From e443168b481bb88fecbad73084147e7e8c882908 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Tue, 10 Dec 2019 07:39:27 +0100 Subject: refactoring to new EGIZ code requirements --- .../modules/auth/eidas/v2/test/SzrClientTest.java | 272 +++++++++++++++++++++ 1 file changed, 272 insertions(+) create mode 100644 eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java (limited to 'eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java') diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java new file mode 100644 index 00000000..81a61765 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java @@ -0,0 +1,272 @@ +/* + * Copyright 2018 A-SIT Plus GmbH + * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, + * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "License"); + * You may not use this work except in compliance with the License. + * You may obtain a copy of the License at: + * https://joinup.ec.europa.eu/news/understanding-eupl-v12 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. +*/ + +package at.asitplus.eidas.specific.modules.auth.eidas.v2.test; + +import static org.mockito.ArgumentMatchers.any; +import static org.mockito.Mockito.when; + +import java.io.IOException; +import java.security.InvalidKeyException; +import java.security.MessageDigest; +import java.security.NoSuchProviderException; + +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Unmarshaller; +import javax.xml.parsers.ParserConfigurationException; +import javax.xml.ws.soap.SOAPFaultException; + +import org.apache.commons.lang3.StringUtils; +import org.apache.cxf.binding.soap.SoapFault; +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.Ignore; +import org.junit.Rule; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.util.Base64Utils; +import org.w3c.dom.Element; +import org.xml.sax.SAXException; + +import com.skjolberg.mockito.soap.SoapServiceRule; + +import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.szr.SzrClient; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils; +import at.gv.e_government.reference.namespace.persondata._20020228.PersonNameType; +import at.gv.e_government.reference.namespace.persondata._20020228.PhysicalPersonType; +import at.gv.egiz.eaaf.core.api.data.EaafConstants; +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink; +import at.gv.egiz.eaaf.core.exceptions.EaafParserException; +import at.gv.egiz.eaaf.core.impl.data.Trible; +import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser; +import at.gv.egiz.eaaf.core.impl.utils.DomUtils; +import szrservices.GetIdentityLinkEidasResponse; +import szrservices.IdentityLinkType; +import szrservices.PersonInfoType; +import szrservices.SZR; +import szrservices.SZRException_Exception; +import szrservices.TravelDocumentType; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration("/SpringTest-context_tasks_test.xml") +public class SzrClientTest { + private static final Logger log = LoggerFactory.getLogger(SzrClientTest.class); + + @Autowired + SzrClient szrClient; + @Autowired + IConfiguration basicConfig; + + private static final String givenName = "Franz"; + private static final String familyName = "Mustermann"; + private static final String dateOfBirth = "1989-05-05"; + private static final String eIDASeID = "IS/AT/1234sdgsdfg56789ABCDEF"; + + private static final String DUMMY_TARGET = EaafConstants.URN_PREFIX_CDID + "ZP"; + + /** + * jUnit class initializer. + * + * @throws IOException In case of an error + */ + @BeforeClass + public static void classInitializer() throws IOException { + final String current = new java.io.File(".").toURI().toString(); + System.setProperty("eidas.ms.configuration", current + "../../basicConfig/default_config.properties"); + + } + + @Rule + public SoapServiceRule soap = SoapServiceRule.newInstance(); + + @Test + public void getIdentityLinkRawModeValidResponse() throws SZRException_Exception, EaafParserException, + NoSuchProviderException, IOException, InvalidKeyException, EidasSAuthenticationException, JAXBException { + setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml", "http://localhost:1234/demoszr"); + + try { + log.debug("Starting connecting SZR Gateway"); + final IdentityLinkType result = szrClient.getIdentityLinkInRawMode( + getPersonInfo()); + + Assert.assertNotNull(result); + Assert.assertNotNull(result.getAssertion()); + + final IIdentityLink identityLink = new SimpleIdentityLinkAssertionParser((Element) result + .getAssertion()).parseIdentityLink(); + Assert.assertNotNull(identityLink); + + System.out.println(identityLink.getSerializedSamlAssertion()); + + checkElement("Mustermann", identityLink.getFamilyName()); + checkElement("Hans", identityLink.getGivenName()); + checkElement("1989-05-05", identityLink.getDateOfBirth()); + checkElement("urn:publicid:gv.at:baseid", identityLink.getIdentificationType()); + checkElement("k+zDM1BVpN1WJO4x7ZQ3ng==", identityLink.getIdentificationValue()); + Assert.assertNotNull(identityLink.getSerializedSamlAssertion()); + Assert.assertNotNull(identityLink.getSamlAssertion()); + + } catch (final SzrCommunicationException e) { + Assert.fail(); + + } + + } + + @Test + public void getIdentityLinkRawModeErrorTravelerDocExists() throws