From e385456f79574dac9702b01a6722de444359fff1 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Tue, 16 Nov 2021 08:41:19 +0100 Subject: restructure matching step via alternative-eIDAS-authentication and add jUnit tests --- .../eidas/v2/service/RegisterSearchService.java | 112 ++- .../auth/eidas/v2/tasks/AlternativeSearchTask.java | 117 ++- .../auth/eidas/v2/utils/MatchingTaskUtils.java | 27 +- .../v2/test/clients/ZmrClientProductionTest.java | 6 +- .../AlternativeSearchTaskWithRegisterTest.java | 977 +++++++++++++++++++++ .../data/zmr/seq_3-10_kitt_update_resp.xml | 123 +++ .../zmr/seq_3-4_kitt_get_latest_version_resp.xml | 208 +++++ .../data/zmr/seq_3-6_kitt_update_resp.xml | 123 +++ .../zmr/seq_3-8_kitt_get_latest_version_resp.xml | 231 +++++ 9 files changed, 1846 insertions(+), 78 deletions(-) create mode 100644 eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/AlternativeSearchTaskWithRegisterTest.java create mode 100644 eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_3-10_kitt_update_resp.xml create mode 100644 eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_3-4_kitt_get_latest_version_resp.xml create mode 100644 eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_3-6_kitt_update_resp.xml create mode 100644 eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_3-8_kitt_get_latest_version_resp.xml (limited to 'eidas_modules') diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/RegisterSearchService.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/RegisterSearchService.java index 232b1d11..047d75ae 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/RegisterSearchService.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/RegisterSearchService.java @@ -1,5 +1,16 @@ package at.asitplus.eidas.specific.modules.auth.eidas.v2.service; +import java.math.BigInteger; +import java.util.Collections; +import java.util.List; + +import javax.annotation.Nonnull; + +import org.jetbrains.annotations.Nullable; +import org.springframework.stereotype.Service; + +import com.google.common.collect.Streams; + import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.zmr.IZmrClient; import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.zmr.ZmrSoapClient.ZmrRegisterResult; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult; @@ -13,15 +24,6 @@ import lombok.AllArgsConstructor; import lombok.Getter; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; -import org.apache.commons.collections4.ListUtils; -import org.jetbrains.annotations.Nullable; -import org.springframework.stereotype.Service; - -import javax.annotation.Nonnull; -import java.math.BigInteger; -import java.util.Arrays; -import java.util.Collections; -import java.util.List; @Slf4j @Service("registerSearchService") @@ -57,9 +59,24 @@ public class RegisterSearchService { @Nonnull public RegisterStatusResults searchWithPersonIdentifier(SimpleEidasData eidasData) throws WorkflowException { + return searchWithPersonIdentifier(null, eidasData); + + } + + /** + * Search with Person Identifier (eIDAS Pseudonym) in ZMR and ERnP. + * + * @param operationStatus Current register-operation status that contains processing informations + * @param eidasData Received eIDAS data + * @throws WorkflowException In case of a register interaction error + */ + @Nonnull + public RegisterStatusResults searchWithPersonIdentifier(@Nullable RegisterOperationStatus operationStatus, + @Nonnull SimpleEidasData eidasData) throws WorkflowException { try { final ZmrRegisterResult resultsZmr = zmrClient.searchWithPersonIdentifier( - null, eidasData.getPseudonym(), eidasData.getCitizenCountryCode()); + operationStatus != null ? operationStatus.getZmrProcessId() : null, + eidasData.getPseudonym(), eidasData.getCitizenCountryCode()); final List resultsErnp = ernpClient.searchWithPersonIdentifier( eidasData.getPersonalIdentifier()); @@ -71,7 +88,7 @@ public class RegisterSearchService { } } - + /** * Search with MDS (Given Name, Family Name, Date of Birth) in ZMR and ERnP. * @@ -185,39 +202,70 @@ public class RegisterSearchService { } } + //TODO: check this method, because it's different to 'step7aKittProcess'??? /** * Automatic process to fix the register entries. * Called when the alternative eIDAS authn leads to a match in a register. * - * @param registerResult Result of last register search - * @param initialEidasData Received eidas data from initial authentication - * @param altEidasData Received eidas data from alternative authentication + * @param initialSearchResult Register results from initial authentication + * @param initialEidasData Received eIDAS data from initial authentication + * @param altSearchResult Register results from alternative authentication + * @param altEidasData Received eIDAS data from alternative authentication * @return */ - public RegisterStatusResults step7bKittProcess(RegisterStatusResults registerResult, - SimpleEidasData initialEidasData, SimpleEidasData altEidasData) - throws WorkflowException { + public RegisterStatusResults step7bKittProcess( + RegisterStatusResults initialSearchResult, SimpleEidasData