy.hasBaseIdTransferRestriction=false + + +##only for advanced config +eidas.ms.configuration.sp.disableRegistrationRequirement= +#eidas.ms.configuration.restrictions.baseID.spTransmission= +eidas.ms.configuration.auth.default.countrycode= +eidas.ms.configuration.pvp.scheme.validation= +eidas.ms.configuration.pvp.enable.entitycategories= \ No newline at end of file diff --git a/connector/src/main/resources/applicationContext.xml b/connector/src/main/resources/applicationContext.xml index 76682a2e..8a21e68f 100644 --- a/connector/src/main/resources/applicationContext.xml +++ b/connector/src/main/resources/applicationContext.xml @@ -14,10 +14,14 @@ http://www.springframework.org/schema/tx/spring-tx.xsd"> - + + + @@ -27,13 +31,24 @@ + + + + - + + + + + + diff --git a/connector/src/main/resources/log4j.properties b/connector/src/main/resources/log4j.properties deleted file mode 100644 index 81e54aae..00000000 --- a/connector/src/main/resources/log4j.properties +++ /dev/null @@ -1,55 +0,0 @@ -# commons-logging setup -org.apache.commons.logging.LogFactory=org.apache.commons.logging.impl.Log4jFactory - -# define log4j root loggers -log4j.rootLogger=info,stdout, console - -log4j.logger.at.gv.egiz.eaaf=info, msnode -log4j.logger.at.gv.egiz.eidas.specific=info, msnode -log4j.logger.at.gv.egiz.eidas.specific.connector.logger.RevisionLogger=info, reversion -log4j.logger.at.gv.egiz.eidas.specific.connector.logger.StatisticLogger=info, statistic -log4j.logger.eu.eidas=info, EIDASNODE - -log4j.additivity.at.gv.egiz.eidas.specific=false -log4j.additivity.at.gv.egiz.eidas.specific.connector.logger.RevisionLogger=false -log4j.additivity.at.gv.egiz.eidas.specific.connector.logger.StatisticLogger=false -log4j.additivity.eu.eidas=false - -log4j.appender.console=org.apache.log4j.ConsoleAppender -log4j.appender.console.layout=org.apache.log4j.PatternLayout -log4j.appender.console.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %20c | %10t | %m%n - -log4j.appender.stdout=org.apache.log4j.RollingFileAppender -log4j.appender.stdout.File=${catalina.base}/logs/console.log -log4j.appender.stdout.MaxFileSize=10000KB -log4j.appender.stdout.MaxBackupIndex=9999 -log4j.appender.stdout.layout=org.apache.log4j.PatternLayout -log4j.appender.stdout.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n - -log4j.appender.msnode=org.apache.log4j.RollingFileAppender -log4j.appender.msnode.File=${catalina.base}/logs/eidas-ms-reversion.log -log4j.appender.msnode.MaxFileSize=10000KB -log4j.appender.msnode.MaxBackupIndex=9999 -log4j.appender.msnode.layout=org.apache.log4j.PatternLayout -log4j.appender.msnode.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n - -log4j.appender.reversion=org.apache.log4j.RollingFileAppender -log4j.appender.reversion.File=${catalina.base}/logs/eidas-ms-reversion.log -log4j.appender.reversion.MaxFileSize=10000KB -log4j.appender.reversion.MaxBackupIndex=9999 -log4j.appender.reversion.layout=org.apache.log4j.PatternLayout -log4j.appender.reversion.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n - -log4j.appender.statistic=org.apache.log4j.RollingFileAppender -log4j.appender.statistic.File=${catalina.base}/logs/eidas-ms-statistic.log -log4j.appender.statistic.MaxFileSize=10000KB -log4j.appender.statistic.MaxBackupIndex=9999 -log4j.appender.statistic.layout=org.apache.log4j.PatternLayout -log4j.appender.statistic.layout.ConversionPattern=%m%n - -log4j.appender.EIDASNODE=org.apache.log4j.RollingFileAppender -log4j.appender.EIDASNODE.File=${catalina.base}/logs/eIDAS_node.log -log4j.appender.EIDASNODE.MaxFileSize=10000KB -log4j.appender.EIDASNODE.MaxBackupIndex=9999 -log4j.appender.EIDASNODE.layout=org.apache.log4j.PatternLayout -log4j.appender.EIDASNODE.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n \ No newline at end of file diff --git a/connector/src/main/resources/logback.xml b/connector/src/main/resources/logback.xml index a0a9995e..7aa2d0cc 100644 --- a/connector/src/main/resources/logback.xml +++ b/connector/src/main/resources/logback.xml @@ -11,14 +11,14 @@ - ${catalina.base}/logs/eidas-ms-reversion.log + logs/eidas-ms-specific.log %5p | %d{dd HH:mm:ss,SSS} | %t | %m%n 9999 - ${catalina.base}/logs/eidas-ms-reversion.log.%i + logs/eidas-ms-specific.log.%i - ${catalina.base}/logs/eIDAS_node.log + logs/eIDAS_node.log %5p | %d{dd HH:mm:ss,SSS} | %t | %m%n 9999 - ${catalina.base}/logs/eIDAS_node.log.%i + logs/eIDAS_node.log.%i - ${catalina.base}/logs/eidas-ms-reversion.log + logs/eidas-ms-reversion.log %5p | %d{dd HH:mm:ss,SSS} | %t | %m%n 9999 - ${catalina.base}/logs/eidas-ms-reversion.log.%i + logs/eidas-ms-reversion.log.%i - ${catalina.base}/logs/eidas-ms-statistic.log + logs/eidas-ms-statistic.log %m%n 9999 - ${catalina.base}/logs/eidas-ms-statistic.log.%i + logs/eidas-ms-statistic.log.%i - ${catalina.base}/logs/console.log + logs/console.log %5p | %d{dd HH:mm:ss,SSS} | %t | %m%n 9999 - ${catalina.base}/logs/console.log.%i + logs/console.log.%i - - - + - - @@ -43,7 +41,7 @@ - @@ -96,17 +94,6 @@ - - - - - - - - - - diff --git a/connector/src/main/resources/tomcat.properties b/connector/src/main/resources/tomcat.properties new file mode 100644 index 00000000..38ab5a64 --- /dev/null +++ b/connector/src/main/resources/tomcat.properties @@ -0,0 +1,15 @@ +tomcat.ajp.enabled=true +#tomcat.ajp.port=41009 +#tomcat.ajp.additionalAttributes.secretrequired=true +#tomcat.ajp.additionalAttributes.secret= + +server.tomcat.accesslog.buffered=false +server.tomcat.accesslog.prefix=tomcat-access_log +server.tomcat.accesslog.directory=logs/ +server.tomcat.accesslog.enabled=true +server.tomcat.accesslog.file-date-format=.yyyy-MM-dd +server.tomcat.accesslog.pattern=common +server.tomcat.accesslog.rename-on-rotate=false +server.tomcat.accesslog.request-attributes-enabled=true +server.tomcat.accesslog.rotate=true +server.tomcat.accesslog.suffix=.log \ No newline at end of file diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthenticationDataBuilderTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthenticationDataBuilderTest.java deleted file mode 100644 index 316dcb5f..00000000 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthenticationDataBuilderTest.java +++ /dev/null @@ -1,352 +0,0 @@ -package at.asitplus.eidas.specific.connector.test; - -import static at.asitplus.eidas.specific.connector.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE; - -import java.io.IOException; -import java.security.PublicKey; -import java.util.Date; -import java.util.HashMap; -import java.util.Map; - -import javax.xml.transform.TransformerException; - -import org.apache.commons.lang3.RandomStringUtils; -import org.junit.Assert; -import org.junit.Before; -import org.junit.BeforeClass; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.opensaml.core.config.InitializationException; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.i18n.LocaleContextHolder; -import org.springframework.mock.web.MockHttpServletRequest; -import org.springframework.mock.web.MockHttpServletResponse; -import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -import org.springframework.test.context.web.WebAppConfiguration; -import org.springframework.web.context.request.RequestContextHolder; -import org.springframework.web.context.request.ServletRequestAttributes; -import org.w3c.dom.Element; - -import at.asitplus.eidas.specific.connector.builder.AuthenticationDataBuilder; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; -import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; -import at.gv.egiz.eaaf.core.api.data.EaafConstants; -import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions; -import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; -import at.gv.egiz.eaaf.core.api.idp.IAuthData; -import at.gv.egiz.eaaf.core.api.idp.IConfiguration; -import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink; -import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException; -import at.gv.egiz.eaaf.core.exceptions.EaafBuilderException; -import at.gv.egiz.eaaf.core.exceptions.EaafParserException; -import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; -import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BpkBuilder; -import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; -import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser; -import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration; -import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; -import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer; -import net.shibboleth.utilities.java.support.component.ComponentInitializationException; - -@RunWith(SpringJUnit4ClassRunner.class) -@ContextConfiguration({ "/applicationContext.xml", "/SpringTest_connector.beans.xml", "/eaaf_core.beans.xml", - "/eaaf_pvp.beans.xml", "/eaaf_pvp_idp.beans.xml", "/spring/SpringTest-context_simple_storage.xml" }) -@WebAppConfiguration -public class AuthenticationDataBuilderTest { - - @Autowired - private AuthenticationDataBuilder authenticationDataBuilder; - - @Autowired(required = true) - private IConfiguration basicConfig; - - private MockHttpServletRequest httpReq; - private MockHttpServletResponse httpResp; - private TestRequestImpl pendingReq; - - private DummySpConfiguration oaParam; - - private String eidasBind; - private String authBlock; - - @BeforeClass - public static void classInitializer() throws InitializationException, ComponentInitializationException { - final String current = new java.io.File(".").toURI().toString(); - System.setProperty("eidas.ms.configuration", current - + "src/test/resources/config/junit_config_3.properties"); - - EaafOpenSaml3xInitializer.eaafInitialize(); - } - - @Before - public void initialize() throws EaafStorageException { - httpReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector"); - httpResp = new MockHttpServletResponse(); - RequestContextHolder.resetRequestAttributes(); - RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); - - final Map spConfig = new HashMap<>(); - spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp"); - spConfig.put("target", "urn:publicid:gv.at:cdid+XX"); - spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "true"); - oaParam = new DummySpConfiguration(spConfig, basicConfig); - - pendingReq = new TestRequestImpl(); - pendingReq.setAuthUrl("https://localhost/ms_connector"); - pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10)); - pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10)); - pendingReq.setSpConfig(oaParam); - authBlock = RandomStringUtils.randomAlphanumeric(20); - eidasBind = RandomStringUtils.randomAlphanumeric(20); - pendingReq.getSessionData(AuthProcessDataWrapper.class) - .setGenericDataToSession(Constants.SZR_AUTHBLOCK, authBlock); - pendingReq.getSessionData(AuthProcessDataWrapper.class) - .setGenericDataToSession(Constants.EIDAS_BIND, eidasBind); - pendingReq.getSessionData(AuthProcessDataWrapper.class) - .setQaaLevel(EaafConstants.EIDAS_LOA_PREFIX + RandomStringUtils.randomAlphabetic(5)); - pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( - PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, - RandomStringUtils.randomAlphabetic(2)); - - LocaleContextHolder.resetLocaleContext(); - - } - - @Test - public void eidMode() throws EaafAuthenticationException { - // initialize state - pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(true); - - // execute - IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq); - - // validate state - Assert.assertNotNull("AuthData null", authData); - Assert.assertNotNull("authBlock null", authData.getGenericData(Constants.SZR_AUTHBLOCK, String.class)); - Assert.assertNotNull("eidasBind null", authData.getGenericData(Constants.EIDAS_BIND, String.class)); - Assert.assertNotNull("LoA null", authData.getEidasQaaLevel()); - - String authBlock = authData.getGenericData(Constants.SZR_AUTHBLOCK, String.class); - String eidasBind = authData.getGenericData(Constants.EIDAS_BIND, String.class); - - Assert.assertEquals("authBlock not equal", this.authBlock, authBlock); - Assert.assertEquals("eidasBind not equal", this.eidasBind, eidasBind); - Assert.assertEquals("piiTransactionId", - authData.getGenericData(ExtendedPvpAttributeDefinitions.EID_PII_TRANSACTION_ID_NAME, String.class), - this.pendingReq.getUniquePiiTransactionIdentifier()); - Assert.assertNotNull("assertion validTo", authData.getSsoSessionValidTo()); - Assert.assertEquals("LoA", pendingReq.getSessionData(AuthProcessDataWrapper.class).getQaaLevel(), - authData.getEidasQaaLevel()); - Assert.assertEquals("EID-ISSUING-NATION", - pendingReq.getSessionData(AuthProcessDataWrapper.class).getGenericDataFromSession( - PvpAttributeDefinitions.EID_ISSUING_NATION_NAME), - authData.getCiticenCountryCode()); - - Assert.assertNull("bPK", authData.getBpk()); - Assert.assertNull("bPKType", authData.getBpkType()); - Assert.assertNull("FamilyName", authData.getFamilyName()); - Assert.assertNull("GivenName", authData.getGivenName()); - Assert.assertNull("DateOfBirth", authData.getDateOfBirth()); - Assert.assertNull("baseId", authData.getIdentificationValue()); - Assert.assertNull("baseIdType", authData.getIdentificationType()); - Assert.assertNull("IDL", authData.getIdentityLink()); - - } - - @Test - public void moaIdMode() throws EaafAuthenticationException, EaafBuilderException { - //initialize state - pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(false); - IIdentityLink idl = buildDummyIdl(); - pendingReq.getSessionData(AuthProcessDataWrapper.class).setIdentityLink(idl); - - //execute - IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq); - - //validate state - Assert.assertNotNull("AuthData null", authData); - Assert.assertNull("authBlock null", authData.getGenericData(Constants.SZR_AUTHBLOCK, String.class)); - Assert.assertNull("eidasBind null", authData.getGenericData(Constants.EIDAS_BIND, String.class)); - Assert.assertNull("piiTransactionId", - authData.getGenericData(ExtendedPvpAttributeDefinitions.EID_PII_TRANSACTION_ID_NAME, String.class)); - - - Assert.assertNotNull("assertion validTo", authData.getSsoSessionValidTo()); - Assert.assertNotNull("LoA null", authData.getEidasQaaLevel()); - Assert.assertEquals("LoA", pendingReq.getSessionData(AuthProcessDataWrapper.class).getQaaLevel(), - authData.getEidasQaaLevel()); - Assert.assertEquals("EID-ISSUING-NATION", - pendingReq.getSessionData(AuthProcessDataWrapper.class).getGenericDataFromSession( - PvpAttributeDefinitions.EID_ISSUING_NATION_NAME), - authData.getCiticenCountryCode()); - - Assert.assertEquals("FamilyName", idl.getFamilyName(), authData.getFamilyName()); - Assert.assertEquals("GivenName", idl.getGivenName(), authData.getGivenName()); - Assert.assertEquals("DateOfBirth", idl.getDateOfBirth(), authData.getFormatedDateOfBirth()); - Assert.assertEquals("bPK", - BpkBuilder.generateAreaSpecificPersonIdentifier( - idl.getIdentificationValue(), EaafConstants.URN_PREFIX_CDID + "XX").getFirst(), - authData.getBpk()); - Assert.assertEquals("bPKType", EaafConstants.URN_PREFIX_CDID + "XX", authData.getBpkType()); - Assert.assertNotNull("IDL", authData.getIdentityLink()); - - - } - - private IIdentityLink buildDummyIdl() { - return new IIdentityLink() { - - String familyName = RandomStringUtils.randomAlphabetic(10); - String givenName = RandomStringUtils.randomAlphabetic(10); - String dateOfBirth = "1955-02-03"; - String baseId = RandomStringUtils.randomAlphanumeric(20); - String saml2Serialized = RandomStringUtils.randomAlphanumeric(150); - - - - @Override - public void setSamlAssertion(Element arg0) throws TransformerException, IOException { - - } - - @Override - public void setPublicKey(PublicKey[] arg0) { - // TODO Auto-generated method stub - - } - - @Override - public void setPrPerson(Element arg0) { - // TODO Auto-generated method stub - - } - - @Override - public void setIssueInstant(String arg0) { - // TODO Auto-generated method stub - - } - - @Override - public void setIdentificationValue(String arg0) { - // TODO Auto-generated method stub - - } - - @Override - public void setIdentificationType(String arg0) { - // TODO Auto-generated method stub - - } - - @Override - public void setGivenName(String arg0) { - // TODO Auto-generated method stub - - } - - @Override - public void setFamilyName(String arg0) { - // TODO Auto-generated method stub - - } - - @Override - public void setDsigReferenceTransforms(Element[] arg0) { - // TODO Auto-generated method stub - - } - - @Override - public void setDateOfBirth(String arg0) { - // TODO Auto-generated method stub - - } - - @Override - public String getSerializedSamlAssertion() { - return this.saml2Serialized; - } - - @Override - public Element getSamlAssertion() { - IIdentityLink fullIdl; - try { - fullIdl = new SimpleIdentityLinkAssertionParser( - AuthenticationDataBuilderTest.class.getResourceAsStream("/data/test_idl_1.xml")).parseIdentityLink(); - return fullIdl.getSamlAssertion(); - - } catch (EaafParserException e) { - e.printStackTrace(); - } - - return null; - - } - - @Override - public PublicKey[] getPublicKey() { - // TODO Auto-generated method stub - return null; - } - - @Override - public Element getPrPerson() { - // TODO Auto-generated method stub - return null; - } - - @Override - public String getName() { - // TODO Auto-generated method stub - return null; - } - - @Override - public Date getIssueInstantDate() { - // TODO Auto-generated method stub - return null; - } - - @Override - public String getIssueInstant() { - // TODO Auto-generated method stub - return null; - } - - @Override - public String getIdentificationValue() { - return this.baseId; - } - - @Override - public String getIdentificationType() { - return EaafConstants.URN_PREFIX_BASEID; - } - - @Override - public String getGivenName() { - return this.givenName; - } - - @Override - public String getFamilyName() { - return this.familyName; - } - - @Override - public Element[] getDsigReferenceTransforms() { - // TODO Auto-generated method stub - return null; - } - - @Override - public String getDateOfBirth() { - return this.dateOfBirth; - - } - }; - } - -} diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthnRequestValidatorTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthnRequestValidatorTest.java deleted file mode 100644 index 389f561e..00000000 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/AuthnRequestValidatorTest.java +++ /dev/null @@ -1,329 +0,0 @@ -package at.asitplus.eidas.specific.connector.test; - -import java.io.IOException; -import java.util.HashMap; -import java.util.Map; - -import javax.xml.parsers.ParserConfigurationException; - -import org.apache.commons.lang3.RandomStringUtils; -import org.junit.Assert; -import org.junit.Before; -import org.junit.BeforeClass; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.opensaml.core.config.InitializationException; -import org.opensaml.core.xml.io.Unmarshaller; -import org.opensaml.core.xml.io.UnmarshallingException; -import org.opensaml.core.xml.util.XMLObjectSupport; -import org.opensaml.saml.saml2.core.AuthnRequest; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.mock.web.MockHttpServletRequest; -import org.springframework.mock.web.MockHttpServletResponse; -import org.springframework.test.annotation.DirtiesContext; -import org.springframework.test.annotation.DirtiesContext.ClassMode; -import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -import org.springframework.test.context.web.WebAppConfiguration; -import org.springframework.web.context.request.RequestContextHolder; -import org.springframework.web.context.request.ServletRequestAttributes; -import org.w3c.dom.Element; -import org.xml.sax.SAXException; - -import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; -import at.asitplus.eidas.specific.connector.config.ServiceProviderConfiguration; -import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; -import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; -import at.gv.egiz.eaaf.core.exceptions.AuthnRequestValidatorException; -import at.gv.egiz.eaaf.core.exceptions.EaafException; -import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl; -import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; -import at.gv.egiz.eaaf.core.impl.utils.DomUtils; -import at.gv.egiz.eaaf.modules.pvp2.api.validation.IAuthnRequestPostProcessor; -import at.gv.egiz.eaaf.modules.pvp2.idp.impl.PvpSProfilePendingRequest; -import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer; -import net.shibboleth.utilities.java.support.component.ComponentInitializationException; - -@RunWith(SpringJUnit4ClassRunner.class) -@ContextConfiguration({ - "/applicationContext.xml", - "/specific_eIDAS_connector.beans.xml", - "/eaaf_core.beans.xml", - "/eaaf_pvp.beans.xml", - "/eaaf_pvp_idp.beans.xml", - "/spring/SpringTest-context_simple_storage.xml" }) -@WebAppConfiguration -@DirtiesContext(classMode = ClassMode.BEFORE_CLASS) -public class AuthnRequestValidatorTest { - - @Autowired private IConfigurationWithSP basicConfig; - @Autowired protected IAuthnRequestPostProcessor authRequestValidator; - - private MockHttpServletRequest httpReq; - private MockHttpServletResponse httpResp; - private PvpSProfilePendingRequest pendingReq; - - /** - * jUnit class initializer. - * @throws ComponentInitializationException In case of an error - * @throws InitializationException In case of an error - * - */ - @BeforeClass - public static void classInitializer() throws InitializationException, ComponentInitializationException { - final String current = new java.io.File(".").toURI().toString(); - System.setProperty("eidas.ms.configuration", current + "src/test/resources/config/junit_config_1.properties"); - - EaafOpenSaml3xInitializer.eaafInitialize(); - } - - /** - * jUnit test set-up. - * @throws EaafException - * - */ - @Before - public void initialize() throws EaafException { - httpReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector"); - httpResp = new MockHttpServletResponse(); - RequestContextHolder.resetRequestAttributes(); - RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); - - Map spConfig = new HashMap<>(); - spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphabetic(10)); - - pendingReq = new PvpSProfilePendingRequest(); - pendingReq.initialize(httpReq, basicConfig); - pendingReq.setPendingRequestId(RandomStringUtils.randomAlphanumeric(10)); - pendingReq.setOnlineApplicationConfiguration(new ServiceProviderConfiguration(spConfig, basicConfig)); - ((RequestImpl)pendingReq).setUniqueTransactionIdentifier(null); - - } - - @Test - public void loaLowRequested() throws AuthnRequestValidatorException, ParserConfigurationException, - SAXException, IOException, UnmarshallingException { - AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_1.xml"); - - //test - authRequestValidator.process(httpReq, pendingReq, authReq, null); - - //validate - Assert.assertNotNull("spEntityId is null", pendingReq.getRawData(MsEidasNodeConstants.DATA_REQUESTERID)); - Assert.assertEquals("SP EntityId not match", - "https://demo.egiz.gv.at/demoportal-openID_demo", - pendingReq.getRawData(MsEidasNodeConstants.DATA_REQUESTERID)); - - Assert.assertNotNull("SP ProviderName is null", pendingReq.getRawData(MsEidasNodeConstants.DATA_PROVIDERNAME)); - Assert.assertEquals("SP ProviderName not match", - "OpenID Connect Demo", - pendingReq.getRawData(MsEidasNodeConstants.DATA_PROVIDERNAME)); - - Assert.assertNotNull("Requested SP LoA is null", - pendingReq.getServiceProviderConfiguration().getRequiredLoA()); - Assert.assertFalse("Requested SP LoA is null", - pendingReq.getServiceProviderConfiguration().getRequiredLoA().isEmpty()); - Assert.assertEquals("SP LoA count not match", 1, - pendingReq.getServiceProviderConfiguration().getRequiredLoA().size()); - Assert.assertEquals("SP LoA not match", - "http://eidas.europa.eu/LoA/substantial", - pendingReq.getServiceProviderConfiguration().getRequiredLoA().get(0)); - - Assert.assertNotNull("bPK Target is null", - pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()); - Assert.assertEquals("bPK target not match", "urn:publicid:gv.at:cdid+BF", - pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()); - - Assert.assertNull("wrong transactionId", pendingReq.getUniqueTransactionIdentifier()); - - } - - @Test - public void loaSubstentialRequested() throws AuthnRequestValidatorException, ParserConfigurationException, - SAXException, IOException, UnmarshallingException { - AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_2.xml"); - - //test - authRequestValidator.process(httpReq, pendingReq, authReq, null); - - //validate - Assert.assertNotNull("spEntityId is null", pendingReq.getRawData(MsEidasNodeConstants.DATA_REQUESTERID)); - Assert.assertEquals("SP EntityId not match", - "https://demo.egiz.gv.at/demoportal-openID_demo", - pendingReq.getRawData(MsEidasNodeConstants.DATA_REQUESTERID)); - - Assert.assertNotNull("SP ProviderName is null", pendingReq.getRawData(MsEidasNodeConstants.DATA_PROVIDERNAME)); - Assert.assertEquals("SP ProviderName not match", - "OpenID Connect Demo", - pendingReq.getRawData(MsEidasNodeConstants.DATA_PROVIDERNAME)); - - Assert.assertNotNull("Requested SP LoA is null", - pendingReq.getServiceProviderConfiguration().getRequiredLoA()); - Assert.assertFalse("Requested SP LoA is null", - pendingReq.getServiceProviderConfiguration().getRequiredLoA().isEmpty()); - Assert.assertEquals("SP LoA count not match", 1, - pendingReq.getServiceProviderConfiguration().getRequiredLoA().size()); - Assert.assertEquals("SP LoA not match", - "http://eidas.europa.eu/LoA/substantial", - pendingReq.getServiceProviderConfiguration().getRequiredLoA().get(0)); - - Assert.assertNotNull("bPK Target is null", - pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()); - Assert.assertEquals("bPK target not match", "urn:publicid:gv.at:cdid+BF", - pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()); - - Assert.assertNull("wrong transactionId", pendingReq.getUniqueTransactionIdentifier()); - - } - - @Test - public void loaHighRequested() throws AuthnRequestValidatorException, ParserConfigurationException, - SAXException, IOException, UnmarshallingException { - AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_3.xml"); - - //test - authRequestValidator.process(httpReq, pendingReq, authReq, null); - - //validate - Assert.assertNotNull("spEntityId is null", pendingReq.getRawData(MsEidasNodeConstants.DATA_REQUESTERID)); - Assert.assertEquals("SP EntityId not match", - "https://demo.egiz.gv.at/demoportal-openID_demo", - pendingReq.getRawData(MsEidasNodeConstants.DATA_REQUESTERID)); - - Assert.assertNotNull("SP ProviderName is null", pendingReq.getRawData(MsEidasNodeConstants.DATA_PROVIDERNAME)); - Assert.assertEquals("SP ProviderName not match", - "OpenID Connect Demo", - pendingReq.getRawData(MsEidasNodeConstants.DATA_PROVIDERNAME)); - - Assert.assertNotNull("Requested SP LoA is null", - pendingReq.getServiceProviderConfiguration().getRequiredLoA()); - Assert.assertFalse("Requested SP LoA is null", - pendingReq.getServiceProviderConfiguration().getRequiredLoA().isEmpty()); - Assert.assertEquals("SP LoA count not match", 1, - pendingReq.getServiceProviderConfiguration().getRequiredLoA().size()); - Assert.assertEquals("SP LoA not match", - "http://eidas.europa.eu/LoA/high", - pendingReq.getServiceProviderConfiguration().getRequiredLoA().get(0)); - - Assert.assertNotNull("bPK Target is null", - pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()); - Assert.assertEquals("bPK target not match", "urn:publicid:gv.at:cdid+XX", - pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()); - - Assert.assertEquals("wrong transactionId", "transId_11223344556677aabbcc", - pendingReq.getUniqueTransactionIdentifier()); - - } - - @Test - public void transactionIdWrongPendingReqType() throws AuthnRequestValidatorException, ParserConfigurationException, - SAXException, IOException, UnmarshallingException { - - Map spConfig = new HashMap<>(); - spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphabetic(10)); - - TestRequestImpl pendingReqLocal = new TestRequestImpl(); - pendingReqLocal.setPendingReqId(RandomStringUtils.randomAlphanumeric(10)); - pendingReqLocal.setSpConfig(new ServiceProviderConfiguration(spConfig, basicConfig)); - - AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_3.xml"); - - //test - authRequestValidator.process(httpReq, pendingReqLocal, authReq, null); - - //validate - Assert.assertNull("wrong transactionId", pendingReqLocal.getUniqueTransactionIdentifier()); - - } - - @Test - public void invalidBpkTarget_1() throws ParserConfigurationException, - SAXException, IOException, UnmarshallingException { - AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_4.xml"); - - //test - try { - authRequestValidator.process(httpReq, pendingReq, authReq, null); - Assert.fail("Invalid or missing bPK target not detected"); - - } catch (AuthnRequestValidatorException e) { - Assert.assertEquals("Wrong errorCode", "pvp2.22", e.getErrorId()); - - } - } - - @Test - public void invalidBpkTarget_2() throws ParserConfigurationException, - SAXException, IOException, UnmarshallingException { - AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_5.xml"); - - //test - try { - authRequestValidator.process(httpReq, pendingReq, authReq, null); - Assert.fail("Invalid or missing bPK target not detected"); - - } catch (AuthnRequestValidatorException e) { - Assert.assertEquals("Wrong errorCode", "pvp2.22", e.getErrorId()); - - } - } - - @Test - public void invalidBpkTarget_3() throws ParserConfigurationException, - SAXException, IOException, UnmarshallingException { - AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_6.xml"); - - //test - try { - authRequestValidator.process(httpReq, pendingReq, authReq, null); - Assert.fail("Invalid or missing bPK target not detected"); - - } catch (AuthnRequestValidatorException e) { - Assert.assertEquals("Wrong errorCode", "pvp2.22", e.getErrorId()); - - } - } - - @Test - public void invalidBpkTarget_4() throws ParserConfigurationException, - SAXException, IOException, UnmarshallingException { - AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_7.xml"); - - //test - try { - authRequestValidator.process(httpReq, pendingReq, authReq, null); - Assert.fail("Invalid or missing bPK target not detected"); - - } catch (AuthnRequestValidatorException e) { - Assert.assertEquals("Wrong errorCode", "pvp2.22", e.getErrorId()); - - } - } - - @Test - public void invalidBpkTarget_5() throws ParserConfigurationException, - SAXException, IOException, UnmarshallingException { - AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_8.xml"); - - //test - try { - authRequestValidator.process(httpReq, pendingReq, authReq, null); - Assert.fail("Invalid or missing bPK target not detected"); - - } catch (AuthnRequestValidatorException e) { - Assert.assertEquals("Wrong errorCode", "pvp2.22", e.getErrorId()); - - } - } - - - private AuthnRequest getAuthRequest(String resource) throws - ParserConfigurationException, SAXException, IOException, UnmarshallingException { - final Element authBlockDom = - DomUtils.parseXmlValidating(AuthnRequestValidatorTest.class.getResourceAsStream(resource)); - - final Unmarshaller unmarshaller = XMLObjectSupport.getUnmarshaller(authBlockDom); - return (AuthnRequest) unmarshaller.unmarshall(authBlockDom); - - } -} diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/BasicConfigurationTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/BasicConfigurationTest.java deleted file mode 100644 index 6e52f113..00000000 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/BasicConfigurationTest.java +++ /dev/null @@ -1,135 +0,0 @@ -package at.asitplus.eidas.specific.connector.test; - -import java.net.MalformedURLException; -import java.net.URL; -import java.security.cert.CertificateException; - -import org.junit.Assert; -import org.junit.BeforeClass; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.opensaml.core.config.InitializationException; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.test.annotation.DirtiesContext; -import org.springframework.test.annotation.DirtiesContext.ClassMode; -import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -import org.springframework.test.context.web.WebAppConfiguration; - -import at.asitplus.eidas.specific.connector.config.ServiceProviderConfiguration; -import at.gv.egiz.eaaf.core.api.data.EaafConstants; -import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; -import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; -import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; -import at.gv.egiz.eaaf.core.exceptions.EaafException; -import net.shibboleth.utilities.java.support.component.ComponentInitializationException; - -@RunWith(SpringJUnit4ClassRunner.class) -@ContextConfiguration({ - "/applicationContext.xml", - "/specific_eIDAS_connector.beans.xml", - "/eaaf_core.beans.xml", - "/eaaf_pvp.beans.xml", - "/eaaf_pvp_idp.beans.xml", - "/spring/SpringTest-context_simple_storage.xml" }) -@WebAppConfiguration -@DirtiesContext(classMode = ClassMode.BEFORE_CLASS) -public class BasicConfigurationTest { - - @Autowired private IConfigurationWithSP basicConfig; - - /** - * jUnit class initializer. - * @throws ComponentInitializationException In case of an error - * @throws InitializationException In case of an error - * @throws CertificateException - * - */ - @BeforeClass - public static void classInitializer() throws InitializationException, - ComponentInitializationException, CertificateException { - final String current = new java.io.File(".").toURI().toString(); - System.setProperty("eidas.ms.configuration", current + "src/test/resources/config/junit_config_1.properties"); - - } - - - @Test - public void basicConfig() throws MalformedURLException, EaafException { - Assert.assertEquals("validate req. URL", "http://localhost", - basicConfig.validateIdpUrl(new URL("http://junit/test"))); - - Assert.assertEquals("validate req. URL", "http://localhost", - basicConfig.validateIdpUrl(new URL("http://localhost/test1/test"))); - - } - - @Test - public void loadSpNotExist() throws EaafConfigurationException { - //check - ISpConfiguration sp = basicConfig.getServiceProviderConfiguration( - "https://not/exist"); - - //validate state - Assert.assertNull("spConfig", sp); - - - } - - @Test - public void loadSpDefault() throws EaafConfigurationException { - //check - ISpConfiguration sp = basicConfig.getServiceProviderConfiguration( - "https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata"); - - //validate state - Assert.assertNotNull("spConfig", sp); - Assert.assertEquals("BaseId transfare restrication", true, sp.hasBaseIdTransferRestriction()); - Assert.assertEquals("BaseId process restrication", false, sp.hasBaseIdInternalProcessingRestriction()); - - Assert.assertEquals("req. LoA size", 1, sp.getRequiredLoA().size()); - Assert.assertEquals("req. LoA", EaafConstants.EIDAS_LOA_HIGH, sp.getRequiredLoA().get(0)); - Assert.assertEquals("LoA matching mode", - EaafConstants.EIDAS_LOA_MATCHING_MINIMUM, sp.getLoAMatchingMode()); - - } - - @Test - public void loadSpNoBaseIdTransferRestriction() throws EaafException { - //check - ServiceProviderConfiguration sp = basicConfig.getServiceProviderConfiguration( - "https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata", ServiceProviderConfiguration.class); - - //validate state - Assert.assertNotNull("spConfig", sp); - Assert.assertNull("bPKTarget already set", sp.getAreaSpecificTargetIdentifier()); - - //validate baseId transfer restriction - sp.setBpkTargetIdentifier(EaafConstants.URN_PREFIX_CDID + "ZP"); - Assert.assertEquals("BaseId restrication", false, sp.hasBaseIdTransferRestriction()); - Assert.assertEquals("bPKTarget", EaafConstants.URN_PREFIX_CDID + "ZP", sp.getAreaSpecificTargetIdentifier()); - - sp.setBpkTargetIdentifier(EaafConstants.URN_PREFIX_WBPK_TARGET_WITH_X + "FN+123456h"); - Assert.assertEquals("BaseId restrication", true, sp.hasBaseIdTransferRestriction()); - - } - - @Test - public void loadSpWithMsSpecificConfig() throws EaafConfigurationException { - //check - ServiceProviderConfiguration sp = basicConfig.getServiceProviderConfiguration( - "https://demo.egiz.gv.at/junit_test", ServiceProviderConfiguration.class); - - //validate state - Assert.assertNotNull("spConfig", sp); - Assert.assertEquals("friendlyName", "jUnit test", sp.getFriendlyName()); - Assert.assertEquals("UniqueId", "https://demo.egiz.gv.at/junit_test", sp.getUniqueIdentifier()); - Assert.assertEquals("BaseId restrication", true, sp.hasBaseIdTransferRestriction()); - Assert.assertEquals("generic config value", false, - sp.isConfigurationValue("policy.allowed.requested.targets")); - Assert.assertEquals("generic config value", "test", - sp.getConfigurationValue("policy.allowed.requested.targets")); - Assert.assertEquals("not_exist_value", "true", sp.getConfigurationValue("not.exist", "true")); - - } -} diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/CountrySelectionProcessImplTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/CountrySelectionProcessImplTest.java deleted file mode 100644 index 455288f5..00000000 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/CountrySelectionProcessImplTest.java +++ /dev/null @@ -1,120 +0,0 @@ -package at.asitplus.eidas.specific.connector.test; - -import java.util.HashMap; -import java.util.Map; - -import org.apache.commons.lang3.RandomStringUtils; -import org.junit.Assert; -import org.junit.Before; -import org.junit.BeforeClass; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.core.io.Resource; -import org.springframework.core.io.ResourceLoader; -import org.springframework.test.annotation.DirtiesContext; -import org.springframework.test.annotation.DirtiesContext.ClassMode; -import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; - -import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; -import at.asitplus.eidas.specific.connector.processes.CountrySelectionProcessImpl; -import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; -import at.gv.egiz.eaaf.core.api.idp.IConfiguration; -import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; -import at.gv.egiz.eaaf.core.impl.idp.auth.modules.ModuleRegistration; -import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyConfiguration; -import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration; -import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; -import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; - -@RunWith(SpringJUnit4ClassRunner.class) -@ContextConfiguration("/spring/SpringTest-context_basic_test.xml") -@DirtiesContext(classMode = ClassMode.BEFORE_CLASS) -public class CountrySelectionProcessImplTest { - - @Autowired ModuleRegistration moduleReg; - @Autowired ResourceLoader loader; - - private final ExecutionContext executionContext = new ExecutionContextImpl(); - private DummySpConfiguration oaParam; - private TestRequestImpl pendingReq; - private CountrySelectionProcessImpl authProcess = new CountrySelectionProcessImpl(); - - /** - * jUnit class initializer. - * - */ - @BeforeClass - public static void classInitializer() { - final String current = new java.io.File(".").toURI().toString(); - System.setProperty("eidas.ms.configuration", current + "../basicConfig/default_config.properties"); - - } - - /** - * jUnit test set-up. - * - */ - @Before - public void initialize() { - Map configMap = new HashMap(); - configMap.