SZRException_Exception, + EaafParserException, NoSuchProviderException, IOException, InvalidKeyException, + EidasSAuthenticationException, JAXBException, ParserConfigurationException, SAXException { + setSzrExceptionIdentityLink("/data/szr/szr_resp_error_travelerdocexists.xml", + "http://localhost:1234/demoszr"); + + try { + log.debug("Starting connecting SZR Gateway"); + szrClient.getIdentityLinkInRawMode( + getPersonInfo()); + Assert.fail(); + + } catch (final SzrCommunicationException e) { + checkElement("ernb.02", e.getErrorId()); + Assert.assertNotNull(e.getCause()); + org.springframework.util.Assert.isInstanceOf(SOAPFaultException.class, e.getCause()); + Assert.assertNotNull(((SOAPFaultException) e.getCause()).getFault()); + checkElement("p344:F455", ((SOAPFaultException) e.getCause()).getFault().getFaultCode()); + checkElement( + "The travel document you sent to insert a person already exists for another person. " + + "Either check the document or have the person altered accordingly", + ((SOAPFaultException) e.getCause()).getFault().getFaultString()); + + } + + } + + @Ignore + @Test + public void getBpkTest() throws SZRException_Exception, EidasSAuthenticationException { + final String bPK = szrClient.getBpk(getPersonInfo(), DUMMY_TARGET, + basicConfig.getBasicConfiguration( + Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_VKZ, + "no VKZ defined")); + + if (StringUtils.isEmpty(bPK)) { + throw new SzrCommunicationException("ernb.01", new Object[] { "bPK is null or empty" }); + } + + } + + private void checkElement(String expected, String value) { + Assert.assertNotNull(value); + Assert.assertEquals(expected, value); + + } + + private void setSzrResponseIdentityLink(String responseXmlPath, String serviceUrl) throws JAXBException, + SZRException_Exception { + final SZR szrServiceMock = soap.mock(SZR.class, serviceUrl); + final JAXBContext jaxbContext = JAXBContext.newInstance( + szrservices.ObjectFactory.class, + org.xmlsoap.schemas.ws._2002._04.secext.ObjectFactory.class, + org.w3._2001._04.xmldsig_more.ObjectFactory.class, + org.w3._2000._09.xmldsig.ObjectFactory.class, + at.gv.egov.pvp1.ObjectFactory.class, + at.gv.e_government.reference.namespace.persondata._20020228.ObjectFactory.class); + final Unmarshaller jaxbUnmarshaller = jaxbContext.createUnmarshaller(); + final GetIdentityLinkEidasResponse szrResponse = (GetIdentityLinkEidasResponse) jaxbUnmarshaller + .unmarshal(this.getClass().getResourceAsStream(responseXmlPath)); + when(szrServiceMock.getIdentityLinkEidas(any(PersonInfoType.class))).thenReturn(szrResponse + .getGetIdentityLinkReturn()); + + } + + private void setSzrExceptionIdentityLink(String responseXmlPath, String serviceUrl) throws JAXBException, + ParserConfigurationException, SAXException, IOException, SZRException_Exception { + final SZR szrServiceMock = soap.mock(SZR.class, serviceUrl); + final Element detailerror = DomUtils.parseXmlNonValidating(this.getClass().getResourceAsStream( + responseXmlPath)); + final javax.xml.namespace.QName qName = new javax.xml.namespace.QName("urn:SZRServices", "F455", "p344"); + final SoapFault fault = new SoapFault( + "The travel document you sent to insert a person already exists for another person. " + + "Either check the document or have the person altered accordingly", + qName); + fault.setRole("urn:SZRServices"); + fault.setDetail(detailerror); + when(szrServiceMock.getIdentityLinkEidas(any(PersonInfoType.class))).thenThrow(fault); + + } + + private String createHashFromUniqueId(String uniqueId) throws EidasSAuthenticationException { + try { + final MessageDigest md = MessageDigest.getInstance("SHA-256"); + final byte[] hash = md.digest(uniqueId.getBytes("UTF-8")); + final String hashBase64 = new String(Base64Utils.encode(hash), "UTF-8").replaceAll("\r\n", ""); + return hashBase64; + + } catch (final Exception ex) { + throw new EidasSAuthenticationException("internal.03", new Object[] {}, ex); + + } + } + + private PersonInfoType getPersonInfo() throws EidasSAuthenticationException { + final PersonInfoType personInfo = new PersonInfoType(); + final PersonNameType personName = new PersonNameType(); + final PhysicalPersonType naturalPerson = new PhysicalPersonType(); + final TravelDocumentType eDocument = new TravelDocumentType(); + + naturalPerson.setName(personName); + personInfo.setPerson(naturalPerson); + personInfo.setTravelDocument(eDocument); + + // parse some eID attributes + final Trible eIdentifier = + EidasResponseUtils.parseEidasPersonalIdentifier(eIDASeID); + final String uniqueId = createHashFromUniqueId(eIdentifier.getThird()); + final String citizenCountry = eIdentifier.getFirst(); + + // person information + personName.setFamilyName(familyName); + personName.setGivenName(givenName); + naturalPerson.setDateOfBirth(dateOfBirth); + eDocument.setIssuingCountry(citizenCountry); + eDocument.setDocumentNumber(uniqueId); + + // eID document information + eDocument.setDocumentType(basicConfig.getBasicConfiguration( + Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_EDOCUMENTTYPE, + Constants.SZR_CONSTANTS_DEFAULT_DOCUMENT_TYPE)); + + return personInfo; + } + +} -- cgit v1.2.3