initialEidasData, + RegisterStatusResults altSearchResult, SimpleEidasData altEidasData) throws WorkflowException { log.trace("Starting step7bKittProcess"); - // TODO verify with which data this method gets called - if (registerResult.getResultCount() != 1) { + + // check if alternative authentication ends in a single result + if (altSearchResult.getResultCount() != 1) { throw new WorkflowException("step7bKittProcess", "getResultCount() != 1"); + + } + + // check if alternative authentication result is part of initialSearchResults + if (!Streams.concat(initialSearchResult.getResultsZmr().stream(), initialSearchResult.getResultsErnp().stream()) + .filter(el -> { + try { + return altSearchResult.getResult().getBpk().equals(el.getBpk()); + + } catch (WorkflowException e1) { + //can not appear because it's already validated above. + return false; + } + }) + .findFirst() + .isPresent()) { + throw new WorkflowException("step7bKittProcess", + "Register result from alternativ authentication does not fit into intermediate state"); + } + + // perform KITT operations try { - if (registerResult.getResultsZmr().size() == 1) { - RegisterResult entryZmr = registerResult.getResultsZmr().get(0); - ZmrRegisterResult updateAlt = zmrClient - .update(registerResult.getOperationStatus().getZmrProcessId(), entryZmr, altEidasData); - ZmrRegisterResult updateInitial = zmrClient - .update(registerResult.getOperationStatus().getZmrProcessId(), entryZmr, initialEidasData); - return new RegisterStatusResults(registerResult.getOperationStatus(), - ListUtils.union(updateAlt.getPersonResult(), updateInitial.getPersonResult()), - Collections.emptyList()); + if (altSearchResult.getResultsZmr().size() == 1) { + RegisterResult entryZmr = altSearchResult.getResultsZmr().get(0); + + // update ZMR entry by using eIDAS information from initial authentication + zmrClient.update(altSearchResult.getOperationStatus().getZmrProcessId(), entryZmr, initialEidasData); + + // update ZMR entry by using eIDAS information from alternative authentication + ZmrRegisterResult updateAlt = zmrClient.update( + altSearchResult.getOperationStatus().getZmrProcessId(), entryZmr, altEidasData); + + return RegisterStatusResults.fromZmr(updateAlt); + } else { - RegisterResult entryErnp = registerResult.getResultsErnp().get(0); + RegisterResult entryErnp = altSearchResult.getResultsErnp().get(0); + + // update ZMR entry by using eIDAS information from initial authentication + ernpClient.update(entryErnp, initialEidasData); + + // update ZMR entry by using eIDAS information from alternative authentication RegisterResult updateAlt = ernpClient.update(entryErnp, altEidasData); - RegisterResult updateInitial = ernpClient.update(entryErnp, initialEidasData); - return new RegisterStatusResults(registerResult.getOperationStatus(), Collections.emptyList(), - Arrays.asList(updateAlt, updateInitial)); + + return RegisterStatusResults.fromErnp(altSearchResult.operationStatus, Collections.singletonList(updateAlt)); } } catch (final EidasSAuthenticationException e) { throw new WorkflowException("kittMatchedIdentitiess", e.getMessage(), diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/AlternativeSearchTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/AlternativeSearchTask.java index 4705c56b..e0273d10 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/AlternativeSearchTask.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/AlternativeSearchTask.java @@ -23,6 +23,17 @@ package at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks; +import static at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK; + +import java.util.Map; +import java.util.Objects; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.jetbrains.annotations.NotNull; +import org.springframework.stereotype.Component; + import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData; @@ -40,15 +51,6 @@ import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask; import eu.eidas.auth.commons.light.ILightResponse; import lombok.extern.slf4j.Slf4j; -import org.jetbrains.annotations.NotNull; -import org.springframework.stereotype.Component; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.util.Map; -import java.util.Objects; - -import static at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK; /** * Searches registers (ERnP and ZMR) after alternative eIDAS authn, before adding person to SZR. @@ -96,74 +98,123 @@ public class AlternativeSearchTask extends AbstractAuthServletTask { public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response) throws TaskExecutionException { try { - final SimpleEidasData altEidasData = convertEidasAttrToSimpleData(); + final SimpleEidasData altEidasData = convertEidasAttrToSimpleData(); final SimpleEidasData initialEidasData = MatchingTaskUtils.getInitialEidasData(pendingReq); - verifyAlternativeEidasData(altEidasData, initialEidasData); - step11RegisterSearchWithPersonIdentifier(executionContext, altEidasData, initialEidasData); + final RegisterStatusResults intermediateMatchingState = + MatchingTaskUtils.getIntermediateMatchingResult(pendingReq); + + //pre-validation of