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "http://test.com/test"); - IConfiguration basicConfig = new DummyConfiguration(); - oaParam = new DummySpConfiguration(configMap, basicConfig); - pendingReq = new TestRequestImpl(); - pendingReq.setSpConfig(oaParam); - } - - @Test - public void checkProcessDefinition() { - Assert.assertNotNull("AuthModule is null", authProcess); - Assert.assertNotNull("AuthModule process is null", authProcess.getProcessDefinitions()); - - for (String el : authProcess.getProcessDefinitions()) { - Resource res = loader.getResource(el); - Assert.assertTrue("AuthProcess description not extist", res.exists()); - - } - } - - @Test - public void noCountrySelected() throws Exception { - final String result = - moduleReg.selectProcess(executionContext, pendingReq); - Assert.assertNotNull("Process is null", result); - Assert.assertEquals("Process Id not match", "CountrySelectionProcess", result); - - } - - @Test - public void selectCountryValid() throws Exception { - executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, RandomStringUtils.randomAlphanumeric(2)); - final String result = - moduleReg.selectProcess(executionContext, pendingReq); - - Assert.assertNull("Select wrong process", result); - - } - - @Test - public void selectCountryWrongType() throws Exception { - executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, 1); - final String result = - moduleReg.selectProcess(executionContext, pendingReq); - Assert.assertNotNull("Process is null", result); - Assert.assertEquals("Process Id not match", "CountrySelectionProcess", result); - - } - - @Test - public void selectCountryEmpty() throws Exception { - executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, ""); - final String result = - moduleReg.selectProcess(executionContext, pendingReq); - Assert.assertNotNull("Process is null", result); - Assert.assertEquals("Process Id not match", "CountrySelectionProcess", result); - - } - -} diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java new file mode 100644 index 00000000..66147971 --- /dev/null +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java @@ -0,0 +1,109 @@ +package at.asitplus.eidas.specific.connector.test; + +import java.io.IOException; +import java.lang.reflect.Field; + +import org.apache.http.client.ClientProtocolException; +import org.apache.http.client.methods.CloseableHttpResponse; +import org.apache.http.client.methods.HttpGet; +import org.apache.http.client.methods.HttpUriRequest; +import org.apache.http.impl.client.CloseableHttpClient; +import org.apache.http.impl.client.HttpClientBuilder; +import org.apache.http.impl.client.HttpClients; +import org.apache.ignite.Ignition; +import org.junit.After; +import org.junit.AfterClass; +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.BlockJUnit4ClassRunner; + +import at.asitplus.eidas.specific.connector.SpringBootApplicationInitializer; +import at.gv.egiz.eaaf.core.impl.logging.DummyStatusMessager; +import at.gv.egiz.eaaf.core.impl.logging.LogMessageProviderFactory; +import lombok.extern.slf4j.Slf4j; + +@Slf4j +@RunWith(BlockJUnit4ClassRunner.class) +public class MainClassExecutableModeTest { + + /** + * jUnit class initializer. + * @throws InterruptedException In case of an error + * + */ + @BeforeClass + public static void classInitializer() throws InterruptedException { + final String current = new java.io.File(".").toURI().toString(); + System.clearProperty("eidas.ms.configuration"); + + //eIDAS Ref. Impl. properties + System.setProperty("EIDAS_CONFIG_REPOSITORY", current.substring("file:".length()) + + "../basicConfig/eIDAS/"); + System.setProperty("SPECIFIC_CONNECTOR_CONFIG_REPOSITORY", current.substring("file:".length()) + + "../basicConfig/eIDAS/"); + System.setProperty("SPECIFIC_PROXY_SERVICE_CONFIG_REPOSITORY", current.substring("file:".length()) + + "../basicConfig/eIDAS/"); + + } + + /** + * Initializer. + * @throws InterruptedException In case of an error + * + */ + @AfterClass + public static void closeIgniteNode() throws InterruptedException { + System.out.println("Closing Ignite Node ... "); + + log.info("Stopping already running Apache Ignite nodes ... "); + Ignition.stopAll(true); + Thread.sleep(1000); + + } + + /** + * Test reseter. + * + */ + @After + public void cleanJvmState() throws NoSuchFieldException, SecurityException, + IllegalArgumentException, IllegalAccessException { + final Field field = LogMessageProviderFactory.class.getDeclaredField("internalMessager"); + field.setAccessible(true); + field.set(null, new DummyStatusMessager()); + + System.clearProperty("eidas.ms.configuration"); + SpringBootApplicationInitializer.exit(); + + } + + + @Test + public void validConfigLocation() throws ClientProtocolException, IOException { + SpringBootApplicationInitializer + .main(new String[] { + "--spring.config.location=src/test/resources/config/junit_config_1_springboot.properties,classpath:/application.properties", + "--spring.profiles.active=jUnitTestMode,springBoot" }); + + System.out.println("Is started!"); + + // test Spring-Actuator http Basic-Auth + testSpringActuatorSecurity(); + + } + + private void testSpringActuatorSecurity() throws ClientProtocolException, IOException { + // check if authentication works on actuator end-point + final HttpClientBuilder builder = HttpClients.custom(); + final CloseableHttpClient client = builder.build(); + Assert.assertNotNull("httpClient", client); + + final HttpUriRequest httpGet1 = new HttpGet("http://localhost:8080/ms_connector/actuator/info"); + final CloseableHttpResponse httpResp1 = client.execute(httpGet1); + Assert.assertEquals("http statusCode", 200, httpResp1.getStatusLine().getStatusCode()); + + } + +} diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java new file mode 100644 index 00000000..265edfb6 --- /dev/null +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java @@ -0,0 +1,129 @@ +package at.asitplus.eidas.specific.connector.test; + +import java.io.IOException; +import java.lang.reflect.Field; + +import org.apache.http.client.ClientProtocolException; +import org.apache.http.client.methods.CloseableHttpResponse; +import org.apache.http.client.methods.HttpGet; +import org.apache.http.client.methods.HttpUriRequest; +import org.apache.http.impl.client.CloseableHttpClient; +import org.apache.http.impl.client.HttpClientBuilder; +import org.apache.http.impl.client.HttpClients; +import org.apache.ignite.Ignition; +import org.junit.After; +import org.junit.AfterClass; +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.BlockJUnit4ClassRunner; + +import at.asitplus.eidas.specific.connector.SpringBootApplicationInitializer; +import at.gv.egiz.eaaf.core.impl.logging.DummyStatusMessager; +import at.gv.egiz.eaaf.core.impl.logging.LogMessageProviderFactory; + +@RunWith(BlockJUnit4ClassRunner.class) +public class MainClassWebAppModeTest { + + /** + * jUnit class initializer. + * + */ + @BeforeClass + public static void classInitializer() { + final String current = new java.io.File(".").toURI().toString(); + + //eIDAS Ref. Impl. properties + System.setProperty("EIDAS_CONFIG_REPOSITORY", current.substring("file:".length()) + + "../basicConfig/eIDAS/"); + System.setProperty("SPECIFIC_CONNECTOR_CONFIG_REPOSITORY", current.substring("file:".length()) + + "../basicConfig/eIDAS/"); + System.setProperty("SPECIFIC_PROXY_SERVICE_CONFIG_REPOSITORY", current.substring("file:".length()) + + "../basicConfig/eIDAS/"); + + } + + /** + * Initializer. + * + */ + @AfterClass + public static void closeIgniteNode() { + System.out.println("Closing Ignite Node ... "); + Ignition.stopAll(true); + + } + + /** + * Test reseter. + * + */ + @After + public void cleanJvmState() throws NoSuchFieldException, SecurityException, + IllegalArgumentException, IllegalAccessException { + final Field field = LogMessageProviderFactory.class.getDeclaredField("internalMessager"); + field.setAccessible(true); + field.set(null, new DummyStatusMessager()); + + System.clearProperty("eidas.ms.configuration"); + SpringBootApplicationInitializer.exit(); + + } + + @Test + public void wrongConfigLocation() { + //MS-specific connector property + final String current = new java.io.File(".").toURI().toString(); + System.setProperty("eidas.ms.configuration", current + + "src/test/resources/config/notextist.properties"); + + try { + //starting application + SpringBootApplicationInitializer + .main(new String[] { + "--spring.profiles.active=jUnitTestMode,springBoot" }); + Assert.fail("Missing configuration not detected"); + + } catch (final Exception e) { + Assert.assertNotNull("Exception is null", e); + + } + } + + + @Test + public void systemdConfigLocation() throws ClientProtocolException, IOException { + //MS-specific connector property + final String current = new java.io.File(".").toURI().toString(); + System.setProperty("eidas.ms.configuration", current + + "src/test/resources/config/junit_config_1_springboot.properties"); + + //starting application + SpringBootApplicationInitializer + .main(new String[] { + "--spring.profiles.active=jUnitTestMode,springBoot" }); + + System.out.println("Is started!"); + + // test Spring-Actuator http Basic-Auth + testSpringActuatorSecurity(); + + + + + } + + private void testSpringActuatorSecurity() throws ClientProtocolException, IOException { + // check if authentication works on actuator end-point + final HttpClientBuilder builder = HttpClients.custom(); + final CloseableHttpClient client = builder.build(); + Assert.assertNotNull("httpClient", client); + + final HttpUriRequest httpGet1 = new HttpGet("http://localhost:8080/ms_connector/actuator/info"); + final CloseableHttpResponse httpResp1 = client.execute(httpGet1); + Assert.assertEquals("http statusCode", 200, httpResp1.getStatusLine().getStatusCode()); + + } + +} diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/config/BasicConfigurationTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/config/BasicConfigurationTest.java new file mode 100644 index 00000000..86342f99 --- /dev/null +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/config/BasicConfigurationTest.java @@ -0,0 +1,135 @@ +package at.asitplus.eidas.specific.connector.test.config; + +import java.net.MalformedURLException; +import java.net.URL; +import java.security.cert.CertificateException; + +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.opensaml.core.config.InitializationException; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.test.annotation.DirtiesContext; +import org.springframework.test.annotation.DirtiesContext.ClassMode; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.test.context.web.WebAppConfiguration; + +import at.asitplus.eidas.specific.connector.config.ServiceProviderConfiguration; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; +import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; +import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; +import at.gv.egiz.eaaf.core.exceptions.EaafException; +import net.shibboleth.utilities.java.support.component.ComponentInitializationException; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/applicationContext.xml", + "/specific_eIDAS_connector.beans.xml", + "/eaaf_core.beans.xml", + "/eaaf_pvp.beans.xml", + "/eaaf_pvp_idp.beans.xml", + "/spring/SpringTest-context_simple_storage.xml" }) +@WebAppConfiguration +@DirtiesContext(classMode = ClassMode.BEFORE_CLASS) +public class BasicConfigurationTest { + + @Autowired private IConfigurationWithSP basicConfig; + + /** + * jUnit class initializer. + * @throws ComponentInitializationException In case of an error + * @throws InitializationException In case of an error + * @throws CertificateException + * + */ + @BeforeClass + public static void classInitializer() throws InitializationException, + ComponentInitializationException, CertificateException { + final String current = new java.io.File(".").toURI().toString(); + System.setProperty("eidas.ms.configuration", current + "src/test/resources/config/junit_config_1.properties"); + + } + + + @Test + public void basicConfig() throws MalformedURLException, EaafException { + Assert.assertEquals("validate req. URL", "http://localhost", + basicConfig.validateIdpUrl(new URL("http://junit/test"))); + + Assert.assertEquals("validate req. URL", "http://localhost", + basicConfig.validateIdpUrl(new URL("http://localhost/test1/test"))); + + } + + @Test + public void loadSpNotExist() throws EaafConfigurationException { + //check + ISpConfiguration sp = basicConfig.getServiceProviderConfiguration( + "https://not/exist"); + + //validate state + Assert.assertNull("spConfig", sp); + + + } + + @Test + public void loadSpDefault() throws EaafConfigurationException { + //check + ISpConfiguration sp = basicConfig.getServiceProviderConfiguration( + "https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata"); + + //validate state + Assert.assertNotNull("spConfig", sp); + Assert.assertEquals("BaseId transfare restrication", true, sp.hasBaseIdTransferRestriction()); + Assert.assertEquals("BaseId process restrication", false, sp.hasBaseIdInternalProcessingRestriction()); + + Assert.assertEquals("req. LoA size", 1, sp.getRequiredLoA().size()); + Assert.assertEquals("req. LoA", EaafConstants.EIDAS_LOA_HIGH, sp.getRequiredLoA().get(0)); + Assert.assertEquals("LoA matching mode", + EaafConstants.EIDAS_LOA_MATCHING_MINIMUM, sp.getLoAMatchingMode()); + + } + + @Test + public void loadSpNoBaseIdTransferRestriction() throws EaafException { + //check + ServiceProviderConfiguration sp = basicConfig.getServiceProviderConfiguration( + "https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata", ServiceProviderConfiguration.class); + + //validate state + Assert.assertNotNull("spConfig", sp); + Assert.assertNull("bPKTarget already set", sp.getAreaSpecificTargetIdentifier()); + + //validate baseId transfer restriction + sp.setBpkTargetIdentifier(EaafConstants.URN_PREFIX_CDID + "ZP"); + Assert.assertEquals("BaseId restrication", false, sp.hasBaseIdTransferRestriction()); + Assert.assertEquals("bPKTarget", EaafConstants.URN_PREFIX_CDID + "ZP", sp.getAreaSpecificTargetIdentifier()); + + sp.setBpkTargetIdentifier(EaafConstants.URN_PREFIX_WBPK_TARGET_WITH_X + "FN+123456h"); + Assert.assertEquals("BaseId restrication", true, sp.hasBaseIdTransferRestriction()); + + } + + @Test + public void loadSpWithMsSpecificConfig() throws EaafConfigurationException { + //check + ServiceProviderConfiguration sp = basicConfig.getServiceProviderConfiguration( + "https://demo.egiz.gv.at/junit_test", ServiceProviderConfiguration.class); + + //validate state + Assert.assertNotNull("spConfig", sp); + Assert.assertEquals("friendlyName", "jUnit test", sp.getFriendlyName()); + Assert.assertEquals("UniqueId", "https://demo.egiz.gv.at/junit_test", sp.getUniqueIdentifier()); + Assert.assertEquals("BaseId restrication", true, sp.hasBaseIdTransferRestriction()); + Assert.assertEquals("generic config value", false, + sp.isConfigurationValue("policy.allowed.requested.targets")); + Assert.assertEquals("generic config value", "test", + sp.getConfigurationValue("policy.allowed.requested.targets")); + Assert.assertEquals("not_exist_value", "true", sp.getConfigurationValue("not.exist", "true")); + + } +} diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java new file mode 100644 index 00000000..87abb06f --- /dev/null +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java @@ -0,0 +1,352 @@ +package at.asitplus.eidas.specific.connector.test.utils; + +import static at.asitplus.eidas.specific.connector.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE; + +import java.io.IOException; +import java.security.PublicKey; +import java.util.Date; +import java.util.HashMap; +import java.util.Map; + +import javax.xml.transform.TransformerException; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Assert; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.opensaml.core.config.InitializationException; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.i18n.LocaleContextHolder; +import org.springframework.mock.web.MockHttpServletRequest; +import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.test.context.web.WebAppConfiguration; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; +import org.w3c.dom.Element; + +import at.asitplus.eidas.specific.connector.builder.AuthenticationDataBuilder; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; +import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; +import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.idp.IAuthData; +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink; +import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException; +import at.gv.egiz.eaaf.core.exceptions.EaafBuilderException; +import at.gv.egiz.eaaf.core.exceptions.EaafParserException; +import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; +import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BpkBuilder; +import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; +import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser; +import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration; +import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; +import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer; +import net.shibboleth.utilities.java.support.component.ComponentInitializationException; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ "/applicationContext.xml", "/SpringTest_connector.beans.xml", "/eaaf_core.beans.xml", + "/eaaf_pvp.beans.xml", "/eaaf_pvp_idp.beans.xml", "/spring/SpringTest-context_simple_storage.xml" }) +@WebAppConfiguration +public class AuthenticationDataBuilderTest { + + @Autowired + private AuthenticationDataBuilder authenticationDataBuilder; + + @Autowired(required = true) + private IConfiguration basicConfig; + + private MockHttpServletRequest httpReq; + private MockHttpServletResponse httpResp; + private TestRequestImpl pendingReq; + + private DummySpConfiguration oaParam; + + private String eidasBind; + private String authBlock; + + @BeforeClass + public static void classInitializer() throws InitializationException, ComponentInitializationException { + final String current = new java.io.File(".").toURI().toString(); + System.setProperty("eidas.ms.configuration", current + + "src/test/resources/config/junit_config_3.properties"); + + EaafOpenSaml3xInitializer.eaafInitialize(); + } + + @Before + public void initialize() throws EaafStorageException { + httpReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector"); + httpResp = new MockHttpServletResponse(); + RequestContextHolder.resetRequestAttributes(); + RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); + + final Map spConfig = new HashMap<>(); + spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp"); + spConfig.put("target", "urn:publicid:gv.at:cdid+XX"); + spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "true"); + oaParam = new DummySpConfiguration(spConfig, basicConfig); + + pendingReq = new TestRequestImpl(); + pendingReq.setAuthUrl("https://localhost/ms_connector"); + pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10)); + pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10)); + pendingReq.setSpConfig(oaParam); + authBlock = RandomStringUtils.randomAlphanumeric(20); + eidasBind = RandomStringUtils.randomAlphanumeric(20); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(Constants.SZR_AUTHBLOCK, authBlock); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setGenericDataToSession(Constants.EIDAS_BIND, eidasBind); + pendingReq.getSessionData(AuthProcessDataWrapper.class) + .setQaaLevel(EaafConstants.EIDAS_LOA_PREFIX + RandomStringUtils.randomAlphabetic(5)); + pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( + PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, + RandomStringUtils.randomAlphabetic(2)); + + LocaleContextHolder.resetLocaleContext(); + + } + + @Test + public void eidMode() throws EaafAuthenticationException { + // initialize state + pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(true); + + // execute + IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq); + + // validate state + Assert.assertNotNull("AuthData null", authData); + Assert.assertNotNull("authBlock null", authData.getGenericData(Constants.SZR_AUTHBLOCK, String.class)); + Assert.assertNotNull("eidasBind null", authData.getGenericData(Constants.EIDAS_BIND, String.class)); + Assert.assertNotNull("LoA null", authData.getEidasQaaLevel()); + + String authBlock = authData.getGenericData(Constants.SZR_AUTHBLOCK, String.class); + String eidasBind = authData.getGenericData(Constants.EIDAS_BIND, String.class); + + Assert.assertEquals("authBlock not equal", this.authBlock, authBlock); + Assert.assertEquals("eidasBind not equal", this.eidasBind, eidasBind); + Assert.assertEquals("piiTransactionId", + authData.getGenericData(ExtendedPvpAttributeDefinitions.EID_PII_TRANSACTION_ID_NAME, String.class), + this.pendingReq.getUniquePiiTransactionIdentifier()); + Assert.assertNotNull("assertion validTo", authData.getSsoSessionValidTo()); + Assert.assertEquals("LoA", pendingReq.getSessionData(AuthProcessDataWrapper.class).getQaaLevel(), + authData.getEidasQaaLevel()); + Assert.assertEquals("EID-ISSUING-NATION", + pendingReq.getSessionData(AuthProcessDataWrapper.class).getGenericDataFromSession( + PvpAttributeDefinitions.EID_ISSUING_NATION_NAME), + authData.getCiticenCountryCode()); + + Assert.assertNull("bPK", authData.getBpk()); + Assert.assertNull("bPKType", authData.getBpkType()); + Assert.assertNull("FamilyName", authData.getFamilyName()); + Assert.assertNull("GivenName", authData.getGivenName()); + Assert.assertNull("DateOfBirth", authData.getDateOfBirth()); + Assert.assertNull("baseId", authData.getIdentificationValue()); + Assert.assertNull("baseIdType", authData.getIdentificationType()); + Assert.assertNull("IDL", authData.getIdentityLink()); + + } + + @Test + public void moaIdMode() throws EaafAuthenticationException, EaafBuilderException { + //initialize state + pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(false); + IIdentityLink idl = buildDummyIdl(); + pendingReq.getSessionData(AuthProcessDataWrapper.class).setIdentityLink(idl); + + //execute + IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq); + + //validate state + Assert.assertNotNull("AuthData null", authData); + Assert.assertNull("authBlock null", authData.getGenericData(Constants.SZR_AUTHBLOCK, String.class)); + Assert.assertNull("eidasBind null", authData.getGenericData(Constants.EIDAS_BIND, String.class)); + Assert.assertNull("piiTransactionId", + authData.getGenericData(ExtendedPvpAttributeDefinitions.EID_PII_TRANSACTION_ID_NAME, String.class)); + + + Assert.assertNotNull("assertion validTo", authData.getSsoSessionValidTo()); + Assert.assertNotNull("LoA null", authData.getEidasQaaLevel()); + Assert.assertEquals("LoA", pendingReq.getSessionData(AuthProcessDataWrapper.class).getQaaLevel(), + authData.getEidasQaaLevel()); + Assert.assertEquals("EID-ISSUING-NATION", + pendingReq.getSessionData(AuthProcessDataWrapper.class).getGenericDataFromSession( + PvpAttributeDefinitions.EID_ISSUING_NATION_NAME), + authData.getCiticenCountryCode()); + + Assert.assertEquals("FamilyName", idl.getFamilyName(), authData.getFamilyName()); + Assert.assertEquals("GivenName", idl.getGivenName(), authData.getGivenName()); + Assert.assertEquals("DateOfBirth", idl.getDateOfBirth(), authData.getFormatedDateOfBirth()); + Assert.assertEquals("bPK", + BpkBuilder.generateAreaSpecificPersonIdentifier( + idl.getIdentificationValue(), EaafConstants.URN_PREFIX_CDID + "XX").getFirst(), + authData.getBpk()); + Assert.assertEquals("bPKType", EaafConstants.URN_PREFIX_CDID + "XX", authData.getBpkType()); + Assert.assertNotNull("IDL", authData.getIdentityLink()); + + + } + + private IIdentityLink buildDummyIdl() { + return new IIdentityLink() { + + String familyName = RandomStringUtils.randomAlphabetic(10); + String givenName = RandomStringUtils.randomAlphabetic(10); + String dateOfBirth = "1955-02-03"; + String baseId = RandomStringUtils.randomAlphanumeric(20); + String saml2Serialized = RandomStringUtils.randomAlphanumeric(150); + + + + @Override + public void setSamlAssertion(Element arg0) throws TransformerException, IOException { + + } + + @Override + public void setPublicKey(PublicKey[] arg0) { + // TODO Auto-generated method stub + + } + + @Override + public void setPrPerson(Element arg0) { + // TODO Auto-generated method stub + + } + + @Override + public void setIssueInstant(String arg0) { + // TODO Auto-generated method stub + + } + + @Override + public void setIdentificationValue(String arg0) { + // TODO Auto-generated method stub + + } + + @Override + public void setIdentificationType(String arg0) { + // TODO Auto-generated method stub + + } + + @Override + public void setGivenName(String arg0) { + // TODO Auto-generated method stub + + } + + @Override + public void setFamilyName(String arg0) { + // TODO Auto-generated method stub + + } + + @Override + public void setDsigReferenceTransforms(Element[] arg0) { + // TODO Auto-generated method stub + + } + + @Override + public void setDateOfBirth(String arg0) { + // TODO Auto-generated method stub + + } + + @Override + public String getSerializedSamlAssertion() { + return this.saml2Serialized; + } + + @Override + public Element getSamlAssertion() { + IIdentityLink fullIdl; + try { + fullIdl = new SimpleIdentityLinkAssertionParser( + AuthenticationDataBuilderTest.class.getResourceAsStream("/data/test_idl_1.xml")).parseIdentityLink(); + return fullIdl.getSamlAssertion(); + + } catch (EaafParserException e) { + e.printStackTrace(); + } + + return null; + + } + + @Override + public PublicKey[] getPublicKey() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Element getPrPerson() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getName() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Date getIssueInstantDate() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getIssueInstant() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getIdentificationValue() { + return this.baseId; + } + + @Override + public String getIdentificationType() { + return EaafConstants.URN_PREFIX_BASEID; + } + + @Override + public String getGivenName() { + return this.givenName; + } + + @Override + public String getFamilyName() { + return this.familyName; + } + + @Override + public Element[] getDsigReferenceTransforms() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getDateOfBirth() { + return this.dateOfBirth; + + } + }; + } + +} diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthnRequestValidatorTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthnRequestValidatorTest.java new file mode 100644 index 00000000..a9929a01 --- /dev/null +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthnRequestValidatorTest.java @@ -0,0 +1,329 @@ +package at.asitplus.eidas.specific.connector.test.utils; + +import java.io.IOException; +import java.util.HashMap; +import java.util.Map; + +import javax.xml.parsers.ParserConfigurationException; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Assert; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.opensaml.core.config.InitializationException; +import org.opensaml.core.xml.io.Unmarshaller; +import org.opensaml.core.xml.io.UnmarshallingException; +import org.opensaml.core.xml.util.XMLObjectSupport; +import org.opensaml.saml.saml2.core.AuthnRequest; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.mock.web.MockHttpServletRequest; +import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.test.annotation.DirtiesContext; +import org.springframework.test.annotation.DirtiesContext.ClassMode; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.test.context.web.WebAppConfiguration; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; +import org.w3c.dom.Element; +import org.xml.sax.SAXException; + +import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; +import at.asitplus.eidas.specific.connector.config.ServiceProviderConfiguration; +import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; +import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; +import at.gv.egiz.eaaf.core.exceptions.AuthnRequestValidatorException; +import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl; +import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; +import at.gv.egiz.eaaf.core.impl.utils.DomUtils; +import at.gv.egiz.eaaf.modules.pvp2.api.validation.IAuthnRequestPostProcessor; +import at.gv.egiz.eaaf.modules.pvp2.idp.impl.PvpSProfilePendingRequest; +import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer; +import net.shibboleth.utilities.java.support.component.ComponentInitializationException; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/applicationContext.xml", + "/specific_eIDAS_connector.beans.xml", + "/eaaf_core.beans.xml", + "/eaaf_pvp.beans.xml", + "/eaaf_pvp_idp.beans.xml", + "/spring/SpringTest-context_simple_storage.xml" }) +@WebAppConfiguration +@DirtiesContext(classMode = ClassMode.BEFORE_CLASS) +public class AuthnRequestValidatorTest { + + @Autowired private IConfigurationWithSP basicConfig; + @Autowired protected IAuthnRequestPostProcessor authRequestValidator; + + private MockHttpServletRequest httpReq; + private MockHttpServletResponse httpResp; + private PvpSProfilePendingRequest pendingReq; + + /** + * jUnit class initializer. + * @throws ComponentInitializationException In case of an error + * @throws InitializationException In case of an error + * + */ + @BeforeClass + public static void classInitializer() throws InitializationException, ComponentInitializationException { + final String current = new java.io.File(".").toURI().toString(); + System.setProperty("eidas.ms.configuration", current + "src/test/resources/config/junit_config_1.properties"); + + EaafOpenSaml3xInitializer.eaafInitialize(); + } + + /** + * jUnit test set-up. + * @throws EaafException + * + */ + @Before + public void initialize() throws EaafException { + httpReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector"); + httpResp = new MockHttpServletResponse(); + RequestContextHolder.resetRequestAttributes(); + RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); + + Map spConfig = new HashMap<>(); + spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphabetic(10)); + + pendingReq = new PvpSProfilePendingRequest(); + pendingReq.initialize(httpReq, basicConfig); + pendingReq.setPendingRequestId(RandomStringUtils.randomAlphanumeric(10)); + pendingReq.setOnlineApplicationConfiguration(new ServiceProviderConfiguration(spConfig, basicConfig)); + ((RequestImpl)pendingReq).setUniqueTransactionIdentifier(null); + + } + + @Test + public void loaLowRequested() throws AuthnRequestValidatorException, ParserConfigurationException, + SAXException, IOException, UnmarshallingException { + AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_1.xml"); + + //test + authRequestValidator.process(httpReq, pendingReq, authReq, null); + + //validate + Assert.assertNotNull("spEntityId is null", pendingReq.getRawData(MsEidasNodeConstants.DATA_REQUESTERID)); + Assert.assertEquals("SP EntityId not