From 2daed784e006d449de5b6151f6e109ab2a829749 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Tue, 30 Mar 2021 15:08:07 +0200
Subject: add mandate functionality into eIDAS out-going process

---
 .../IdAustriaAuthMetadataControllerFirstTest.java  |   4 +-
 .../test/task/ReceiveAuthnResponseTaskTest.java    | 102 +++++++++++++++++++++
 .../test/task/RequestIdAustriaSystemTaskTest.java  |  45 +++++++++
 .../data/Response_with_EID_with_mandate_jur.xml    |  63 +++++++++++++
 .../data/Response_with_EID_with_mandate_nat.xml    |  66 +++++++++++++
 5 files changed, 278 insertions(+), 2 deletions(-)
 create mode 100644 eidas_modules/authmodule_id-austria/src/test/resources/data/Response_with_EID_with_mandate_jur.xml
 create mode 100644 eidas_modules/authmodule_id-austria/src/test/resources/data/Response_with_EID_with_mandate_nat.xml

(limited to 'eidas_modules/authmodule_id-austria/src/test')

diff --git a/eidas_modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/controller/IdAustriaAuthMetadataControllerFirstTest.java b/eidas_modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/controller/IdAustriaAuthMetadataControllerFirstTest.java
index ef0c4da0..d2a2556b 100644
--- a/eidas_modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/controller/IdAustriaAuthMetadataControllerFirstTest.java
+++ b/eidas_modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/controller/IdAustriaAuthMetadataControllerFirstTest.java
@@ -94,7 +94,7 @@ public class IdAustriaAuthMetadataControllerFirstTest {
      controller.getSpMetadata(httpReq, httpResp);
 
     //check result
-    validateResponse(7);
+    validateResponse(16);
 
   }
 
@@ -117,7 +117,7 @@ public class IdAustriaAuthMetadataControllerFirstTest {
      controller.getSpMetadata(httpReq, httpResp);
 
     //check result
-    validateResponse(8);
+    validateResponse(17);
 
   }
 
diff --git a/eidas_modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/task/ReceiveAuthnResponseTaskTest.java b/eidas_modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/task/ReceiveAuthnResponseTaskTest.java
index a0446ad9..b3a5130f 100644
--- a/eidas_modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/task/ReceiveAuthnResponseTaskTest.java
+++ b/eidas_modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/task/ReceiveAuthnResponseTaskTest.java
@@ -1,6 +1,9 @@
 package at.asitplus.eidas.specific.modules.auth.idaustria.test.task;
 
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNull;
 import static org.junit.Assert.assertThrows;
+import static org.junit.Assert.assertTrue;
 
 import java.io.IOException;
 import java.util.Arrays;
@@ -536,6 +539,8 @@ public class ReceiveAuthnResponseTaskTest {
     Assert.assertNotNull("pendingReq not stored", storedReq);
     final AuthProcessDataWrapper session = pendingReq.getSessionData(AuthProcessDataWrapper.class);
     Assert.assertFalse("foreigner flag", session.isForeigner());
+    assertTrue("eidProcess flag", session.isEidProcess());
+    assertFalse("useMandate flag", session.isMandateUsed());
     
     checkAttributeInSession(session,PvpAttributeDefinitions.GIVEN_NAME_NAME, "Max");
     checkAttributeInSession(session,PvpAttributeDefinitions.PRINCIPAL_NAME_NAME, "Mustermann");
@@ -662,6 +667,103 @@ public class ReceiveAuthnResponseTaskTest {
         
