From 1bb05a848206fb1e3bd77b744068c1ee5b344d73 Mon Sep 17 00:00:00 2001 From: Christian Kollmann Date: Thu, 4 Mar 2021 16:02:22 +0100 Subject: Prevent SZRClient from creating ERnP entry if person does not exist --- .../modules/auth/eidas/v2/test/SzrClientTest.java | 39 +++++++++------------- .../eidas/v2/test/SzrClientTestProduction.java | 22 +++++------- .../tasks/CreateIdentityLinkTaskEidNewTest.java | 4 +-- 3 files changed, 27 insertions(+), 38 deletions(-) (limited to 'eidas_modules/authmodule-eIDAS-v2/src/test/java/at') diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java index 99c221d8..5deb5f31 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java @@ -28,10 +28,10 @@ import static org.mockito.ArgumentMatchers.anyList; import static org.mockito.Mockito.when; import java.io.IOException; -import java.security.InvalidKeyException; +import java.nio.charset.StandardCharsets; import java.security.MessageDigest; -import java.security.NoSuchProviderException; import java.util.List; +import java.util.Objects; import javax.xml.bind.JAXBContext; import javax.xml.bind.JAXBException; @@ -44,7 +44,6 @@ import org.apache.commons.lang3.RandomStringUtils; import org.apache.commons.lang3.StringUtils; import org.apache.cxf.binding.soap.SoapFault; import org.joda.time.DateTime; -import org.jose4j.lang.JoseException; import org.junit.Assert; import org.junit.Before; import org.junit.Ignore; @@ -60,9 +59,6 @@ import org.springframework.util.Base64Utils; import org.w3c.dom.Element; import org.xml.sax.SAXException; -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.databind.JsonMappingException; -import com.fasterxml.jackson.databind.ObjectMapper; import com.skjolberg.mockito.soap.SoapServiceRule; import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap; @@ -102,8 +98,6 @@ public class SzrClientTest { @Autowired SzrClient szrClient; @Autowired MsConnectorDummyConfigMap basicConfig; - private static ObjectMapper mapper = new ObjectMapper(); - private static final String givenName = "Franz"; private static final String familyName = "Mustermann"; private static final String dateOfBirth = "1989-05-05"; @@ -139,7 +133,7 @@ public class SzrClientTest { @Test - public void getStammzahlenEcryptedTest() throws JAXBException, SZRException_Exception, SzrCommunicationException { + public void getStammzahlenEcryptedTest() throws SZRException_Exception, SzrCommunicationException { final GetBPKFromStammzahlEncryptedResponse szrResponse = new GetBPKFromStammzahlEncryptedResponse(); final GetBPKFromStammzahlEncryptedResponseType result1 = new GetBPKFromStammzahlEncryptedResponseType(); szrResponse.getOut().add(result1); @@ -156,7 +150,7 @@ public class SzrClientTest { when(szrMock.getStammzahlEncrypted(any(), any())).thenReturn(null); try { - stammzahlEncrypted = szrClient.getEncryptedStammzahl(new PersonInfoType()); + szrClient.getEncryptedStammzahl(new PersonInfoType()); } catch (SzrCommunicationException e) { Assert.assertTrue("Not correct error", e.getMessage().contains("ernb.01")); } @@ -234,8 +228,7 @@ public class SzrClientTest { } @Test - public void eidasBindValid() throws SZRException_Exception, SzrCommunicationException, JsonMappingException, - JsonProcessingException, JoseException { + public void eidasBindValid() throws SZRException_Exception, SzrCommunicationException { final SignContentResponse szrResponse = new SignContentResponse(); final SignContentEntry result1 = new SignContentEntry(); final SignContentResponseType content = new SignContentResponseType(); @@ -257,8 +250,7 @@ public class SzrClientTest { } @Test - public void eidasBindValidWithMds() throws SZRException_Exception, SzrCommunicationException, JoseException, - JsonMappingException, JsonProcessingException { + public void eidasBindValidWithMds() throws SZRException_Exception, SzrCommunicationException { basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject", "true"); final SignContentResponse szrResponse = new