match", + "https://demo.egiz.gv.at/demoportal-openID_demo", + pendingReq.getRawData(MsEidasNodeConstants.DATA_REQUESTERID)); + + Assert.assertNotNull("SP ProviderName is null", pendingReq.getRawData(MsEidasNodeConstants.DATA_PROVIDERNAME)); + Assert.assertEquals("SP ProviderName not match", + "OpenID Connect Demo", + pendingReq.getRawData(MsEidasNodeConstants.DATA_PROVIDERNAME)); + + Assert.assertNotNull("Requested SP LoA is null", + pendingReq.getServiceProviderConfiguration().getRequiredLoA()); + Assert.assertFalse("Requested SP LoA is null", + pendingReq.getServiceProviderConfiguration().getRequiredLoA().isEmpty()); + Assert.assertEquals("SP LoA count not match", 1, + pendingReq.getServiceProviderConfiguration().getRequiredLoA().size()); + Assert.assertEquals("SP LoA not match", + "http://eidas.europa.eu/LoA/substantial", + pendingReq.getServiceProviderConfiguration().getRequiredLoA().get(0)); + + Assert.assertNotNull("bPK Target is null", + pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()); + Assert.assertEquals("bPK target not match", "urn:publicid:gv.at:cdid+BF", + pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()); + + Assert.assertNull("wrong transactionId", pendingReq.getUniqueTransactionIdentifier()); + + } + + @Test + public void loaSubstentialRequested() throws AuthnRequestValidatorException, ParserConfigurationException, + SAXException, IOException, UnmarshallingException { + AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_2.xml"); + + //test + authRequestValidator.process(httpReq, pendingReq, authReq, null); + + //validate + Assert.assertNotNull("spEntityId is null", pendingReq.getRawData(MsEidasNodeConstants.DATA_REQUESTERID)); + Assert.assertEquals("SP EntityId not match", + "https://demo.egiz.gv.at/demoportal-openID_demo", + pendingReq.getRawData(MsEidasNodeConstants.DATA_REQUESTERID)); + + Assert.assertNotNull("SP ProviderName is null", pendingReq.getRawData(MsEidasNodeConstants.DATA_PROVIDERNAME)); + Assert.assertEquals("SP ProviderName not match", + "OpenID Connect Demo", + pendingReq.getRawData(MsEidasNodeConstants.DATA_PROVIDERNAME)); + + Assert.assertNotNull("Requested SP LoA is null", + pendingReq.getServiceProviderConfiguration().getRequiredLoA()); + Assert.assertFalse("Requested SP LoA is null", + pendingReq.getServiceProviderConfiguration().getRequiredLoA().isEmpty()); + Assert.assertEquals("SP LoA count not match", 1, + pendingReq.getServiceProviderConfiguration().getRequiredLoA().size()); + Assert.assertEquals("SP LoA not match", + "http://eidas.europa.eu/LoA/substantial", + pendingReq.getServiceProviderConfiguration().getRequiredLoA().get(0)); + + Assert.assertNotNull("bPK Target is null", + pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()); + Assert.assertEquals("bPK target not match", "urn:publicid:gv.at:cdid+BF", + pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()); + + Assert.assertNull("wrong transactionId", pendingReq.getUniqueTransactionIdentifier()); + + } + + @Test + public void loaHighRequested() throws AuthnRequestValidatorException, ParserConfigurationException, + SAXException, IOException, UnmarshallingException { + AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_3.xml"); + + //test + authRequestValidator.process(httpReq, pendingReq, authReq, null); + + //validate + Assert.assertNotNull("spEntityId is null", pendingReq.getRawData(MsEidasNodeConstants.DATA_REQUESTERID)); + Assert.assertEquals("SP EntityId not match", + "https://demo.egiz.gv.at/demoportal-openID_demo", + pendingReq.getRawData(MsEidasNodeConstants.DATA_REQUESTERID)); + + Assert.assertNotNull("SP ProviderName is null", pendingReq.getRawData(MsEidasNodeConstants.DATA_PROVIDERNAME)); + Assert.assertEquals("SP ProviderName not match", + "OpenID Connect Demo", + pendingReq.getRawData(MsEidasNodeConstants.DATA_PROVIDERNAME)); + + Assert.assertNotNull("Requested SP LoA is null", + pendingReq.getServiceProviderConfiguration().getRequiredLoA()); + Assert.assertFalse("Requested SP LoA is null", + pendingReq.getServiceProviderConfiguration().getRequiredLoA().isEmpty()); + Assert.assertEquals("SP LoA count not match", 1, + pendingReq.getServiceProviderConfiguration().getRequiredLoA().size()); + Assert.assertEquals("SP LoA not match", + "http://eidas.europa.eu/LoA/high", + pendingReq.getServiceProviderConfiguration().getRequiredLoA().get(0)); + + Assert.assertNotNull("bPK Target is null", + pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()); + Assert.assertEquals("bPK target not match", "urn:publicid:gv.at:cdid+XX", + pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()); + + Assert.assertEquals("wrong transactionId", "transId_11223344556677aabbcc", + pendingReq.getUniqueTransactionIdentifier()); + + } + + @Test + public void transactionIdWrongPendingReqType() throws AuthnRequestValidatorException, ParserConfigurationException, + SAXException, IOException, UnmarshallingException { + + Map spConfig = new HashMap<>(); + spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphabetic(10)); + + TestRequestImpl pendingReqLocal = new TestRequestImpl(); + pendingReqLocal.setPendingReqId(RandomStringUtils.randomAlphanumeric(10)); + pendingReqLocal.setSpConfig(new ServiceProviderConfiguration(spConfig, basicConfig)); + + AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_3.xml"); + + //test + authRequestValidator.process(httpReq, pendingReqLocal, authReq, null); + + //validate + Assert.assertNull("wrong transactionId", pendingReqLocal.getUniqueTransactionIdentifier()); + + } + + @Test + public void invalidBpkTarget_1() throws ParserConfigurationException, + SAXException, IOException, UnmarshallingException { + AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_4.xml"); + + //test + try { + authRequestValidator.process(httpReq, pendingReq, authReq, null); + Assert.fail("Invalid or missing bPK target not detected"); + + } catch (AuthnRequestValidatorException e) { + Assert.assertEquals("Wrong errorCode", "pvp2.22", e.getErrorId()); + + } + } + + @Test + public void invalidBpkTarget_2() throws ParserConfigurationException, + SAXException, IOException, UnmarshallingException { + AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_5.xml"); + + //test + try { + authRequestValidator.process(httpReq, pendingReq, authReq, null); + Assert.fail("Invalid or missing bPK target not detected"); + + } catch (AuthnRequestValidatorException e) { + Assert.assertEquals("Wrong errorCode", "pvp2.22", e.getErrorId()); + + } + } + + @Test + public void invalidBpkTarget_3() throws ParserConfigurationException, + SAXException, IOException, UnmarshallingException { + AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_6.xml"); + + //test + try { + authRequestValidator.process(httpReq, pendingReq, authReq, null); + Assert.fail("Invalid or missing bPK target not detected"); + + } catch (AuthnRequestValidatorException e) { + Assert.assertEquals("Wrong errorCode", "pvp2.22", e.getErrorId()); + + } + } + + @Test + public void invalidBpkTarget_4() throws ParserConfigurationException, + SAXException, IOException, UnmarshallingException { + AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_7.xml"); + + //test + try { + authRequestValidator.process(httpReq, pendingReq, authReq, null); + Assert.fail("Invalid or missing bPK target not detected"); + + } catch (AuthnRequestValidatorException e) { + Assert.assertEquals("Wrong errorCode", "pvp2.22", e.getErrorId()); + + } + } + + @Test + public void invalidBpkTarget_5() throws ParserConfigurationException, + SAXException, IOException, UnmarshallingException { + AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_8.xml"); + + //test + try { + authRequestValidator.process(httpReq, pendingReq, authReq, null); + Assert.fail("Invalid or missing bPK target not detected"); + + } catch (AuthnRequestValidatorException e) { + Assert.assertEquals("Wrong errorCode", "pvp2.22", e.getErrorId()); + + } + } + + + private AuthnRequest getAuthRequest(String resource) throws + ParserConfigurationException, SAXException, IOException, UnmarshallingException { + final Element authBlockDom = + DomUtils.parseXmlValidating(AuthnRequestValidatorTest.class.getResourceAsStream(resource)); + + final Unmarshaller unmarshaller = XMLObjectSupport.getUnmarshaller(authBlockDom); + return (AuthnRequest) unmarshaller.unmarshall(authBlockDom); + + } +} diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/CountrySelectionProcessImplTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/CountrySelectionProcessImplTest.java new file mode 100644 index 00000000..d0343eba --- /dev/null +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/CountrySelectionProcessImplTest.java @@ -0,0 +1,120 @@ +package at.asitplus.eidas.specific.connector.test.utils; + +import java.util.HashMap; +import java.util.Map; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Assert; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.core.io.Resource; +import org.springframework.core.io.ResourceLoader; +import org.springframework.test.annotation.DirtiesContext; +import org.springframework.test.annotation.DirtiesContext.ClassMode; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + +import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; +import at.asitplus.eidas.specific.connector.processes.CountrySelectionProcessImpl; +import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; +import at.gv.egiz.eaaf.core.impl.idp.auth.modules.ModuleRegistration; +import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyConfiguration; +import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration; +import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; +import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration("/spring/SpringTest-context_basic_test.xml") +@DirtiesContext(classMode = ClassMode.BEFORE_CLASS) +public class CountrySelectionProcessImplTest { + + @Autowired ModuleRegistration moduleReg; + @Autowired ResourceLoader loader; + + private final ExecutionContext executionContext = new ExecutionContextImpl(); + private DummySpConfiguration oaParam; + private TestRequestImpl pendingReq; + private CountrySelectionProcessImpl authProcess = new CountrySelectionProcessImpl(); + + /** + * jUnit class initializer. + * + */ + @BeforeClass + public static void classInitializer() { + final String current = new java.io.File(".").toURI().toString(); + System.setProperty("eidas.ms.configuration", current + "../basicConfig/default_config.properties"); + + } + + /** + * jUnit test set-up. + * + */ + @Before + public void initialize() { + Map configMap = new HashMap(); + configMap.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "http://test.com/test"); + IConfiguration basicConfig = new DummyConfiguration(); + oaParam = new DummySpConfiguration(configMap, basicConfig); + pendingReq = new TestRequestImpl(); + pendingReq.setSpConfig(oaParam); + } + + @Test + public void checkProcessDefinition() { + Assert.assertNotNull("AuthModule is null", authProcess); + Assert.assertNotNull("AuthModule process is null", authProcess.getProcessDefinitions()); + + for (String el : authProcess.getProcessDefinitions()) { + Resource res = loader.getResource(el); + Assert.assertTrue("AuthProcess description not extist", res.exists()); + + } + } + + @Test + public void noCountrySelected() throws Exception { + final String result = + moduleReg.selectProcess(executionContext, pendingReq); + Assert.assertNotNull("Process is null", result); + Assert.assertEquals("Process Id not match", "CountrySelectionProcess", result); + + } + + @Test + public void selectCountryValid() throws Exception { + executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, RandomStringUtils.randomAlphanumeric(2)); + final String result = + moduleReg.selectProcess(executionContext, pendingReq); + + Assert.assertNull("Select wrong process", result); + + } + + @Test + public void selectCountryWrongType() throws Exception { + executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, 1); + final String result = + moduleReg.selectProcess(executionContext, pendingReq); + Assert.assertNotNull("Process is null", result); + Assert.assertEquals("Process Id not match", "CountrySelectionProcess", result); + + } + + @Test + public void selectCountryEmpty() throws Exception { + executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, ""); + final String result = + moduleReg.selectProcess(executionContext, pendingReq); + Assert.assertNotNull("Process is null", result); + Assert.assertEquals("Process Id not match", "CountrySelectionProcess", result); + + } + +} diff --git a/connector/src/test/resources/config/junit_config_1.properties b/connector/src/test/resources/config/junit_config_1.properties index 78981b6a..429d3538 100644 --- a/connector/src/test/resources/config/junit_config_1.properties +++ b/connector/src/test/resources/config/junit_config_1.properties @@ -1,6 +1,7 @@ ## Basic service configuration eidas.ms.context.url.prefix=http://localhost eidas.ms.context.url.request.validation=false +eidas.ms.core.configRootDir=file:./ eidas.ms.context.use.clustermode=true diff --git a/connector/src/test/resources/config/junit_config_1_springboot.properties b/connector/src/test/resources/config/junit_config_1_springboot.properties new file mode 100644 index 00000000..7257df9b --- /dev/null +++ b/connector/src/test/resources/config/junit_config_1_springboot.properties @@ -0,0 +1,81 @@ +## embbeded Tomcat +tomcat.workingdir=./target/work +tomcat.ajp.enabled=true +tomcat.ajp.port=8009 +tomcat.ajp.networkAddress=127.0.0.1 +tomcat.ajp.additionalAttributes.secretrequired=true +tomcat.ajp.additionalAttributes.secret=junit + +## Basic service configuration +eidas.ms.context.url.prefix=http://localhost +eidas.ms.core.configRootDir=file:./src/test/resources/config/ + +eidas.ms.context.use.clustermode=true + +##Monitoring +eidas.ms.monitoring.eIDASNode.metadata.url= + +## extended validation of pending-request Id's +eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret + +## eIDAS Ref. Implementation connector ### +eidas.ms.auth.eIDAS.node_v2.forward.endpoint= + +eidas.ms.auth.eIDAS.szrclient.useTestService=true +eidas.ms.auth.eIDAS.szrclient.endpoint.prod= +eidas.ms.auth.eIDAS.szrclient.endpoint.test=http://localhost:1234/demoszr +eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.path=keys/junit.jks +eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.password=password +eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.path= +eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.password= + +#tech. AuthBlock signing for E-ID process +eidas.ms.auth.eIDAS.authblock.keystore.password=f/+saJBc3a}*/T^s +eidas.ms.auth.eIDAS.authblock.keystore.friendlyName=connectorkeypair +eidas.ms.auth.eIDAS.authblock.keystore.path=keys/teststore.jks +eidas.ms.auth.eIDAS.authblock.keystore.type=jks +eidas.ms.auth.eIDAS.authblock.key.alias=connectorkeypair +eidas.ms.auth.eIDAS.authblock.key.password=f/+saJBc3a}*/T^s + + +#Raw eIDAS Id data storage +eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=true +eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=true + + + +## PVP2 S-Profile end-point configuration +eidas.ms.pvp2.keystore.type=jks +eidas.ms.pvp2.keystore.path=keys/junit.jks +eidas.ms.pvp2.keystore.password=password +eidas.ms.pvp2.key.metadata.alias=meta +eidas.ms.pvp2.key.metadata.password=password +eidas.ms.pvp2.key.signing.alias=sig +eidas.ms.pvp2.key.signing.password=password +eidas.ms.pvp2.metadata.validity=24 + +eidas.ms.pvp2.metadata.organisation.name=JUnit +eidas.ms.pvp2.metadata.organisation.friendyname=For testing with jUnit +eidas.ms.pvp2.metadata.organisation.url=http://junit.test +eidas.ms.pvp2.metadata.contact.givenname=Max +eidas.ms.pvp2.metadata.contact.surname=Mustermann +eidas.ms.pvp2.metadata.contact.email=max@junit.test + +## Service Provider configuration +eidas.ms.sp.0.uniqueID=https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata +eidas.ms.sp.0.pvp2.metadata.truststore=keys/junit.jks +eidas.ms.sp.0.pvp2.metadata.truststore.password=password +eidas.ms.sp.0.friendlyName=jUnit test +#eidas.ms.sp.0.pvp2.metadata.url= +#eidas.ms.sp.0.policy.allowed.requested.targets=.* +#eidas.ms.sp.0.policy.hasBaseIdTransferRestriction=false + +## Service Provider configuration +eidas.ms.sp.1.uniqueID=https://demo.egiz.gv.at/junit_test +eidas.ms.sp.1.pvp2.metadata.truststore=keys/junit.jks +eidas.ms.sp.1.pvp2.metadata.truststore.password=password +eidas.ms.sp.1.friendlyName=jUnit test +eidas.ms.sp.1.pvp2.metadata.url=http://junit.test/metadata +eidas.ms.sp.1.policy.allowed.requested.targets=test +eidas.ms.sp.1.policy.hasBaseIdTransferRestriction=true + diff --git a/connector/src/test/resources/config/keys/teststore.jks b/connector/src/test/resources/config/keys/teststore.jks new file mode 100644 index 00000000..fcc6400c Binary files /dev/null and b/connector/src/test/resources/config/keys/teststore.jks differ diff --git a/connector_lib/pom.xml b/connector_lib/pom.xml index b6a2e060..f24a2801 100644 --- a/connector_lib/pom.xml +++ b/connector_lib/pom.xml @@ -27,6 +27,10 @@ org.springframework spring-webmvc + + javax.validation + validation-api + javax.servlet @@ -44,20 +48,20 @@ org.springframework spring-test test - + at.gv.egiz.eaaf eaaf_core_utils test test-jar - + - at.gv.egiz.eaaf - eaaf-core - test - test-jar - - + at.gv.egiz.eaaf + eaaf-core + test + test-jar + + @@ -87,7 +91,7 @@ - + com.github.spotbugs spotbugs-maven-plugin diff --git a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MsEidasNodeConstants.java b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MsEidasNodeConstants.java index 8d1dcc0b..133f104d 100644 --- a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MsEidasNodeConstants.java +++ b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MsEidasNodeConstants.java @@ -103,7 +103,7 @@ public class MsEidasNodeConstants { - public static final String PROP_CONFIG_SP_LIST_PREFIX = "sp."; + public static final String PROP_CONFIG_SP_LIST_PREFIX = "sp"; public static final String PROP_CONFIG_SP_UNIQUEIDENTIFIER = EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER; public static final String PROP_CONFIG_SP_FRIENDLYNAME = "friendlyName"; public static final String PROP_CONFIG_SP_PVP2_METADATA_URL = "pvp2.metadata.url"; diff --git a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/BasicConfigurationProvider.java b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/BasicConfigurationProvider.java index 355c63f2..8f15a12d 100644 --- a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/BasicConfigurationProvider.java +++ b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/BasicConfigurationProvider.java @@ -31,6 +31,7 @@ import java.util.Map.Entry; import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import org.springframework.context.annotation.Profile; import org.springframework.stereotype.Service; import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; @@ -41,6 +42,7 @@ import at.gv.egiz.eaaf.core.impl.idp.conf.AbstractConfigurationImpl; import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; @Service("BasicMSSpecificNodeConfig") +@Profile("!springBoot") public class BasicConfigurationProvider extends AbstractConfigurationImpl { private static final Logger log = LoggerFactory.getLogger(BasicConfigurationProvider.class); @@ -56,7 +58,7 @@ public class BasicConfigurationProvider extends AbstractConfigurationImpl { if (!spConfigCache.containsKey(entityId)) { log.debug("SP: " + entityId + " is NOT cached. Starting load operation ... "); final Map allSPs = getBasicConfigurationWithPrefix( - MsEidasNodeConstants.PROP_CONFIG_SP_LIST_PREFIX); + MsEidasNodeConstants.PROP_CONFIG_SP_LIST_PREFIX + KeyValueUtils.KEY_DELIMITER); for (Entry entry : allSPs.entrySet()) { if (entry.getKey().endsWith(MsEidasNodeConstants.PROP_CONFIG_SP_UNIQUEIDENTIFIER) && entry.getValue().equals(entityId)) { diff --git a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/SpringBootBasicConfigurationProvider.java b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/SpringBootBasicConfigurationProvider.java new file mode 100644 index 00000000..76e2c01f --- /dev/null +++ b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/SpringBootBasicConfigurationProvider.java @@ -0,0 +1,122 @@ +package at.asitplus.eidas.specific.connector.config; + +import java.net.URL; +import java.util.HashMap; +import java.util.Map; +import java.util.Map.Entry; + +import org.apache.commons.lang3.StringUtils; + +import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; +import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; +import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.core.impl.idp.conf.AbstractSpringBootConfigurationImpl; +import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; +import lombok.extern.slf4j.Slf4j; + +@Slf4j +public class SpringBootBasicConfigurationProvider extends AbstractSpringBootConfigurationImpl { + + private final Map spConfigCache = new HashMap<>(); + + @Override + public ISpConfiguration getServiceProviderConfiguration(String entityId) throws EaafConfigurationException { + if (!spConfigCache.containsKey(entityId)) { + log.debug("SP: " + entityId + " is NOT cached. Starting load operation ... "); + final Map allSPs = getBasicConfigurationWithPrefix( + MsEidasNodeConstants.PROP_CONFIG_SP_LIST_PREFIX); + for (Entry entry : allSPs.entrySet()) { + if (entry.getKey().endsWith(MsEidasNodeConstants.PROP_CONFIG_SP_UNIQUEIDENTIFIER) + && entry.getValue().equals(entityId)) { + final String listId = KeyValueUtils.getParentKey(entry.getKey()); + log.trace("Find SP configuration with list-Id: " + listId + + ". Extracting configuration elements ... "); + final Map spConfig = KeyValueUtils.getSubSetWithPrefix(allSPs, listId + + KeyValueUtils.KEY_DELIMITER); + spConfigCache.put(entityId, + new ServiceProviderConfiguration(spConfig, this)); + break; + } + } + + if (spConfigCache.containsKey(entityId)) { + log.info("SP: " + entityId + " is loaded. Continuing auth. process ... "); + } else { + log.warn("SP: " + entityId + " is NOT found in configuration. Stopping auth. process ... "); + return null; + + } + + } else { + log.trace("SP: " + entityId + " is already cached. Use configuration from there ... "); + } + + return spConfigCache.get(entityId); + } + + @Override + public T getServiceProviderConfiguration(String entityId, Class decorator) + throws EaafConfigurationException { + final ISpConfiguration spConfig = getServiceProviderConfiguration(entityId); + if (spConfig != null && decorator != null) { + if (decorator.isInstance(spConfig)) { + return (T) spConfig; + } else { + log.error("SPConfig: " + spConfig.getClass().getName() + " is NOT instance of: " + decorator + .getName()); + } + + } + + return null; + + } + + @Override + public String validateIdpUrl(URL url) throws EaafException { + log.trace("Validate requested URL: " + url); + String urlPrefixFromConfig = getBasicConfiguration( + MsEidasNodeConstants.PROP_CONFIG_APPLICATION_PUBLIC_URL_PREFIX); + if (StringUtils.isEmpty(urlPrefixFromConfig)) { + log.warn("Application config containts NO URL prefix"); + throw new EaafConfigurationException("config.27", + new Object[] { "Application config containts NO " + + getApplicationSpecificKeyPrefix() + + MsEidasNodeConstants.PROP_CONFIG_APPLICATION_PUBLIC_URL_PREFIX }); + + } + + // remove last slash + if (urlPrefixFromConfig.endsWith("/")) { + urlPrefixFromConfig = urlPrefixFromConfig.substring(0, urlPrefixFromConfig.length() - 1); + } + + if (getBasicConfigurationBoolean( + MsEidasNodeConstants.PROP_CONFIG_APPLICATION_PUBLIC_URL_REQUEST_VALIDATION, false)) { + if (url != null && url.toExternalForm().startsWith(urlPrefixFromConfig)) { + return urlPrefixFromConfig; + } + + log.info("URL: " + url + " does NOT match to allowed application prefix: " + urlPrefixFromConfig); + return null; + + } else { + return urlPrefixFromConfig; + + } + } + + @Override + public String getApplicationSpecificKeyPrefix() { + return MsEidasNodeConstants.PROP_CONFIG_APPLICATION_PREFIX; + + } + + @Override + protected String getBackupConfigPath() { + return null; + + } + +} diff --git a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/DefaultVelocityGuiBuilderImpl.java b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/DefaultVelocityGuiBuilderImpl.java index 7abc6fcb..e7ebc92f 100644 --- a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/DefaultVelocityGuiBuilderImpl.java +++ b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/DefaultVelocityGuiBuilderImpl.java @@ -33,7 +33,7 @@ import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiBuilderConfiguration; import at.gv.egiz.eaaf.core.exceptions.GuiBuildException; import at.gv.egiz.eaaf.core.impl.gui.AbstractVelocityGuiFormBuilderImpl; -@Service("DefaultVelocityGUIBuilderImpl") +@Service("velocityGUIBuilderImpl") public class DefaultVelocityGuiBuilderImpl extends AbstractVelocityGuiFormBuilderImpl { private static final Logger log = LoggerFactory.getLogger(DefaultVelocityGuiBuilderImpl.class); diff --git a/connector_lib/src/main/resources/common_gui.beans.xml b/connector_lib/src/main/resources/common_gui.beans.xml new file mode 100644 index 00000000..969a40f7 --- /dev/null +++ b/connector_lib/src/main/resources/common_gui.beans.xml @@ -0,0 +1,60 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/connector_lib/src/test/java/at/asitplus/eidas/specific/connector/test/config/SpringBootBasicConfigurationProviderTest.java b/connector_lib/src/test/java/at/asitplus/eidas/specific/connector/test/config/SpringBootBasicConfigurationProviderTest.java new file mode 100644 index 00000000..4e7e7dd2 --- /dev/null +++ b/connector_lib/src/test/java/at/asitplus/eidas/specific/connector/test/config/SpringBootBasicConfigurationProviderTest.java @@ -0,0 +1,148 @@ +package at.asitplus.eidas.specific.connector.test.config; + +import java.net.MalformedURLException; +import java.net.URL; +import java.util.Map; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Assert; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.test.annotation.DirtiesContext; +import org.springframework.test.annotation.DirtiesContext.ClassMode; +import org.springframework.test.context.ActiveProfiles; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.TestPropertySource; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + +import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; +import at.asitplus.eidas.specific.connector.config.ServiceProviderConfiguration; +import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; +import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; +import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; +import at.gv.egiz.eaaf.core.exceptions.EaafException; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration(locations = { + "/SpringTest-context_basic_realConfig.xml"}) +@TestPropertySource(locations = { "/config/junit_config_1.properties" }) +@ActiveProfiles("springBoot") +@DirtiesContext(classMode = ClassMode.BEFORE_CLASS) +public class SpringBootBasicConfigurationProviderTest { + + @Autowired private IConfigurationWithSP basicConfig; + + @Test + public void configPropInfos() { + Assert.assertEquals("size", 2, MsEidasNodeConstants.COUNTRY_SELECTION_PARAM_WHITELIST.size()); + + } + + @Test + public void loadSpNoExist() throws EaafConfigurationException { + ISpConfiguration spConfig = basicConfig.getServiceProviderConfiguration( + RandomStringUtils.randomAlphabetic(5)); + Assert.assertNull("spConfig", spConfig); + + } + + @Test + public void loadSpConfigBasicMode() throws EaafConfigurationException { + ISpConfiguration spConfig = basicConfig.getServiceProviderConfiguration("jUnitTest1"); + + Assert.assertNotNull("spConfig", spConfig); + Assert.assertEquals("uniqueId", "jUnitTest1", spConfig.getUniqueIdentifier()); + Assert.assertEquals("friendlyName", "NO FRIENDLYNAME SET", spConfig.getFriendlyName()); + Assert.assertEquals("pvp2.truststore", "", spConfig.getConfigurationValue("pvp2.metadata.truststore")); + String test = RandomStringUtils.randomAlphabetic(5); + Assert.assertEquals("pvp2.password", "1234pass", + spConfig.getConfigurationValue("pvp2.metadata.truststore.password", test)); + Assert.assertEquals("eidMode", true, spConfig.isConfigurationValue("newEidMode")); + Assert.assertEquals("notexistflag", false, spConfig.isConfigurationValue("notexist", false)); + Assert.assertNotNull("fullConfig", spConfig.getFullConfiguration()); + Assert.assertEquals("fullConfig", 4, spConfig.getFullConfiguration().size()); + + } + + @Test + public void loadSpConfigAdvancedMode() throws EaafConfigurationException { + ISpConfiguration spConfig = basicConfig.getServiceProviderConfiguration( + "jUnitTest2", ServiceProviderConfiguration.class); + + Assert.assertNotNull("spConfig", spConfig); + Assert.assertEquals("uniqueId", "jUnitTest2", spConfig.getUniqueIdentifier()); + Assert.assertEquals("friendlyName", "jUnit tester 2", spConfig.getFriendlyName()); + Assert.assertEquals("pvp2.truststore", "", spConfig.getConfigurationValue("pvp2.metadata.truststore")); + String test = RandomStringUtils.randomAlphabetic(5); + Assert.assertEquals("pvp2.password", test, + spConfig.getConfigurationValue("pvp2.metadata.truststore.notexist", test)); + Assert.assertEquals("eidMode", false, spConfig.isConfigurationValue("newEidMode")); + Assert.assertEquals("notexistflag", false, spConfig.isConfigurationValue("notexist", false)); + Assert.assertNotNull("fullConfig", spConfig.getFullConfiguration()); + Assert.assertEquals("fullConfig", 5, spConfig.getFullConfiguration().size()); + Assert.assertFalse("baseIdInternal", spConfig.hasBaseIdInternalProcessingRestriction()); + Assert.assertTrue("baseIdTransfer", spConfig.hasBaseIdTransferRestriction()); + + } + + @Test + public void loadSpConfigAdvancedModeWrongDecorator() throws EaafConfigurationException { + ISpConfiguration spConfig1 = basicConfig.getServiceProviderConfiguration( + "jUnitTest2", null); + Assert.assertNull("spConfig", spConfig1); + + String spConfig2 = basicConfig.getServiceProviderConfiguration( + "jUnitTest2", String.class); + Assert.assertNull("spConfig", spConfig2); + + } + + @Test + public void loadConfigValuesString() { + Assert.assertEquals("without default", "ownSpecificConnector", + basicConfig.getBasicConfiguration("auth.eIDAS.node_v2.entityId")); + + Assert.assertEquals("with default", "", + basicConfig.getBasicConfiguration("auth.eIDAS.szrclient.endpoint.prod", + RandomStringUtils.randomAlphabetic(5))); + + String rand1 = RandomStringUtils.randomAlphanumeric(5); + Assert.assertEquals("unknown with default", rand1, + basicConfig.getBasicConfiguration("notexist", rand1)); + + } + + @Test + public void loadConfigValuesBoolean() { + Assert.assertEquals("without default", true, + basicConfig.getBasicConfigurationBoolean("auth.eIDAS.szrclient.useTestService")); + + Assert.assertEquals("not exist with default", false, + basicConfig.getBasicConfigurationBoolean("auth.notexist", + false)); + + Assert.assertEquals("exist but empty with default", true, + basicConfig.getBasicConfigurationBoolean("auth.eIDAS.szrclient.params.vkz", true)); + + } + + @Test + public void loadConfigMap() { + Map entries = basicConfig.getBasicConfigurationWithPrefix("auth.eIDAS.szrclient"); + Assert.assertEquals("wrong size", 16, entries.size()); + Assert.assertTrue("missing element", entries.containsKey("endpoint.test")); + Assert.assertEquals("wrong entry", "http://localhost:1234/demoszr", entries.get("endpoint.test")); + + } + + @Test + public void validateUrl() throws MalformedURLException, EaafException { + Assert.assertEquals("wrong URL", "http://localhost/test", + basicConfig.validateIdpUrl(new URL("http://localhost/test/" + RandomStringUtils.randomAlphabetic(5)))); + + Assert.assertNull("wrong URL", + basicConfig.validateIdpUrl(new URL("http://localhost/wrong/" + RandomStringUtils.randomAlphabetic(5)))); + + } +} diff --git a/connector_lib/src/test/resources/SpringTest-context_basic_realConfig.xml b/connector_lib/src/test/resources/SpringTest-context_basic_realConfig.xml index bcca90b5..fbc4640a 100644 --- a/connector_lib/src/test/resources/SpringTest-context_basic_realConfig.xml +++ b/connector_lib/src/test/resources/SpringTest-context_basic_realConfig.xml @@ -11,10 +11,15 @@ + - + + + + + \ No newline at end of file diff --git a/connector_lib/src/test/resources/config/junit_config_1.properties b/connector_lib/src/test/resources/config/junit_config_1.properties index 01dcf842..160725d4 100644 --- a/connector_lib/src/test/resources/config/junit_config_1.properties +++ b/connector_lib/src/test/resources/config/junit_config_1.properties @@ -1,6 +1,7 @@ ## Basic service configuration eidas.ms.context.url.prefix=http://localhost/test/ eidas.ms.context.url.request.validation=true +eidas.ms.core.configRootDir=file:./src/test/resources/config/ eidas.ms.context.use.clustermode=true diff --git a/pom.xml b/pom.xml index 217b41ec..739cbcbe 100644 --- a/pom.xml +++ b/pom.xml @@ -19,8 +19,11 @@ 0.3 0.4 - 1.1.10 - 5.2.12.RELEASE + 1.1.11-SNAPSHOT + + 2.4.1 + 2.3.1 + 5.3.2 3.0.11.RELEASE 3.4.1 @@ -35,6 +38,9 @@ 2.12.0 + 2.0.1.Final + 6.1.5.Final + 4.13.1 2.22.2 @@ -121,6 +127,11 @@ eaaf-core ${eaaf-core.version} + + at.gv.egiz.eaaf + eaaf-springboot-utils + ${eaaf-core.version} + at.gv.egiz.eaaf eaaf_module_pvp2_idp @@ -186,6 +197,27 @@ + + org.springframework.boot + spring-boot-starter-web + ${spring-boot-starter-web.version} + + + org.springframework.boot + spring-boot-starter-actuator + ${spring-boot-starter-web.version} + + + org.springframework.boot + spring-boot-starter-tomcat + ${spring-boot-starter-web.version} + + + de.codecentric + spring-boot-admin-starter-client + ${spring-boot-admin-starter-client.version} + + org.springframework spring-webmvc @@ -257,6 +289,16 @@ jackson-datatype-jsr310 ${jackson-datatype-jsr310.version} + + javax.validation + validation-api + ${javax.validation-api.version} + + + org.hibernate.validator + hibernate-validator + ${hibernate-validator.version} + @@ -298,8 +340,8 @@ ${egiz.eidas.version} test test-jar - - + + @@ -315,36 +357,36 @@ ms-specific_eidas_node - - org.apache.maven.plugins - maven-compiler-plugin - ${maven-compiler-plugin.version} - - 1.8 - 1.8 - - - - - compile - testCompile - - - - - - org.apache.maven.plugins - maven-jar-plugin - 3.1.0 - - - - test-jar - - - - - + + org.apache.maven.plugins + maven-compiler-plugin + ${maven-compiler-plugin.version} + + 1.8 + 1.8 + + + + + compile + testCompile + + + + + + org.apache.maven.plugins + maven-jar-plugin + 3.1.0 + + + + test-jar + + + + + org.apache.cxf cxf-codegen-plugin -- cgit v1.2.3 From 293f67a641f8acdef54745c85969827807404fc2 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Sat, 26 Dec 2020 17:44:29 +0100 Subject: fix wrong-template paramters in error GUI --- basicConfig/templates/error_message.html | 4 ++-- connector/src/test/resources/config/templates/error_message.html | 4 ++-- .../eidas/specific/connector/gui/StaticGuiBuilderConfiguration.java | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) (limited to 'connector/src') diff --git a/basicConfig/templates/error_message.html b/basicConfig/templates/error_message.html index 7ec8aa0d..f9788f6a 100644 --- a/basicConfig/templates/error_message.html +++ b/basicConfig/templates/error_message.html @@ -21,8 +21,8 @@