eIDAS data + preVerifyAlternativeEidasData(altEidasData, initialEidasData, intermediateMatchingState); + + //perform register search operation based on alterantive eIDAS data + step11RegisterSearchWithPersonIdentifier(executionContext, altEidasData, + intermediateMatchingState, initialEidasData); + } catch (WorkflowException e) { throw new TaskExecutionException(pendingReq, "Initial search failed", e); + } catch (final Exception e) { log.error("Initial search failed", e); throw new TaskExecutionException(pendingReq, "Initial search failed with a generic error", e); + } } - private void verifyAlternativeEidasData(SimpleEidasData altEidasData, SimpleEidasData initialEidasData) - throws WorkflowException { + /** + * Pre-validation of eIDAS information. + * + *

Check if country-code and MDS (givenName, familyName, dateOfBirth) matches.

+ * + * @param altEidasData eIDAS data from alternative authentication + * @param initialEidasData eIDAS data from initial authentication + * @param intermediateMatchingState Intermediate matching result + * @throws WorkflowException In case of a validation error + */ + private void preVerifyAlternativeEidasData(SimpleEidasData altEidasData, SimpleEidasData initialEidasData, + RegisterStatusResults intermediateMatchingState) throws WorkflowException { if (initialEidasData == null) { - throw new WorkflowException("step11", "No initial eIDAS authn data"); + throw new WorkflowException("step11", "No initial eIDAS authn data", true); + + } + + if (intermediateMatchingState == null) { + throw new WorkflowException("step11", "No intermediate matching-state", true); + } + if (!Objects.equals(altEidasData.getCitizenCountryCode(), initialEidasData.getCitizenCountryCode())) { throw new WorkflowException("step11", "Country Code of alternative eIDAS authn not matching", true); + } + if (!altEidasData.equalsMds(initialEidasData)) { throw new WorkflowException("step11", "MDS of alternative eIDAS authn does not match initial authn", true); + } } private void step11RegisterSearchWithPersonIdentifier( - ExecutionContext executionContext, SimpleEidasData initialEidasData, SimpleEidasData altEidasData) + ExecutionContext executionContext, SimpleEidasData altEidasData, + RegisterStatusResults intermediateMatchingState, SimpleEidasData initialEidasData) throws WorkflowException, EaafStorageException { try { log.trace("Starting step11RegisterSearchWithPersonIdentifier"); - RegisterStatusResults searchResult = registerSearchService.searchWithPersonIdentifier(altEidasData); - int resultCount = searchResult.getResultCount(); + RegisterStatusResults altSearchResult = registerSearchService.searchWithPersonIdentifier( + intermediateMatchingState.getOperationStatus(), altEidasData); + + int resultCount = altSearchResult.getResultCount(); if (resultCount == 0) { - step12CountrySpecificSearch(executionContext, searchResult.getOperationStatus(), initialEidasData, - altEidasData); + step12CountrySpecificSearch(executionContext, intermediateMatchingState, initialEidasData, + altSearchResult.getOperationStatus(), altEidasData); + } else if (resultCount == 1) { - foundMatchFinalizeTask(searchResult, altEidasData); + log.debug("step11RegisterSearchWithPersonIdentifier find single result. Starting KITT operation ... "); + RegisterStatusResults matchtedResult = registerSearchService.step7bKittProcess( + intermediateMatchingState, initialEidasData, altSearchResult, altEidasData); + + log.debug("KITT operation finished. Finalize matching process ... "); + foundMatchFinalizeTask(matchtedResult, altEidasData); + } else { throw new WorkflowException("step11RegisterSearchWithPersonIdentifier", "More than one entry with unique personal-identifier", true); + } } catch (WorkflowException e) { - //TODO: what we do in case of a workflow error and manual matching are necessary?? log.warn("Workflow error during matching step: {}. Reason: {}", e.getProcessStepName(), e.getErrorReason()); throw e; + } } private void step12CountrySpecificSearch(ExecutionContext executionContext, - RegisterOperationStatus registerOperationStatus, + RegisterStatusResults intermediateMatchingState, SimpleEidasData initialEidasData, + RegisterOperationStatus registerOperationStatus, SimpleEidasData altEidasData) throws EaafStorageException, WorkflowException { - log.trace("Starting 'step12CountrySpecificSearch' ... "); - RegisterStatusResults searchResult = registerSearchService.searchWithCountrySpecifics( + log.trace("Starting 'step12CountrySpecificSearch' ... "); + RegisterStatusResults ccAltSearchResult = registerSearchService.searchWithCountrySpecifics( registerOperationStatus, altEidasData); - if (searchResult.getResultCount() == 0) { + + if (ccAltSearchResult.getResultCount() == 0) { log.trace("'step12CountrySpecificSearch' ends with no result. Forward to GUI based matching step ... "); log.debug("Forward to GUI based matching steps ... "); executionContext.put(TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK, true); - } else if (searchResult.getResultCount() == 1) { - log.trace("'step12CountrySpecificSearch' finds a person. Forward to 