SignContentResponse(); @@ -283,7 +275,7 @@ public class SzrClientTest { @Test public void getIdentityLinkRawModeValidResponse() - throws SZRException_Exception, EaafParserException, NoSuchProviderException, IOException, InvalidKeyException, + throws SZRException_Exception, EaafParserException, EidasSAuthenticationException, JAXBException { setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml"); @@ -317,8 +309,8 @@ public class SzrClientTest { @Test public void getIdentityLinkRawModeErrorTravelerDocExists() - throws SZRException_Exception, EaafParserException, NoSuchProviderException, IOException, InvalidKeyException, - EidasSAuthenticationException, JAXBException, ParserConfigurationException, SAXException { + throws SZRException_Exception, IOException, + EidasSAuthenticationException, ParserConfigurationException, SAXException { setSzrExceptionIdentityLink("/data/szr/szr_resp_error_travelerdocexists.xml"); try { @@ -342,7 +334,7 @@ public class SzrClientTest { @Ignore @Test - public void getBpkTest() throws SZRException_Exception, EidasSAuthenticationException { + public void getBpkTest() throws EidasSAuthenticationException { final List bPK = szrClient.getBpk(getPersonInfo(), DUMMY_TARGET, basicConfig .getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_VKZ, "no VKZ defined")); @@ -363,6 +355,7 @@ public class SzrClientTest { } + @SuppressWarnings("SameParameterValue") private void setSzrResponseIdentityLink(String responseXmlPath) throws JAXBException, SZRException_Exception { final JAXBContext jaxbContext = JAXBContext .newInstance(szrservices.ObjectFactory.class, org.w3._2001._04.xmldsig_more.ObjectFactory.class, @@ -375,8 +368,9 @@ public class SzrClientTest { } + @SuppressWarnings("SameParameterValue") private void setSzrExceptionIdentityLink(String responseXmlPath) - throws JAXBException, ParserConfigurationException, SAXException, IOException, SZRException_Exception { + throws ParserConfigurationException, SAXException, IOException, SZRException_Exception { final Element detailerror = DomUtils.parseXmlNonValidating(this.getClass().getResourceAsStream(responseXmlPath)); final javax.xml.namespace.QName qName = new javax.xml.namespace.QName("urn:SZRServices", "F455", "p344"); final SoapFault fault = new SoapFault( @@ -391,9 +385,8 @@ public class SzrClientTest { private String createHashFromUniqueId(String uniqueId) throws EidasSAuthenticationException { try { final MessageDigest md = MessageDigest.getInstance("SHA-256"); - final byte[] hash = md.digest(uniqueId.getBytes("UTF-8")); - final String hashBase64 = new String(Base64Utils.encode(hash), "UTF-8").replaceAll("\r\n", ""); - return hashBase64; + final byte[] hash = md.digest(uniqueId.getBytes(StandardCharsets.UTF_8)); + return new String(Base64Utils.encode(hash), StandardCharsets.UTF_8).replaceAll("\r\n", ""); } catch (final Exception ex) { throw new EidasSAuthenticationException("internal.03", new Object[]{}, ex); @@ -413,7 +406,7 @@ public class SzrClientTest { // parse some eID attributes final Triple eIdentifier = EidasResponseUtils.parseEidasPersonalIdentifier(eIDASeID); - final String uniqueId = createHashFromUniqueId(eIdentifier.getThird()); + final String uniqueId = createHashFromUniqueId(Objects.requireNonNull(eIdentifier).getThird()); final String citizenCountry = eIdentifier.getFirst(); // person information diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java index abebf0da..38829d67 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java @@ -23,11 +23,10 @@ package at.asitplus.eidas.specific.modules.auth.eidas.v2.test; -import java.io.IOException; -import java.security.InvalidKeyException; +import java.nio.charset.StandardCharsets; import java.security.MessageDigest; -import java.security.NoSuchProviderException; import java.util.List; +import java.util.Objects; import org.apache.commons.lang3.RandomStringUtils; import org.apache.commons.lang3.StringUtils; @@ -63,7 +62,6 @@ import