Error Information


-

Code :

-

Msg :

+

Code :

+

Msg :

diff --git a/connector/src/test/resources/config/templates/error_message.html b/connector/src/test/resources/config/templates/error_message.html index da423592..86f9d29d 100644 --- a/connector/src/test/resources/config/templates/error_message.html +++ b/connector/src/test/resources/config/templates/error_message.html @@ -21,8 +21,8 @@

Error Information


-

Code :

-

Msg :

+

Code :

+

Msg :

diff --git a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/StaticGuiBuilderConfiguration.java b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/StaticGuiBuilderConfiguration.java index 65000ffa..25f5beda 100644 --- a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/StaticGuiBuilderConfiguration.java +++ b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/StaticGuiBuilderConfiguration.java @@ -117,7 +117,7 @@ public class StaticGuiBuilderConfiguration extends AbstractGuiFormBuilderConfigu @Override public void putCustomParameterWithOutEscaption(GroupDefinition group, String key, Object value) { - log.info("Add GUI-Template parameters WITHOUT escaption ARE NOT supported!!!!!"); + setViewParameter(getFromGroup(), key, value); } -- cgit v1.2.3 From f06839fb716ff61bf94a32f8e23e3f313245f7e7 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Sat, 26 Dec 2020 17:45:38 +0100 Subject: add jUnit test that simulates a full eIDAS authentication --- connector/pom.xml | 28 +- ...ficSpringBootApplicationContextInitializer.java | 2 +- .../SpringBootApplicationInitializer.java | 15 +- .../connector/provider/StatusMessageProvider.java | 4 +- .../src/main/resources/application.properties | 4 +- .../connector/test/FullStartUpAndProcessTest.java | 485 +++++++++++++++++++++ .../test/MainClassExecutableModeTest.java | 2 +- .../connector/test/MainClassWebAppModeTest.java | 4 +- .../config/junit_config_1_springboot.properties | 6 +- .../data/metadata_valid_without_encryption.xml | 88 ++++ pom.xml | 12 + 11 files changed, 639 insertions(+), 11 deletions(-) create mode 100644 connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java create mode 100644 connector/src/test/resources/data/metadata_valid_without_encryption.xml (limited to 'connector/src') diff --git a/connector/pom.xml b/connector/pom.xml index 6d3cad33..03492a5d 100644 --- a/connector/pom.xml +++ b/connector/pom.xml @@ -99,6 +99,11 @@ spring-test test + + org.springframework.boot + spring-boot-starter-test + test + at.gv.egiz.eaaf eaaf_core_utils @@ -111,6 +116,11 @@ test test-jar + + at.gv.egiz.eaaf + eaaf_module_pvp2_sp + test + org.springframework.boot spring-boot-starter-tomcat @@ -121,7 +131,23 @@ eaaf-springboot-utils test - + + com.github.skjolber + mockito-soap-cxf + test + + + org.powermock + powermock-module-junit4 + 2.0.7 + test + + + org.powermock + powermock-api-mockito2 + 2.0.7 + test + diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/MsSpecificSpringBootApplicationContextInitializer.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/MsSpecificSpringBootApplicationContextInitializer.java index 5160bdf5..399d1286 100644 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/MsSpecificSpringBootApplicationContextInitializer.java +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/MsSpecificSpringBootApplicationContextInitializer.java @@ -41,7 +41,7 @@ public class MsSpecificSpringBootApplicationContextInitializer extends } super.initialize(applicationContext); - + } private void injectConfiguration(String configPath, ConfigurableApplicationContext applicationContext) { diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringBootApplicationInitializer.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringBootApplicationInitializer.java index 0d3226bf..f0cf8698 100644 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringBootApplicationInitializer.java +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringBootApplicationInitializer.java @@ -4,8 +4,11 @@ import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.context.ConfigurableApplicationContext; +import at.gv.egiz.eaaf.core.api.IStatusMessenger; import at.gv.egiz.eaaf.core.impl.logging.LogMessageProviderFactory; import at.gv.egiz.eaaf.core.impl.logging.SimpleStatusMessager; +import at.gv.egiz.eaaf.core.impl.utils.Random; +import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer; import lombok.extern.slf4j.Slf4j; @Slf4j @@ -18,8 +21,9 @@ public class SpringBootApplicationInitializer { * Starts MS-specific eIDAS-Implementation SpringBoot application. * * @param args Starting parameters + * @throws Throwable In case of a start-up error */ - public static void main(final String[] args) { + public static void main(final String[] args) throws Throwable { try { log.info("=============== Initializing Spring-Boot context! ==============="); LogMessageProviderFactory.setStatusMessager(new SimpleStatusMessager()); @@ -27,9 +31,18 @@ public class SpringBootApplicationInitializer { new SpringApplication(SpringBootApplicationInitializer.class); springApp.addInitializers(new MsSpecificSpringBootApplicationContextInitializer()); + log.info("Bootstrap openSAML .... "); + EaafOpenSaml3xInitializer.eaafInitialize(); + log.debug("Run SpringBoot initialization process ... "); ctx = springApp.run(args); + // initialize status messenger + LogMessageProviderFactory.setStatusMessager(ctx.getBean(IStatusMessenger.class)); + + log.info("Seed random number generator ... "); + Random.seedRandom(); + log.info("Initialization of MS-specific eIDAS-Implementation finished."); } catch (final Throwable e) { diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/StatusMessageProvider.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/StatusMessageProvider.java index d38da6fe..073f7513 100644 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/StatusMessageProvider.java +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/StatusMessageProvider.java @@ -94,8 +94,8 @@ public class StatusMessageProvider implements IStatusMessenger { public String getResponseErrorCode(Throwable throwable) { String errorCode = IStatusMessenger.CODES_EXTERNAL_ERROR_GENERIC; if (throwable instanceof EaafException) { - errorCode = ((EaafException) throwable).getErrorId(); - + errorCode = mapInternalErrorToExternalError(((EaafException) throwable).getErrorId()); + } // TODO: maybe more internal switches are required diff --git a/connector/src/main/resources/application.properties b/connector/src/main/resources/application.properties index 2cb0c83a..68e07714 100644 --- a/connector/src/main/resources/application.properties +++ b/connector/src/main/resources/application.properties @@ -13,13 +13,15 @@ app.build.artifactId=ms_connector spring.boot.admin.client.enabled=false + + ############################################################################# ## MS-speccific eIDAS-Connector configuration #proxy.context.url.prefix= eidas.ms.context.url.request.validation=false #proxy.configRootDir=file:/.../config/ eidas.ms.context.use.clustermode=true - +eidas.ms.core.logging.level.info.errorcodes=auth.21 ##Monitoring eidas.ms.monitoring.eIDASNode.metadata.url= diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java new file mode 100644 index 00000000..5206c2e5 --- /dev/null +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java @@ -0,0 +1,485 @@ +package at.asitplus.eidas.specific.connector.test; + +import static org.mockito.ArgumentMatchers.any; +import static org.powermock.api.mockito.PowerMockito.when; + +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.io.UnsupportedEncodingException; +import java.net.URISyntaxException; +import java.util.Map; +import java.util.Timer; + +import javax.xml.transform.TransformerException; + +import org.apache.commons.lang3.RandomStringUtils; +import org.apache.ignite.Ignition; +import org.joda.time.DateTime; +import org.junit.AfterClass; +import org.junit.Assert; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Rule; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.opensaml.core.config.InitializationException; +import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport; +import org.opensaml.core.xml.io.MarshallingException; +import org.opensaml.core.xml.io.UnmarshallingException; +import org.opensaml.core.xml.util.XMLObjectSupport; +import org.opensaml.saml.metadata.resolver.impl.ResourceBackedMetadataResolver; +import org.opensaml.saml.saml2.core.RequestAbstractType; +import org.opensaml.saml.saml2.core.StatusResponseType; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.test.context.SpringBootTest; +import org.springframework.boot.web.servlet.FilterRegistrationBean; +import org.springframework.core.io.ResourceLoader; +import org.springframework.mock.web.MockHttpServletRequest; +import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.test.annotation.DirtiesContext; +import org.springframework.test.annotation.DirtiesContext.ClassMode; +import org.springframework.test.context.ActiveProfiles; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.TestPropertySource; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.test.web.servlet.setup.DefaultMockMvcBuilder; +import org.springframework.test.web.servlet.setup.MockMvcBuilders; +import org.springframework.util.Base64Utils; +import org.springframework.web.context.WebApplicationContext; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; + +import com.skjolberg.mockito.soap.SoapServiceRule; + +import at.asitplus.eidas.specific.connector.controller.ProcessEngineSignalController; +import at.asitplus.eidas.specific.connector.controller.Pvp2SProfileEndpoint; +import at.asitplus.eidas.specific.connector.provider.PvpEndPointCredentialProvider; +import at.asitplus.eidas.specific.connector.provider.PvpMetadataProvider; +import at.asitplus.eidas.specific.connector.test.saml2.Pvp2SProfileEndPointTest; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasSignalServlet; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry; +import at.gv.egiz.components.spring.api.SpringBootApplicationContextInitializer; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; +import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.core.impl.idp.controller.ProtocolFinalizationController; +import at.gv.egiz.eaaf.core.impl.utils.DomUtils; +import at.gv.egiz.eaaf.core.impl.utils.Random; +import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException; +import at.gv.egiz.eaaf.modules.pvp2.exception.SamlSigningException; +import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.OpenSaml3ResourceAdapter; +import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer; +import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; +import at.gv.egiz.eaaf.modules.pvp2.sp.impl.utils.AssertionAttributeExtractor; +import eu.eidas.auth.commons.attribute.AttributeDefinition; +import eu.eidas.auth.commons.attribute.ImmutableAttributeMap; +import eu.eidas.auth.commons.light.ILightRequest; +import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse; +import eu.eidas.auth.commons.tx.BinaryLightToken; +import eu.eidas.specificcommunication.SpecificCommunicationDefinitionBeanNames; +import eu.eidas.specificcommunication.exception.SpecificCommunicationException; +import eu.eidas.specificcommunication.protocol.SpecificCommunicationService; +import lombok.val; +import net.shibboleth.utilities.java.support.component.ComponentInitializationException; +import net.shibboleth.utilities.java.support.xml.XMLParserException; +import szrservices.SZR; +import szrservices.SignContentEntry; +import szrservices.SignContentResponseType; + +@RunWith(SpringJUnit4ClassRunner.class) +@SpringBootTest +@ContextConfiguration(initializers = { + org.springframework.boot.context.config.DelegatingApplicationContextInitializer.class, + SpringBootApplicationContextInitializer.class + }) +@TestPropertySource(locations = { "file:src/test/resources/config/junit_config_1_springboot.properties" }) +@DirtiesContext(classMode = ClassMode.AFTER_CLASS) +@ActiveProfiles(profiles = {"JUNIT", "jUnitTestMode", "springBoot"}) +public class FullStartUpAndProcessTest { + + private static final String FINAL_REDIRECT = "http://localhost/finalizeAuthProtocol?pendingid="; + + @Autowired private WebApplicationContext wac; + @Autowired private PvpEndPointCredentialProvider credentialProvider; + @Autowired private PvpMetadataProvider metadataProvider; + @Autowired private ResourceLoader resourceLoader; + @Autowired private EidasAttributeRegistry attrRegistry; + + @Autowired private Pvp2SProfileEndpoint sProfile; + @Autowired private ProcessEngineSignalController signal; + @Autowired private EidasSignalServlet eidasSignal; + @Autowired private ProtocolFinalizationController finalize; + + @Rule + public final SoapServiceRule soap = SoapServiceRule.newInstance(); + + private SZR szrMock; + + private String cc; + private String givenName; + private String familyName; + private String dateOfBirth; + private String personalId; + private String vsz; + private String eidasBind; + + + /** + * jUnit class initializer. + * @throws InterruptedException In case of an error + * @throws ComponentInitializationException In case of an error + * @throws InitializationException In case of an error + * + */ + @BeforeClass + public static void classInitializer() throws InterruptedException, InitializationException, ComponentInitializationException { + final String current = new java.io.File(".").toURI().toString(); + System.clearProperty("eidas.ms.configuration"); + + //eIDAS Ref. Impl. properties + System.setProperty("EIDAS_CONFIG_REPOSITORY", current.substring("file:".length()) + + "../basicConfig/eIDAS/"); + System.setProperty("SPECIFIC_CONNECTOR_CONFIG_REPOSITORY", current.substring("file:".length()) + + "../basicConfig/eIDAS/"); + System.setProperty("SPECIFIC_PROXY_SERVICE_CONFIG_REPOSITORY", current.substring("file:".length()) + + "../basicConfig/eIDAS/"); + + EaafOpenSaml3xInitializer.eaafInitialize(); + + } + + /** + * Test shut-down. + * + * @throws IOException In case of an error + */ + @AfterClass + public static void closeIgniteNode() throws IOException { + System.out.println("Closiong Ignite Node ... "); + Ignition.stopAll(true); + + } + + /** + * jUnit test set-up. + * + * + */ + @Before + public void setup() throws IOException { + DefaultMockMvcBuilder builder = MockMvcBuilders.webAppContextSetup(this.wac); + @SuppressWarnings("rawtypes") + Map filters = wac.getBeansOfType(FilterRegistrationBean.class); + for (FilterRegistrationBean filter : filters.values()) { + if (filter.isEnabled()) { + builder.addFilter(filter.getFilter(), "/*"); + + } + } + + szrMock = soap.mock(SZR.class, "http://localhost:1234/demoszr"); + + + + cc = RandomStringUtils.randomAlphabetic(2).toUpperCase(); + personalId = cc + "/AT/" + RandomStringUtils.randomNumeric(64); + familyName = RandomStringUtils.randomAlphabetic(10); + givenName = RandomStringUtils.randomAlphabetic(10); + dateOfBirth = "2015-10-12"; + + vsz = RandomStringUtils.randomNumeric(10); + eidasBind = RandomStringUtils.randomAlphanumeric(50); + + } + + @Test + public void userStopProcess() throws UnsupportedEncodingException, XMLParserException, UnmarshallingException, + TransformerException, IOException, MarshallingException, ComponentInitializationException, EaafException { + //start authentication process by sending a SAML2 Authn-Request + MockHttpServletRequest saml2Req = new MockHttpServletRequest("POST", "https://localhost/ms_connector"); + injectSaml2AuthnReq(saml2Req); + MockHttpServletResponse selectCountryResp = new MockHttpServletResponse(); + RequestContextHolder.resetRequestAttributes(); + RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(saml2Req, selectCountryResp)); + + // send SAML2 AuthnRequest + sProfile.pvpIdpPostRequest(saml2Req, selectCountryResp); + + //check country-selection response + Assert.assertEquals("no country-selection page", 200, selectCountryResp.getStatus()); + Assert.assertEquals("cc-selection page", "text/html;charset=UTF-8", selectCountryResp.getContentType()); + String selectionPage = selectCountryResp.getContentAsString(); + Assert.assertNotNull("selectionPage is null", selectionPage); + Assert.assertFalse("selectionPage is empty", selectionPage.isEmpty()); + + String pendingReqId = extractRequestToken(selectionPage, + " 0); + int end = selectionPage.indexOf("\"", start + selector.length()); + Assert.assertTrue("find no pendingReqId location end", end > 0); + return selectionPage.substring(start + selector.length(), end); + + } + + private void injectSaml2AuthnReq(MockHttpServletRequest saml2Req) throws XMLParserException, UnmarshallingException, + SamlSigningException, CredentialsNotAvailableException, UnsupportedEncodingException, TransformerException, + IOException, MarshallingException, ComponentInitializationException { + final RequestAbstractType authnReq = (RequestAbstractType) XMLObjectSupport.unmarshallFromInputStream( + XMLObjectProviderRegistrySupport.getParserPool(), + Pvp2SProfileEndPointTest.class.getResourceAsStream("/data/pvp2_authn_1.xml")); + authnReq.setIssueInstant(DateTime.now()); + RequestAbstractType signedAuthnReq = + Saml2Utils.signSamlObject(authnReq, credentialProvider.getMessageSigningCredential(), true); + String b64 = Base64Utils.encodeToString(DomUtils.serializeNode( + XMLObjectSupport.getMarshaller(signedAuthnReq).marshall(signedAuthnReq)).getBytes("UTF-8")); + saml2Req.setParameter("SAMLRequest", b64); + + final org.springframework.core.io.Resource resource = resourceLoader.getResource( + "classpath:/data/metadata_valid_without_encryption.xml"); + Timer timer = new Timer("PVP metadata-resolver refresh"); + ResourceBackedMetadataResolver fileSystemResolver = + new ResourceBackedMetadataResolver(timer, new OpenSaml3ResourceAdapter(resource)); + fileSystemResolver.setId("test"); + fileSystemResolver.setParserPool(XMLObjectProviderRegistrySupport.getParserPool()); + fileSystemResolver.initialize(); + metadataProvider.addMetadataResolverIntoChain(fileSystemResolver); + + } +} diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java index 66147971..5fd39383 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java @@ -81,7 +81,7 @@ public class MainClassExecutableModeTest { @Test - public void validConfigLocation() throws ClientProtocolException, IOException { + public void validConfigLocation() throws Throwable { SpringBootApplicationInitializer .main(new String[] { "--spring.config.location=src/test/resources/config/junit_config_1_springboot.properties,classpath:/application.properties", diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java index 265edfb6..ae0a45db 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java @@ -72,7 +72,7 @@ public class MainClassWebAppModeTest { } @Test - public void wrongConfigLocation() { + public void wrongConfigLocation() throws Throwable { //MS-specific connector property final String current = new java.io.File(".").toURI().toString(); System.setProperty("eidas.ms.configuration", current @@ -93,7 +93,7 @@ public class MainClassWebAppModeTest { @Test - public void systemdConfigLocation() throws ClientProtocolException, IOException { + public void systemdConfigLocation() throws Throwable { //MS-specific connector property final String current = new java.io.File(".").toURI().toString(); System.setProperty("eidas.ms.configuration", current diff --git a/connector/src/test/resources/config/junit_config_1_springboot.properties b/connector/src/test/resources/config/junit_config_1_springboot.properties index 7257df9b..ecb22dec 100644 --- a/connector/src/test/resources/config/junit_config_1_springboot.properties +++ b/connector/src/test/resources/config/junit_config_1_springboot.properties @@ -19,7 +19,7 @@ eidas.ms.monitoring.eIDASNode.metadata.url= eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret ## eIDAS Ref. Implementation connector ### -eidas.ms.auth.eIDAS.node_v2.forward.endpoint= +eidas.ms.auth.eIDAS.node_v2.forward.endpoint=http://eidas.node/junit eidas.ms.auth.eIDAS.szrclient.useTestService=true eidas.ms.auth.eIDAS.szrclient.endpoint.prod= @@ -40,7 +40,7 @@ eidas.ms.auth.eIDAS.authblock.key.password=f/+saJBc3a}*/T^s #Raw eIDAS Id data storage eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=true -eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=true +eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=false @@ -66,6 +66,8 @@ eidas.ms.sp.0.uniqueID=https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/met eidas.ms.sp.0.pvp2.metadata.truststore=keys/junit.jks eidas.ms.sp.0.pvp2.metadata.truststore.password=password eidas.ms.sp.0.friendlyName=jUnit test +eidas.ms.sp.0.newEidMode=true + #eidas.ms.sp.0.pvp2.metadata.url= #eidas.ms.sp.0.policy.allowed.requested.targets=.* #eidas.ms.sp.0.policy.hasBaseIdTransferRestriction=false diff --git a/connector/src/test/resources/data/metadata_valid_without_encryption.xml b/connector/src/test/resources/data/metadata_valid_without_encryption.xml new file mode 100644 index 00000000..b224c336 --- /dev/null +++ b/connector/src/test/resources/data/metadata_valid_without_encryption.xml @@ -0,0 +1,88 @@ + + + + + + + + + + + + + 00SaL0XjeknOb/DttutP50lTyAux1jaRPJIVdSupWvU= + + + PfEBmLMX/ZgL6ViXghyWtal5MaMoW8k3zjw+54+WK1OAtVsVgOsIDRJE0M/a/VXBbMSifgY6J1gN23xhr61jkrjRQEkbDzLpWZLzWAJ65YqqUQo8wsKI2Gz0j12yY5D8/GOamKOH9KDi5ba1veXR/fnxRINoy7nZo4tcUWZChdl8BWkMN5ugr6dORNIQg/Ym3GabQ/hR5z+9FmveAKphdH63MC6qW3EgM9EMvOVkrLBTP92sNMAAJeaawui9tlxi9anVQ0OqwZsgKLvI7fyV4CM/0sd/ELjeReIlWlHk07Nz4eltMq3eOx3q1YurYvhE8XapHiQMehOtCS+Fzh10sw== + + + MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH +SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W +ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w +CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ +RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq +UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ +M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F +Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt +1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq +nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC +VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq +itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc +2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O +fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy +4jpXrp77JXFRSDWddb0yePc= + + + + + + + + MIIBbTCCARKgAwIBAgIEXjF+qTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJBVDEN +MAsGA1UEBwwERUdJWjEOMAwGA1UECgwFalVuaXQxEDAOBgNVBAMMB3NpZ25pbmcw +HhcNMjAwMTI5MTI0NjMzWhcNMjcwMTI4MTI0NjMzWjA+MQswCQYDVQQGEwJBVDEN +MAsGA1UEBwwERUdJWjEOMAwGA1UECgwFalVuaXQxEDAOBgNVBAMMB3NpZ25pbmcw +WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASRt7gZRrr4rSEE7Q922oKQJF+mlkwC +LZnv8ZzHtH54s4VdyQFIBjQF1PPf9PTn+5tid8QJehZPndcoeD7J8fPJMAoGCCqG +SM49BAMCA0kAMEYCIQDFUO0owvqMVRO2FmD+vb8mqJBpWCE6Cl5pEHaygTa5LwIh +ANsmjI2azWiTSFjb7Ou5fnCfbeiJUP0s66m8qS4rYl9L + + + + urn:oasis:names:tc:SAML:2.0:nameid-format:persistent + + + + Default Service + + + + + + + + + + + + + + + + + + + + + EGIZ + E-Government Innovationszentrum + http://www.egiz.gv.at + + + E-Government Innovationszentrum + Lenz + Thomas + thomas.lenz@egiz.gv.at + +43 316 873 5525 + + diff --git a/pom.xml b/pom.xml index 739cbcbe..a4ef7028 100644 --- a/pom.xml +++ b/pom.xml @@ -314,6 +314,12 @@ ${org.springframework.version} test + + org.springframework.boot + spring-boot-starter-test + ${spring-boot-starter-web.version} + test + com.github.skjolber mockito-soap-cxf @@ -334,6 +340,12 @@ test test-jar + + at.gv.egiz.eaaf + eaaf_module_pvp2_sp + ${eaaf-core.version} + test + at.asitplus.eidas.ms_specific connector_lib -- cgit v1.2.3 From 063e6279147b1c532a8e8afae7209756b7f8b175 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Sat, 26 Dec 2020 19:16:41 +0100 Subject: switch to SpringBoot as default --- .../connector/SpringContextCloseHandler.java | 56 +------ .../specific/connector/SpringInitializer.java | 186 --------------------- .../src/main/resources/applicationContext.xml | 4 +- .../connector/test/FullStartUpAndProcessTest.java | 12 +- .../test/MainClassExecutableModeTest.java | 2 +- .../connector/test/MainClassWebAppModeTest.java | 2 +- 6 files changed, 11 insertions(+), 251 deletions(-) delete mode 100644 connector/src/main/java/at/asitplus/eidas/specific/connector/SpringInitializer.java (limited to 'connector/src') diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringContextCloseHandler.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringContextCloseHandler.java index 2a3b659a..e884b5c6 100644 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringContextCloseHandler.java +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringContextCloseHandler.java @@ -133,29 +133,6 @@ public class SpringContextCloseHandler private void internalThreadPoolTaskExecutor(final Map executers) { for (final ThreadPoolTaskExecutor executor : executers.values()) { - // Not needed yet - // int retryCount = 0; - // while(executor.getActiveCount()>0 && ++retryCount<51){ - // try { - // log.debug("Executer {} is still working with active {} work. Retry count is - // {}", - // executor.getThreadNamePrefix(), - // executor.getActiveCount(), - // retryCount); - // Thread.sleep(1000); - // - // } catch (final InterruptedException e) { - // e.printStackTrace(); - // } - // } - // - // if(!(retryCount<51)) - // log.debug("Executer {} is still working. Since Retry count exceeded max value - // {}, will be - // killed immediately", - // executor.getThreadNamePrefix(), - // retryCount); - executor.shutdown(); log.debug("Executer {} with active {} work has killed", executor.getThreadNamePrefix(), executor.getActiveCount()); @@ -168,38 +145,7 @@ public class SpringContextCloseHandler private void internalThreadPoolTaskScheduler( final Map schedulers) { log.trace("Stopping #{} task-schedulers", schedulers.size()); - - // for (final ThreadPoolTaskScheduler scheduler : schedulers.values()) { - // scheduler.getScheduledExecutor().shutdown(); - // try { - // scheduler.getScheduledExecutor().awaitTermination(20000, - // TimeUnit.MILLISECONDS); - // if(scheduler.getScheduledExecutor().isTerminated() || - // scheduler.getScheduledExecutor().isShutdown()) - // log.debug("Scheduler {} has stoped", scheduler.getThreadNamePrefix()); - // - // else{ - // log.debug("Scheduler {} has not stoped normally and will be shut down - // immediately", - // scheduler.getThreadNamePrefix()); - // scheduler.getScheduledExecutor().shutdownNow(); - // log.info("Scheduler {} has shut down immediately", - // scheduler.getThreadNamePrefix()); - // - // } - // - // } catch (final IllegalStateException e) { - // e.printStackTrace(); - // - // } catch (final InterruptedException e) { - // e.printStackTrace(); - // - // } finally { - // scheduler.shutdown(); - // - // } - // } - + } private void internalIDestroyableObject(final Map objectsToDestroy) { diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringInitializer.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringInitializer.java deleted file mode 100644 index 417828a6..00000000 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringInitializer.java +++ /dev/null @@ -1,186 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. -*/ - -package at.asitplus.eidas.specific.connector; - -import java.util.Arrays; - -import javax.servlet.ServletContext; -import javax.servlet.ServletException; -import javax.servlet.ServletRegistration; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.config.BeanDefinition; -import org.springframework.beans.factory.xml.XmlBeanDefinitionReader; -import org.springframework.context.ApplicationContext; -import org.springframework.context.support.ClassPathXmlApplicationContext; -import org.springframework.context.support.GenericApplicationContext; -import org.springframework.core.io.ClassPathResource; -import org.springframework.web.WebApplicationInitializer; -import org.springframework.web.context.ContextLoaderListener; -import org.springframework.web.context.request.RequestContextListener; -import org.springframework.web.context.support.GenericWebApplicationContext; -import org.springframework.web.context.support.ServletContextResource; -import org.springframework.web.servlet.DispatcherServlet; - -import at.gv.egiz.components.spring.api.SpringLoader; -import at.gv.egiz.eaaf.core.api.IStatusMessenger; -import at.gv.egiz.eaaf.core.impl.logging.LogMessageProviderFactory; -import at.gv.egiz.eaaf.core.impl.utils.Random; -import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer; - -/** - * Web application initializer. - * - * @author Thomas Lenz - */ -public class SpringInitializer implements WebApplicationInitializer { - - private static final Logger log = LoggerFactory.getLogger(SpringInitializer.class); - - private String[] rootServletContexts = null; - private String[] servletContexts = null; - - /** - * Application specific Spring initializer. - * - */ - public SpringInitializer() { - this.rootServletContexts = null; - this.servletContexts = new String[] { - "/applicationContext.xml", - - }; - } - - /* - * (non-Javadoc) - * - * @see - * org.springframework.web.WebApplicationInitializer#onStartup(javax.servlet. - * ServletContext) - */ - @Override - public void onStartup(ServletContext servletContext) throws ServletException { - try { - log.info("=============== Loading Config Root Context! ==============="); - final ApplicationContext cfgRootContext = - new ClassPathXmlApplicationContext(new String[] { - "/applicationContext.xml" - }); - - log.info("=============== Loading Root Context! ==============="); - final GenericWebApplicationContext rootContext = new GenericWebApplicationContext(); - rootContext.setServletContext(servletContext); - rootContext.setParent(cfgRootContext); - - log.info("Spring-context was initialized with active profiles: {}", - Arrays.asList(rootContext.getEnvironment().getActiveProfiles())); - - log.info("=============== Loading Local Contexts! ==============="); - final XmlBeanDefinitionReader xmlReader = new XmlBeanDefinitionReader( - rootContext); - if (rootServletContexts != null) { - for (final String rootServletContext : rootServletContexts) { - log.debug("Loading: " + rootServletContext); - xmlReader.loadBeanDefinitions(new ServletContextResource( - servletContext, rootServletContext)); - } - } - // Manage the lifecycle of the root application context - servletContext.addListener(new ContextLoaderListener(rootContext)); - - // log.debug("Beans after logAMQP in {}", rootContext); - // dumpBeanDefinitions(rootContext); - - log.info("=============== Loading SPI Context! ==============="); - log.debug("Loading modules and components"); - SpringLoader.loadSpringServices(rootContext); - - log.trace("Beans after SPI in " + rootContext); - dumpBeanDefinitions(rootContext); - - log.debug("Loading servlet config in " + rootContext); - if (servletContexts != null) { - for (final String servletContextString : servletContexts) { - xmlReader.loadBeanDefinitions(new ClassPathResource(servletContextString, SpringInitializer.class)); - } - - } - - log.debug("Refreshing context " + rootContext); - rootContext.refresh(); - - log.info("=============== Register Dispatcher Servlet! ==============="); - - log.trace("Final Beans in " + rootContext); - dumpBeanDefinitions(rootContext); - - log.info("Registering dispatcher configuration"); - final ServletRegistration.Dynamic dispatcher = servletContext.addServlet("dispatcher", - new DispatcherServlet(rootContext)); - if (dispatcher != null) { - dispatcher.setLoadOnStartup(1); - dispatcher.addMapping("/"); - dispatcher.setAsyncSupported(true); - - } else { - log.error("Failed to register dispatcher server in servlet context!"); - } - - log.info("=============== Register RequestContextListener! ==============="); - servletContext.addListener(new RequestContextListener()); - - // initialize status messenger - LogMessageProviderFactory.setStatusMessager(rootContext.getBean(IStatusMessenger.class)); - - log.info("Bootstrap openSAML .... "); - EaafOpenSaml3xInitializer.eaafInitialize(); - - log.info("Seed random number generator ... "); - Random.seedRandom(); - - log.info("Initialization of MS-specific eIDAS-connector finished."); - - } catch (final Throwable e) { - log.error("MS-specific eIDAS-connector initialization FAILED!", e); - - } - - } - - private void dumpBeanDefinitions(GenericApplicationContext context) { - log.trace("Registered Bean in context " + context.toString()); - - final String[] registeredBeans = context.getBeanDefinitionNames(); - for (final String registeredBean : registeredBeans) { - final BeanDefinition beanDefinition = context - .getBeanDefinition(registeredBean); - log.trace(registeredBean + " -> " + beanDefinition.getBeanClassName()); - - } - - log.trace("Registered Bean in context --" + context); - } -} diff --git a/connector/src/main/resources/applicationContext.xml b/connector/src/main/resources/applicationContext.xml index 8a21e68f..15ce0a55 100644 --- a/connector/src/main/resources/applicationContext.xml +++ b/connector/src/main/resources/applicationContext.xml @@ -39,13 +39,13 @@ location="${eidas.ms.configuration}" /> --> - + - + diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java index 5206c2e5..77037415 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java @@ -94,7 +94,7 @@ import szrservices.SignContentResponseType; }) @TestPropertySource(locations = { "file:src/test/resources/config/junit_config_1_springboot.properties" }) @DirtiesContext(classMode = ClassMode.AFTER_CLASS) -@ActiveProfiles(profiles = {"JUNIT", "jUnitTestMode", "springBoot"}) +@ActiveProfiles(profiles = {"JUNIT", "jUnitTestMode"}) public class FullStartUpAndProcessTest { private static final String FINAL_REDIRECT = "http://localhost/finalizeAuthProtocol?pendingid="; @@ -410,7 +410,7 @@ public class FullStartUpAndProcessTest { Assert.assertNotNull("eIDAS Node req", req); Assert.assertEquals("Wrong CC", cc, req.getCitizenCountryCode()); - Assert.assertEquals("Wrong CC", EaafConstants.EIDAS_LOA_SUBSTANTIAL, req.getLevelOfAssurance()); + Assert.assertEquals("Wrong CC", EaafConstants.EIDAS_LOA_HIGH, req.getLevelOfAssurance()); //set response from eIDAS node @@ -421,13 +421,13 @@ public class FullStartUpAndProcessTest { } private AuthenticationResponse buildDummyAuthResponse(String statusCode, String reqId) throws URISyntaxException { - final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first(); - final AttributeDefinition attributeDef2 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + final AttributeDefinition attributeDef2 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( Constants.eIDAS_ATTR_CURRENTFAMILYNAME).first(); - final AttributeDefinition attributeDef3 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + final AttributeDefinition attributeDef3 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( Constants.eIDAS_ATTR_CURRENTGIVENNAME).first(); - final AttributeDefinition attributeDef4 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( + final AttributeDefinition attributeDef4 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( Constants.eIDAS_ATTR_DATEOFBIRTH).first(); final ImmutableAttributeMap attributeMap = ImmutableAttributeMap.builder() diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java index 5fd39383..a865c8bd 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java @@ -85,7 +85,7 @@ public class MainClassExecutableModeTest { SpringBootApplicationInitializer .main(new String[] { "--spring.config.location=src/test/resources/config/junit_config_1_springboot.properties,classpath:/application.properties", - "--spring.profiles.active=jUnitTestMode,springBoot" }); + "--spring.profiles.active=jUnitTestMode" }); System.out.println("Is started!"); diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java index ae0a45db..c390184b 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java @@ -82,7 +82,7 @@ public class MainClassWebAppModeTest { //starting application SpringBootApplicationInitializer .main(new String[] { - "--spring.profiles.active=jUnitTestMode,springBoot" }); + "--spring.profiles.active=jUnitTestMode" }); Assert.fail("Missing configuration not detected"); } catch (final Exception e) { -- cgit v1.2.3 From 85c0c06c4ccd513a32f9f562deeba4038dcb95f4 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Sat, 26 Dec 2020 19:17:15 +0100 Subject: update default-configuration and example configuration --- basicConfig/default_config.properties | 65 +--------------------- .../src/main/resources/application.properties | 2 +- 2 files changed, 4 insertions(+), 63 deletions(-) (limited to 'connector/src') diff --git a/basicConfig/default_config.properties b/basicConfig/default_config.properties index d6cc1317..bb0829b8 100644 --- a/basicConfig/default_config.properties +++ b/basicConfig/default_config.properties @@ -1,8 +1,8 @@ ## Basic service configuration eidas.ms.context.url.prefix= eidas.ms.context.url.request.validation=false +eidas.ms.core.configRootDir=file:./ -eidas.ms.context.use.clustermode=true ##Monitoring eidas.ms.monitoring.eIDASNode.metadata.url= @@ -13,28 +13,14 @@ eidas.ms.technicallog.write.MDS.into.techlog=true eidas.ms.revisionlog.write.MDS.into.revisionlog=true eidas.ms.revisionlog.logIPAddressOfUser=true -##Directory for static Web content -eidas.ms.webcontent.static.directory=webcontent/ -eidas.ms.webcontent.templates=templates/ -eidas.ms.webcontent.properties=properties/messages -eidas.ms.webcontent.templates.countryselection=countrySelection.html ## extended validation of pending-request Id's -eidas.ms.core.pendingrequestid.maxlifetime=300 -eidas.ms.core.pendingrequestid.digist.algorithm=HmacSHA256 eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret + ## eIDAS Ref. Implementation connector ### eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector eidas.ms.auth.eIDAS.node_v2.forward.endpoint= -eidas.ms.auth.eIDAS.node_v2.forward.method=POST -eidas.ms.auth.eIDAS.node_v2.countrycode=AT -eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=.