'step7aKittProcess' step ... "); - registerSearchService.step7bKittProcess(searchResult, initialEidasData, altEidasData); - foundMatchFinalizeTask(searchResult, altEidasData); + + } else if (ccAltSearchResult.getResultCount() == 1) { + log.debug("'step12CountrySpecificSearch' find single result. Starting KITT operation ... "); + RegisterStatusResults matchtedResult = registerSearchService.step7bKittProcess( + intermediateMatchingState, initialEidasData, ccAltSearchResult, altEidasData); + + log.debug("KITT operation finished. Finalize matching process ... "); + foundMatchFinalizeTask(matchtedResult, altEidasData); + } else { throw new WorkflowException("step12CountrySpecificSearch", "More than one entry with unique country-specific information", true); - } + + } } private void foundMatchFinalizeTask(RegisterStatusResults searchResult, SimpleEidasData eidasData) @@ -171,6 +222,10 @@ public class AlternativeSearchTask extends AbstractAuthServletTask { MatchedPersonResult result = MatchedPersonResult.generateFormMatchingResult( searchResult.getResult(), eidasData.getCitizenCountryCode()); MatchingTaskUtils.storeFinalMatchingResult(pendingReq, result); + + //remove intermediate matching-state + MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, null); + } @NotNull diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/MatchingTaskUtils.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/MatchingTaskUtils.java index c7631f53..ad641841 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/MatchingTaskUtils.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/MatchingTaskUtils.java @@ -1,5 +1,19 @@ package at.asitplus.eidas.specific.modules.auth.eidas.v2.utils; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import javax.annotation.Nullable; + +import org.apache.commons.lang3.StringUtils; +import org.joda.time.DateTime; +import org.slf4j.Logger; +import org.springframework.lang.NonNull; + +import com.google.common.collect.ImmutableMap; +import com.google.common.collect.ImmutableSet; + import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult; import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData; @@ -8,20 +22,9 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchSe import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; -import com.google.common.collect.ImmutableMap; -import com.google.common.collect.ImmutableSet; import eu.eidas.auth.commons.attribute.AttributeDefinition; import eu.eidas.auth.commons.attribute.AttributeValue; import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress; -import org.apache.commons.lang3.StringUtils; -import org.joda.time.DateTime; -import org.slf4j.Logger; -import org.springframework.lang.NonNull; - -import javax.annotation.Nullable; -import java.util.HashMap; -import java.util.List; -import java.util.Map; public class MatchingTaskUtils { @@ -64,7 +67,7 @@ public class MatchingTaskUtils { RegisterStatusResults.class); } - + /** * Store intermediate matching result into session. * diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ZmrClientProductionTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ZmrClientProductionTest.java index ba55c466..97ea5bfa 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ZmrClientProductionTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ZmrClientProductionTest.java @@ -304,8 +304,8 @@ public class ZmrClientProductionTest { final ZmrRegisterResult ccSpecificFirstEntry = client.searchCountrySpecific(null, generateCustomRequest( eidasDataFirst.getCitizenCountryCode(), - eidasDataFirst.getGivenName(), eidasDataFirst.getFamilyName(), + eidasDataFirst.getGivenName(), eidasDataFirst.getDateOfBirth(), null, eidasDataFirst.getPlaceOfBirth(), @@ -401,8 +401,8 @@ public class ZmrClientProductionTest { final ZmrRegisterResult ccSpecificFirstEntry = client.searchCountrySpecific(null, generateCustomRequest( eidasDataFirst.getCitizenCountryCode(), - eidasDataFirst.getGivenName(), eidasDataFirst.getFamilyName(), + eidasDataFirst.getGivenName(), eidasDataFirst.getDateOfBirth(), eidasDataFirst.getPseudonym(), null, @@ -419,8 +419,8 @@ public class ZmrClientProductionTest { final ZmrRegisterResult ccSpecificSecondEntry = client.searchCountrySpecific(null, generateCustomRequest( eidasDataSecond.getCitizenCountryCode(), - eidasDataSecond.getGivenName(), eidasDataSecond.getFamilyName(), + eidasDataSecond.getGivenName(), eidasDataSecond.getDateOfBirth(), eidasDataSecond.getPseudonym(), null, diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/AlternativeSearchTaskWithRegisterTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/AlternativeSearchTaskWithRegisterTest.java new file mode 100644 index 00000000..b70b4854 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/AlternativeSearchTaskWithRegisterTest.java @@ -0,0 +1,977 @@ +package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks; + +import static org.apache.commons.lang3.RandomStringUtils.randomAlphabetic; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertNull; +import static org.junit.Assert.assertThrows; +import static org.junit.Assert.assertTrue; +import static