   }
   
+  @Test
+  public void httpPostValidSignedAssertionEidValidWithJurMandate() throws IOException, XMLParserException, UnmarshallingException,
+      MarshallingException, TransformerException, TaskExecutionException, EaafException {
+
+    oaParam.setBpkTargetIdentifier(EaafConstants.URN_PREFIX_EIDAS + "AT+XX");
+    
+    metadataProvider.addMetadataResolverIntoChain(metadataFactory.createMetadataProvider(
+        METADATA_PATH, null, "jUnit IDP", null));
+
+    final Response response = initializeResponse(
+        "classpath:/data/idp_metadata_classpath_entity.xml",
+        "/data/Response_with_EID_with_mandate_jur.xml",
+        credentialProvider.getMessageSigningCredential(),
+        true);
+    httpReq.addParameter("SAMLResponse", Base64.getEncoder().encodeToString(
+        DomUtils.serializeNode(XMLObjectSupport.getMarshaller(response).marshall(response)).getBytes(
+            "UTF-8")));
+
+    // perform task
+    task.execute(pendingReq, executionContext);
+
+    // validate state
+    IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId());
+    Assert.assertNotNull("pendingReq not stored", storedReq);
+    final AuthProcessDataWrapper session = pendingReq.getSessionData(AuthProcessDataWrapper.class);
+    Assert.assertFalse("foreigner flag", session.isForeigner());
+    assertTrue("eidProcess flag", session.isEidProcess());
+    assertTrue("useMandate flag", session.isMandateUsed());
+    
+    checkAttributeInSession(session, PvpAttributeDefinitions.GIVEN_NAME_NAME, "Max");
+    checkAttributeInSession(session, PvpAttributeDefinitions.PRINCIPAL_NAME_NAME, "Mustermann");
+    checkAttributeInSession(session, PvpAttributeDefinitions.BIRTHDATE_NAME, "1940-01-01");
+    checkAttributeInSession(session, PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME, "http://eidas.europa.eu/LoA/high");
+    checkAttributeInSession(session, PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, "AT");
+    
+    checkAttributeInSession(session, PvpAttributeDefinitions.MANDATE_TYPE_NAME, "Generalvollmacht");
+    checkAttributeInSession(session, PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME, "Testfirma");
+    checkAttributeInSession(session, PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME, "999999m");
+    checkAttributeInSession(session, PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME, "urn:publicid:gv.at:baseid+XERSB");
+    
+    //pre-generated eIDAS identifer
+    checkAttributeInSession(session, MsProxyServiceConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER, "QVGm48cqcM4UcyhDTNGYmVdrIoY=");
+    assertNull("find nat. person bpk for mandator", session.getGenericDataFromSession(
+        PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME, String.class));
+    
+    
+  }
+  
+  @Test
+  public void httpPostValidSignedAssertionEidValidWithNatMandate() throws IOException, XMLParserException, UnmarshallingException,
+      MarshallingException, TransformerException, TaskExecutionException, EaafException {
+
+    oaParam.setBpkTargetIdentifier(EaafConstants.URN_PREFIX_EIDAS + "AT+XX");
+    
+    metadataProvider.addMetadataResolverIntoChain(metadataFactory.createMetadataProvider(
+        METADATA_PATH, null, "jUnit IDP", null));
+
+    final Response response = initializeResponse(
+        "classpath:/data/idp_metadata_classpath_entity.xml",
+        "/data/Response_with_EID_with_mandate_nat.xml",
+        credentialProvider.getMessageSigningCredential(),
+        true);
+    httpReq.addParameter("SAMLResponse", Base64.getEncoder().encodeToString(
+        DomUtils.serializeNode(XMLObjectSupport.getMarshaller(response).marshall(response)).getBytes(
+            "UTF-8")));
+
+    // perform task
+    task.execute(pendingReq, executionContext);
+
+    // validate state
+    IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId());
+    Assert.assertNotNull("pendingReq not stored", storedReq);
+    final AuthProcessDataWrapper session = pendingReq.getSessionData(AuthProcessDataWrapper.class);
+    Assert.assertFalse("foreigner flag", session.isForeigner());
+    assertTrue("eidProcess flag", session.isEidProcess());
+    assertTrue("useMandate flag", session.isMandateUsed());
+    
+    checkAttributeInSession(session, PvpAttributeDefinitions.GIVEN_NAME_NAME, "Max");
+    checkAttributeInSession(session, PvpAttributeDefinitions.PRINCIPAL_NAME_NAME, "Mustermann");
+    checkAttributeInSession(session, PvpAttributeDefinitions.BIRTHDATE_NAME, "1940-01-01");
+    checkAttributeInSession(session, PvpAttributeDefinitions.EID_CITIZEN_EIDAS_QAA_LEVEL_NAME, "http://eidas.europa.eu/LoA/high");
+    checkAttributeInSession(session, PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, "AT");
+    
+    checkAttributeInSession(session, PvpAttributeDefinitions.MANDATE_TYPE_NAME, "GeneralvollmachtBilateral");
+    checkAttributeInSession(session, PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME, "Gerti");
+    checkAttributeInSession(session, PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME, "Musterfrau");
+    checkAttributeInSession(session, PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME, "01-02-1941");
+    checkAttributeInSession(session, PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME, "AT+XX:AFSDAFSDFDSFCSDAFASDF=");
+
+        
+    //pre-generated eIDAS identifer
+    checkAttributeInSession(session, MsProxyServiceConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER, 
+        "QVGm48cqcM4UcyhDTNGYmVdrIoY=");
+    
+    
+  }
+  
   private void checkAttributeInSession(AuthProcessDataWrapper session, String attrName, String expected) {
     String value = session.getGenericDataFromSession(attrName, String.class);
     Assert.assertEquals("wrong attr. value", expected, value);
diff --git a/eidas_modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/task/RequestIdAustriaSystemTaskTest.java b/eidas_modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/task/RequestIdAustriaSystemTaskTest.java
index e5493332..6dc8d415 100644
--- a/eidas_modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/task/RequestIdAustriaSystemTaskTest.java
+++ b/eidas_modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/task/RequestIdAustriaSystemTaskTest.java
@@ -1,12 +1,14 @@
 package at.asitplus.eidas.specific.modules.auth.idaustria.test.task;
 