* -eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName=true -eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier=true -eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs=true - -eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/high eidas.ms.auth.eIDAS.szrclient.useTestService=true eidas.ms.auth.eIDAS.szrclient.endpoint.prod= @@ -44,11 +30,6 @@ eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.path=keys/..... eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.password= eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.path= eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.password= -eidas.ms.auth.eIDAS.szrclient.timeout.connection=15 -eidas.ms.auth.eIDAS.szrclient.timeout.response=30 -eidas.ms.auth.eIDAS.szrclient.params.vkz= - -eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation=false ## E-AuthBlock configuration @@ -60,35 +41,6 @@ eidas.ms.auth.eIDAS.authblock.key.alias=connectorkeypair eidas.ms.auth.eIDAS.authblock.key.password=f/+saJBc3a}*/T^s -#Raw eIDAS Id data storage -eidas.ms.auth.eIDAS.szrclient.workarounds.eidmapping.revisionlog.active=true - -eidas.ms.auth.eIDAS.szrclient.params.setPlaceOfBirthIfAvailable=true -eidas.ms.auth.eIDAS.szrclient.params.setBirthNameIfAvailable=true - -eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=false -eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=false - -##without mandates -eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.0=PersonIdentifier,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.1=FamilyName,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.2=FirstName,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.3=DateOfBirth,true - -eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.4=PlaceOfBirth,false -eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.5=BirthName,false -eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.6=Gender,false -eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.7=CurrentAddress,false - -##with mandates ---- NOT FULLY SUPPORTED AT THE MOMENT ----- -eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.0=PersonIdentifier,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.1=FamilyName,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.2=FirstName,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.3=DateOfBirth,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.4=LegalPerson,true -eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.5=LegalName,true - - ## PVP2 S-Profile end-point configuration eidas.ms.pvp2.keystore.type=jks eidas.ms.pvp2.keystore.path=keys/..... @@ -106,20 +58,9 @@ eidas.ms.pvp2.metadata.contact.givenname=Max eidas.ms.pvp2.metadata.contact.surname=Mustermann eidas.ms.pvp2.metadata.contact.email=max@junit.test + ## Service Provider configuration eidas.ms.sp.0.uniqueID= eidas.ms.sp.0.pvp2.metadata.truststore= eidas.ms.sp.0.pvp2.metadata.truststore.password= -#eidas.ms.sp.0.friendlyName= -#eidas.ms.sp.0.pvp2.metadata.url= -#eidas.ms.sp.0.policy.allowed.requested.targets=.* -#eidas.ms.sp.0.policy.hasBaseIdTransferRestriction=false - - -##only for advanced config -eidas.ms.configuration.sp.disableRegistrationRequirement= -#eidas.ms.configuration.restrictions.baseID.spTransmission= -eidas.ms.configuration.auth.default.countrycode= -eidas.ms.configuration.pvp.scheme.validation= -eidas.ms.configuration.pvp.enable.entitycategories= \ No newline at end of file diff --git a/connector/src/main/resources/application.properties b/connector/src/main/resources/application.properties index 68e07714..ef83d435 100644 --- a/connector/src/main/resources/application.properties +++ b/connector/src/main/resources/application.properties @@ -56,7 +56,7 @@ eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName=true eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier=true eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs=true -eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/substantial +eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/high #eidas.ms.auth.eIDAS.szrclient.useTestService=true #eidas.ms.auth.eIDAS.szrclient.endpoint.prod= -- cgit v1.2.3 From e229b7d5acafec28568fd8d45fbe86d8f215da69 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Sat, 26 Dec 2020 19:58:24 +0100 Subject: fix broken jUnit tests --- .../test/config/BasicConfigurationTest.java | 2 + .../ProcessEngineSignalControllerTest.java | 2 + .../test/saml2/Pvp2SProfileEndPointTest.java | 2 + .../task/EvaluateCountrySelectionTaskTest.java | 2 + .../GenerateCountrySelectionFrameTaskTest.java | 2 + .../test/utils/AuthenticationDataBuilderTest.java | 2 + .../test/utils/AuthnRequestValidatorTest.java | 2 + .../resources/config/junit_config_1.properties | 2 +- .../resources/config/junit_config_3.properties | 1 + .../EidasRequestPreProcessingFirstTest.java | 3 +- .../config/junit_config_de_attributes.properties | 114 +++++++++++++++++++++ 11 files changed, 132 insertions(+), 2 deletions(-) create mode 100644 eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_de_attributes.properties (limited to 'connector/src') diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/config/BasicConfigurationTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/config/BasicConfigurationTest.java index 86342f99..80307ea2 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/config/BasicConfigurationTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/config/BasicConfigurationTest.java @@ -12,6 +12,7 @@ import org.opensaml.core.config.InitializationException; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.test.annotation.DirtiesContext; import org.springframework.test.annotation.DirtiesContext.ClassMode; +import org.springframework.test.context.ActiveProfiles; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import org.springframework.test.context.web.WebAppConfiguration; @@ -34,6 +35,7 @@ import net.shibboleth.utilities.java.support.component.ComponentInitializationEx "/spring/SpringTest-context_simple_storage.xml" }) @WebAppConfiguration @DirtiesContext(classMode = ClassMode.BEFORE_CLASS) +@ActiveProfiles(profiles = {"deprecatedConfig"}) public class BasicConfigurationTest { @Autowired private IConfigurationWithSP basicConfig; diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/controller/ProcessEngineSignalControllerTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/controller/ProcessEngineSignalControllerTest.java index cd502c48..d2c4aff2 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/controller/ProcessEngineSignalControllerTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/controller/ProcessEngineSignalControllerTest.java @@ -11,6 +11,7 @@ import org.junit.runner.RunWith; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.test.context.ActiveProfiles; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import org.springframework.test.context.web.WebAppConfiguration; @@ -29,6 +30,7 @@ import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; "/eaaf_pvp.beans.xml", "/eaaf_pvp_idp.beans.xml", "/spring/SpringTest-context_simple_storage.xml" }) +@ActiveProfiles(profiles = {"deprecatedConfig"}) @WebAppConfiguration public class ProcessEngineSignalControllerTest { diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/saml2/Pvp2SProfileEndPointTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/saml2/Pvp2SProfileEndPointTest.java index 81ee2625..bcba3e11 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/saml2/Pvp2SProfileEndPointTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/saml2/Pvp2SProfileEndPointTest.java @@ -39,6 +39,7 @@ import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.test.annotation.DirtiesContext; import org.springframework.test.annotation.DirtiesContext.ClassMode; +import org.springframework.test.context.ActiveProfiles; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import org.springframework.test.context.web.WebAppConfiguration; @@ -68,6 +69,7 @@ import net.shibboleth.utilities.java.support.xml.XMLParserException; "/eaaf_pvp.beans.xml", "/eaaf_pvp_idp.beans.xml", "/spring/SpringTest-context_simple_storage.xml" }) +@ActiveProfiles(profiles = {"deprecatedConfig"}) @WebAppConfiguration @DirtiesContext(classMode = ClassMode.BEFORE_CLASS) public class Pvp2SProfileEndPointTest { diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/task/EvaluateCountrySelectionTaskTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/task/EvaluateCountrySelectionTaskTest.java index 9d590055..4bff9416 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/task/EvaluateCountrySelectionTaskTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/task/EvaluateCountrySelectionTaskTest.java @@ -12,6 +12,7 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.i18n.LocaleContextHolder; import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.test.context.ActiveProfiles; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import org.springframework.test.context.web.WebAppConfiguration; @@ -34,6 +35,7 @@ import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; "/eaaf_pvp.beans.xml", "/eaaf_pvp_idp.beans.xml", "/spring/SpringTest-context_simple_storage.xml" }) +@ActiveProfiles(profiles = {"deprecatedConfig"}) @WebAppConfiguration public class EvaluateCountrySelectionTaskTest { diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/task/GenerateCountrySelectionFrameTaskTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/task/GenerateCountrySelectionFrameTaskTest.java index 2a1d7cd4..d902f758 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/task/GenerateCountrySelectionFrameTaskTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/task/GenerateCountrySelectionFrameTaskTest.java @@ -13,6 +13,7 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.i18n.LocaleContextHolder; import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.test.context.ActiveProfiles; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import org.springframework.test.context.web.WebAppConfiguration; @@ -32,6 +33,7 @@ import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; "/eaaf_pvp.beans.xml", "/eaaf_pvp_idp.beans.xml", "/spring/SpringTest-context_simple_storage.xml" }) +@ActiveProfiles(profiles = {"deprecatedConfig"}) @WebAppConfiguration public class GenerateCountrySelectionFrameTaskTest { diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java index 87abb06f..a5876169 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java @@ -21,6 +21,7 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.i18n.LocaleContextHolder; import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.test.context.ActiveProfiles; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import org.springframework.test.context.web.WebAppConfiguration; @@ -52,6 +53,7 @@ import net.shibboleth.utilities.java.support.component.ComponentInitializationEx @RunWith(SpringJUnit4ClassRunner.class) @ContextConfiguration({ "/applicationContext.xml", "/SpringTest_connector.beans.xml", "/eaaf_core.beans.xml", "/eaaf_pvp.beans.xml", "/eaaf_pvp_idp.beans.xml", "/spring/SpringTest-context_simple_storage.xml" }) +@ActiveProfiles(profiles = {"deprecatedConfig"}) @WebAppConfiguration public class AuthenticationDataBuilderTest { diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthnRequestValidatorTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthnRequestValidatorTest.java index a9929a01..9aafb4b6 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthnRequestValidatorTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthnRequestValidatorTest.java @@ -22,6 +22,7 @@ import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.test.annotation.DirtiesContext; import org.springframework.test.annotation.DirtiesContext.ClassMode; +import org.springframework.test.context.ActiveProfiles; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import org.springframework.test.context.web.WebAppConfiguration; @@ -52,6 +53,7 @@ import net.shibboleth.utilities.java.support.component.ComponentInitializationEx "/eaaf_pvp.beans.xml", "/eaaf_pvp_idp.beans.xml", "/spring/SpringTest-context_simple_storage.xml" }) +@ActiveProfiles(profiles = {"deprecatedConfig"}) @WebAppConfiguration @DirtiesContext(classMode = ClassMode.BEFORE_CLASS) public class AuthnRequestValidatorTest { diff --git a/connector/src/test/resources/config/junit_config_1.properties b/connector/src/test/resources/config/junit_config_1.properties index 429d3538..f6b3e4c1 100644 --- a/connector/src/test/resources/config/junit_config_1.properties +++ b/connector/src/test/resources/config/junit_config_1.properties @@ -1,7 +1,7 @@ ## Basic service configuration eidas.ms.context.url.prefix=http://localhost eidas.ms.context.url.request.validation=false -eidas.ms.core.configRootDir=file:./ +eidas.ms.core.configRootDir=file:./src/test/resources/config/ eidas.ms.context.use.clustermode=true diff --git a/connector/src/test/resources/config/junit_config_3.properties b/connector/src/test/resources/config/junit_config_3.properties index 32e30790..8b2c63a8 100644 --- a/connector/src/test/resources/config/junit_config_3.properties +++ b/connector/src/test/resources/config/junit_config_3.properties @@ -1,6 +1,7 @@ ## Basic service configuration eidas.ms.context.url.prefix= eidas.ms.context.url.request.validation=false +eidas.ms.core.configRootDir=file:./src/test/resources/config/ eidas.ms.context.use.clustermode=true diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java index b4c8f20c..ce48ed09 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java @@ -74,7 +74,8 @@ public class EidasRequestPreProcessingFirstTest { @BeforeClass public static void classInitializer() throws IOException { final String current = new java.io.File(".").toURI().toString(); - System.setProperty("eidas.ms.configuration", current + "../../basicConfig/default_config.properties"); + System.setProperty("eidas.ms.configuration", + current + "src/test/resources/config/junit_config_de_attributes.properties"); } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_de_attributes.properties b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_de_attributes.properties new file mode 100644 index 00000000..9cec2cb7 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_de_attributes.properties @@ -0,0 +1,114 @@ +## Basic service configuration +eidas.ms.context.url.prefix= +eidas.ms.context.url.request.validation=false + +eidas.ms.context.use.clustermode=true + +##Monitoring +eidas.ms.monitoring.eIDASNode.metadata.url= + + +##Specific logger configuration +eidas.ms.technicallog.write.MDS.into.techlog=true +eidas.ms.revisionlog.write.MDS.into.revisionlog=true +eidas.ms.revisionlog.logIPAddressOfUser=true + +##Directory for static Web content +eidas.ms.webcontent.static.directory=webcontent/ +eidas.ms.webcontent.templates=templates/ +eidas.ms.webcontent.properties=properties/messages + +## extended validation of pending-request Id's +eidas.ms.core.pendingrequestid.maxlifetime=300 +eidas.ms.core.pendingrequestid.digist.algorithm=HmacSHA256 +eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret + +## eIDAS Ref. Implementation connector ### +eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector +eidas.ms.auth.eIDAS.node_v2.forward.endpoint=http://test +eidas.ms.auth.eIDAS.node_v2.forward.method=GET +eidas.ms.auth.eIDAS.node_v2.countrycode=AT +#eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=.* +eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName=true +eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier=true +eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs=true + +eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/high + +eidas.ms.auth.eIDAS.szrclient.useTestService=true +eidas.ms.auth.eIDAS.szrclient.endpoint.prod= +eidas.ms.auth.eIDAS.szrclient.endpoint.test=http://localhost:1234/demoszr +eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.path=keys/..... +eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.password= +eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.path= +eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.password= +eidas.ms.auth.eIDAS.szrclient.timeout.connection=15 +eidas.ms.auth.eIDAS.szrclient.timeout.response=30 +eidas.ms.auth.eIDAS.szrclient.params.vkz= + +eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation=false + + +eidas.ms.auth.eIDAS.authblock.keystore.password=f/+saJBc3a}*/T^s +eidas.ms.auth.eIDAS.authblock.keystore.friendlyName=connectorkeypair +eidas.ms.auth.eIDAS.authblock.keystore.path=./../keystore/teststore.jks +eidas.ms.auth.eIDAS.authblock.keystore.type=jks +eidas.ms.auth.eIDAS.authblock.key.alias=connectorkeypair +eidas.ms.auth.eIDAS.authblock.key.password=f/+saJBc3a}*/T^s + + +#Raw eIDAS Id data storage +eidas.ms.auth.eIDAS.szrclient.workarounds.eidmapping.revisionlog.active=true + +eidas.ms.auth.eIDAS.szrclient.params.setPlaceOfBirthIfAvailable=true +eidas.ms.auth.eIDAS.szrclient.params.setBirthNameIfAvailable=true + +eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=true +eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=true + +##without mandates +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.0=PersonIdentifier,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.1=FamilyName,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.2=FirstName,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.3=DateOfBirth,true + +eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.4=PlaceOfBirth,false +eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.5=BirthName,false +eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.6=Gender,false +eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.7=CurrentAddress,false + +##with mandates ---- NOT FULLY SUPPORTED AT THE MOMENT ----- +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.0=PersonIdentifier,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.1=FamilyName,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.2=FirstName,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.3=DateOfBirth,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.4=LegalPerson,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.5=LegalName,true + + +## PVP2 S-Profile end-point configuration +eidas.ms.pvp2.keystore.path=keys/..... +eidas.ms.pvp2.keystore.password= +eidas.ms.pvp2.key.metadata.alias= +eidas.ms.pvp2.key.metadata.password= +eidas.ms.pvp2.key.signing.alias= +eidas.ms.pvp2.key.signing.password= +eidas.ms.pvp2.metadata.validity=24 + +## Service Provider configuration +eidas.ms.sp.0.uniqueID= +eidas.ms.sp.0.pvp2.metadata.truststore= +eidas.ms.sp.0.pvp2.metadata.truststore.password= + +#eidas.ms.sp.0.friendlyName= +#eidas.ms.sp.0.pvp2.metadata.url= +#eidas.ms.sp.0.policy.allowed.requested.targets=.* +#eidas.ms.sp.0.policy.hasBaseIdTransferRestriction=false + + +##only for advanced config +eidas.ms.configuration.sp.disableRegistrationRequirement= +eidas.ms.configuration.restrictions.baseID.spTransmission= +eidas.ms.configuration.auth.default.countrycode= +eidas.ms.configuration.pvp.scheme.validation= +eidas.ms.configuration.pvp.enable.entitycategories= \ No newline at end of file -- cgit v1.2.3 From d9c6a5c8bf3cab0311fc25b38b308b22ec852a3e Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Mon, 28 Dec 2020 16:34:05 +0100 Subject: update SpringBoot application-initializer to enable package-scanning in application packages --- .../eidas/specific/connector/SpringBootApplicationInitializer.java | 5 ++++- .../eidas/specific/connector/config/BasicConfigurationProvider.java | 2 +- 2 files changed, 5 insertions(+), 2 deletions(-) (limited to 'connector/src') diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringBootApplicationInitializer.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringBootApplicationInitializer.java index f0cf8698..1e84cbb0 100644 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringBootApplicationInitializer.java +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringBootApplicationInitializer.java @@ -12,7 +12,10 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xIniti import lombok.extern.slf4j.Slf4j; @Slf4j -@SpringBootApplication(scanBasePackages = {"at.gv.egiz.eaaf.utils.springboot.ajp"}) +@SpringBootApplication(scanBasePackages = { + "at.asitplus.eidas.specific.connector", + "at.gv.egiz.eaaf.utils.springboot.ajp" + }) public class SpringBootApplicationInitializer { private static ConfigurableApplicationContext ctx; diff --git a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/BasicConfigurationProvider.java b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/BasicConfigurationProvider.java index 8f15a12d..89ccdfe7 100644 --- a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/BasicConfigurationProvider.java +++ b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/config/BasicConfigurationProvider.java @@ -42,7 +42,7 @@ import at.gv.egiz.eaaf.core.impl.idp.conf.AbstractConfigurationImpl; import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; @Service("BasicMSSpecificNodeConfig") -@Profile("!springBoot") +@Profile("deprecatedConfig") public class BasicConfigurationProvider extends AbstractConfigurationImpl { private static final Logger log = LoggerFactory.getLogger(BasicConfigurationProvider.class); -- cgit v1.2.3 From 278c8a6d1f0518dc9d0875dbec84614b19800d5d Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Thu, 7 Jan 2021 20:03:54 +0100 Subject: switch from custom monitoring to Spring-Actuator healthchecks --- connector/pom.xml | 5 + .../connector/controller/MonitoringController.java | 279 --------------------- .../health/EidasNodeMetadataHealthIndicator.java | 69 +++++ .../health/Saml2MetadataHealthIndicator.java | 44 ++++ .../tasks/GenerateCountrySelectionFrameTask.java | 11 +- .../EidasCacheTransactionStoreDecorator.java | 32 ++- .../main/resources/SpringTest_connector.beans.xml | 129 ---------- .../resources/specific_eIDAS_connector.beans.xml | 7 +- .../test/MainClassExecutableModeTest.java | 14 +- .../connector/test/MainClassWebAppModeTest.java | 11 +- ...sNodeMetadataHealthIndicatorNoEndpointTest.java | 70 ++++++ .../EidasNodeMetadataHealthIndicatorTest.java | 102 ++++++++ .../test/utils/AuthenticationDataBuilderTest.java | 2 +- .../config/junit_config_1_springboot.properties | 2 +- .../config/junit_config_2_springboot.properties | 83 ++++++ .../spring/SpringTest-context_healthcheck.xml | 22 ++ .../spring/SpringTest_connector.beans.xml | 122 +++++++++ .../specific/modules/auth/eidas/v2/Constants.java | 6 +- .../EidasRequestPreProcessingFirstTest.java | 8 +- .../config/junit_config_de_attributes.properties | 2 + pom.xml | 8 +- 21 files changed, 589 insertions(+), 439 deletions(-) delete mode 100644 connector/src/main/java/at/asitplus/eidas/specific/connector/controller/MonitoringController.java create mode 100644 connector/src/main/java/at/asitplus/eidas/specific/connector/health/EidasNodeMetadataHealthIndicator.java create mode 100644 connector/src/main/java/at/asitplus/eidas/specific/connector/health/Saml2MetadataHealthIndicator.java delete mode 100644 connector/src/main/resources/SpringTest_connector.beans.xml create mode 100644 connector/src/test/java/at/asitplus/eidas/specific/connector/test/health/EidasNodeMetadataHealthIndicatorNoEndpointTest.java create mode 100644 connector/src/test/java/at/asitplus/eidas/specific/connector/test/health/EidasNodeMetadataHealthIndicatorTest.java create mode 100644 connector/src/test/resources/config/junit_config_2_springboot.properties create mode 100644 connector/src/test/resources/spring/SpringTest-context_healthcheck.xml create mode 100644 connector/src/test/resources/spring/SpringTest_connector.beans.xml (limited to 'connector/src') diff --git a/connector/pom.xml b/connector/pom.xml index 03492a5d..2484e542 100644 --- a/connector/pom.xml +++ b/connector/pom.xml @@ -148,6 +148,11 @@ 2.0.7 test + + com.squareup.okhttp3 + mockwebserver + test + diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/MonitoringController.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/MonitoringController.java deleted file mode 100644 index f2d9fc8c..00000000 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/MonitoringController.java +++ /dev/null @@ -1,279 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. -*/ - -package at.asitplus.eidas.specific.connector.controller; - -import java.io.IOException; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.xml.transform.TransformerFactoryConfigurationError; - -import org.apache.commons.lang3.StringUtils; -import org.apache.commons.text.StringEscapeUtils; -import org.apache.http.client.methods.CloseableHttpResponse; -import org.apache.http.client.methods.HttpGet; -import org.apache.http.client.methods.HttpUriRequest; -import org.apache.http.client.utils.URIBuilder; -import org.apache.http.impl.client.CloseableHttpClient; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Controller; -import org.springframework.web.bind.annotation.ExceptionHandler; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RequestMethod; - -import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; -import at.gv.egiz.eaaf.core.api.data.EaafConstants; -import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; -import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage; -import at.gv.egiz.eaaf.core.exceptions.EaafException; -import at.gv.egiz.eaaf.core.impl.http.IHttpClientFactory; -import at.gv.egiz.eaaf.core.impl.utils.DomUtils; -import at.gv.egiz.eaaf.core.impl.utils.Random; -import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataBuilderConfiguration; -import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataConfigurationFactory; -import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PvpMetadataBuilder; -import at.gv.egiz.eaaf.modules.pvp2.impl.utils.AbstractCredentialProvider; - -@Controller -public class MonitoringController { - private static final Logger log = LoggerFactory.getLogger(MonitoringController.class); - - private static final String MESSAGE_OK = "OK"; - private static final String MESSAGE_ERROR = "ERROR"; - private static final String MESSAGE_SKIPPED = "SKIPPED"; - - private static final String TEST_STORAGE = "Storage: "; - private static final String TEST_CONFIG = "Config: "; - private static final String TEST_PVPMETADATA = "PVP_metadata: "; - private static final String TEST_EIDASNODEMETADATA = "eIDASNode_metadata: "; - - @Autowired - private ITransactionStorage storage; - @Autowired - private IConfigurationWithSP config; - - @Autowired private IHttpClientFactory httpClientFactory; - - @Autowired - private PvpMetadataBuilder metadatabuilder; - @Autowired - private IPvpMetadataConfigurationFactory configFactory; - private AbstractCredentialProvider pvpIdpCredentials; - - /** - * Sets a specific credential provider for PVP S-Profile IDP component. - * - * @param pvpIdpCredentials credential provider - */ - public void setPvpIdpCredentials(AbstractCredentialProvider pvpIdpCredentials) { - this.pvpIdpCredentials = pvpIdpCredentials; - - } - - /** - * Generic exception handling that wrote an error-message to html response. - * - * @param resp Http response object - * @param exception Error - * @throws IOException In case of a html response error. - */ - @ExceptionHandler({ Throwable.class }) - public void genericExceptionHandler(HttpServletResponse resp, Exception exception) throws IOException { - log.error("Monitoring Servlet receives an error.", exception); - resp.setContentType(EaafConstants.CONTENTTYPE_HTML_UTF8); - resp.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); - resp.getWriter().write("Reason: " - + StringEscapeUtils.escapeHtml4(StringEscapeUtils.escapeEcmaScript(exception.getMessage()))); - - } - - /** - * MS-Connector status-monitoring end-point. - * - * @param req http request - * @param resp http response - * @throws IOException In case of a general processing error - */ - @RequestMapping(value = { MsEidasNodeConstants.ENDPOINT_MONITORING_MONITOR }, - method = { RequestMethod.GET }) - public void startFullTest(HttpServletRequest req, HttpServletResponse resp) throws IOException { - resp.setContentType(EaafConstants.CONTENTTYPE_HTML_UTF8); - - try { - testConfig(); - testStorage(); - testPvpMetadata(); - testEidasNodeMetadata(); - resp.setStatus(HttpServletResponse.SC_OK); - resp.getWriter().write(MESSAGE_OK); - - } catch (final Exception e) { - resp.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); - resp.getWriter().write(MESSAGE_ERROR); - - } - - } - - /** - * MS-Connector internal verify monitoring end-point. - * - * @param req http request object - * @param resp http response object - * @throws IOException In case of an internal processing error - */ - @RequestMapping(value = { MsEidasNodeConstants.ENDPOINT_MONITORING_VERIFY }, - method = { RequestMethod.GET }) - - public void startSingleTests(HttpServletRequest req, HttpServletResponse resp) throws IOException { - String result = StringUtils.EMPTY; - try { - result += testConfig() + "
"; - } catch (final Exception e) { - result += e.getMessage() + "
"; - } - - try { - result += testStorage() + "
"; - } catch (final Exception e) { - result += e.getMessage() + "
"; - } - - try { - result += testPvpMetadata() + "
"; - } catch (final Exception e) { - result += e.getMessage() + "
"; - } - - try { - result += testEidasNodeMetadata() + "
"; - } catch (final Exception e) { - result += e.getMessage() + "
"; - } - - resp.setContentType(EaafConstants.CONTENTTYPE_HTML_UTF8); - resp.setStatus(HttpServletResponse.SC_OK); - resp.getWriter().write(result); - - } - - private String testStorage() throws Exception { - try { - final String key = Random.nextHexRandom16(); - final String value = Random.nextHexRandom16(); - - storage.put(key, value, -1); - final String result = storage.get(key, String.class); - storage.remove(key); - - if (result != null && result.equals(value)) { - return TEST_STORAGE + MESSAGE_OK; - } else { - log.warn("Montioring: TestValue: " + value + " does NOT match in Storage test"); - } - - } catch (final EaafException e) { - log.warn("Montioring: Can not read/write to storage.", e); - - } - - throw new Exception(TEST_STORAGE + MESSAGE_ERROR); - - } - - private String testConfig() throws Exception { - try { - if (config.getBasicConfigurationWithPrefix(MsEidasNodeConstants.PROP_CONFIG_SP_LIST_PREFIX) != null - && config.getBasicConfigurationWithPrefix(MsEidasNodeConstants.PROP_CONFIG_SP_LIST_PREFIX) - .size() > 0) { - return TEST_CONFIG + MESSAGE_OK; - } else { - log.warn("Montioring: Can not read from configuration file."); - } - - } catch (final Exception e) { - log.warn("Montioring: Can not read from configuration file.", e); - } - - throw new Exception(TEST_CONFIG + MESSAGE_ERROR); - - } - - private String testPvpMetadata() throws Exception { - try { - // build metadata - final IPvpMetadataBuilderConfiguration metadataConfig = - configFactory.generateMetadataBuilderConfiguration( - "http://localhost/monitoring", - pvpIdpCredentials); - metadatabuilder.buildPvpMetadata(metadataConfig); - return TEST_PVPMETADATA + MESSAGE_OK; - - } catch (Exception | TransformerFactoryConfigurationError e) { - log.warn("Monitoring: Has an error in '" + TEST_PVPMETADATA + "': " + e.getMessage(), e); - throw new Exception(TEST_PVPMETADATA + MESSAGE_ERROR, e); - - } - - } - - private String testEidasNodeMetadata() throws Exception { - try { - final String urlString = config.getBasicConfiguration( - MsEidasNodeConstants.PROP_CONFIG_MONITORING_EIDASNODE_METADATAURL); - if (StringUtils.isEmpty(urlString)) { - log.debug("No eIDASNode metadata URL. Skipping test ... "); - return TEST_EIDASNODEMETADATA + MESSAGE_SKIPPED; - - } - - // create HTTP client - CloseableHttpClient httpClient = httpClientFactory.getHttpClient(); - URIBuilder uriBuilder = new URIBuilder(urlString); - HttpUriRequest request = new HttpGet(uriBuilder.build()); - - final CloseableHttpResponse respCode = httpClient.execute(request); - if (respCode.getStatusLine().getStatusCode() != 200) { - log.warn("Monitoring: Has an error in '" + TEST_EIDASNODEMETADATA + "': " + " HTTP responsecode: " - + respCode); - throw new Exception(TEST_EIDASNODEMETADATA + MESSAGE_ERROR); - - } - - // parse metadata - DomUtils.parseXmlNonValidating(respCode.getEntity().getContent()); - - return TEST_EIDASNODEMETADATA + MESSAGE_OK; - - } catch (Exception | TransformerFactoryConfigurationError e) { - log.warn("Monitoring: Has an error in '" + TEST_EIDASNODEMETADATA + "': " + e.getMessage(), e); - throw new Exception(TEST_EIDASNODEMETADATA + MESSAGE_ERROR, e); - - } - - } - -} diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/health/EidasNodeMetadataHealthIndicator.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/health/EidasNodeMetadataHealthIndicator.java new file mode 100644 index 00000000..f160916c --- /dev/null +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/health/EidasNodeMetadataHealthIndicator.java @@ -0,0 +1,69 @@ +package at.asitplus.eidas.specific.connector.health; + +import java.io.ByteArrayInputStream; + +import javax.xml.transform.TransformerFactoryConfigurationError; + +import org.apache.commons.lang3.StringUtils; +import org.apache.http.StatusLine; +import org.apache.http.client.methods.HttpGet; +import org.apache.http.client.methods.HttpUriRequest; +import org.apache.http.client.utils.URIBuilder; +import org.apache.http.entity.ContentType; +import org.apache.http.impl.client.CloseableHttpClient; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.actuate.health.Health; +import org.springframework.boot.actuate.health.HealthIndicator; + +import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.impl.data.Triple; +import at.gv.egiz.eaaf.core.impl.http.HttpUtils; +import at.gv.egiz.eaaf.core.impl.http.IHttpClientFactory; +import at.gv.egiz.eaaf.core.impl.utils.DomUtils; +import lombok.extern.slf4j.Slf4j; + +@Slf4j +public class EidasNodeMetadataHealthIndicator implements HealthIndicator { + + @Autowired IConfiguration config; + @Autowired IHttpClientFactory httpClientFactory; + + @Override + public Health health() { + try { + final String urlString = config.getBasicConfiguration( + MsEidasNodeConstants.PROP_CONFIG_MONITORING_EIDASNODE_METADATAURL); + if (StringUtils.isEmpty(urlString)) { + log.trace("No eIDASNode metadata URL. Skipping test ... "); + return Health.unknown().build(); + + } + + // create HTTP client + CloseableHttpClient httpClient = httpClientFactory.getHttpClient(); + URIBuilder uriBuilder = new URIBuilder(urlString); + HttpUriRequest request = new HttpGet(uriBuilder.build()); + + final Triple respCode = httpClient.execute(request, + HttpUtils.bodyStatusCodeResponseHandler()); + if (respCode.getFirst().getStatusCode() != 200) { + log.warn("Monitoring: Get http StatusCode: {} from eIDAS-Node Metadata endpoint", + respCode.getFirst().getStatusCode()); + return Health.down().withDetail("http StatusCode", respCode.getFirst().getStatusCode()).build(); + + } + + // parse metadata + DomUtils.parseXmlNonValidating(respCode.getSecond()); + + return Health.up().build(); + + } catch (Exception | TransformerFactoryConfigurationError e) { + log.warn("Monitoring: Can not read SAML2 metadata from eIDAS-Node", e); + return Health.down().down(e).build(); + + } + } + +} diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/health/Saml2MetadataHealthIndicator.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/health/Saml2MetadataHealthIndicator.java new file mode 100644 index 00000000..592231b0 --- /dev/null +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/health/Saml2MetadataHealthIndicator.java @@ -0,0 +1,44 @@ +package at.asitplus.eidas.specific.connector.health; + +import javax.xml.transform.TransformerFactoryConfigurationError; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.actuate.health.Health; +import org.springframework.boot.actuate.health.HealthIndicator; + +import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataBuilderConfiguration; +import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataConfigurationFactory; +import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PvpMetadataBuilder; +import at.gv.egiz.eaaf.modules.pvp2.impl.utils.AbstractCredentialProvider; +import lombok.Setter; +import lombok.extern.slf4j.Slf4j; + +@Slf4j +public class Saml2MetadataHealthIndicator implements HealthIndicator { + + @Autowired + private PvpMetadataBuilder metadatabuilder; + @Autowired + private IPvpMetadataConfigurationFactory configFactory; + + @Setter + private AbstractCredentialProvider pvpIdpCredentials; + + @Override + public Health health() { + try { + // build metadata + final IPvpMetadataBuilderConfiguration metadataConfig = + configFactory.generateMetadataBuilderConfiguration( + "http://localhost/monitoring", + pvpIdpCredentials); + metadatabuilder.buildPvpMetadata(metadataConfig); + return Health.up().build(); + + } catch (Exception | TransformerFactoryConfigurationError e) { + return Health.down().down(e).build(); + + } + } + +} diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/processes/tasks/GenerateCountrySelectionFrameTask.