at.gv.egiz.eaaf.core.impl.data.Triple; import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser; import szrservices.IdentityLinkType; import szrservices.PersonInfoType; -import szrservices.SZRException_Exception; import szrservices.TravelDocumentType; @@ -98,14 +96,14 @@ public class SzrClientTestProduction { } @Test - public void getVsz() throws SzrCommunicationException, EidasSAuthenticationException { + public void getVsz() throws EidasSAuthenticationException { String vsz = szrClient.getEncryptedStammzahl(getPersonInfo()); Assert.assertNotNull("vsz", vsz); } @Test - public void getEidasBind() throws SzrCommunicationException, EidasSAuthenticationException { + public void getEidasBind() throws EidasSAuthenticationException { String vsz = RandomStringUtils.randomAlphanumeric(10); String bindingPubKey = Base64.toBase64String(RandomStringUtils.random(20).getBytes()); String eidStatus = "urn:eidgvat:eid.status.eidas"; @@ -125,8 +123,7 @@ public class SzrClientTestProduction { @Test - public void getIdentityLinkRawMode() throws SZRException_Exception, EaafParserException, - NoSuchProviderException, IOException, InvalidKeyException, EidasSAuthenticationException { + public void getIdentityLinkRawMode() throws EaafParserException, EidasSAuthenticationException { log.debug("Starting connecting SZR Gateway"); final IdentityLinkType result = szrClient.getIdentityLinkInRawMode( getPersonInfo()); @@ -173,7 +170,7 @@ public class SzrClientTestProduction { @Ignore @Test - public void getBpkTest() throws SZRException_Exception, EidasSAuthenticationException { + public void getBpkTest() throws EidasSAuthenticationException { final List bPK = szrClient.getBpk(getPersonInfo(), DUMMY_TARGET, basicConfig.getBasicConfiguration( Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_VKZ, @@ -193,9 +190,8 @@ public class SzrClientTestProduction { private String createHashFromUniqueId(String uniqueId) throws EidasSAuthenticationException { try { final MessageDigest md = MessageDigest.getInstance("SHA-256"); - final byte[] hash = md.digest(uniqueId.getBytes("UTF-8")); - final String hashBase64 = new String(Base64Utils.encode(hash), "UTF-8").replaceAll("\r\n", ""); - return hashBase64; + final byte[] hash = md.digest(uniqueId.getBytes(StandardCharsets.UTF_8)); + return new String(Base64Utils.encode(hash), StandardCharsets.UTF_8).replaceAll("\r\n", ""); } catch (final Exception ex) { throw new EidasSAuthenticationException("internal.03", new Object[] {}, ex); @@ -216,7 +212,7 @@ public class SzrClientTestProduction { // parse some eID attributes final Triple eIdentifier = EidasResponseUtils.parseEidasPersonalIdentifier(eIDASeID); - final String uniqueId = createHashFromUniqueId(eIdentifier.getThird()); + final String uniqueId = createHashFromUniqueId(Objects.requireNonNull(eIdentifier).getThird()); final String citizenCountry = eIdentifier.getFirst(); // person information diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java index c29c82c7..ee7d2ebd 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java @@ -227,7 +227,7 @@ public class CreateIdentityLinkTaskEidNewTest { verify(szrMock, times(1)).getStammzahlEncrypted(argument4.capture(), argument5.capture()); Boolean param5 = argument5.getValue(); - Assert.assertTrue("insertERnP flag", param5); + Assert.assertFalse("insertERnP flag", param5); PersonInfoType person = argument4.getValue(); Assert.assertEquals("FamilyName", response.getAttributes().getAttributeValuesByFriendlyName("FamilyName").getFirstValue( @@ -344,7 +344,7 @@ public class CreateIdentityLinkTaskEidNewTest { verify(szrMock, times(1)).getStammzahlEncrypted(argument4.capture(), argument5.capture()); Boolean param5 = argument5.getValue(); - Assert.assertTrue("insertERnP flag", param5); + Assert.assertFalse("insertERnP flag", param5); PersonInfoType person = argument4.getValue(); Assert.assertEquals("FamilyName", response.getAttributes().getAttributeValuesByFriendlyName("FamilyName").getFirstValue( -- cgit v1.2.3