From 440dcedcfb17e05e439d3019a8cfdb27c307123d Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Thu, 17 Mar 2022 08:17:14 +0100
Subject: test(core): fix integration test with included work-around for IDA
mode
---
.../connector/test/FullStartUpAndProcessTest.java | 21 +++++++++++++++++++++
1 file changed, 21 insertions(+)
(limited to 'connector/src')
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java
index 64e8272e..c56ac1ef 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java
@@ -11,6 +11,9 @@ import java.net.URISyntaxException;
import java.util.Map;
import java.util.Timer;
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBException;
+import javax.xml.bind.Unmarshaller;
import javax.xml.transform.TransformerException;
import org.apache.commons.lang3.RandomStringUtils;
@@ -85,7 +88,10 @@ import eu.eidas.specificcommunication.protocol.SpecificCommunicationService;
import lombok.val;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import net.shibboleth.utilities.java.support.xml.XMLParserException;
+import szrservices.GetIdentityLinkEidasResponse;
+import szrservices.PersonInfoType;
import szrservices.SZR;
+import szrservices.SZRException_Exception;
import szrservices.SignContentEntry;
import szrservices.SignContentResponseType;
@@ -400,6 +406,8 @@ public class FullStartUpAndProcessTest {
private void injectSzrResponse() throws Exception {
+ setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
+
when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(vsz);
val signContentResp = new SignContentResponseType();
final SignContentEntry signContentEntry = new SignContentEntry();
@@ -493,4 +501,17 @@ public class FullStartUpAndProcessTest {
metadataProvider.addMetadataResolverIntoChain(fileSystemResolver);
}
+
+ private void setSzrResponseIdentityLink(String responseXmlPath) throws JAXBException, SZRException_Exception {
+ final JAXBContext jaxbContext = JAXBContext
+ .newInstance(szrservices.ObjectFactory.class, org.w3._2001._04.xmldsig_more.ObjectFactory.class,
+ org.w3._2000._09.xmldsig.ObjectFactory.class,
+ at.gv.e_government.reference.namespace.persondata._20020228.ObjectFactory.class);
+ final Unmarshaller jaxbUnmarshaller = jaxbContext.createUnmarshaller();
+ final GetIdentityLinkEidasResponse szrResponse = (GetIdentityLinkEidasResponse) jaxbUnmarshaller
+ .unmarshal(this.getClass().getResourceAsStream(responseXmlPath));
+ org.mockito.Mockito.when(szrMock.getIdentityLinkEidas(any(PersonInfoType.class))).thenReturn(szrResponse.getGetIdentityLinkReturn());
+
+ }
+
}
--
cgit v1.2.3
From ebc5f11b7ff0ca374818445da0a62276a91707dd Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Thu, 17 Mar 2022 08:17:14 +0100
Subject: test(core): fix integration test with included work-around for IDA
mode
---
.../connector/test/FullStartUpAndProcessTest.java | 21 +++++++++++++++++++++
1 file changed, 21 insertions(+)
(limited to 'connector/src')
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java
index 63b11322..c2b87aa4 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java
@@ -12,6 +12,9 @@ import java.time.Instant;
import java.util.Map;
import java.util.Timer;
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBException;
+import javax.xml.bind.Unmarshaller;
import javax.xml.transform.TransformerException;
import org.apache.commons.lang3.RandomStringUtils;
@@ -85,7 +88,10 @@ import eu.eidas.specificcommunication.protocol.SpecificCommunicationService;
import lombok.val;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import net.shibboleth.utilities.java.support.xml.XMLParserException;
+import szrservices.GetIdentityLinkEidasResponse;
+import szrservices.PersonInfoType;
import szrservices.SZR;
+import szrservices.SZRException_Exception;
import szrservices.SignContentEntry;
import szrservices.SignContentResponseType;
@@ -400,6 +406,8 @@ public class FullStartUpAndProcessTest {
private void injectSzrResponse() throws Exception {
+ setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
+
when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(vsz);
val signContentResp = new SignContentResponseType();
final SignContentEntry signContentEntry = new SignContentEntry();
@@ -493,4 +501,17 @@ public class FullStartUpAndProcessTest {
metadataProvider.addMetadataResolverIntoChain(fileSystemResolver);
}
+
+ private void setSzrResponseIdentityLink(String responseXmlPath) throws JAXBException, SZRException_Exception {
+ final JAXBContext jaxbContext = JAXBContext
+ .newInstance(szrservices.ObjectFactory.class, org.w3._2001._04.xmldsig_more.ObjectFactory.class,
+ org.w3._2000._09.xmldsig.ObjectFactory.class,
+ at.gv.e_government.reference.namespace.persondata._20020228.ObjectFactory.class);
+ final Unmarshaller jaxbUnmarshaller = jaxbContext.createUnmarshaller();
+ final GetIdentityLinkEidasResponse szrResponse = (GetIdentityLinkEidasResponse) jaxbUnmarshaller
+ .unmarshal(this.getClass().getResourceAsStream(responseXmlPath));