 import static org.junit.Assert.assertThrows;
+import static org.junit.Assert.assertTrue;
 
 import java.io.ByteArrayInputStream;
 import java.io.InputStream;
 import java.util.Arrays;
 import java.util.Base64;
 import java.util.HashMap;
+import java.util.List;
 import java.util.Map;
 import java.util.UUID;
 
@@ -45,6 +47,7 @@ import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
 import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
 import at.gv.egiz.eaaf.core.impl.idp.module.gui.DummyGuiBuilderConfigurationFactory;
 import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
 import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttributes;
 import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
 import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2InternalErrorException;
@@ -290,6 +293,48 @@ public class RequestIdAustriaSystemTaskTest {
     
   }
   
+  @Test
+  public void successWithMandates() throws Pvp2InternalErrorException, SecurityException, Exception {
+    metadataProvider.addMetadataResolverIntoChain(
+        metadataFactory.createMetadataProvider(METADATA_PATH, null, "jUnitTest", null));
+    
+    LightRequest.Builder eidasRequestBuilder = LightRequest.builder()
+        .id(UUID.randomUUID().toString())
+        .issuer(RandomStringUtils.randomAlphabetic(10))
+        .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+        .spCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .spType("public")
+        .requesterId(RandomStringUtils.randomAlphanumeric(10))
+        .providerName(RandomStringUtils.randomAlphanumeric(10));
+    LightRequest eidasReq = eidasRequestBuilder.build();
+    pendingReq.setEidasRequest(eidasReq);
+    
+    List<String> mandateProfiles = Arrays.asList(
+        RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));    
+    oaParam.setMandateProfiles(mandateProfiles);
+    
+    //execute test
+    task.execute(pendingReq, executionContext);
+
+    //validate state
+    final EaafRequestedAttributes reqAttr = validate();
+    Assert.assertEquals("#Req Attribute", 6, reqAttr.getAttributes().size());
+    
+    Assert.assertEquals("Wrong req attr.", "urn:eidgvat:attributes.ServiceProviderMandateProfiles",
+        reqAttr.getAttributes().get(5).getName());
+    Assert.assertNotNull("Req. Attr value element", reqAttr.getAttributes().get(1).getAttributeValues());
+    Assert.assertEquals("#Req. Attr value", 1,
+        reqAttr.getAttributes().get(5).getAttributeValues().size());
+    org.springframework.util.Assert.isInstanceOf(XSString.class,
+        reqAttr.getAttributes().get(5).getAttributeValues().get(0), "Wrong requested Attributes Value type");
+    
+    List<String> reqProfiles = KeyValueUtils.getListOfCsvValues(
+        ((XSString)reqAttr.getAttributes().get(5).getAttributeValues().get(0)).getValue());
+    reqProfiles.stream().forEach(el -> assertTrue("missing profile: " + el, mandateProfiles.contains(el)));
+    
+  }
+  
   private EaafRequestedAttributes validate() throws Pvp2InternalErrorException, SecurityException, Exception {
     Assert.assertEquals("HTTP Statuscode", 200, httpResp.getStatus());
     Assert.assertEquals("ContentType", "text/html;charset=UTF-8", httpResp.getContentType());
diff --git a/eidas_modules/authmodule_id-austria/src/test/resources/data/Response_with_EID_with_mandate_jur.xml b/eidas_modules/authmodule_id-austria/src/test/resources/data/Response_with_EID_with_mandate_jur.xml
new file mode 100644
index 00000000..da97bbf4
--- /dev/null