org.mockito.ArgumentMatchers.any; +import static org.mockito.Mockito.when; + +import java.math.BigInteger; +import java.net.URI; +import java.net.URISyntaxException; +import java.util.Arrays; +import java.util.Collections; +import java.util.List; +import java.util.Map; +import java.util.Optional; + +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBElement; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Unmarshaller; +import javax.xml.namespace.QName; + +import org.apache.commons.lang3.RandomStringUtils; +import org.jetbrains.annotations.NotNull; +import org.junit.Assert; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Rule; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.mockito.ArgumentCaptor; +import org.mockito.Mock; +import org.mockito.MockitoAnnotations; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.mock.web.MockHttpServletRequest; +import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.test.annotation.DirtiesContext; +import org.springframework.test.annotation.DirtiesContext.ClassMode; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; + +import com.github.skjolber.mockito.soap.SoapServiceRule; + +import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.zmr.IZmrClient; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.zmr.ZmrSoapClient.ZmrRegisterResult; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.ernp.IErnpClient; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.WorkflowException; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.CountrySpecificDetailSearchProcessor; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.GenericEidProcessor; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.ICcSpecificEidProcessingService; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService.RegisterOperationStatus; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService.RegisterStatusResults; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.AlternativeSearchTask; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.clients.ZmrClientTest; +import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.MatchingTaskUtils; +import at.gv.bmi.namespace.zmr_su.base._20040201.RequestType; +import at.gv.bmi.namespace.zmr_su.base._20040201.ResponseType; +import at.gv.bmi.namespace.zmr_su.base._20040201_.ServicePort; +import at.gv.bmi.namespace.zmr_su.zmr._20040201.EidasSuchdatenType; +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; +import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; +import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; +import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; +import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; +import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; +import eu.eidas.auth.commons.attribute.AttributeDefinition; +import eu.eidas.auth.commons.attribute.ImmutableAttributeMap; +import eu.eidas.auth.commons.attribute.PersonType; +import eu.eidas.auth.commons.light.impl.LightRequest; +import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse; +import lombok.SneakyThrows; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration(locations = { + "/SpringTest-context_tasks_test.xml", + "/SpringTest-context_basic_mapConfig.xml", + "/SpringTest-context_ccSearchProcessor_test.xml" +}) +@DirtiesContext(classMode = ClassMode.BEFORE_CLASS) +public class AlternativeSearchTaskWithRegisterTest { + + @Rule + public SoapServiceRule soap = SoapServiceRule.newInstance(); + + @Mock private IErnpClient ernpClient; + + @Autowired private IZmrClient zmrClient; + @Autowired private List handlers; + private RegisterSearchService registerSearchService; + + private ServicePort zmrMock = null; + + private final ICcSpecificEidProcessingService eidPostProcessor = createEidPostProcessor(); + private AlternativeSearchTask task; + + final ExecutionContext executionContext = new ExecutionContextImpl(); + private TestRequestImpl pendingReq; + private static JAXBContext jaxbContext; + + + /** + * Initialize jUnit class. + */ + @BeforeClass + @SneakyThrows + public static void classInitializer() { + jaxbContext = JAXBContext.newInstance( + at.gv.bmi.namespace.zmr_su.zmr._20040201.ObjectFactory.class, + at.gv.bmi.namespace.zmr_su.gis._20070725.ObjectFactory.class, + at.gv.bmi.namespace.zmr_su.base._20040201.ObjectFactory.class); + } + + + /** + * jUnit test set-up. + */ + @Before + public void setUp() throws URISyntaxException, EaafStorageException { + MockitoAnnotations.initMocks(this); + + if (zmrMock == null) { + zmrMock = soap.mock(ServicePort.class, "http://localhost:1234/demozmr"); + + } + + registerSearchService = new RegisterSearchService(handlers, zmrClient, ernpClient); + task = new AlternativeSearchTask(registerSearchService, eidPostProcessor); + + MockHttpServletRequest httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler"); + MockHttpServletResponse httpResp = new MockHttpServletResponse(); + RequestContextHolder.resetRequestAttributes(); + RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); + + pendingReq = new TestRequestImpl(); + + } + + + @Test + @SneakyThrows + public void