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/processes/tasks/GenerateCountrySelectionFrameTask.java index 86808f01..d3b8116a 100644 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/processes/tasks/GenerateCountrySelectionFrameTask.java +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/processes/tasks/GenerateCountrySelectionFrameTask.java @@ -26,8 +26,6 @@ package at.asitplus.eidas.specific.connector.processes.tasks; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; @@ -39,7 +37,6 @@ import at.gv.egiz.eaaf.core.api.gui.ISpringMvcGuiFormBuilder; import at.gv.egiz.eaaf.core.api.idp.IConfiguration; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.exceptions.EaafException; -import at.gv.egiz.eaaf.core.exceptions.GuiBuildException; import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask; @@ -51,7 +48,6 @@ import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask; */ @Component("GenerateCountrySelectionFrameTask") public class GenerateCountrySelectionFrameTask extends AbstractAuthServletTask { - private static final Logger log = LoggerFactory.getLogger(GenerateCountrySelectionFrameTask.class); @Autowired ISpringMvcGuiFormBuilder guiBuilder; @@ -77,16 +73,11 @@ public class GenerateCountrySelectionFrameTask extends AbstractAuthServletTask { guiBuilder.build(request, response, config, "BKU-Selection form"); - } catch (final GuiBuildException e) { - log.warn("Can not build GUI:'BKU-Selection'. Msg:" + e.getMessage()); + } catch (final Exception e) { throw new TaskExecutionException(pendingReq, "Can not build GUI. Msg:" + e.getMessage(), new EaafException("gui.00", new Object[] { e.getMessage() }, e)); - } catch (final Exception e) { - log.warn("FinalizeAuthenticationTask has an internal error", e); - throw new TaskExecutionException(pendingReq, e.getMessage(), e); - } } diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/storage/EidasCacheTransactionStoreDecorator.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/storage/EidasCacheTransactionStoreDecorator.java index 557e245a..1ea5a280 100644 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/storage/EidasCacheTransactionStoreDecorator.java +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/storage/EidasCacheTransactionStoreDecorator.java @@ -30,17 +30,46 @@ import java.util.List; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.actuate.health.Health; +import org.springframework.boot.actuate.health.HealthIndicator; import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage; import at.gv.egiz.eaaf.core.exceptions.EaafException; import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; +import at.gv.egiz.eaaf.core.impl.utils.Random; -public class EidasCacheTransactionStoreDecorator implements ITransactionStorage { +public class EidasCacheTransactionStoreDecorator implements ITransactionStorage, HealthIndicator { private static final Logger log = LoggerFactory.getLogger(EidasCacheTransactionStoreDecorator.class); @Autowired(required = true) private CacheWithEidasBackend storage; + @Override + public Health health() { + try { + final String key = Random.nextHexRandom16(); + final String value = Random.nextHexRandom16(); + + this.put(key, value, -1); + final String result = this.get(key, String.class); + this.remove(key); + + if (result != null && result.equals(value)) { + return Health.up().build(); + + } else { + log.warn("Montioring: TestValue: " + value + " does NOT match in Storage test"); + return Health.down().build(); + + } + + } catch (final EaafException e) { + log.warn("Montioring: Can not read/write to storage.", e); + return Health.down().down(e).build(); + + } + } + @Override public void changeKey(String oldKey, String newKey, Object value) throws EaafException { if (containsKey(oldKey)) { @@ -148,5 +177,4 @@ public class EidasCacheTransactionStoreDecorator implements ITransactionStorage } } - } diff --git a/connector/src/main/resources/SpringTest_connector.beans.xml b/connector/src/main/resources/SpringTest_connector.beans.xml deleted file mode 100644 index 5cf0d5b8..00000000 --- a/connector/src/main/resources/SpringTest_connector.beans.xml +++ /dev/null @@ -1,129 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - \ No newline at end of file diff --git a/connector/src/main/resources/specific_eIDAS_connector.beans.xml b/connector/src/main/resources/specific_eIDAS_connector.beans.xml index aa5040fa..f6fdeefe 100644 --- a/connector/src/main/resources/specific_eIDAS_connector.beans.xml +++ b/connector/src/main/resources/specific_eIDAS_connector.beans.xml @@ -19,13 +19,16 @@ - + + + diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java index a865c8bd..9f4088f2 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java @@ -84,7 +84,7 @@ public class MainClassExecutableModeTest { public void validConfigLocation() throws Throwable { SpringBootApplicationInitializer .main(new String[] { - "--spring.config.location=src/test/resources/config/junit_config_1_springboot.properties,classpath:/application.properties", + "--spring.config.location=src/test/resources/config/junit_config_2_springboot.properties,classpath:/application.properties", "--spring.profiles.active=jUnitTestMode" }); System.out.println("Is started!"); @@ -100,10 +100,14 @@ public class MainClassExecutableModeTest { final CloseableHttpClient client = builder.build(); Assert.assertNotNull("httpClient", client); - final HttpUriRequest httpGet1 = new HttpGet("http://localhost:8080/ms_connector/actuator/info"); - final CloseableHttpResponse httpResp1 = client.execute(httpGet1); - Assert.assertEquals("http statusCode", 200, httpResp1.getStatusLine().getStatusCode()); - + final HttpUriRequest httpGetInfo = new HttpGet("http://localhost:8080/ms_connector/actuator/info"); + final CloseableHttpResponse httpRespInfo = client.execute(httpGetInfo); + Assert.assertEquals("http statusCode", 200, httpRespInfo.getStatusLine().getStatusCode()); + + final HttpUriRequest httpGetHealth = new HttpGet("http://localhost:8080/ms_connector/actuator/health"); + final CloseableHttpResponse httpRespHealth = client.execute(httpGetHealth); + Assert.assertEquals("http statusCode", 200, httpRespHealth.getStatusLine().getStatusCode()); + } } diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java index c390184b..07ef4968 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java @@ -120,10 +120,15 @@ public class MainClassWebAppModeTest { final CloseableHttpClient client = builder.build(); Assert.assertNotNull("httpClient", client); - final HttpUriRequest httpGet1 = new HttpGet("http://localhost:8080/ms_connector/actuator/info"); - final CloseableHttpResponse httpResp1 = client.execute(httpGet1); - Assert.assertEquals("http statusCode", 200, httpResp1.getStatusLine().getStatusCode()); + final HttpUriRequest httpGetInfo = new HttpGet("http://localhost:8080/ms_connector/actuator/info"); + final CloseableHttpResponse httpRespInfo = client.execute(httpGetInfo); + Assert.assertEquals("http statusCode", 200, httpRespInfo.getStatusLine().getStatusCode()); + + final HttpUriRequest httpGetHealth = new HttpGet("http://localhost:8080/ms_connector/actuator/health"); + final CloseableHttpResponse httpRespHealth = client.execute(httpGetHealth); + Assert.assertEquals("http statusCode", 503, httpRespHealth.getStatusLine().getStatusCode()); + } } diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/health/EidasNodeMetadataHealthIndicatorNoEndpointTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/health/EidasNodeMetadataHealthIndicatorNoEndpointTest.java new file mode 100644 index 00000000..b04a5bdb --- /dev/null +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/health/EidasNodeMetadataHealthIndicatorNoEndpointTest.java @@ -0,0 +1,70 @@ +package at.asitplus.eidas.specific.connector.test.health; + +import java.io.IOException; + +import org.apache.commons.io.IOUtils; +import org.junit.AfterClass; +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.actuate.health.Health; +import org.springframework.http.MediaType; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.TestPropertySource; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.test.context.web.WebAppConfiguration; + +import at.asitplus.eidas.specific.connector.health.EidasNodeMetadataHealthIndicator; +import okhttp3.mockwebserver.MockResponse; +import okhttp3.mockwebserver.MockWebServer; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/spring/SpringTest-context_healthcheck.xml" }) +@TestPropertySource(locations = {"classpath:/config/junit_config_2_springboot.properties"}) +@WebAppConfiguration +public class EidasNodeMetadataHealthIndicatorNoEndpointTest { + + @Autowired EidasNodeMetadataHealthIndicator health; + + private static MockWebServer mockWebServer = null; + + /** + * Testclass initializer. + * + * @throws IOException In case of an error + */ + @BeforeClass + public static void classInitializer() throws IOException { + mockWebServer = new MockWebServer(); + mockWebServer.start(40900); + mockWebServer.url("/mockup"); + + } + + @AfterClass + public static void resetTestEnviroment() throws NoSuchFieldException, SecurityException, + IllegalArgumentException, IllegalAccessException, IOException { + mockWebServer.shutdown(); + + } + + @Test + public void noEndpointInConfiguration() throws IOException { + //set-up status + mockWebServer.enqueue(new MockResponse().setResponseCode(200) + .setBody(IOUtils.toString(EidasNodeMetadataHealthIndicatorNoEndpointTest.class + .getResourceAsStream("/config/log4j.properties"), "UTF-8")) + .setHeader("Content-Type", MediaType.APPLICATION_XML)); + + //perform test + Health status = health.health(); + + //validate state + Assert.assertEquals("wrong healthState", Health.unknown().build().getStatus(), status.getStatus()); + + } + +} diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/health/EidasNodeMetadataHealthIndicatorTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/health/EidasNodeMetadataHealthIndicatorTest.java new file mode 100644 index 00000000..b044d4d2 --- /dev/null +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/health/EidasNodeMetadataHealthIndicatorTest.java @@ -0,0 +1,102 @@ +package at.asitplus.eidas.specific.connector.test.health; + +import java.io.IOException; + +import org.apache.commons.io.IOUtils; +import org.junit.AfterClass; +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.actuate.health.Health; +import org.springframework.http.MediaType; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.TestPropertySource; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.test.context.web.WebAppConfiguration; + +import at.asitplus.eidas.specific.connector.health.EidasNodeMetadataHealthIndicator; +import okhttp3.mockwebserver.MockResponse; +import okhttp3.mockwebserver.MockWebServer; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/spring/SpringTest-context_healthcheck.xml" }) +@TestPropertySource(locations = {"classpath:/config/junit_config_1_springboot.properties"}) +@WebAppConfiguration +public class EidasNodeMetadataHealthIndicatorTest { + + @Autowired EidasNodeMetadataHealthIndicator health; + + private static MockWebServer mockWebServer = null; + + /** + * Testclass initializer. + * + * @throws IOException In case of an error + */ + @BeforeClass + public static void classInitializer() throws IOException { + mockWebServer = new MockWebServer(); + mockWebServer.start(40900); + mockWebServer.url("/mockup"); + + } + + @AfterClass + public static void resetTestEnviroment() throws NoSuchFieldException, SecurityException, + IllegalArgumentException, IllegalAccessException, IOException { + mockWebServer.shutdown(); + + } + + @Test + public void httpStatusCode500() throws IOException { + //set-up status + mockWebServer.enqueue(new MockResponse().setResponseCode(500) + .setBody(IOUtils.toString(EidasNodeMetadataHealthIndicatorTest.class + .getResourceAsStream("/data/metadata_valid.xml"), "UTF-8")) + .setHeader("Content-Type", MediaType.APPLICATION_XML)); + + //perform test + Health status = health.health(); + + //validate state + Assert.assertEquals("wrong healthState", Health.down().build().getStatus(), status.getStatus()); + + } + + @Test + public void httpStatusCode200() throws IOException { + //set-up status + mockWebServer.enqueue(new MockResponse().setResponseCode(200) + .setBody(IOUtils.toString(EidasNodeMetadataHealthIndicatorTest.class + .getResourceAsStream("/data/metadata_valid.xml"), "UTF-8")) + .setHeader("Content-Type", MediaType.APPLICATION_XML)); + + //perform test + Health status = health.health(); + + //validate state + Assert.assertEquals("wrong healthState", Health.up().build().getStatus(), status.getStatus()); + + } + + @Test + public void noXmlResponse() throws IOException { + //set-up status + mockWebServer.enqueue(new MockResponse().setResponseCode(200) + .setBody(IOUtils.toString(EidasNodeMetadataHealthIndicatorTest.class + .getResourceAsStream("/config/log4j.properties"), "UTF-8")) + .setHeader("Content-Type", MediaType.APPLICATION_XML)); + + //perform test + Health status = health.health(); + + //validate state + Assert.assertEquals("wrong healthState", Health.down().build().getStatus(), status.getStatus()); + + } + +} diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java index a5876169..5f1c5dcf 100644 --- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java +++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java @@ -51,7 +51,7 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xIniti import net.shibboleth.utilities.java.support.component.ComponentInitializationException; @RunWith(SpringJUnit4ClassRunner.class) -@ContextConfiguration({ "/applicationContext.xml", "/SpringTest_connector.beans.xml", "/eaaf_core.beans.xml", +@ContextConfiguration({ "/applicationContext.xml", "/spring/SpringTest_connector.beans.xml", "/eaaf_core.beans.xml", "/eaaf_pvp.beans.xml", "/eaaf_pvp_idp.beans.xml", "/spring/SpringTest-context_simple_storage.xml" }) @ActiveProfiles(profiles = {"deprecatedConfig"}) @WebAppConfiguration diff --git a/connector/src/test/resources/config/junit_config_1_springboot.properties b/connector/src/test/resources/config/junit_config_1_springboot.properties index ecb22dec..e63cda7b 100644 --- a/connector/src/test/resources/config/junit_config_1_springboot.properties +++ b/connector/src/test/resources/config/junit_config_1_springboot.properties @@ -13,7 +13,7 @@ eidas.ms.core.configRootDir=file:./src/test/resources/config/ eidas.ms.context.use.clustermode=true ##Monitoring -eidas.ms.monitoring.eIDASNode.metadata.url= +eidas.ms.monitoring.eIDASNode.metadata.url=http://localhost:40900/mockup ## extended validation of pending-request Id's eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret diff --git a/connector/src/test/resources/config/junit_config_2_springboot.properties b/connector/src/test/resources/config/junit_config_2_springboot.properties new file mode 100644 index 00000000..ecb22dec --- /dev/null +++ b/connector/src/test/resources/config/junit_config_2_springboot.properties @@ -0,0 +1,83 @@ +## embbeded Tomcat +tomcat.workingdir=./target/work +tomcat.ajp.enabled=true +tomcat.ajp.port=8009 +tomcat.ajp.networkAddress=127.0.0.1 +tomcat.ajp.additionalAttributes.secretrequired=true +tomcat.ajp.additionalAttributes.secret=junit + +## Basic service configuration +eidas.ms.context.url.prefix=http://localhost +eidas.ms.core.configRootDir=file:./src/test/resources/config/ + +eidas.ms.context.use.clustermode=true + +##Monitoring +eidas.ms.monitoring.eIDASNode.metadata.url= + +## extended validation of pending-request Id's +eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret + +## eIDAS Ref. Implementation connector ### +eidas.ms.auth.eIDAS.node_v2.forward.endpoint=http://eidas.node/junit + +eidas.ms.auth.eIDAS.szrclient.useTestService=true +eidas.ms.auth.eIDAS.szrclient.endpoint.prod= +eidas.ms.auth.eIDAS.szrclient.endpoint.test=http://localhost:1234/demoszr +eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.path=keys/junit.jks +eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.password=password +eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.path= +eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.password= + +#tech. AuthBlock signing for E-ID process +eidas.ms.auth.eIDAS.authblock.keystore.password=f/+saJBc3a}*/T^s +eidas.ms.auth.eIDAS.authblock.keystore.friendlyName=connectorkeypair +eidas.ms.auth.eIDAS.authblock.keystore.path=keys/teststore.jks +eidas.ms.auth.eIDAS.authblock.keystore.type=jks +eidas.ms.auth.eIDAS.authblock.key.alias=connectorkeypair +eidas.ms.auth.eIDAS.authblock.key.password=f/+saJBc3a}*/T^s + + +#Raw eIDAS Id data storage +eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=true +eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=false + + + +## PVP2 S-Profile end-point configuration +eidas.ms.pvp2.keystore.type=jks +eidas.ms.pvp2.keystore.path=keys/junit.jks +eidas.ms.pvp2.keystore.password=password +eidas.ms.pvp2.key.metadata.alias=meta +eidas.ms.pvp2.key.metadata.password=password +eidas.ms.pvp2.key.signing.alias=sig +eidas.ms.pvp2.key.signing.password=password +eidas.ms.pvp2.metadata.validity=24 + +eidas.ms.pvp2.metadata.organisation.name=JUnit +eidas.ms.pvp2.metadata.organisation.friendyname=For testing with jUnit +eidas.ms.pvp2.metadata.organisation.url=http://junit.test +eidas.ms.pvp2.metadata.contact.givenname=Max +eidas.ms.pvp2.metadata.contact.surname=Mustermann +eidas.ms.pvp2.metadata.contact.email=max@junit.test + +## Service Provider configuration +eidas.ms.sp.0.uniqueID=https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata +eidas.ms.sp.0.pvp2.metadata.truststore=keys/junit.jks +eidas.ms.sp.0.pvp2.metadata.truststore.password=password +eidas.ms.sp.0.friendlyName=jUnit test +eidas.ms.sp.0.newEidMode=true + +#eidas.ms.sp.0.pvp2.metadata.url= +#eidas.ms.sp.0.policy.allowed.requested.targets=.* +#eidas.ms.sp.0.policy.hasBaseIdTransferRestriction=false + +## Service Provider configuration +eidas.ms.sp.1.uniqueID=https://demo.egiz.gv.at/junit_test +eidas.ms.sp.1.pvp2.metadata.truststore=keys/junit.jks +eidas.ms.sp.1.pvp2.metadata.truststore.password=password +eidas.ms.sp.1.friendlyName=jUnit test +eidas.ms.sp.1.pvp2.metadata.url=http://junit.test/metadata +eidas.ms.sp.1.policy.allowed.requested.targets=test +eidas.ms.sp.1.policy.hasBaseIdTransferRestriction=true + diff --git a/connector/src/test/resources/spring/SpringTest-context_healthcheck.xml b/connector/src/test/resources/spring/SpringTest-context_healthcheck.xml new file mode 100644 index 00000000..3bac88e3 --- /dev/null +++ b/connector/src/test/resources/spring/SpringTest-context_healthcheck.xml @@ -0,0 +1,22 @@ + + + + + + + + + + + + \ No newline at end of file diff --git a/connector/src/test/resources/spring/SpringTest_connector.beans.xml b/connector/src/test/resources/spring/SpringTest_connector.beans.xml new file mode 100644 index 00000000..ba385cb9 --- /dev/null +++ b/connector/src/test/resources/spring/SpringTest_connector.beans.xml @@ -0,0 +1,122 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java index 1091981e..ba3c46fe 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java @@ -51,11 +51,11 @@ public class Constants { public static final String CONIG_PROPS_EIDAS_NODE_FORWARD_METHOD = CONIG_PROPS_EIDAS_NODE + ".forward.method"; public static final String CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_DEFAULT_ONLYNATURAL = - CONIG_PROPS_EIDAS_NODE + ".attributes.requested.onlynatural."; + CONIG_PROPS_EIDAS_NODE + ".attributes.requested.onlynatural"; public static final String CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_CC_SPECIFIC_ONLYNATURAL = - CONIG_PROPS_EIDAS_NODE + ".attributes.requested.{0}.onlynatural."; + CONIG_PROPS_EIDAS_NODE + ".attributes.requested.{0}.onlynatural"; public static final String CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_REPRESENTATION = - CONIG_PROPS_EIDAS_NODE + ".attributes.requested.representation."; + CONIG_PROPS_EIDAS_NODE + ".attributes.requested.representation"; public static final String CONIG_PROPS_EIDAS_NODE_WORKAROUND_ADD_ALWAYS_PROVIDERNAME = CONIG_PROPS_EIDAS_NODE + ".workarounds.addAlwaysProviderName"; public static final String CONIG_PROPS_EIDAS_NODE_WORKAROUND_USEREQUESTIDASTRANSACTIONIDENTIFIER = diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java index ce48ed09..d0ab50f4 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java @@ -37,6 +37,7 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.test.annotation.DirtiesContext; import org.springframework.test.annotation.DirtiesContext.ClassMode; import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.TestPropertySource; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; @@ -54,6 +55,7 @@ import eu.eidas.auth.commons.light.impl.LightRequest.Builder; @ContextConfiguration(locations = { "/SpringTest-context_tasks_test.xml", "/SpringTest-context_basic_realConfig.xml"}) +@TestPropertySource(locations = {"classpath:/config/junit_config_de_attributes.properties"}) @DirtiesContext(classMode = ClassMode.AFTER_CLASS) public class EidasRequestPreProcessingFirstTest { @@ -73,9 +75,9 @@ public class EidasRequestPreProcessingFirstTest { */ @BeforeClass public static void classInitializer() throws IOException { - final String current = new java.io.File(".").toURI().toString(); - System.setProperty("eidas.ms.configuration", - current + "src/test/resources/config/junit_config_de_attributes.properties"); +// final String current = new java.io.File(".").toURI().toString(); +// System.setProperty("eidas.ms.configuration", +// current + "src/test/resources/config/junit_config_de_attributes.properties"); } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_de_attributes.properties b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_de_attributes.properties index 9cec2cb7..6b235667 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_de_attributes.properties +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_de_attributes.properties @@ -1,6 +1,8 @@ ## Basic service configuration eidas.ms.context.url.prefix= eidas.ms.context.url.request.validation=false +eidas.ms.core.configRootDir=file:./src/test/resources/config/ + eidas.ms.context.use.clustermode=true diff --git a/pom.xml b/pom.xml index a4ef7028..c8b9ae71 100644 --- a/pom.xml +++ b/pom.xml @@ -45,6 +45,7 @@ 4.13.1 2.22.2 1.0.5 + 4.0.0 0.8.6 @@ -353,7 +354,12 @@ test test-jar - + + com.squareup.okhttp3 + mockwebserver + ${com.squareup.okhttp3.version} + test + -- cgit v1.2.3 From 8d8221ab72222bae0fe50bfd1e8b4266eec40e11 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Sat, 9 Jan 2021 18:55:15 +0100 Subject: add HealthIndicator to check Apache-Ignite cluster-state --- .../health/IgniteClusterHealthIndicator.java | 52 ++++++++++++++++++++++ .../specific_eIDAS_connector.storage.beans.xml | 9 ++-- .../test/MainClassExecutableModeTest.java | 2 +- 3 files changed, 59 insertions(+), 4 deletions(-) create mode 100644 connector/src/main/java/at/asitplus/eidas/specific/connector/health/IgniteClusterHealthIndicator.java (limited to 'connector/src') diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/health/IgniteClusterHealthIndicator.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/health/IgniteClusterHealthIndicator.java new file mode 100644 index 00000000..10517565 --- /dev/null +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/health/IgniteClusterHealthIndicator.java @@ -0,0 +1,52 @@ +package at.asitplus.eidas.specific.connector.health; + +import org.apache.ignite.Ignite; +import org.springframework.boot.actuate.health.Health; +import org.springframework.boot.actuate.health.HealthIndicator; + +import eu.eidas.auth.cache.IgniteInstanceInitializerSpecificCommunication; +import lombok.Setter; +import lombok.extern.slf4j.Slf4j; + +/** + * HealthCheck that validate Nodes in Apache-Ignite Cluster. + * + * @author tlenz + * + */ +@Slf4j +public class IgniteClusterHealthIndicator implements HealthIndicator { + + @Setter + protected IgniteInstanceInitializerSpecificCommunication igniteInstanceInitializerSpecificCommunication; + + @Override + public Health health() { + final Ignite instance = igniteInstanceInitializerSpecificCommunication.getInstance(); + + // check if Apache Ignite cluster is active + if (!instance.cluster().active()) { + return Health.outOfService().build(); + + } + + final Health.Builder healthBuilder; + // Status UP requires more than 1 node because MS-Connector and eIDAS-Node operations as + // micro-services + if (instance.cluster().nodes().size() > 1) { + healthBuilder = Health.up(); + + } else { + // Something looks wrong if only a single node was found because MS-Connector and eIDAS-Node + // operations as micro-services + healthBuilder = Health.outOfService(); + + } + + healthBuilder.withDetail("#Nodes", instance.cluster().nodes().size()); + log.trace("Ignite state. #Nodes: {}", instance.cluster().nodes().size()); + return healthBuilder.build(); + + } + +} diff --git a/connector/src/main/resources/specific_eIDAS_connector.storage.beans.xml b/connector/src/main/resources/specific_eIDAS_connector.storage.beans.xml index 08c7b672..2e4d1742 100644 --- a/connector/src/main/resources/specific_eIDAS_connector.storage.beans.xml +++ b/connector/src/main/resources/specific_eIDAS_connector.storage.beans.xml @@ -27,12 +27,15 @@ - + + + + + UTF-8 + ${maven.build.timestamp} + yyyy-MM-dd HH:mm + ${project.version} -- cgit v1.2.3 From ed033b4105eec8c00189729bd4b38b17c6b40509 Mon Sep 17 00:00:00 2001 From: Alexander Marsalek Date: Thu, 7 Jan 2021 18:16:45 +0100 Subject: Resolve merge comments --- .../properties/status_messages_en.properties | 3 + .../specific/modules/auth/eidas/v2/Constants.java | 2 +- .../modules/auth/eidas/v2/dao/ErnbEidData.java | 2 +- .../eidas/v2/dao/MergedRegisterSearchResult.java | 57 ++- .../modules/auth/eidas/v2/dao/RegisterResult.java | 61 +-- .../modules/auth/eidas/v2/dao/SimpleEidasData.java | 27 +- .../auth/eidas/v2/ernb/DummyErnbClient.java | 43 -- .../modules/auth/eidas/v2/ernb/IErnbClient.java | 20 - .../auth/eidas/v2/ernp/DummyErnpClient.java | 66 ++++ .../modules/auth/eidas/v2/ernp/IErnpClient.java | 43 ++ .../v2/exception/ManualFixNecessaryException.java | 6 +- .../auth/eidas/v2/exception/WorkflowException.java | 6 +- .../CountrySpecificDetailSearchProcessor.java | 61 +++ .../handler/DeSpecificDetailSearchProcessor.java | 35 +- .../ICountrySpecificDetailSearchProcessor.java | 61 --- .../handler/ItSpecificDetailSearchProcessor.java | 34 +- .../auth/eidas/v2/tasks/InitialSearchTask.java | 188 ++++----- .../eidas/v2/tasks/ReceiveAuthnResponseTask.java | 2 +- .../auth/eidas/v2/utils/EidasResponseUtils.java | 82 +--- .../modules/auth/eidas/v2/zmr/DummyZmrClient.java | 27 +- .../modules/auth/eidas/v2/zmr/IZmrClient.java | 27 +- .../src/main/resources/eidas_v2_auth.beans.xml | 2 +- .../v2/test/tasks/InitialSearchTaskFirstTest.java | 438 +++++++++------------ .../resources/SpringTest-context_tasks_test.xml | 2 +- 24 files changed, 683 insertions(+), 612 deletions(-) delete mode 100644 eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/ernb/DummyErnbClient.java delete mode 100644 eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/ernb/IErnbClient.java create mode 100644 eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/ernp/DummyErnpClient.java create mode 100644 eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/ernp/IErnpClient.java create mode 100644 eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/CountrySpecificDetailSearchProcessor.java delete mode 100644 eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/ICountrySpecificDetailSearchProcessor.java (limited to 'connector/src') diff --git a/connector/src/main/resources/properties/status_messages_en.properties b/connector/src/main/resources/properties/status_messages_en.properties index 80228a47..c430fc90 100644 --- a/connector/src/main/resources/properties/status_messages_en.properties +++ b/connector/src/main/resources/properties/status_messages_en.properties @@ -6,6 +6,9 @@ eidas.04=Request contains no sessionToken. Authentication process stops eidas.05=Received eIDAS response-message is not valid. Reason: {0} eidas.06=LoA from eIDAS response-message {0} does not match to requested LoA eidas.07=eIDAS Response attribute-validation FAILED. Attribute:{0} Reason: {1} +eidas.08=An unexpected error occurred. +eidas.09=An error occurred while loading your data from official registers. Please contact the support. + config.01=No configuration-file parameter found. Maybe Java SystemD parameter is missing config.03=Can not load configuration from path {0} (See logs for more details) diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java index 767a2d12..57fd6ef1 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java @@ -32,7 +32,7 @@ public class Constants { public static final String DATA_REQUESTED_LOA_LIST = "req_requestedLoA"; public static final String DATA_REQUESTED_LOA_COMPERISON = "req_requestedLoAComperision"; public static final String DATA_FULL_EIDAS_RESPONSE = "resp_fulleIDASResponse"; - public static final String DATA_RESULT_MATCHING_BPK = "matching-result-bpk";//TODO? + public static final String DATA_RESULT_MATCHING_BPK = "matching-result-bpk"; // templates for post-binding forwarding public static final String TEMPLATE_POST_FORWARD_NAME = "eidas_node_forward.html"; diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/ErnbEidData.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/ErnbEidData.java index 6c7eeb6b..b780d3e8 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/ErnbEidData.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/ErnbEidData.java @@ -1,5 +1,5 @@ /* - * Copyright 2018 A-SIT Plus GmbH + * Copyright 2020 A-SIT Plus GmbH * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. * diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/MergedRegisterSearchResult.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/MergedRegisterSearchResult.java index 056b0450..7703af2a 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/MergedRegisterSearchResult.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/MergedRegisterSearchResult.java @@ -1,3 +1,26 @@ +/* + * Copyright 2020 A-SIT Plus GmbH + * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, + * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "License"); + * You may not use this work except in compliance with the License. + * You may obtain a copy of the License at: + * https://joinup.ec.europa.eu/news/understanding-eupl-v12 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + package at.asitplus.eidas.specific.modules.auth.eidas.v2.dao; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.WorkflowException; @@ -5,28 +28,48 @@ import lombok.Data; import java.util.ArrayList; -@Data public class MergedRegisterSearchResult { +@Data +public class MergedRegisterSearchResult { + + final ArrayList resultsZmr; + final ArrayList resultsErnp; - ArrayList resultsZmr = new ArrayList<>(); - ArrayList resultsErnb = new ArrayList<>(); + public MergedRegisterSearchResult(ArrayList resultsZmr, ArrayList resultsErnp) { + this.resultsZmr = resultsZmr; + this.resultsErnp = resultsErnp; + } public int getResultCount() { - return resultsZmr.size() + resultsErnb.size(); + return resultsZmr.size() + resultsErnp.size(); } /** - * Verfies that there is only one match and retunrs the bpk. + * Verifies that there is only one match and returns the bpk. + * * @return bpk bpk of the match * @throws WorkflowException if multiple results have been found */ public String getBpk() throws WorkflowException { + if (getResultCount() != 1) { + throw new WorkflowException("getResultCount() != 1"); + } + return getResult().getBpk(); + } + + /** + * Returns the results, if there is exactly one, throws exception otherwise. + * + * @return The result + * @throws WorkflowException Results does not contain exactly one result + */ + public RegisterResult getResult() throws WorkflowException { if (getResultCount() != 1) { throw new WorkflowException("getResultCount() != 1"); } if (resultsZmr.size() == 1) { - return resultsZmr.get(0).getBpk(); + return resultsZmr.get(0); } else { - return resultsErnb.get(0).getBpk(); + return resultsErnp.get(0); } } } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/RegisterResult.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/RegisterResult.java index c92808a1..1cc36fe9 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/RegisterResult.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/RegisterResult.java @@ -1,3 +1,26 @@ +/* + * Copyright 2020 A-SIT Plus GmbH + * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, + * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "License"); + * You may not use this work except in compliance with the License. + * You may obtain a copy of the License at: + * https://joinup.ec.europa.eu/news/understanding-eupl-v12 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + package at.asitplus.eidas.specific.modules.auth.eidas.v2.dao; import at.gv.e_government.reference.namespace.persondata._20020228.PostalAddressType; @@ -7,18 +30,18 @@ import lombok.Data; public class RegisterResult { // MDS - private String pseudonym = null; - private String givenName = null; - private String familyName = null; - private String dateOfBirth = null; + private String pseudonym; + private String givenName; + private String familyName; + private String dateOfBirth; // additional attributes - private String placeOfBirth = null; - private String birthName = null; - private String taxNumber = null; - private PostalAddressType address = null; + private String placeOfBirth; + private String birthName; + private String taxNumber; + private PostalAddressType address; - private String bpk = null; + private String bpk; /** * Register search result. @@ -37,26 +60,6 @@ public class RegisterResult { this.dateOfBirth = dateOfBirth; } - /** - * Register search result. - * - * @param bpk The bpk - * @param pseudonym The pseudonym - * @param givenName The givenName - * @param familyName The familyName - * @param dateOfBirth The dateOfBirth - * @param placeOfBirth The placeOfBirth - */ - public RegisterResult(String bpk, String pseudonym, String givenName, String familyName, String dateOfBirth, - String placeOfBirth) { - this.bpk = bpk; - this.pseudonym = pseudonym; - this.givenName = givenName; - this.familyName = familyName; - this.dateOfBirth = dateOfBirth; - this.placeOfBirth = placeOfBirth; - } - /** * Register search result. * diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SimpleEidasData.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SimpleEidasData.java index 674f5b48..57597122 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SimpleEidasData.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SimpleEidasData.java @@ -1,5 +1,5 @@ /* - * Copyright 2018 A-SIT Plus GmbH + * Copyright 2020 A-SIT Plus GmbH * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. * @@ -30,18 +30,18 @@ import lombok.Data; @Data public class SimpleEidasData { - private String citizenCountryCode = null; + private String citizenCountryCode; // MDS - private String pseudonym = null; - private String givenName = null; - private String familyName = null; - private String dateOfBirth = null; + private String pseudonym; + private String givenName; + private String familyName; + private String dateOfBirth; // additional attributes - private String placeOfBirth = null; - private String birthName = null; - private PostalAddressType address = null; + private String placeOfBirth; + private String birthName; + private PostalAddressType address; private String taxNumber; /** @@ -51,14 +51,7 @@ public class SimpleEidasData { * @throws WorkflowException if multiple results have been found */ public boolean equalsRegisterData(MergedRegisterSearchResult result) throws WorkflowException { - if (result.getResultCount() != 1) { - throw new WorkflowException("result.getResultCount() != 1"); - } - if (result.getResultsErnb().size() == 1) { - return equalsRegisterData(result.getResultsErnb().get(0)); - } else { - return equalsRegisterData(result.getResultsZmr().get(0)); - } + return equalsRegisterData(result.getResult()); } private boolean equalsRegisterData(RegisterResult result) { diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/ernb/DummyErnbClient.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/ernb/DummyErnbClient.java deleted file mode 100644 index 2d2fa76d..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/ernb/DummyErnbClient.java +++ /dev/null @@ -1,43 +0,0 @@ -package at.asitplus.eidas.specific.modules.auth.eidas.v2.ernb; - -import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData; -import org.springframework.stereotype.Service; - -import java.util.ArrayList; - -@Service("ErnbClientForeIDAS") -public class DummyErnbClient implements IErnbClient { - - @Override - public ArrayList searchWithPersonIdentifer(String personIdentifer) { - return resultEmpty(); - } - - @Override - public ArrayList searchWithMds(String givenName, String familyName, String dateOfBirth) { - return resultEmpty();//TODO will I only receive matches where all three values match perfectly? - } - - @Override - public ArrayList searchDeSpecific(String givenName, String familyName, String dateOfBirth, - String birthPlace, String birthName) { - return resultEmpty();//TODO - } - - @Override - public ArrayList searchItSpecific(String txNumber) { - return resultEmpty();//TODO - } - - @Override - public void update(RegisterResult registerResult, SimpleEidasData eidData) { - //TODO - } - - private ArrayList resultEmpty() { - return new ArrayList();//Nobody found - } - - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/ernb/IErnbClient.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/ernb/IErnbClient.java deleted file mode 100644 index cda4c426..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/ernb/IErnbClient.java +++ /dev/null @@ -1,20 +0,0 @@ -package at.asitplus.eidas.specific.modules.auth.eidas.v2.ernb; - -import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData; - -import java.util.ArrayList; - -public interface IErnbClient { - - ArrayList searchWithPersonIdentifer(String personIdentifer); - - ArrayList searchWithMds(String givenName, String familyName, String dateOfBirth); - - ArrayList searchDeSpecific(String givenName, String familyName, String dateOfBirth, - String birthPlace, String birthName); - - ArrayList searchItSpecific(String txNumber); - - void update(RegisterResult registerResult, SimpleEidasData eidData); -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/ernp/DummyErnpClient.