+ org.mockito.Mockito.when(szrMock.getIdentityLinkEidas(any(PersonInfoType.class))).thenReturn(szrResponse.getGetIdentityLinkReturn());
+
+ }
+
}
--
cgit v1.2.3
From 1f76d31e8e8f5a7bc6cd5694b989955ddc2ddc58 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Thu, 31 Mar 2022 13:00:02 +0200
Subject: feature(core): add deny-list for Spring DataBinder
This mitigates possible RCE attacked called "Spring4Shell"
---
connector/src/main/resources/applicationContext.xml | 2 ++
1 file changed, 2 insertions(+)
(limited to 'connector/src')
diff --git a/connector/src/main/resources/applicationContext.xml b/connector/src/main/resources/applicationContext.xml
index ec8e79f4..5c5e245c 100644
--- a/connector/src/main/resources/applicationContext.xml
+++ b/connector/src/main/resources/applicationContext.xml
@@ -28,6 +28,8 @@
+
+
--
cgit v1.2.3
From 9c732c794b99e1bd64efd584f5becaae76025de0 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Thu, 31 Mar 2022 14:38:17 +0200
Subject: refactor(core): remove deprecated operations on openSAML4 API
---
.../eidas/specific/connector/config/PvpEndPointConfiguration.java | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
(limited to 'connector/src')
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/config/PvpEndPointConfiguration.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/config/PvpEndPointConfiguration.java
index c62cbeef..81c37bd0 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/config/PvpEndPointConfiguration.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/config/PvpEndPointConfiguration.java
@@ -89,11 +89,11 @@ public class PvpEndPointConfiguration implements IPvp2BasicConfiguration {
final SurName surname = Saml2Utils.createSamlObject(SurName.class);
final EmailAddress emailAddress = Saml2Utils.createSamlObject(EmailAddress.class);
- givenName.setName(getAndVerifyFromConfiguration(
+ givenName.setValue(getAndVerifyFromConfiguration(
MsEidasNodeConstants.CONFIG_PROPS_METADATA_CONTACT_GIVENNAME));
- surname.setName(getAndVerifyFromConfiguration(
+ surname.setValue(getAndVerifyFromConfiguration(
MsEidasNodeConstants.CONFIG_PROPS_METADATA_CONTACT_SURNAME));
- emailAddress.setAddress(getAndVerifyFromConfiguration(
+ emailAddress.setURI(getAndVerifyFromConfiguration(
MsEidasNodeConstants.CONFIG_PROPS_METADATA_CONTACT_EMAIL));
contactPerson.setType(ContactPersonTypeEnumeration.TECHNICAL);
@@ -121,7 +121,7 @@ public class PvpEndPointConfiguration implements IPvp2BasicConfiguration {
MsEidasNodeConstants.CONFIG_PROPS_METADATA_ORGANISATION_FRIENDLYNAME));
orgUrl.setXMLLang(DEFAULT_XML_LANG);
- orgUrl.setValue(getAndVerifyFromConfiguration(
+ orgUrl.setURI(getAndVerifyFromConfiguration(
MsEidasNodeConstants.CONFIG_PROPS_METADATA_ORGANISATION_URL));
--
cgit v1.2.3
From 49a945fa17ee06f38ddada441df7a1f29c58e317 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Fri, 1 Apr 2022 21:47:48 +0200
Subject: feat(szr): add configuration property to activate/deactivate
work-around for insertErnp in case of IDA mode
---
connector/src/main/resources/application.properties | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
(limited to 'connector/src')
diff --git a/connector/src/main/resources/application.properties b/connector/src/main/resources/application.properties
index e7437840..73a258d7 100644
--- a/connector/src/main/resources/application.properties
+++ b/connector/src/main/resources/application.properties
@@ -100,7 +100,7 @@ eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject=false
#Raw eIDAS Id data storage
eidas.ms.auth.eIDAS.szrclient.workarounds.eidmapping.revisionlog.active=true
-
+eidas.ms.auth.eIDAS.szrclient.workarounds.use.getidentitylink.for.ida=true
eidas.ms.auth.eIDAS.szrclient.params.setPlaceOfBirthIfAvailable=true
eidas.ms.auth.eIDAS.szrclient.params.setBirthNameIfAvailable=true
--
cgit v1.2.3
From 791dc8acd7edbf22b98c2be111d420e61ebb39e6 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Tue, 5 Apr 2022 08:52:50 +0200
Subject: build(assembly): add histroy.txt into release package
---
connector/src/assembly/assembly_dir.xml | 1 +
connector/src/assembly/assembly_zip.xml | 1 +
2 files changed, 2 insertions(+)
(limited to 'connector/src')
diff --git a/connector/src/assembly/assembly_dir.xml b/connector/src/assembly/assembly_dir.xml
index 59437be6..bc12a470 100644
--- a/connector/src/assembly/assembly_dir.xml
+++ b/connector/src/assembly/assembly_dir.xml
@@ -44,6 +44,7 @@
readme_${project.version}.txt
readme_${project.version}.md
+ history.txt
eIDAS_Ref_Impl/*
handbook/*
diff --git a/connector/src/assembly/assembly_zip.xml b/connector/src/assembly/assembly_zip.xml
index 43877283..dcb7dab0 100644
--- a/connector/src/assembly/assembly_zip.xml
+++ b/connector/src/assembly/assembly_zip.xml
@@ -44,6 +44,7 @@
readme_${project.version}.txt
readme_${project.version}.md
+ history.txt
eIDAS_Ref_Impl/*
handbook/*
--
cgit v1.2.3