missingStateInfoFirstEidasData() { + // inject matching intermediate state + RegisterStatusResults matchingState = new RegisterStatusResults(null, + Arrays.asList(RegisterResult.builder() + .bpk("") + .givenName("XXXKlaus - Maria") + .familyName("XXXvon Brandenburg") + .dateOfBirth("1994-12-31") + .pseudonym(Arrays.asList("7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit")) + .build()), + Collections.emptyList()); + MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, matchingState ); + + //inject alternative eIDAS data + pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( + Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE, + buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg", + "DE/AT/7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "1994-12-31")); + + + // execute task + TaskExecutionException exception = assertThrows(TaskExecutionException.class, + () -> task.execute(pendingReq, executionContext)); + + // validate state + assertTrue("Wrong exception", (exception.getOriginalException() instanceof WorkflowException)); + assertEquals("wrong errorparam 1", "step11", ((EaafException) exception.getOriginalException()).getParams()[0]); + assertTrue("Wrong flag 'step11'", + ((WorkflowException) exception.getOriginalException()).isRequiresManualFix()); + assertEquals("wrong errorparam 1", "No initial eIDAS authn data", + ((EaafException) exception.getOriginalException()).getParams()[1]); + + + } + + @Test + @SneakyThrows + public void missingStateInfoIntermediateMatchingState() { + //inject initial eIDAS data + MatchingTaskUtils.storeInitialEidasData(pendingReq, SimpleEidasData.builder() + .personalIdentifier("DE/AT/7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit") + .pseudonym("cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit") + .givenName("XXXKlaus - Maria") + .familyName("XXXvon Brandenburg") + .dateOfBirth("1994-12-31") + .build()); + + //inject alternative eIDAS data + pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( + Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE, + buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg", + "DE/AT/7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "1994-12-31")); + + + // execute task + TaskExecutionException exception = assertThrows(TaskExecutionException.class, + () -> task.execute(pendingReq, executionContext)); + + // validate state + assertTrue("Wrong exception", (exception.getOriginalException() instanceof WorkflowException)); + assertEquals("wrong errorparam 1", "step11", ((EaafException) exception.getOriginalException()).getParams()[0]); + assertTrue("Wrong flag 'step11'", + ((WorkflowException) exception.getOriginalException()).isRequiresManualFix()); + assertEquals("wrong errorparam 1", "No intermediate matching-state", + ((EaafException) exception.getOriginalException()).getParams()[1]); + + } + + @Test + @SneakyThrows + public void countryCodeNotMatch() { + //inject initial eIDAS data + MatchingTaskUtils.storeInitialEidasData(pendingReq, SimpleEidasData.builder() + .personalIdentifier("DE/AT/7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit") + .pseudonym("cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit") + .givenName("XXXKlaus - Maria") + .familyName("XXXvon Brandenburg") + .dateOfBirth("1994-12-31") + .citizenCountryCode("DE") + .build()); + + // inject matching intermediate state + RegisterStatusResults matchingState = new RegisterStatusResults(null, + Arrays.asList(RegisterResult.builder() + .bpk("") + .givenName("XXXKlaus - Maria") + .familyName("XXXvon Brandenburg") + .dateOfBirth("1994-12-31") + .pseudonym(Arrays.asList("7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit")) + .build()), + Collections.emptyList()); + MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, matchingState ); + + //inject alternative eIDAS data + pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( + Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE, + buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg", + "EE/AT/7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "1994-12-31")); + + + // execute task + TaskExecutionException exception = assertThrows(TaskExecutionException.class, + () -> task.execute(pendingReq, executionContext)); + + // validate state + assertTrue("Wrong exception", (exception.getOriginalException() instanceof WorkflowException)); + assertEquals("wrong errorparam 1", "step11", ((EaafException) exception.getOriginalException()).getParams()[0]); + assertTrue("Wrong flag 'step11'", + ((WorkflowException) exception.getOriginalException()).isRequiresManualFix()); + assertEquals("wrong errorparam 1", "Country Code of alternative eIDAS authn not matching", + ((EaafException) exception.getOriginalException()).getParams()[1]); + + } + + @Test + @SneakyThrows + public void mdsNoMatch() { + //inject initial eIDAS data + MatchingTaskUtils.storeInitialEidasData(pendingReq, SimpleEidasData.builder() + .personalIdentifier("DE/AT/7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit") + .pseudonym("cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit") + .givenName("XXXKlaus - Maria") + .familyName("XXXvon Brandenburg") + .dateOfBirth("1994-12-31") + .citizenCountryCode("DE") + .build()); + + // inject matching intermediate state + RegisterStatusResults matchingState = new RegisterStatusResults(null, + Arrays.asList(RegisterResult.builder() + .bpk("") + .givenName("XXXKlaus - Maria") + .familyName("XXXvon Brandenburg") + .dateOfBirth("1994-12-31") + .pseudonym(Arrays.asList("7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit")) + .build()), + Collections.emptyList()); + MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, matchingState ); + + //inject alternative eIDAS data + pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( + Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE, + buildDummyAuthResponse("XXXClaus - Maria", "XXXvon Brandenburg", + "DE/AT/7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "1995-12-31")); + + + // execute task + TaskExecutionException exception = assertThrows(TaskExecutionException.class, + () -> task.execute(pendingReq, executionContext)); + + // validate state + assertTrue("Wrong exception", (exception.getOriginalException() instanceof WorkflowException)); + assertEquals("wrong errorparam 1", "step11", ((EaafException) exception.getOriginalException()).getParams()[0]); + assertTrue("Wrong flag 'step11'", + ((WorkflowException) exception.getOriginalException()).isRequiresManualFix()); + assertEquals("wrong errorparam 1", "MDS of alternative eIDAS authn does not match initial authn", + ((EaafException) exception.getOriginalException()).getParams()[1]); + + } + + @Test + @SneakyThrows + public void seachPersonalIdMoreThanOneResult() { + //inject initial eIDAS data + MatchingTaskUtils.storeInitialEidasData(pendingReq, SimpleEidasData.builder() + .personalIdentifier("DE/AT/7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit") + .pseudonym("cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit") + .givenName("XXXKlaus - Maria") + .familyName("XXXvon Brandenburg") + .dateOfBirth("1994-12-31") + .citizenCountryCode("DE") + .build()); + + // inject matching intermediate state + RegisterStatusResults matchingState = new RegisterStatusResults( + new RegisterOperationStatus(new BigInteger(RandomStringUtils.randomNumeric(5))), + Arrays.asList(RegisterResult.builder() + .bpk("") + .givenName("XXXKlaus - Maria") + .familyName("XXXvon Brandenburg") + .dateOfBirth("1994-12-31") + .pseudonym(Arrays.asList("7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit")) + .build()), + Collections.emptyList()); + MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, matchingState); + + //inject alternative eIDAS data + pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( + Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE, + buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg", + "DE/AT/7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "1994-12-31")); + + // inject response + final ArgumentCaptor zmrReq = ArgumentCaptor.forClass(RequestType.class); + when(zmrMock.service(zmrReq.capture(), any())) + .thenReturn(loadResponseFromFile("/data/zmr/search_with_personalId_only_resp_moreThanOne.xml")) + .thenThrow(new RuntimeException("This request is not needed any more")); + + // execute task + TaskExecutionException exception = assertThrows(TaskExecutionException.class, + () -> task.execute(pendingReq, executionContext)); + + // validate state + assertTrue("Wrong exception", (exception.getOriginalException() instanceof WorkflowException)); + assertEquals("wrong errorparam 1", "searchWithPersonalIdentifier", ((EaafException) exception.getOriginalException()).getParams()[0]); + assertTrue("Wrong flag 'step11'", + ((WorkflowException) exception.getOriginalException()).isRequiresManualFix()); + + // validate request + assertEquals("wrong number of req.", 1, zmrReq.getAllValues().size()); + checkBasicRequestParameters(zmrReq.getValue(), ZmrClientTest.PROCESS_TASK_SEARCH, + matchingState.getOperationStatus().getZmrProcessId(), "jUnit123456"); + assertNotNull("Personensuche req.", zmrReq.getValue().getPersonSuchenRequest()); + checkEidasDocumentResult(zmrReq.getValue().getPersonSuchenRequest().getEidasSuchdaten(), + "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", + "DE", "7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit"); + + } + + @Test + @SneakyThrows + public void seachPersonalIdNoBpkMatchWithIntermediateResults() { + //inject initial eIDAS data + MatchingTaskUtils.storeInitialEidasData(pendingReq, SimpleEidasData.builder() + .personalIdentifier("DE/AT/7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit") + .pseudonym("cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit") + .givenName("XXXKlaus - Maria") + .familyName("XXXvon Brandenburg") + .dateOfBirth("1994-12-31") + .citizenCountryCode("DE") + .build()); + + // inject matching intermediate state + RegisterStatusResults matchingState = new RegisterStatusResults(null, + Arrays.asList(RegisterResult.builder() + .bpk("notExists") + .givenName("XXXKlaus - Maria") + .familyName("XXXvon