+++ b/eidas_modules/authmodule_id-austria/src/test/resources/data/Response_with_EID_with_mandate_jur.xml
@@ -0,0 +1,63 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" Destination="https://localhost/authhandler/sp/idaustria/eidas/post" InResponseTo="_aeebfae3ce681fe3ddcaf213a42f01d3" IssueInstant="2014-03-05T06:39:51.017Z" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+	<saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">classpath:/data/idp_metadata_classpath_entity.xml</saml2:Issuer>
+	<saml2p:Status>
+		<saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</saml2p:Status>
+	<saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" ID="_602c3236bffaf71ac3ac88674e76ff9f" IssueInstant="2014-03-05T06:39:51.017Z" Version="2.0">
+		<saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/demoportal_moaid-2.0/pvp/metadata</saml2:Issuer>
+		<saml2:Subject>
+			<saml2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" NameQualifier="urn:publicid:gv.at:cdid+BF">QVGm48cqcM4UcyhDTNGYmVdrIoY=</saml2:NameID>
+			<saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml2:SubjectConfirmationData InResponseTo="_aeebfae3ce681fe3ddcaf213a42f01d3" NotOnOrAfter="2014-03-05T06:44:51.017Z" Recipient="https://localhost/authhandler/sp/eidas/post"/>
+			</saml2:SubjectConfirmation>
+		</saml2:Subject>
+		<saml2:Conditions NotBefore="2014-03-05T06:39:51.017Z" NotOnOrAfter="2035-03-05T06:44:51.017Z">
+			<saml2:AudienceRestriction>
+				<saml2:Audience>https://localhost/authhandler/sp/idaustria/eidas/metadata</saml2:Audience>
+			</saml2:AudienceRestriction>
+		</saml2:Conditions>
+		<saml2:AuthnStatement AuthnInstant="2014-03-05T06:39:51.017Z" SessionIndex="_c0c683509a8ff6ac372a9cf9c5c5a406">
+			<saml2:AuthnContext>
+				<saml2:AuthnContextClassRef>http://eidas.europa.eu/LoA/high</saml2:AuthnContextClassRef>
+			</saml2:AuthnContext>
+		</saml2:AuthnStatement>
+		<saml2:AttributeStatement>
+			<saml2:Attribute FriendlyName="PVP-VERSION" Name="urn:oid:1.2.40.0.10.2.1.1.261.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+				<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">2.1</saml2:AttributeValue>
+			</saml2:Attribute>
+			<saml2:Attribute FriendlyName="EID-CITIZEN-QAA- EIDAS-LEVEL" Name="urn:oid:1.2.40.0.10.2.1.1.261.108" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+				<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">http://eidas.europa.eu/LoA/high</saml2:AttributeValue>
+			</saml2:Attribute>
+			<saml2:Attribute FriendlyName="EID-ISSUING-NATION" Name="urn:oid:1.2.40.0.10.2.1.1.261.32" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+				<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">AT</saml2:AttributeValue>
+			</saml2:Attribute>
+			<saml2:Attribute FriendlyName="PRINCIPAL-NAME" Name="urn:oid:1.2.40.0.10.2.1.1.261.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+				<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">Mustermann</saml2:AttributeValue>
+			</saml2:Attribute>
+			<saml2:Attribute FriendlyName="GIVEN-NAME" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+				<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">Max</saml2:AttributeValue>
+			</saml2:Attribute>
+			<saml2:Attribute FriendlyName="BIRTHDATE" Name="urn:oid:1.2.40.0.10.2.1.1.55" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+				<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">1940-01-01</saml2:AttributeValue>
+			</saml2:Attribute>
+			<saml2:Attribute FriendlyName="BPK" Name="urn:oid:1.2.40.0.10.2.1.1.149" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+				<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">AT+XX:QVGm48cqcM4UcyhDTNGYmVdrIoY=</saml2:AttributeValue>       