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/ernp/DummyErnpClient.java new file mode 100644 index 00000000..3b49ab95 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/ernp/DummyErnpClient.java @@ -0,0 +1,66 @@ +/* + * Copyright 2020 A-SIT Plus GmbH + * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, + * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "License"); + * You may not use this work except in compliance with the License. + * You may obtain a copy of the License at: + * https://joinup.ec.europa.eu/news/understanding-eupl-v12 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + +package at.asitplus.eidas.specific.modules.auth.eidas.v2.ernp; + +import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData; +import org.springframework.stereotype.Service; + +import java.util.ArrayList; + +@Service("ErnbClientForeIDAS") +public class DummyErnpClient implements IErnpClient { + + @Override + public ArrayList searchWithPersonIdentifier(String personIdentifier) { + return resultEmpty(); + } + + @Override + public ArrayList searchWithMds(String givenName, String familyName, String dateOfBirth) { + return resultEmpty();//TODO will I only receive matches where all three values match perfectly? + } + + @Override + public ArrayList searchDeSpecific(String givenName, String familyName, String dateOfBirth, + String birthPlace, String birthName) { + return resultEmpty();//TODO + } + + @Override + public ArrayList searchItSpecific(String taxNumber) { + return resultEmpty();//TODO + } + + @Override + public void update(RegisterResult registerResult, SimpleEidasData eidData) { + //TODO + } + + private ArrayList resultEmpty() { + return new ArrayList();//Nobody found + } + + +} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/ernp/IErnpClient.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/ernp/IErnpClient.java new file mode 100644 index 00000000..01ac88fb --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/ernp/IErnpClient.java @@ -0,0 +1,43 @@ +/* + * Copyright 2020 A-SIT Plus GmbH + * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, + * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "License"); + * You may not use this work except in compliance with the License. + * You may obtain a copy of the License at: + * https://joinup.ec.europa.eu/news/understanding-eupl-v12 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + +package at.asitplus.eidas.specific.modules.auth.eidas.v2.ernp; + +import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData; + +import java.util.ArrayList; + +public interface IErnpClient { + + ArrayList searchWithPersonIdentifier(String personIdentifier); + + ArrayList searchWithMds(String givenName, String familyName, String dateOfBirth); + + ArrayList searchDeSpecific(String givenName, String familyName, String dateOfBirth, + String birthPlace, String birthName); + + ArrayList searchItSpecific(String taxNumber); + + void update(RegisterResult registerResult, SimpleEidasData eidData); +} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/ManualFixNecessaryException.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/ManualFixNecessaryException.java index c22e8135..2fecaa6b 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/ManualFixNecessaryException.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/ManualFixNecessaryException.java @@ -1,5 +1,5 @@ /* - * Copyright 2018 A-SIT Plus GmbH + * Copyright 2020 A-SIT Plus GmbH * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. * @@ -29,10 +29,10 @@ public class ManualFixNecessaryException extends EidasSAuthenticationException { private static final long serialVersionUID = 1L; public ManualFixNecessaryException(String personIdentifier) { - super("eidas.00", new Object[] { personIdentifier });//TODO "eidas.00" + super("eidas.09", new Object[] { personIdentifier }); } public ManualFixNecessaryException(SimpleEidasData eidData) { - super("eidas.00", new Object[] { eidData.getPseudonym() });//TODO "eidas.00" => what info to pass??? + super("eidas.09", new Object[] { eidData.getPseudonym() });//TODO what info to pass??? } } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/WorkflowException.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/WorkflowException.java index aa879bcc..b6f3309b 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/WorkflowException.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/WorkflowException.java @@ -1,5 +1,5 @@ /* - * Copyright 2018 A-SIT Plus GmbH + * Copyright 2020 A-SIT Plus GmbH * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. * @@ -19,7 +19,7 @@ * file for details on the various modules and licenses. * The "NOTICE" text file is part of the distribution. Any derivative works * that you distribute must include a readable copy of the "NOTICE" text file. -*/ + */ package at.asitplus.eidas.specific.modules.auth.eidas.v2.exception; @@ -27,7 +27,7 @@ public class WorkflowException extends EidasSAuthenticationException { private static final long serialVersionUID = 1L; public WorkflowException(String data) { - super("eidas.00", new Object[] { data }); + super("eidas.08", new Object[]{data}); } } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/CountrySpecificDetailSearchProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/CountrySpecificDetailSearchProcessor.java new file mode 100644 index 00000000..c5b3b231 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/CountrySpecificDetailSearchProcessor.java @@ -0,0 +1,61 @@ +/* + * Copyright 2020 A-SIT Plus GmbH + * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, + * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "License"); + * You may not use this work except in compliance with the License. + * You may obtain a copy of the License at: + * https://joinup.ec.europa.eu/news/understanding-eupl-v12 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + +package at.asitplus.eidas.specific.modules.auth.eidas.v2.handler; + +import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MergedRegisterSearchResult; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.ernp.IErnpClient; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.zmr.IZmrClient; + +public abstract class CountrySpecificDetailSearchProcessor { + + protected IErnpClient ernbClient; + protected IZmrClient zmrClient; + + public CountrySpecificDetailSearchProcessor(IErnpClient ernbClient, IZmrClient zmrClient) { + this.ernbClient = ernbClient; + this.zmrClient = zmrClient; + } + + /** + * Get a friendlyName of this post-processor implementation. + * + * @return + */ + public String getName() { + return this.getClass().getName(); + } + + /** + * Check if this postProcessor is sensitive for a specific country. + * + * @param countryCode of the eID data that should be processed + * @param eidData eID data + * @return true if this implementation can handle the country, otherwise false + */ + public abstract boolean canHandle(String countryCode, SimpleEidasData eidData); + + public abstract MergedRegisterSearchResult search(SimpleEidasData eidData); + +} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/DeSpecificDetailSearchProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/DeSpecificDetailSearchProcessor.java index e8cb7a1a..a29725c8 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/DeSpecificDetailSearchProcessor.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/DeSpecificDetailSearchProcessor.java @@ -1,17 +1,40 @@ +/* + * Copyright 2020 A-SIT Plus GmbH + * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, + * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "License"); + * You may not use this work except in compliance with the License. + * You may obtain a copy of the License at: + * https://joinup.ec.europa.eu/news/understanding-eupl-v12 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + package at.asitplus.eidas.specific.modules.auth.eidas.v2.handler; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MergedRegisterSearchResult; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.ernb.IErnbClient; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.ernp.IErnpClient; import at.asitplus.eidas.specific.modules.auth.eidas.v2.zmr.IZmrClient; import java.util.ArrayList; -public class DeSpecificDetailSearchProcessor extends ICountrySpecificDetailSearchProcessor { +public class DeSpecificDetailSearchProcessor extends CountrySpecificDetailSearchProcessor { - public DeSpecificDetailSearchProcessor(IErnbClient ernbClient, IZmrClient zmrClient) { + public DeSpecificDetailSearchProcessor(IErnpClient ernbClient, IZmrClient zmrClient) { super(ernbClient, zmrClient); } @@ -31,17 +54,17 @@ public class DeSpecificDetailSearchProcessor extends ICountrySpecificDetailSearc @Override public MergedRegisterSearchResult search(SimpleEidasData eidData) { - MergedRegisterSearchResult searchResult = new MergedRegisterSearchResult(); + ArrayList resultsZmr = zmrClient.searchDeSpecific(eidData.getGivenName(), eidData.getFamilyName(), eidData.getDateOfBirth(), eidData.getPlaceOfBirth(), eidData.getBirthName()); - searchResult.setResultsZmr(resultsZmr); ArrayList resultsErnb = ernbClient.searchDeSpecific(eidData.getGivenName(), eidData.getFamilyName(), eidData.getDateOfBirth(), eidData.getPlaceOfBirth(), eidData.getBirthName()); - searchResult.setResultsErnb(resultsErnb); + + MergedRegisterSearchResult searchResult = new MergedRegisterSearchResult(resultsZmr, resultsErnb); return searchResult; } } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/ICountrySpecificDetailSearchProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/ICountrySpecificDetailSearchProcessor.java deleted file mode 100644 index 6a2b2c0a..00000000 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/ICountrySpecificDetailSearchProcessor.java +++ /dev/null @@ -1,61 +0,0 @@ -/* - * Copyright 2018 A-SIT Plus GmbH - * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, - * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "License"); - * You may not use this work except in compliance with the License. - * You may obtain a copy of the License at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - -package at.asitplus.eidas.specific.modules.auth.eidas.v2.handler; - -import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MergedRegisterSearchResult; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.ernb.IErnbClient; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.zmr.IZmrClient; - -public abstract class ICountrySpecificDetailSearchProcessor { - - protected IErnbClient ernbClient; - protected IZmrClient zmrClient; - - public ICountrySpecificDetailSearchProcessor(IErnbClient ernbClient, IZmrClient zmrClient) { - this.ernbClient = ernbClient; - this.zmrClient = zmrClient; - } - - /** - * Get a friendlyName of this post-processor implementation. - * - * @return - */ - public String getName() { - return this.getClass().getName(); - } - - /** - * Check if this postProcessor is sensitive for a specific country. - * - * @param countryCode of the eID data that should be processed - * @param eidData eID data - * @return true if this implementation can handle the country, otherwise false - */ - public abstract boolean canHandle(String countryCode, SimpleEidasData eidData); - - public abstract MergedRegisterSearchResult search(SimpleEidasData eidData); - -} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/ItSpecificDetailSearchProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/ItSpecificDetailSearchProcessor.java index a94a67b3..e730066d 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/ItSpecificDetailSearchProcessor.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/ItSpecificDetailSearchProcessor.java @@ -1,17 +1,40 @@ +/* + * Copyright 2020 A-SIT Plus GmbH + * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, + * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "License"); + * You may not use this work except in compliance with the License. + * You may obtain a copy of the License at: + * https://joinup.ec.europa.eu/news/understanding-eupl-v12 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + package at.asitplus.eidas.specific.modules.auth.eidas.v2.handler; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MergedRegisterSearchResult; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.ernb.IErnbClient; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.ernp.IErnpClient; import at.asitplus.eidas.specific.modules.auth.eidas.v2.zmr.IZmrClient; import java.util.ArrayList; -public class ItSpecificDetailSearchProcessor extends ICountrySpecificDetailSearchProcessor { +public class ItSpecificDetailSearchProcessor extends CountrySpecificDetailSearchProcessor { - public ItSpecificDetailSearchProcessor(IErnbClient ernbClient, IZmrClient zmrClient) { + public ItSpecificDetailSearchProcessor(IErnpClient ernbClient, IZmrClient zmrClient) { super(ernbClient, zmrClient); } @@ -28,15 +51,14 @@ public class ItSpecificDetailSearchProcessor extends ICountrySpecificDetailSearc @Override public MergedRegisterSearchResult search(SimpleEidasData eidData) { - MergedRegisterSearchResult searchResult = new MergedRegisterSearchResult(); ArrayList resultsZmr = zmrClient.searchItSpecific(eidData.getTaxNumber()); - searchResult.setResultsZmr(resultsZmr); ArrayList resultsErnb = ernbClient.searchItSpecific(eidData.getTaxNumber()); - searchResult.setResultsErnb(resultsErnb); + + MergedRegisterSearchResult searchResult = new MergedRegisterSearchResult(resultsZmr, resultsErnb); return searchResult; } } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java index 5906ee6c..c4f0f146 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java @@ -1,5 +1,5 @@ /* - * Copyright 2018 A-SIT Plus GmbH + * Copyright 2020 A-SIT Plus GmbH * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. * @@ -42,12 +42,11 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MergedRegisterSearchResult; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.ernb.IErnbClient; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.ernp.IErnpClient; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.ManualFixNecessaryException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.WorkflowException; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.ICountrySpecificDetailSearchProcessor; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.CountrySpecificDetailSearchProcessor; import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils; import at.asitplus.eidas.specific.modules.auth.eidas.v2.zmr.IZmrClient; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; @@ -63,29 +62,32 @@ import lombok.extern.slf4j.Slf4j; /** - * Task that searches ErnB and ZMR before adding person to SZR. + * Task that searches ErnP and ZMR before adding person to SZR. * - * @author tlenz + * @author amarsalek */ @Slf4j @Component("InitialSearchTask") -// NOTE: General: Please rebase git commit and squash them where useful, i.e. "remove unused import" should -// not be a separate commit. public class InitialSearchTask extends AbstractAuthServletTask { - private List handlers = new ArrayList<>(); + private final List handlers; + private final IErnpClient ernpClient; + private final IZmrClient zmrClient; - private IErnbClient ernbClient; - private IZmrClient zmrClient; - - /* - * (non-Javadoc) - * - * @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv. - * egovernment.moa.id.process.api.ExecutionContext, - * javax.servlet.http.HttpServletRequest, - * javax.servlet.http.HttpServletResponse) + /** + * Constructor. + * @param handlers List of countrySpecificSearchProcessors + * @param ernpClient Ernp client + * @param zmrClient ZMR client */ + public InitialSearchTask(List handlers, IErnpClient ernpClient, + IZmrClient zmrClient) { + this.ernpClient = ernpClient; + this.zmrClient = zmrClient; + this.handlers = handlers; + log.info("# " + handlers.size() + " country specific detail search services are registered"); + } + @Override public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response) throws TaskExecutionException { @@ -94,7 +96,6 @@ public class InitialSearchTask extends AbstractAuthServletTask { final ILightResponse eidasResponse = authProcessData .getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE, ILightResponse.class); - // post-process eIDAS attributes final SimpleEidasData eidData = convertSimpleMapToSimpleData(convertEidasAttrToSimpleMap( eidasResponse.getAttributes().getAttributeMap())); @@ -107,10 +108,11 @@ public class InitialSearchTask extends AbstractAuthServletTask { } private String step2RegisterSearchWithPersonidentifier(SimpleEidasData eidData) throws TaskExecutionException { + log.trace("Starting step2RegisterSearchWithPersonidentifier"); String personIdentifier = eidData.getPseudonym(); MergedRegisterSearchResult result = searchInZmrAndErnp(personIdentifier); if (result.getResultCount() == 0) { - return step5CheckCountrySpecificSearchPossible(result, eidData); + return step5CheckAndPerformCountrySpecificSearchIfPossible(result, eidData); } else if (result.getResultCount() == 1) { return step3CheckRegisterUpdateNecessary(result, eidData); } @@ -118,46 +120,9 @@ public class InitialSearchTask extends AbstractAuthServletTask { new ManualFixNecessaryException(personIdentifier)); } - private SimpleEidasData convertSimpleMapToSimpleData(Map eidasAttrMap) - throws EidasAttributeException, EidPostProcessingException { - SimpleEidasData simpleEidasData = new SimpleEidasData(); - - final Object eIdentifierObj = eidasAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER); - final Triple eIdentifier = - EidasResponseUtils.parseEidasPersonalIdentifier((String) eIdentifierObj); - simpleEidasData.setCitizenCountryCode(eIdentifier.getFirst()); - - // MDS attributes - simpleEidasData.setPseudonym(EidasResponseUtils.processPseudonym( - eidasAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER))); - simpleEidasData.setFamilyName(EidasResponseUtils.processFamilyName( - eidasAttrMap.get(Constants.eIDAS_ATTR_CURRENTFAMILYNAME))); - simpleEidasData.setGivenName(EidasResponseUtils.processGivenName( - eidasAttrMap.get(Constants.eIDAS_ATTR_CURRENTGIVENNAME))); - simpleEidasData.setDateOfBirth(EidasResponseUtils.processDateOfBirthToString( - eidasAttrMap.get(Constants.eIDAS_ATTR_DATEOFBIRTH))); - - // additional attributes - simpleEidasData.setPlaceOfBirth(EidasResponseUtils.processPlaceOfBirth( - eidasAttrMap.get(Constants.eIDAS_ATTR_PLACEOFBIRTH))); - simpleEidasData.setBirthName(EidasResponseUtils.processBirthName( - eidasAttrMap.get(Constants.eIDAS_ATTR_BIRTHNAME))); - simpleEidasData.setAddress(EidasResponseUtils.processAddress( - eidasAttrMap.get(Constants.eIDAS_ATTR_CURRENTADDRESS))); - - if (eidasAttrMap.containsKey(Constants.eIDAS_ATTR_TAXREFERENCE)) { - simpleEidasData.setTaxNumber(EidasResponseUtils.processTaxReference( - eidasAttrMap.get(Constants.eIDAS_ATTR_TAXREFERENCE))); - } - - //TODO other additional attributes - return simpleEidasData; - } - private String step3CheckRegisterUpdateNecessary(MergedRegisterSearchResult result, SimpleEidasData eidData) throws TaskExecutionException { - //check if data from eidas authentication matches with data from register - log.debug("Compare " + result + " with " + eidData); + log.trace("Starting step3CheckRegisterUpdateNecessary"); try { if (eidData.equalsRegisterData(result)) { //No update necessary, just return bpk @@ -172,18 +137,19 @@ public class InitialSearchTask extends AbstractAuthServletTask { private String step4UpdateRegisterData(MergedRegisterSearchResult result, SimpleEidasData eidData) throws WorkflowException { + log.trace("Starting step4UpdateRegisterData"); log.debug("Update " + result + " with " + eidData); //TODO wann rechtlich möglich? return result.getBpk(); } - private String step5CheckCountrySpecificSearchPossible(MergedRegisterSearchResult result, SimpleEidasData eidData) - throws TaskExecutionException { + private String step5CheckAndPerformCountrySpecificSearchIfPossible( + MergedRegisterSearchResult result, SimpleEidasData eidData) throws TaskExecutionException { + log.trace("Starting step5CheckAndPerformCountrySpecificSearchIfPossible"); String citizenCountry = eidData.getCitizenCountryCode(); - ICountrySpecificDetailSearchProcessor foundHandler = null; - for (final ICountrySpecificDetailSearchProcessor el : handlers) { - //5 check if country specific search is possible + CountrySpecificDetailSearchProcessor foundHandler = null; + for (final CountrySpecificDetailSearchProcessor el : handlers) { if (el.canHandle(citizenCountry, eidData)) { log.debug("Found suitable country specific search handler for " + citizenCountry + " by using: " + el.getName()); @@ -192,18 +158,16 @@ public class InitialSearchTask extends AbstractAuthServletTask { } } if (foundHandler == null) { - //MDS search return step8RegisterSearchWithMds(result, eidData); } else { - //country specific search return step6CountrySpecificSearch(foundHandler, result, eidData); } } - private String step6CountrySpecificSearch(ICountrySpecificDetailSearchProcessor countrySpecificDetailSearchProcessor, + private String step6CountrySpecificSearch(CountrySpecificDetailSearchProcessor countrySpecificDetailSearchProcessor, MergedRegisterSearchResult initialSearchResult, SimpleEidasData eidData) throws TaskExecutionException { - //6 country specific search + log.trace("Starting step6CountrySpecificSearch"); MergedRegisterSearchResult countrySpecificDetailSearchResult = countrySpecificDetailSearchProcessor.search(eidData); @@ -212,7 +176,7 @@ public class InitialSearchTask extends AbstractAuthServletTask { return step8RegisterSearchWithMds(initialSearchResult, eidData); case 1: return step7aKittProcess(initialSearchResult, countrySpecificDetailSearchResult, eidData); - default://should not happen + default: throw new TaskExecutionException(pendingReq, "Detail search - Kitt Process necessary.", new ManualFixNecessaryException(eidData)); } @@ -221,8 +185,7 @@ public class InitialSearchTask extends AbstractAuthServletTask { private String step7aKittProcess(MergedRegisterSearchResult initialSearchResult, MergedRegisterSearchResult countrySpecificDetailSearchResult, SimpleEidasData eidData) throws TaskExecutionException { - //Automerge data - log.debug("Automerge " + initialSearchResult + " with " + eidData + " " + countrySpecificDetailSearchResult); + log.trace("Starting step7aKittProcess"); try { if (initialSearchResult.getResultCount() != 0) { throw new WorkflowException("initialSearchResult.getResultCount() != 0"); @@ -231,14 +194,11 @@ public class InitialSearchTask extends AbstractAuthServletTask { throw new WorkflowException("countrySpecificDetailSearchResult.getResultCount() != 1"); } if (countrySpecificDetailSearchResult.getResultsZmr().size() == 1) { - //update ZMR zmrClient.update(countrySpecificDetailSearchResult.getResultsZmr().get(0), eidData); } - if (countrySpecificDetailSearchResult.getResultsErnb().size() == 1) { - //update ErnB - ernbClient.update(countrySpecificDetailSearchResult.getResultsErnb().get(0), eidData); + if (countrySpecificDetailSearchResult.getResultsErnp().size() == 1) { + ernpClient.update(countrySpecificDetailSearchResult.getResultsErnp().get(0), eidData); } - String bpK = countrySpecificDetailSearchResult.getBpk(); return bpK; } catch (WorkflowException e) { @@ -248,35 +208,70 @@ public class InitialSearchTask extends AbstractAuthServletTask { private String step8RegisterSearchWithMds(MergedRegisterSearchResult initialSearchResult, SimpleEidasData eidData) { - MergedRegisterSearchResult mdsSearchResult = new MergedRegisterSearchResult(); - + log.trace("Starting step8RegisterSearchWithMds"); ArrayList resultsZmr = zmrClient.searchWithMds(eidData.getGivenName(), eidData.getFamilyName(), eidData.getDateOfBirth()); - mdsSearchResult.setResultsZmr(resultsZmr); - ArrayList resultsErnb = - ernbClient.searchWithMds(eidData.getGivenName(), eidData.getFamilyName(), eidData.getDateOfBirth()); - mdsSearchResult.setResultsErnb(resultsErnb); + ArrayList resultsErnp = + ernpClient.searchWithMds(eidData.getGivenName(), eidData.getFamilyName(), eidData.getDateOfBirth()); + MergedRegisterSearchResult mdsSearchResult = new MergedRegisterSearchResult(resultsZmr, resultsErnp); log.debug("Automerge " + initialSearchResult + " with " + eidData + " " + mdsSearchResult); //TODO implement next phase and return correct value return "TODO-Temporary-Endnode-105"; } private MergedRegisterSearchResult searchInZmrAndErnp(String personIdentifier) { - MergedRegisterSearchResult initialSearchResult = new MergedRegisterSearchResult(); ArrayList resultsZmr = - zmrClient.searchWithPersonIdentifer(personIdentifier); - initialSearchResult.setResultsZmr(resultsZmr); + zmrClient.searchWithPersonIdentifier(personIdentifier); - ArrayList resultsErnb = - ernbClient.searchWithPersonIdentifer(personIdentifier); - initialSearchResult.setResultsErnb(resultsErnb); + ArrayList resultsErnp = + ernpClient.searchWithPersonIdentifier(personIdentifier); + MergedRegisterSearchResult initialSearchResult = new MergedRegisterSearchResult(resultsZmr, resultsErnp); return initialSearchResult; } + private SimpleEidasData convertSimpleMapToSimpleData(Map eidasAttrMap) + throws EidasAttributeException { + SimpleEidasData simpleEidasData = new SimpleEidasData(); + + final Object eIdentifierObj = eidasAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER); + final Triple eIdentifier = + EidasResponseUtils.parseEidasPersonalIdentifier((String) eIdentifierObj); + if (eIdentifier == null) { + throw new EidasAttributeException("Error processing eIdentifier"); + } + simpleEidasData.setCitizenCountryCode(eIdentifier.getFirst()); + + // MDS attributes + simpleEidasData.setPseudonym(EidasResponseUtils.processPseudonym( + eidasAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER))); + simpleEidasData.setFamilyName(EidasResponseUtils.processFamilyName( + eidasAttrMap.get(Constants.eIDAS_ATTR_CURRENTFAMILYNAME))); + simpleEidasData.setGivenName(EidasResponseUtils.processGivenName( + eidasAttrMap.get(Constants.eIDAS_ATTR_CURRENTGIVENNAME))); + simpleEidasData.setDateOfBirth(EidasResponseUtils.processDateOfBirthToString( + eidasAttrMap.get(Constants.eIDAS_ATTR_DATEOFBIRTH))); + + // additional attributes + simpleEidasData.setPlaceOfBirth(EidasResponseUtils.processPlaceOfBirth( + eidasAttrMap.get(Constants.eIDAS_ATTR_PLACEOFBIRTH))); + simpleEidasData.setBirthName(EidasResponseUtils.processBirthName( + eidasAttrMap.get(Constants.eIDAS_ATTR_BIRTHNAME))); + simpleEidasData.setAddress(EidasResponseUtils.processAddress( + eidasAttrMap.get(Constants.eIDAS_ATTR_CURRENTADDRESS))); + + if (eidasAttrMap.containsKey(Constants.eIDAS_ATTR_TAXREFERENCE)) { + simpleEidasData.setTaxNumber(EidasResponseUtils.processTaxReference( + eidasAttrMap.get(Constants.eIDAS_ATTR_TAXREFERENCE))); + } + + //TODO other additional attributes + return simpleEidasData; + } + private Map convertEidasAttrToSimpleMap( ImmutableMap, ImmutableSet>> attributeMap) { final Map result = new HashMap<>(); @@ -293,7 +288,6 @@ public class InitialSearchTask extends AbstractAuthServletTask { } else { log.info("Ignore empty 'DateTime' attribute"); } - } else if (PostalAddress.class.equals(parameterizedType)) { final PostalAddress addressAttribute = EidasResponseUtils .translateAddressAttribute(el, attributeMap.get(el).asList()); @@ -304,7 +298,6 @@ public class InitialSearchTask extends AbstractAuthServletTask { } else { log.info("Ignore empty 'PostalAddress' attribute"); } - } else { final List natPersonIdObj = EidasResponseUtils .translateStringListAttribute(el, attributeMap.get(el)); @@ -312,7 +305,6 @@ public class InitialSearchTask extends AbstractAuthServletTask { if (StringUtils.isNotEmpty(stringAttr)) { result.put(el.getFriendlyName(), stringAttr); log.trace("Find attr '" + el.getFriendlyName() + "' with value: " + stringAttr); - } else { log.info("Ignore empty 'String' attribute"); } @@ -324,18 +316,4 @@ public class InitialSearchTask extends AbstractAuthServletTask { return result; } - - /** - * Constructor. - * @param handlers List of countrySpecificSearchProcessors - * @param ernbClient Ernb client - * @param zmrClient ZMR client - */ - public InitialSearchTask(List handlers, IErnbClient ernbClient, - IZmrClient zmrClient) { - this.ernbClient = ernbClient; - this.zmrClient = zmrClient; - this.handlers = handlers; - log.info("# " + handlers.size() + " country specific detail search services are registered"); - } } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java index 684546f7..0f733e8d 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java @@ -94,7 +94,7 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask { attrRegistry); // ********************************************************** - // ******* Store resonse infos into session object ********** + // ******* Store response infos into session object ********** // ********************************************************** // update MOA-Session data with received information diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/EidasResponseUtils.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/EidasResponseUtils.java index aaa4212a..fa26c2c5 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/EidasResponseUtils.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/EidasResponseUtils.java @@ -31,9 +31,6 @@ import java.util.regex.Pattern; import javax.annotation.Nullable; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException; -import at.gv.e_government.reference.namespace.persondata._20020228.PostalAddressType; import org.apache.commons.lang3.StringUtils; import org.joda.time.DateTime; import org.slf4j.Logger; @@ -43,6 +40,8 @@ import com.google.common.collect.ImmutableList; import com.google.common.collect.ImmutableSet; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException; +import at.gv.e_government.reference.namespace.persondata._20020228.PostalAddressType; import at.gv.egiz.eaaf.core.impl.data.Triple; import eu.eidas.auth.commons.attribute.AttributeDefinition; import eu.eidas.auth.commons.attribute.AttributeValue; @@ -177,7 +176,6 @@ public class EidasResponseUtils { ImmutableList> attributeValues) { final AttributeValue firstAttributeValue = attributeValues.get(0); return (PostalAddress) firstAttributeValue.getValue(); - } /** @@ -185,34 +183,24 @@ public class EidasResponseUtils { * * @param currentAddressObj eIDAS current address information * @return current address or null if no attribute is available - * @throws EidPostProcessingException if post-processing fails * @throws EidasAttributeException if eIDAS attribute is of a wrong type */ - public static PostalAddressType processAddress(Object currentAddressObj) throws EidPostProcessingException, - EidasAttributeException { - + public static PostalAddressType processAddress(Object currentAddressObj) throws EidasAttributeException { if (currentAddressObj != null) { if (currentAddressObj instanceof PostalAddress) { final PostalAddressType result = new PostalAddressType(); result.setPostalCode(((PostalAddress) currentAddressObj).getPostCode()); result.setMunicipality(((PostalAddress) currentAddressObj).getPostName()); - // TODO: add more mappings - return result; - } else { log.warn("eIDAS attr: " + Constants.eIDAS_ATTR_CURRENTADDRESS + " is of WRONG type"); throw new EidasAttributeException(Constants.eIDAS_ATTR_CURRENTADDRESS); - } - } else { log.debug("NO '" + Constants.eIDAS_ATTR_CURRENTADDRESS + "' attribute. Post-Processing skipped ... "); } - return null; - } /** @@ -220,27 +208,20 @@ public class EidasResponseUtils { * * @param birthNameObj eIDAS birthname information * @return birthName or null if no attribute is available - * @throws EidPostProcessingException if post-processing fails * @throws EidasAttributeException if eIDAS attribute is of a wrong type */ - public static String processBirthName(Object birthNameObj) throws EidPostProcessingException, - EidasAttributeException { + public static String processBirthName(Object birthNameObj) throws EidasAttributeException { if (birthNameObj != null) { if (birthNameObj instanceof String) { return (String) birthNameObj; - } else { log.warn("eIDAS attr: " + Constants.eIDAS_ATTR_BIRTHNAME + " is of WRONG type"); throw new EidasAttributeException(Constants.eIDAS_ATTR_BIRTHNAME); - } - } else { log.debug("NO '" + Constants.eIDAS_ATTR_BIRTHNAME + "' attribute. Post-Processing skipped ... "); } - return null; - } /** @@ -248,11 +229,9 @@ public class EidasResponseUtils { * * @param placeOfBirthObj eIDAS Place-of-Birth information * @return place of Birth or null if no attribute is available - * @throws EidPostProcessingException if post-processing fails * @throws EidasAttributeException if eIDAS attribute is of a wrong type */ - public static String processPlaceOfBirth(Object placeOfBirthObj) throws EidPostProcessingException, - EidasAttributeException { + public static String processPlaceOfBirth(Object placeOfBirthObj) throws EidasAttributeException { if (placeOfBirthObj != null) { if (placeOfBirthObj instanceof String) { return (String) placeOfBirthObj; @@ -266,9 +245,7 @@ public class EidasResponseUtils { } else { log.debug("NO '" + Constants.eIDAS_ATTR_PLACEOFBIRTH + "' attribute. Post-Processing skipped ... "); } - return null; - } /** @@ -277,16 +254,12 @@ public class EidasResponseUtils { * @param dateOfBirthObj eIDAS date-of-birth attribute information * @return formated user's date-of-birth * @throws EidasAttributeException if NO attribute is available - * @throws EidPostProcessingException if post-processing fails */ - public static DateTime processDateOfBirth(Object dateOfBirthObj) throws EidPostProcessingException, - EidasAttributeException { - if (dateOfBirthObj == null || !(dateOfBirthObj instanceof DateTime)) { + public static DateTime processDateOfBirth(Object dateOfBirthObj) throws EidasAttributeException { + if (!(dateOfBirthObj instanceof DateTime)) { throw new EidasAttributeException(Constants.eIDAS_ATTR_DATEOFBIRTH); } - return (DateTime) dateOfBirthObj; - } /** @@ -295,11 +268,9 @@ public class EidasResponseUtils { * @param dateOfBirthObj eIDAS date-of-birth attribute information * @return formated user's date-of-birth as string * @throws EidasAttributeException if NO attribute is available - * @throws EidPostProcessingException if post-processing fails */ - public static String processDateOfBirthToString(Object dateOfBirthObj) throws EidPostProcessingException, - EidasAttributeException { - if (dateOfBirthObj == null || !(dateOfBirthObj instanceof DateTime)) { + public static String processDateOfBirthToString(Object dateOfBirthObj) throws EidasAttributeException { + if (!(dateOfBirthObj instanceof DateTime)) { throw new EidasAttributeException(Constants.eIDAS_ATTR_DATEOFBIRTH); } return new SimpleDateFormat("yyyy-MM-dd").format(((DateTime) dateOfBirthObj).toDate()); @@ -311,16 +282,12 @@ public class EidasResponseUtils { * @param givenNameObj eIDAS givenName attribute information * @return formated user's givenname * @throws EidasAttributeException if NO attribute is available - * @throws EidPostProcessingException if post-processing fails */ - public static String processGivenName(Object givenNameObj) throws EidPostProcessingException, - EidasAttributeException { - if (givenNameObj == null || !(givenNameObj instanceof String)) { + public static String processGivenName(Object givenNameObj) throws EidasAttributeException { + if (!(givenNameObj instanceof String)) { throw new EidasAttributeException(Constants.eIDAS_ATTR_CURRENTGIVENNAME); } - return (String) givenNameObj; - } /** @@ -329,16 +296,12 @@ public class EidasResponseUtils { * @param familyNameObj eIDAS familyName attribute information * @return formated user's familyname * @throws EidasAttributeException if NO attribute is available - * @throws EidPostProcessingException if post-processing fails */ - public static String processFamilyName(Object familyNameObj) throws EidPostProcessingException, - EidasAttributeException { - if (familyNameObj == null || !(familyNameObj instanceof String)) { + public static String processFamilyName(Object familyNameObj) throws EidasAttributeException { + if (!(familyNameObj instanceof String)) { throw new EidasAttributeException(Constants.eIDAS_ATTR_CURRENTFAMILYNAME); } - return (String) familyNameObj; - } /** @@ -347,17 +310,16 @@ public class EidasResponseUtils { * @param personalIdObj eIDAS PersonalIdentifierAttribute * @return Unique personal identifier without country-code information * @throws EidasAttributeException if NO attribute is available - * @throws EidPostProcessingException if post-processing fails */ - public static String processPseudonym(Object personalIdObj) throws EidPostProcessingException, - EidasAttributeException { - if (personalIdObj == null || !(personalIdObj instanceof String)) { + public static String processPseudonym(Object personalIdObj) throws EidasAttributeException { + if (!(personalIdObj instanceof String)) { throw new EidasAttributeException(Constants.eIDAS_ATTR_PERSONALIDENTIFIER); } - final Triple eIdentifier = EidasResponseUtils.parseEidasPersonalIdentifier((String) personalIdObj); - + if (eIdentifier.getThird() == null) { + throw new EidasAttributeException("Error processing eIdentifier"); + } return eIdentifier.getThird(); } @@ -367,15 +329,11 @@ public class EidasResponseUtils { * @param taxReferenceObj eIDAS TaxReference attribute information * @return formated user's TaxReference * @throws EidasAttributeException if NO attribute is available - * @throws EidPostProcessingException if post-processing fails */ - public static String processTaxReference(Object taxReferenceObj) throws EidPostProcessingException, - EidasAttributeException { - if (taxReferenceObj == null || !(taxReferenceObj instanceof String)) { + public static String processTaxReference(Object taxReferenceObj) throws EidasAttributeException { + if (!(taxReferenceObj instanceof String)) { throw new EidasAttributeException(Constants.eIDAS_ATTR_CURRENTGIVENNAME); } - return (String) taxReferenceObj; - } } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/zmr/DummyZmrClient.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/zmr/DummyZmrClient.java index f4d77b03..60dd2ef2 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/zmr/DummyZmrClient.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/zmr/DummyZmrClient.java @@ -1,3 +1,26 @@ +/* + * Copyright 2020 A-SIT Plus GmbH + * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, + * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "License"); + * You may not use this work except in compliance with the License. + * You may obtain a copy of the License at: + * https://joinup.ec.europa.eu/news/understanding-eupl-v12 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + package at.asitplus.eidas.specific.modules.auth.eidas.v2.zmr; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult; @@ -10,7 +33,7 @@ import java.util.ArrayList; public class DummyZmrClient implements IZmrClient { @Override - public ArrayList searchWithPersonIdentifer(String personIdentifer) { + public ArrayList searchWithPersonIdentifier(String personIdentifier) { return resultEmpty(); } @@ -26,7 +49,7 @@ public class DummyZmrClient implements IZmrClient { } @Override - public ArrayList searchItSpecific(String txNumber) { + public ArrayList searchItSpecific(String taxNumber) { return resultEmpty();//TODO } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/zmr/IZmrClient.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/zmr/IZmrClient.java index 4af7bfe9..3a518e64 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/zmr/IZmrClient.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/zmr/IZmrClient.java @@ -1,3 +1,26 @@ +/* + * Copyright 2020 A-SIT Plus GmbH + * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, + * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "License"); + * You may not use this work except in compliance with the License. + * You may obtain a copy of the License at: + * https://joinup.ec.europa.eu/news/understanding-eupl-v12 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + package at.asitplus.eidas.specific.modules.auth.eidas.v2.zmr; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult; @@ -7,14 +30,14 @@ import java.util.ArrayList; public interface IZmrClient { - ArrayList searchWithPersonIdentifer(String personIdentifer); + ArrayList searchWithPersonIdentifier(String personIdentifier); ArrayList searchWithMds(String givenName, String familyName, String dateOfBirth); ArrayList searchDeSpecific(String givenName, String familyName, String dateOfBirth, String birthPlace, String birthName); - ArrayList searchItSpecific(String txNumber); + ArrayList searchItSpecific(String taxNumber); void update(RegisterResult registerResult, SimpleEidasData eidData); } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml index ca6eba20..52404bab 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml @@ -18,7 +18,7 @@ class="at.asitplus.eidas.specific.modules.auth.eidas.v2.szr.SzrClient" /> + class="at.asitplus.eidas.specific.modules.auth.eidas.v2.ernp.DummyErnpClient" /> diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskFirstTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskFirstTest.java index f7fc6b06..a1dce0f2 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskFirstTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskFirstTest.java @@ -1,11 +1,34 @@ +/* + * Copyright 2020 A-SIT Plus GmbH + * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, + * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "License"); + * You may not use this work except in compliance with the License. + * You may obtain a copy of the License at: + * https://joinup.ec.europa.eu/news/understanding-eupl-v12 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.ernb.IErnbClient; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.ernp.IErnpClient; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.ManualFixNecessaryException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.DeSpecificDetailSearchProcessor; -import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.ICountrySpecificDetailSearchProcessor; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.CountrySpecificDetailSearchProcessor; import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.ItSpecificDetailSearchProcessor; import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.InitialSearchTask; import at.asitplus.eidas.specific.modules.auth.eidas.v2.zmr.IZmrClient; @@ -27,10 +50,7 @@ import org.junit.Before; import org.junit.BeforeClass; import org.junit.Test; import org.junit.runner.RunWith; -import org.mockito.InjectMocks; -import org.mockito.Mock; import org.mockito.Mockito; -import org.springframework.beans.factory.annotation.Autowired; import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.test.annotation.DirtiesContext; @@ -46,6 +66,7 @@ import java.net.URI; import java.net.URISyntaxException; import java.util.ArrayList; import java.util.List; +import java.util.Random; @RunWith(SpringJUnit4ClassRunner.class) @@ -53,13 +74,9 @@ import java.util.List; @DirtiesContext(classMode = ClassMode.BEFORE_CLASS) public class InitialSearchTaskFirstTest { - @Autowired(required = true) - @Mock - @InjectMocks private InitialSearchTask task; - private IZmrClient zmrClient; - private IErnbClient ernbClient; + private IErnpClient ernpClient; final ExecutionContext executionContext = new ExecutionContextImpl(); private MockHttpServletRequest httpReq; @@ -68,6 +85,12 @@ public class InitialSearchTaskFirstTest { private String randomIdentifier = RandomStringUtils.randomNumeric(10); private String randomFamilyName = RandomStringUtils.randomNumeric(11); private String randomGivenName = RandomStringUtils.randomNumeric(12); + private String randomPlaceOfBirth = RandomStringUtils.randomNumeric(12); + private String randomBirthName = RandomStringUtils.randomNumeric(12); + private String randomDate = "2011-01-"+ (10 + new Random().nextInt(18)); + private String DE_ST = "de/st/"; + private String IT_ST = "it/st/"; + /** * jUnit class initializer. * @@ -101,68 +124,52 @@ public class InitialSearchTaskFirstTest { /** * One match, but register update needed */ - // NOTE: Why is the method named "testNode100a"? - public void testNode100a() throws Exception { + public void testNode100_UserIdentifiedUpdateNecessary_a() throws Exception { - //Mock ZMR ArrayList zmrResult = new ArrayList<>(); String randomBpk = RandomStringUtils.randomNumeric(6); - zmrResult.add(new RegisterResult(randomBpk, "de/st/"+randomIdentifier, "Max_new", randomFamilyName, "2011-01-01")); + String newFirstName = RandomStringUtils.randomAlphabetic(5); + zmrResult.add(new RegisterResult(randomBpk, DE_ST+randomIdentifier, newFirstName, randomFamilyName, randomDate)); zmrClient = Mockito.mock(IZmrClient.class); - Mockito.when(zmrClient.searchWithPersonIdentifer(randomIdentifier)).thenReturn(zmrResult); - - //Mock ernb - ArrayList ernbResult = new ArrayList<>(); + Mockito.when(zmrClient.searchWithPersonIdentifier(randomIdentifier)).thenReturn(zmrResult); - ernbClient = Mockito.mock(IErnbClient.class); - Mockito.when(ernbClient.searchWithPersonIdentifer(randomIdentifier)).thenReturn(ernbResult); - - task = new InitialSearchTask(emptyHandlers(), ernbClient, zmrClient); - try { - task.execute(pendingReq, executionContext); - String bPk = (String) - pendingReq.getSessionData(AuthProcessDataWrapper.class).getGenericDataFromSession(Constants.DATA_RESULT_MATCHING_BPK); - Assert.assertTrue("Wrong bpk", bPk.equals(randomBpk)); + ArrayList ernpResult = new ArrayList<>(); + ernpClient = Mockito.mock(IErnpClient.class); + Mockito.when(ernpClient.searchWithPersonIdentifier(randomIdentifier)).thenReturn(ernpResult); - } catch (final TaskExecutionException e) { - // NOTE: assertTrue is probably the wrong method to use ... why catch the exception anyway? - Assert.assertTrue("Wrong workflow, should not reach this point", false); - } + task = new InitialSearchTask(emptyHandlers(), ernpClient, zmrClient); + task.execute(pendingReq, executionContext); + String bPk = (String) + pendingReq.getSessionData(AuthProcessDataWrapper.class).getGenericDataFromSession(Constants.DATA_RESULT_MATCHING_BPK); + Assert.assertTrue("Wrong bpk", bPk.equals(randomBpk)); } @Test - // NOTE: Why is @DirtiesContext after each test necessary? What is changed in the context and why? @DirtiesContext /** * One match, but register update needed */ - public void testNode100b() throws Exception { + public void testNode100_UserIdentifiedUpdateNecessary_b() throws TaskExecutionException { - //Mock ZMR ArrayList zmrResult = new ArrayList<>(); zmrClient = Mockito.mock(IZmrClient.class); - Mockito.when(zmrClient.searchWithPersonIdentifer(randomIdentifier)).thenReturn(zmrResult);//"de/st/max123"??? + Mockito.when(zmrClient.searchWithPersonIdentifier(randomIdentifier)).thenReturn(zmrResult); - //Mock ernb - ArrayList ernbResult = new ArrayList<>(); + ArrayList ernpResult = new ArrayList<>(); String randomBpk = RandomStringUtils.randomNumeric(6); - ernbResult.add(new RegisterResult(randomBpk, "de/st/"+randomIdentifier, "Max_new", randomFamilyName, "2011-01-01")); + ernpResult.add(new RegisterResult(randomBpk, DE_ST+randomIdentifier, "Max_new", randomFamilyName, randomDate)); - ernbClient = Mockito.mock(IErnbClient.class); - Mockito.when(ernbClient.searchWithPersonIdentifer(randomIdentifier)).thenReturn(ernbResult); + ernpClient = Mockito.mock(IErnpClient.class); + Mockito.when(ernpClient.searchWithPersonIdentifier(randomIdentifier)).thenReturn(ernpResult); - task = new InitialSearchTask(emptyHandlers(), ernbClient, zmrClient); - try { - task.execute(pendingReq, executionContext); - String bPk = (String) - pendingReq.getSessionData(AuthProcessDataWrapper.class).getGenericDataFromSession(Constants.DATA_RESULT_MATCHING_BPK); - Assert.assertTrue("Wrong bpk", bPk.equals(randomBpk)); + task = new InitialSearchTask(emptyHandlers(), ernpClient, zmrClient); + task.execute(pendingReq, executionContext); + String bPk = (String) + pendingReq.getSessionData(AuthProcessDataWrapper.class).getGenericDataFromSession(Constants.DATA_RESULT_MATCHING_BPK); + Assert.assertTrue("Wrong bpk", bPk.equals(randomBpk)); - } catch (final TaskExecutionException e) { - Assert.assertTrue("Wrong workflow, should not reach this point", false); - } } @@ -171,21 +178,19 @@ public class InitialSearchTaskFirstTest { /** * Two matches found in ZMR */ - public void testNode101a() throws Exception { + public void testNode101_ManualFixNecessary_a() throws Exception { - //Mock ZMR ArrayList zmrResult = new ArrayList<>(); - zmrResult.add(new RegisterResult("bpkMax", "de/st/"+randomIdentifier, randomGivenName, randomFamilyName, "2011-01-01")); - zmrResult.add(new RegisterResult("bpkMax", "de/st/"+randomIdentifier, "Maximilian", randomFamilyName, "2011-01-01")); + zmrResult.add(new RegisterResult("bpkMax", DE_ST+randomIdentifier, randomGivenName, randomFamilyName, randomDate)); + zmrResult.add(new RegisterResult("bpkMax", DE_ST+randomIdentifier, "Maximilian", randomFamilyName, randomDate)); zmrClient = Mockito.mock(IZmrClient.class); - Mockito.when(zmrClient.searchWithPersonIdentifer(randomIdentifier)).thenReturn(zmrResult); + Mockito.when(zmrClient.searchWithPersonIdentifier(randomIdentifier)).thenReturn(zmrResult); - //Mock ernb - ArrayList ernbResult = new ArrayList<>(); - ernbClient = Mockito.mock(IErnbClient.class); - Mockito.when(ernbClient.searchWithPersonIdentifer(randomIdentifier)).thenReturn(ernbResult); + ArrayList ernpResult = new ArrayList<>(); + ernpClient = Mockito.mock(IErnpClient.class); + Mockito.when(ernpClient.searchWithPersonIdentifier(randomIdentifier)).thenReturn(ernpResult); - task = new InitialSearchTask(emptyHandlers(), ernbClient, zmrClient); + task = new InitialSearchTask(emptyHandlers(), ernpClient, zmrClient); try { task.execute(pendingReq, executionContext); Assert.assertTrue("Wrong workflow, should not reach this point/ get a bpk", false); @@ -199,24 +204,24 @@ public class InitialSearchTaskFirstTest { @Test @DirtiesContext /** - * Two matches found in ErnB + * Two matches found in ErnP */ - public void testNode101b() throws Exception { - - //Mock ZMR + public void testNode101_ManualFixNecessary_b() throws Exception { + String randombpk = RandomStringUtils.random(5); ArrayList zmrResult = new ArrayList<>(); zmrClient = Mockito.mock(IZmrClient.class); - Mockito.when(zmrClient.searchWithPersonIdentifer(randomIdentifier)).thenReturn(zmrResult); + Mockito.when(zmrClient.searchWithPersonIdentifier(randomIdentifier)).thenReturn(zmrResult); - //Mock ernb - ArrayList ernbResult = new ArrayList<>(); - ernbResult.add(new RegisterResult("bpkMax", "de/st/"+randomIdentifier, randomGivenName, randomFamilyName, "2011-01-01")); - ernbResult.add(new RegisterResult("bpkMax", "de/st/"+randomIdentifier, "Maximilian", randomFamilyName, "2011-01-01")); + ArrayList ernpResult = new ArrayList<>(); + ernpResult.add(new RegisterResult(randombpk, DE_ST+randomIdentifier, randomGivenName, randomFamilyName, randomDate)); + ernpResult.add(new RegisterResult(randombpk, DE_ST+randomIdentifier, randomGivenName+RandomStringUtils.random(2), + randomFamilyName, + randomDate)); - ernbClient = Mockito.mock(IErnbClient.class); - Mockito.when(ernbClient.searchWithPersonIdentifer(randomIdentifier)).thenReturn(ernbResult); + ernpClient = Mockito.mock(IErnpClient.class); + Mockito.when(ernpClient.searchWithPersonIdentifier(randomIdentifier)).thenReturn(ernpResult); - task = new InitialSearchTask(emptyHandlers(), ernbClient, zmrClient); + task = new InitialSearchTask(emptyHandlers(), ernpClient, zmrClient); try { task.execute(pendingReq, executionContext); Assert.assertTrue("Wrong workflow, should not reach this point/ get a bpk", false); @@ -231,30 +236,24 @@ public class InitialSearchTaskFirstTest { /** * One match, no register update needed */ - public void testNode102a() throws Exception { + public void testNode102_UserIdentified_a() throws Exception { - String randomBpk = RandomStringUtils.randomNumeric(12);; - //Mock ZMR + String randomBpk = RandomStringUtils.randomNumeric(12); ArrayList zmrResult = new ArrayList<>(); zmrClient = Mockito.mock(IZmrClient.class); - Mockito.when(zmrClient.searchWithPersonIdentifer(randomIdentifier)).thenReturn(zmrResult); + Mockito.when(zmrClient.searchWithPersonIdentifier(randomIdentifier)).thenReturn(zmrResult); - //Mock ernb - ArrayList ernbResult = new ArrayList<>(); - ernbResult.add(new RegisterResult(randomBpk, "de/st/"+randomIdentifier, randomGivenName, randomFamilyName, "2011-01-01")); + ArrayList ernpResult = new ArrayList<>(); + ernpResult.add(new RegisterResult(randomBpk, DE_ST+randomIdentifier, randomGivenName, randomFamilyName, randomDate)); - ernbClient = Mockito.mock(IErnbClient.class); - Mockito.when(ernbClient.searchWithPersonIdentifer(randomIdentifier)).thenReturn(ernbResult); + ernpClient = Mockito.mock(IErnpClient.class); + Mockito.when(ernpClient.searchWithPersonIdentifier(randomIdentifier)).thenReturn(ernpResult); - task = new InitialSearchTask(emptyHandlers(), ernbClient, zmrClient); - try { - task.execute(pendingReq, executionContext); - String bPk = (String) - pendingReq.getSessionData(AuthProcessDataWrapper.class).getGenericDataFromSession(Constants.DATA_RESULT_MATCHING_BPK); - Assert.assertTrue("Wrong bpk", bPk.equals(randomBpk)); - } catch (final TaskExecutionException e) { - Assert.assertTrue("Wrong workflow, should not reach this point", false); - } + task = new InitialSearchTask(emptyHandlers(), ernpClient, zmrClient); + task.execute(pendingReq, executionContext); + String bPk = (String) + pendingReq.getSessionData(AuthProcessDataWrapper.class).getGenericDataFromSession(Constants.DATA_RESULT_MATCHING_BPK); + Assert.assertTrue("Wrong bpk", bPk.equals(randomBpk)); } @Test @@ -262,39 +261,33 @@ public class InitialSearchTaskFirstTest { /** * One match, no register update needed */ - public void testNode102b() throws Exception { + public void testNode102_UserIdentified_b() throws Exception { String randomBpk = RandomStringUtils.randomNumeric(14); - //Mock ZMR + ArrayList zmrResult = new ArrayList<>(); - zmrResult.add(new RegisterResult(randomBpk, "de/st/"+randomIdentifier, randomGivenName, randomFamilyName, "2011-01-01")); + zmrResult.add(new RegisterResult(randomBpk, DE_ST+randomIdentifier, randomGivenName, randomFamilyName, randomDate)); zmrClient = Mockito.mock(IZmrClient.class); - Mockito.when(zmrClient.searchWithPersonIdentifer(randomIdentifier)).thenReturn(zmrResult); + Mockito.when(zmrClient.searchWithPersonIdentifier(randomIdentifier)).thenReturn(zmrResult); - //Mock ernb - ArrayList ernbResult = new ArrayList<>(); + ArrayList ernpResult = new ArrayList<>(); - ernbClient = Mockito.mock(IErnbClient.class); - Mockito.when(ernbClient.searchWithPersonIdentifer(randomIdentifier)).thenReturn(ernbResult); + ernpClient = Mockito.mock(IErnpClient.class); + Mockito.when(ernpClient.searchWithPersonIdentifier(randomIdentifier)).thenReturn(ernpResult); - task = new InitialSearchTask(emptyHandlers(), ernbClient, zmrClient); - try { - task.execute(pendingReq, executionContext); - String bPk = (String) - pendingReq.getSessionData(AuthProcessDataWrapper.class).getGenericDataFromSession(Constants.DATA_RESULT_MATCHING_BPK); - Assert.assertTrue("Wrong bpk", bPk.equals(randomBpk)); - - } catch (final TaskExecutionException e) { - Assert.assertTrue("Wrong workflow, should not reach this point", false); - } + task = new InitialSearchTask(emptyHandlers(), ernpClient, zmrClient); + task.execute(pendingReq, executionContext); + String bPk = (String) + pendingReq.getSessionData(AuthProcessDataWrapper.class).getGenericDataFromSession(Constants.DATA_RESULT_MATCHING_BPK); + Assert.assertTrue("Wrong bpk", bPk.equals(randomBpk)); } @Test @DirtiesContext /** - * One match found in ZMR and ErnB with detail search + * One match found in ZMR and ErnP with detail search */ - public void testNode103IT() throws Exception { + public void testNode103_UserIdentified_IT() throws Exception { String bpkRegister = RandomStringUtils.randomNumeric(14); String taxNumber = RandomStringUtils.randomNumeric(14); final AuthenticationResponse response = buildDummyAuthResponseRandomPersonIT_Tax(taxNumber); @@ -302,29 +295,26 @@ public class InitialSearchTaskFirstTest { pendingReq1.getSessionData(AuthProcessDataWrapper.class) .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response); - //Mock ZMR initial search ArrayList zmrResultInitial = new ArrayList<>(); zmrClient = Mockito.mock(IZmrClient.class); - Mockito.when(zmrClient.searchWithPersonIdentifer(randomIdentifier)).thenReturn(zmrResultInitial); + Mockito.when(zmrClient.searchWithPersonIdentifier(randomIdentifier)).thenReturn(zmrResultInitial); ArrayList zmrResultSpecific = new ArrayList<>(); - //String bpk, String pseudonym, String givenName, String familyName, String dateOfBirth, - // String placeOfBirth, String birthName, String taxNumber, PostalAddressType address - zmrResultSpecific.add(new RegisterResult(bpkRegister, "it/st/"+randomIdentifier+"4", randomGivenName, randomFamilyName, - "2011-01-01", null, null, taxNumber, null)); - Mockito.when(zmrClient.searchItSpecific(taxNumber)).thenReturn(zmrResultSpecific); + zmrResultSpecific.add(new RegisterResult(bpkRegister, IT_ST+randomIdentifier+RandomStringUtils.random(2), + randomGivenName, + randomFamilyName, + randomDate, null, null, taxNumber, null)); - //Mock ernb initial search - ArrayList ernbResultInitial = new ArrayList<>(); - ernbClient = Mockito.mock(IErnbClient.class); - Mockito.when(ernbClient.searchWithPersonIdentifer(randomIdentifier)).thenReturn(ernbResultInitial); + Mockito.when(zmrClient.searchItSpecific(taxNumber)).thenReturn(zmrResultSpecific); + ArrayList ernpResultInitial = new ArrayList<>(); + ernpClient = Mockito.mock(IErnpClient.class); + Mockito.when(ernpClient.searchWithPersonIdentifier(randomIdentifier)).thenReturn(ernpResultInitial); - //Mock country specific search - List handlers = new ArrayList<>(); - ItSpecificDetailSearchProcessor it = new ItSpecificDetailSearchProcessor(ernbClient, zmrClient); + List handlers = new ArrayList<>(); + ItSpecificDetailSearchProcessor it = new ItSpecificDetailSearchProcessor(ernpClient, zmrClient); handlers.add(it); - task = new InitialSearchTask(handlers, ernbClient, zmrClient); + task = new InitialSearchTask(handlers, ernpClient, zmrClient); try { task.execute(pendingReq1, executionContext); @@ -340,26 +330,25 @@ public class InitialSearchTaskFirstTest { @Test @DirtiesContext /** - * Multiple matches found in ZMR and ErnB with detail search + * Multiple matches found in ZMR and ErnP with detail search */ - public void testNode103DE() throws Exception { + public void testNode103_UserIdentified_DE() throws Exception { String givenName = randomGivenName; String familyName = randomFamilyName; - String pseudonym = "de/st/max1234"; - String bpk = "bpkMax"; - String dateOfBirth = "2011-01-01"; - String placeOfBirth = "München"; - String birthName = "BabyMax"; + String pseudonym = DE_ST + RandomStringUtils.random(5); + String bpk = RandomStringUtils.random(5); + String dateOfBirth = randomDate; + String placeOfBirth = randomPlaceOfBirth; + String birthName = randomBirthName; final AuthenticationResponse response = buildDummyAuthResponseDE(givenName, familyName, pseudonym, dateOfBirth, placeOfBirth, birthName); TestRequestImpl pendingReq1 = new TestRequestImpl(); pendingReq1.getSessionData(AuthProcessDataWrapper.class) .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response); - //Mock ZMR initial search ArrayList zmrResultInitial = new ArrayList<>(); zmrClient = Mockito.mock(IZmrClient.class); - Mockito.when(zmrClient.searchWithPersonIdentifer(randomIdentifier)).thenReturn(zmrResultInitial); + Mockito.when(zmrClient.searchWithPersonIdentifier(randomIdentifier)).thenReturn(zmrResultInitial); ArrayList zmrResultSpecific = new ArrayList<>(); zmrResultSpecific.add(new RegisterResult(bpk, pseudonym, givenName, familyName, dateOfBirth, placeOfBirth, @@ -368,16 +357,14 @@ public class InitialSearchTaskFirstTest { Mockito.when(zmrClient.searchDeSpecific(givenName, familyName, dateOfBirth, placeOfBirth, birthName)).thenReturn(zmrResultSpecific); - //Mock ernb initial search - ArrayList ernbResultInitial = new ArrayList<>(); - ernbClient = Mockito.mock(IErnbClient.class); - Mockito.when(ernbClient.searchWithPersonIdentifer(randomIdentifier)).thenReturn(ernbResultInitial); + ArrayList ernpResultInitial = new ArrayList<>(); + ernpClient = Mockito.mock(IErnpClient.class); + Mockito.when(ernpClient.searchWithPersonIdentifier(randomIdentifier)).thenReturn(ernpResultInitial); - //Mock country specific search - List handlers = new ArrayList<>(); - DeSpecificDetailSearchProcessor de = new DeSpecificDetailSearchProcessor(ernbClient, zmrClient); + List handlers = new ArrayList<>(); + DeSpecificDetailSearchProcessor de = new DeSpecificDetailSearchProcessor(ernpClient, zmrClient); handlers.add(de); - task = new InitialSearchTask(handlers, ernbClient, zmrClient); + task = new InitialSearchTask(handlers, ernpClient, zmrClient); try { task.execute(pendingReq1, executionContext); @@ -393,28 +380,27 @@ public class InitialSearchTaskFirstTest { @Test @DirtiesContext /** - * Multiple matches found in ZMR and ErnB with detail search + * Multiple matches found in ZMR and ErnP with detail search */ - public void testNode104DE() throws Exception { + public void testNode104_ManualFixNecessary_DE() throws Exception { String givenName = randomGivenName; String familyName = randomFamilyName; - String pseudonym1 = "de/st/max1234"; - String pseudonym2 = "de/st/max12345"; - String bpk1 = "bpkMax"; - String bpk2 = "bpkMax1"; - String dateOfBirth = "2011-01-01"; - String placeOfBirth = "München"; - String birthName = "BabyMax"; + String pseudonym1 = DE_ST + RandomStringUtils.random(5); + String pseudonym2 = pseudonym1 + RandomStringUtils.random(2); + String bpk1 = RandomStringUtils.random(5); + String bpk2 = bpk1 + RandomStringUtils.random(2); + String dateOfBirth = randomDate; + String placeOfBirth = randomPlaceOfBirth; + String birthName = randomBirthName; final AuthenticationResponse response = buildDummyAuthResponseDE(givenName, familyName, pseudonym1, dateOfBirth, placeOfBirth, birthName); TestRequestImpl pendingReq1 = new TestRequestImpl(); pendingReq1.getSessionData(AuthProcessDataWrapper.class) .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response); - //Mock ZMR initial search ArrayList zmrResultInitial = new ArrayList<>(); zmrClient = Mockito.mock(IZmrClient.class); - Mockito.when(zmrClient.searchWithPersonIdentifer(randomIdentifier)).thenReturn(zmrResultInitial); + Mockito.when(zmrClient.searchWithPersonIdentifier(randomIdentifier)).thenReturn(zmrResultInitial); ArrayList zmrResultSpecific = new ArrayList<>(); zmrResultSpecific.add(new RegisterResult(bpk1, pseudonym1, givenName, familyName, dateOfBirth, placeOfBirth, @@ -425,23 +411,18 @@ public class InitialSearchTaskFirstTest { null, null)); Mockito.when(zmrClient.searchDeSpecific(givenName, familyName, dateOfBirth, placeOfBirth, birthName)).thenReturn(zmrResultSpecific); + ArrayList ernpResultInitial = new ArrayList<>(); + ernpClient = Mockito.mock(IErnpClient.class); + Mockito.when(ernpClient.searchWithPersonIdentifier(randomIdentifier)).thenReturn(ernpResultInitial); - //Mock ernb initial search - ArrayList ernbResultInitial = new ArrayList<>(); - ernbClient = Mockito.mock(IErnbClient.class); - Mockito.when(ernbClient.searchWithPersonIdentifer(randomIdentifier)).thenReturn(ernbResultInitial); - - //Mock country specific search - List handlers = new ArrayList<>(); - DeSpecificDetailSearchProcessor de = new DeSpecificDetailSearchProcessor(ernbClient, zmrClient); + List handlers = new ArrayList<>(); + DeSpecificDetailSearchProcessor de = new DeSpecificDetailSearchProcessor(ernpClient, zmrClient); handlers.add(de); - task = new InitialSearchTask(handlers, ernbClient, zmrClient); + task = new InitialSearchTask(handlers, ernpClient, zmrClient); try { task.execute(pendingReq1, executionContext); - Assert.assertTrue("Wrong workflow, should not reach this point/ get a bpk", false); - } catch (final TaskExecutionException e) { Throwable origE = e.getOriginalException(); Assert.assertTrue("Wrong exception", (origE.getCause() instanceof ManualFixNecessaryException)); @@ -451,43 +432,40 @@ public class InitialSearchTaskFirstTest { @Test @DirtiesContext /** - * Multiple matches found in ZMR and ErnB with detail search + * Multiple matches found in ZMR and ErnP with detail search */ - public void testNode104IT() throws Exception { + public void testNode104_ManualFixNecessary_IT() throws Exception { String fakeTaxNumber = RandomStringUtils.randomNumeric(14);; final AuthenticationResponse response = buildDummyAuthResponseRandomPersonIT_Tax(fakeTaxNumber); TestRequestImpl pendingReq1 = new TestRequestImpl(); pendingReq1.getSessionData(AuthProcessDataWrapper.class) .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response); - //Mock ZMR initial search ArrayList zmrResultInitial = new ArrayList<>(); zmrClient = Mockito.mock(IZmrClient.class); - Mockito.when(zmrClient.searchWithPersonIdentifer(randomIdentifier)).thenReturn(zmrResultInitial); + Mockito.when(zmrClient.searchWithPersonIdentifier(randomIdentifier)).thenReturn(zmrResultInitial); ArrayList zmrResultSpecific = new ArrayList<>(); - zmrResultSpecific.add(new RegisterResult("bpkMax", "it/st/"+randomIdentifier+"4", randomGivenName, randomFamilyName, "2011-01-01", null, null, + zmrResultSpecific.add(new RegisterResult("bpkMax", IT_ST+randomIdentifier+"4", randomGivenName, randomFamilyName, + randomDate, null, null, fakeTaxNumber, null)); - zmrResultSpecific.add(new RegisterResult("bpkMax1", "it/st/"+randomIdentifier+"5", randomGivenName, randomFamilyName, "2011-01-01", null, null, + zmrResultSpecific.add(new RegisterResult("bpkMax1", IT_ST+randomIdentifier+"5", randomGivenName, randomFamilyName, + randomDate, null, null, fakeTaxNumber, null)); Mockito.when(zmrClient.searchItSpecific(fakeTaxNumber)).thenReturn(zmrResultSpecific); - //Mock ernb initial search - ArrayList ernbResultInitial = new ArrayList<>(); - ernbClient = Mockito.mock(IErnbClient.class); - Mockito.when(ernbClient.searchWithPersonIdentifer(randomIdentifier)).thenReturn(ernbResultInitial); + ArrayList ernpResultInitial = new ArrayList<>(); + ernpClient = Mockito.mock(IErnpClient.class); + Mockito.when(ernpClient.searchWithPersonIdentifier(randomIdentifier)).thenReturn(ernpResultInitial); - //Mock country specific search - List handlers = new ArrayList<>(); - ItSpecificDetailSearchProcessor it = new ItSpecificDetailSearchProcessor(ernbClient, zmrClient); + List handlers = new ArrayList<>(); + ItSpecificDetailSearchProcessor it = new ItSpecificDetailSearchProcessor(ernpClient, zmrClient); handlers.add(it); - task = new InitialSearchTask(handlers, ernbClient, zmrClient); + task = new InitialSearchTask(handlers, ernpClient, zmrClient); try { task.execute(pendingReq1, executionContext); - Assert.assertTrue("Wrong workflow, should not reach this point/ get a bpk", false); - } catch (final TaskExecutionException e) { Throwable origE = e.getOriginalException(); Assert.assertTrue("Wrong exception", (origE.getCause() instanceof ManualFixNecessaryException)); @@ -497,45 +475,35 @@ public class InitialSearchTaskFirstTest { @Test @DirtiesContext /** - * NO match found in ZMR and ErnB with Initial search + * NO match found in ZMR and ErnP with Initial search */ - public void testNode105() { + public void testNode105_TemporaryEnd() throws TaskExecutionException { - //Mock ZMR ArrayList zmrResult = new ArrayList<>(); zmrClient = Mockito.mock(IZmrClient.class); - Mockito.when(zmrClient.searchWithPersonIdentifer(randomIdentifier)).thenReturn(zmrResult); - - //Mock ernb - ArrayList ernbResult = new ArrayList<>(); - ernbClient = Mockito.mock(IErnbClient.class); - Mockito.when(ernbClient.searchWithPersonIdentifer(randomIdentifier)).thenReturn(ernbResult); + Mockito.when(zmrClient.searchWithPersonIdentifier(randomIdentifier)).thenReturn(zmrResult); - task = new InitialSearchTask(emptyHandlers(), ernbClient, zmrClient); - try { - task.execute(pendingReq, executionContext); + ArrayList ernpResult = new ArrayList<>(); + ernpClient = Mockito.mock(IErnpClient.class); + Mockito.when(ernpClient.searchWithPersonIdentifier(randomIdentifier)).thenReturn(ernpResult); - String bPk = (String) - pendingReq.getSessionData(AuthProcessDataWrapper.class).getGenericDataFromSession(Constants.DATA_RESULT_MATCHING_BPK); - Assert.assertTrue("Wrong bpk", bPk.equals("TODO-Temporary-Endnode-105")); - } catch (final TaskExecutionException e) { - Assert.assertTrue("Wrong workflow, should not reach this point", false); - } + task = new InitialSearchTask(emptyHandlers(), ernpClient, zmrClient); + task.execute(pendingReq, executionContext); + String bPk = (String) + pendingReq.getSessionData(AuthProcessDataWrapper.class).getGenericDataFromSession(Constants.DATA_RESULT_MATCHING_BPK); + Assert.assertEquals("Wrong bpk", "TODO-Temporary-Endnode-105", bPk); } @NotNull private AuthenticationResponse buildDummyAuthResponseRandomPerson() throws URISyntaxException { - // NOTE: Those strings "de/st/max123" seem to be somehow relevant, but where do we need to use that exact string - // again? - // NOTE: If not, why not using random strings? return buildDummyAuthResponse(randomGivenName, randomFamilyName, - "de/st/"+randomIdentifier, "2011-01-01"); + DE_ST+randomIdentifier, randomDate); } private AuthenticationResponse buildDummyAuthResponseRandomPersonIT_Tax(String taxNumber) throws URISyntaxException { return buildDummyAuthResponse(randomGivenName, randomFamilyName, - "it/st/"+randomIdentifier, "2011-01-01", taxNumber, null, null); + IT_ST+randomIdentifier, randomDate, taxNumber, null, null); } @NotNull @@ -555,58 +523,46 @@ public class InitialSearchTaskFirstTest { private AuthenticationResponse buildDummyAuthResponse(String givenName, String familyName, String identifier, String dateOfBirth, String taxNumber, String placeOfBirth, String birthName) throws URISyntaxException { - final AttributeDefinition attributeDef = AttributeDefinition.builder() - .friendlyName(Constants.eIDAS_ATTR_PERSONALIDENTIFIER).nameUri(new URI("ad", "sd", "ff")) - .personType(PersonType.LEGAL_PERSON).xmlType(new QName("http://saf", "as", "af")) - .attributeValueMarshaller("eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller").build(); - final AttributeDefinition attributeDef2 = AttributeDefinition.builder() - .friendlyName(Constants.eIDAS_ATTR_CURRENTFAMILYNAME).nameUri(new URI("ad", "sd", "fff")) - .personType(PersonType.LEGAL_PERSON).xmlType(new QName("http://saf", "as", "aff")) - .attributeValueMarshaller("eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller").build(); - final AttributeDefinition attributeDef3 = AttributeDefinition.builder() - .friendlyName(Constants.eIDAS_ATTR_CURRENTGIVENNAME).nameUri(new URI("ad", "sd", "ffff")) - .personType(PersonType.LEGAL_PERSON).xmlType(new QName("http://saf", "as", "afff")) - .attributeValueMarshaller("eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller").build(); - final AttributeDefinition attributeDef4 = AttributeDefinition.builder() - .friendlyName(Constants.eIDAS_ATTR_DATEOFBIRTH).nameUri(new URI("ad", "sd", "fffff")) - .personType(PersonType.LEGAL_PERSON).xmlType(new QName("http://saf", "as", "affff")) - .attributeValueMarshaller("eu.eidas.auth.commons.attribute.impl.DateTimeAttributeValueMarshaller").build(); - final AttributeDefinition attributeDef5 = AttributeDefinition.builder() - .friendlyName(Constants.eIDAS_ATTR_TAXREFERENCE).nameUri(new URI("ad", "sd", "ffffff")) - .personType(PersonType.LEGAL_PERSON).xmlType(new QName("http://saf", "as", "afffff")) - .attributeValueMarshaller("eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller").build(); - final AttributeDefinition attributeDef6 = AttributeDefinition.builder() - .friendlyName(Constants.eIDAS_ATTR_PLACEOFBIRTH).nameUri(new URI("ad", "sd", "fffffff")) - .personType(PersonType.LEGAL_PERSON).xmlType(new QName("http://saf", "as", "affffff")) - .attributeValueMarshaller("eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller").build(); - final AttributeDefinition attributeDef7 = AttributeDefinition.builder() - .friendlyName(Constants.eIDAS_ATTR_BIRTHNAME).nameUri(new URI("ad", "sd", "ffffffff")) - .personType(PersonType.LEGAL_PERSON).xmlType(new QName("http://saf", "as", "afffffff")) - .attributeValueMarshaller("eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller").build(); ImmutableAttributeMap.Builder builder = ImmutableAttributeMap.builder() - .put(attributeDef, identifier) - .put(attributeDef2, familyName) - .put(attributeDef3, givenName) - .put(attributeDef4, dateOfBirth); - + .put(generateStringAttribute(Constants.eIDAS_ATTR_PERSONALIDENTIFIER,"ff","af"), identifier) + .put(generateStringAttribute(Constants.eIDAS_ATTR_CURRENTFAMILYNAME,"fff","aff"), familyName) + .put(generateStringAttribute(Constants.eIDAS_ATTR_CURRENTGIVENNAME,"ffff","afff"), givenName) + .put(generateDateTimeAttribute(Constants.eIDAS_ATTR_DATEOFBIRTH,"fffff","affff"), dateOfBirth); if (taxNumber != null) { - builder.put(attributeDef5, taxNumber); + builder.put(generateStringAttribute(Constants.eIDAS_ATTR_TAXREFERENCE,"ffffff","afffff"), taxNumber); } if (birthName != null) { - builder.put(attributeDef7, birthName); + builder.put(generateStringAttribute(Constants.eIDAS_ATTR_BIRTHNAME,"fffffff","affffff"), birthName); } if (placeOfBirth != null) { - builder.put(attributeDef6, placeOfBirth); + builder.put(generateStringAttribute(Constants.eIDAS_ATTR_PLACEOFBIRTH,"ffffffff","afffffff"), placeOfBirth); } final ImmutableAttributeMap attributeMap = builder.build(); val b = new AuthenticationResponse.Builder(); return b.id("aasdf").issuer("asd").subject("asf").statusCode("200").inResponseTo("asdf").subjectNameIdFormat( - "afaf") - .attributes(attributeMap).build(); + "afaf").attributes(attributeMap).build(); + } + + private AttributeDefinition generateStringAttribute(String friendlyName, String fragment, String prefix) throws URISyntaxException { + return generateAttribute(friendlyName, fragment, prefix, "eu.eidas.auth.commons.attribute.impl" + + ".LiteralStringAttributeValueMarshaller"); + } + + private AttributeDefinition generateDateTimeAttribute(String friendlyName, String fragment, String prefix) throws URISyntaxException { + return generateAttribute(friendlyName, fragment, prefix, "eu.eidas.auth.commons.attribute.impl" + + ".DateTimeAttributeValueMarshaller"); + } + + private AttributeDefinition generateAttribute(String friendlyName, String fragment, String prefix, + String marshaller) throws URISyntaxException { + return AttributeDefinition.builder() + .friendlyName(friendlyName).nameUri(new URI("ad", "sd", fragment)) + .personType(PersonType.LEGAL_PERSON).xmlType(new QName("http://saf", "as", prefix)) + .attributeValueMarshaller(marshaller).build(); } - private List emptyHandlers() { + private List emptyHandlers() { return new ArrayList<>(); } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_tasks_test.xml b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_tasks_test.xml index cde374a1..0989cbef 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_tasks_test.xml +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_tasks_test.xml @@ -69,7 +69,7 @@ scope="prototype" /> + class="at.asitplus.eidas.specific.modules.auth.eidas.v2.ernp.DummyErnpClient" /> -- cgit v1.2.3