+			</saml2:Attribute>
+      
+            <saml2:Attribute FriendlyName="MANDATE-TYPE" Name="urn:oid:1.2.40.0.10.2.1.1.261.68" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+              <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">Generalvollmacht</saml2:AttributeValue>
+            </saml2:Attribute>
+            <saml2:Attribute FriendlyName="MANDATOR-LEGAL-PERSON-SOURCE-PIN" Name="urn:oid:1.2.40.0.10.2.1.1.261.100" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+              <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">999999m</saml2:AttributeValue>
+            </saml2:Attribute>
+            <saml2:Attribute FriendlyName="MANDATOR-LEGAL-PERSON-SOURCE-PIN-TYPE" Name="urn:oid:1.2.40.0.10.2.1.1.261.76" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+              <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">urn:publicid:gv.at:baseid+XERSB</saml2:AttributeValue>
+            </saml2:Attribute>
+            <saml2:Attribute FriendlyName="MANDATOR-LEGAL-PERSON-FULL-NAME" Name="urn:oid:1.2.40.0.10.2.1.1.261.84" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+              <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">Testfirma</saml2:AttributeValue>
+            </saml2:Attribute>
+            
+		</saml2:AttributeStatement>
+	</saml2:Assertion>
+</saml2p:Response>
diff --git a/eidas_modules/authmodule_id-austria/src/test/resources/data/Response_with_EID_with_mandate_nat.xml b/eidas_modules/authmodule_id-austria/src/test/resources/data/Response_with_EID_with_mandate_nat.xml
new file mode 100644
index 00000000..8a84503d
--- /dev/null
+++ b/eidas_modules/authmodule_id-austria/src/test/resources/data/Response_with_EID_with_mandate_nat.xml
@@ -0,0 +1,66 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" Destination="https://localhost/authhandler/sp/idaustria/eidas/post" InResponseTo="_aeebfae3ce681fe3ddcaf213a42f01d3" IssueInstant="2014-03-05T06:39:51.017Z" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+	<saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">classpath:/data/idp_metadata_classpath_entity.xml</saml2:Issuer>
+	<saml2p:Status>
+		<saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</saml2p:Status>
+	<saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" ID="_602c3236bffaf71ac3ac88674e76ff9f" IssueInstant="2014-03-05T06:39:51.017Z" Version="2.0">
+		<saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/demoportal_moaid-2.0/pvp/metadata</saml2:Issuer>
+		<saml2:Subject>
+			<saml2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" NameQualifier="urn:publicid:gv.at:cdid+BF">QVGm48cqcM4UcyhDTNGYmVdrIoY=</saml2:NameID>
+			<saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml2:SubjectConfirmationData InResponseTo="_aeebfae3ce681fe3ddcaf213a42f01d3" NotOnOrAfter="2014-03-05T06:44:51.017Z" Recipient="https://localhost/authhandler/sp/eidas/post"/>
+			</saml2:SubjectConfirmation>
+		</saml2:Subject>
+		<saml2:Conditions NotBefore="2014-03-05T06:39:51.017Z" NotOnOrAfter="2035-03-05T06:44:51.017Z">
+			<saml2:AudienceRestriction>
+				<saml2:Audience>https://localhost/authhandler/sp/idaustria/eidas/metadata</saml2:Audience>
+			</saml2:AudienceRestriction>
+		</saml2:Conditions>
+		<saml2:AuthnStatement AuthnInstant="2014-03-05T06:39:51.017Z" SessionIndex="_c0c683509a8ff6ac372a9cf9c5c5a406">
+			<saml2:AuthnContext>
+				<saml2:AuthnContextClassRef>http://eidas.europa.eu/LoA/high</saml2:AuthnContextClassRef>
+			</saml2:AuthnContext>
+		</saml2:AuthnStatement>
+		<saml2:AttributeStatement>
+			<saml2:Attribute FriendlyName="PVP-VERSION" Name="urn:oid:1.2.40.0.10.2.1.1.261.10" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+				<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">2.1</saml2:AttributeValue>
+			</saml2:Attribute>
+			<saml2:Attribute FriendlyName="EID-CITIZEN-QAA- EIDAS-LEVEL" Name="urn:oid:1.2.40.0.10.2.1.1.261.108" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+				<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">http://eidas.europa.eu/LoA/high</saml2:AttributeValue>
+			</saml2:Attribute>
+			<saml2:Attribute FriendlyName="EID-ISSUING-NATION" Name="urn:oid:1.2.40.0.10.2.1.1.261.32" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+				<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">AT</saml2:AttributeValue>
+			</saml2:Attribute>
+			<saml2:Attribute FriendlyName="PRINCIPAL-NAME" Name="urn:oid:1.2.40.0.10.2.1.1.261.20" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+				<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">Mustermann</saml2:AttributeValue>
+			</saml2:Attribute>
+			<saml2:Attribute FriendlyName="GIVEN-NAME" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+				<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">Max</saml2:AttributeValue>
+			</saml2:Attribute>
+			<saml2:Attribute FriendlyName="BIRTHDATE" Name="urn:oid:1.2.40.0.10.2.1.1.55" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+				<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">1940-01-01</saml2:AttributeValue>
+			</saml2:Attribute>
+			<saml2:Attribute FriendlyName="BPK" Name="urn:oid:1.2.40.0.10.2.1.1.149" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+				<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">AT+XX:QVGm48cqcM4UcyhDTNGYmVdrIoY=</saml2:AttributeValue>       
+			</saml2:Attribute>
+      
+            <saml2:Attribute FriendlyName="MANDATE-TYPE" Name="urn:oid:1.2.40.0.10.2.1.1.261.68" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+              <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">GeneralvollmachtBilateral</saml2:AttributeValue>
+            </saml2:Attribute>
+            <saml2:Attribute FriendlyName="MANDATOR-NATURAL-PERSON-BPK" Name="urn:oid:1.2.40.0.10.2.1.1.261.98" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+              <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">AT+XX:AFSDAFSDFDSFCSDAFASDF=</saml2:AttributeValue>
+            </saml2:Attribute>
+            <saml2:Attribute FriendlyName="MANDATOR-NATURAL-PERSON-GIVEN-NAME" Name="urn:oid:1.2.40.0.10.2.1.1.261.78" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+              <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">Gerti</saml2:AttributeValue>
+            </saml2:Attribute>
+            <saml2:Attribute FriendlyName="MANDATOR-NATURAL-PERSON-FAMILY-NAME" Name="urn:oid:1.2.40.0.10.2.1.1.261.80" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+              <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">Musterfrau</saml2:AttributeValue>
+            </saml2:Attribute>
+            <saml2:Attribute FriendlyName="MANDATOR-NATURAL-PERSON-BIRTHDATE" Name="urn:oid:1.2.40.0.10.2.1.1.261.82" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+              <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">01-02-1941</saml2:AttributeValue>
+            </saml2:Attribute>
+            
+		</saml2:AttributeStatement>
+	</saml2:Assertion>
+</saml2p:Response>
-- 
cgit v1.2.3