Brandenburg") + .dateOfBirth("1994-12-31") + .pseudonym(Arrays.asList("7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit")) + .build()), + Collections.emptyList()); + MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, matchingState ); + + //inject alternative eIDAS data + pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( + Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE, + buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg", + "DE/AT/7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "1994-12-31")); + + // inject response + final ArgumentCaptor zmrReq = ArgumentCaptor.forClass(RequestType.class); + when(zmrMock.service(zmrReq.capture(), any())) + .thenReturn(loadResponseFromFile("/data/zmr/seq_1-8_search_with_personalId_only_resp.xml")) + .thenThrow(new RuntimeException("This request is not needed any more")); + + // execute task + TaskExecutionException exception = assertThrows(TaskExecutionException.class, + () -> task.execute(pendingReq, executionContext)); + + // validate state + assertTrue("Wrong exception", (exception.getOriginalException() instanceof WorkflowException)); + assertEquals("wrong errorparam 1", "step7bKittProcess", ((EaafException) exception.getOriginalException()).getParams()[0]); + assertFalse("Wrong flag 'step11'", + ((WorkflowException) exception.getOriginalException()).isRequiresManualFix()); + assertEquals("wrong errorparam 1", "Register result from alternativ authentication does not fit into intermediate state", + ((EaafException) exception.getOriginalException()).getParams()[1]); + + // validate request + assertEquals("wrong number of req.", 1, zmrReq.getAllValues().size()); + assertNotNull("Personensuche req.", zmrReq.getValue().getPersonSuchenRequest()); + checkEidasDocumentResult(zmrReq.getValue().getPersonSuchenRequest().getEidasSuchdaten(), + "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", + "DE", "7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit"); + + } + + @Test + @SneakyThrows + public void seachPersonalIdSuccess() { + //inject initial eIDAS data + MatchingTaskUtils.storeInitialEidasData(pendingReq, SimpleEidasData.builder() + .personalIdentifier("DE/AT/7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit") + .pseudonym("cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit") + .givenName("XXXKlaus - Maria") + .familyName("XXXvon Brandenburg") + .dateOfBirth("1994-12-31") + .citizenCountryCode("DE") + .build()); + + // inject matching intermediate state + RegisterStatusResults matchingState = new RegisterStatusResults( + new RegisterOperationStatus(new BigInteger(RandomStringUtils.randomNumeric(5))), + Arrays.asList(RegisterResult.builder() + .bpk("UgeknNsc26lVuB7U/uYGVmWtnnA=") + .givenName("XXXKlaus - Maria") + .familyName("XXXvon Brandenburg") + .dateOfBirth("1994-12-31") + .pseudonym(Arrays.asList("7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit")) + .build()), + Collections.emptyList()); + MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, matchingState ); + + //inject alternative eIDAS data + pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( + Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE, + buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg", + "DE/AT/7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "1994-12-31")); + + // inject response + final ArgumentCaptor zmrReq = ArgumentCaptor.forClass(RequestType.class); + when(zmrMock.service(zmrReq.capture(), any())) + .thenReturn(loadResponseFromFile("/data/zmr/seq_1-8_search_with_personalId_only_resp.xml")) + .thenReturn(loadResponseFromFile("/data/zmr/seq_3-4_kitt_get_latest_version_resp.xml")) + .thenReturn(loadResponseFromFile("/data/zmr/seq_3-6_kitt_update_resp.xml")) + .thenReturn(loadResponseFromFile("/data/zmr/seq_3-8_kitt_get_latest_version_resp.xml")) + .thenThrow(new RuntimeException("This request is not needed any more")); + + // execute task + task.execute(pendingReq, executionContext); + + // validate state + //INFO: has to be the old givenName because ZMR allows no update of MDS information + checkMatchingSuccessState(pendingReq, "UgeknNsc26lVuB7U/uYGVmWtnnA=", "XXXvon Brandenburg", + "XXXClaus - Maria", "1994-12-31", "DE"); + assertNull("wrong executionContextFlag 'alternative eIDAS result'", + executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK)); + + + // validate request + assertEquals("wrong number of req.", 4, zmrReq.getAllValues().size()); + assertNotNull("Personensuche req.", zmrReq.getAllValues().get(0).getPersonSuchenRequest()); + checkBasicRequestParameters(zmrReq.getAllValues().get(0), ZmrClientTest.PROCESS_TASK_SEARCH, + matchingState.getOperationStatus().getZmrProcessId(), "jUnit123456"); + checkEidasDocumentResult(zmrReq.getAllValues().get(0).getPersonSuchenRequest().getEidasSuchdaten(), + "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", + "DE", "7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit"); + + + assertNotNull("Personensuche KITT req.", zmrReq.getAllValues().get(1).getPersonSuchenRequest()); + checkBasicRequestParameters(zmrReq.getAllValues().get(1), ZmrClientTest.PROCESS_TASK_SEARCH, + new BigInteger("367100000000079"), "jUnit123456"); + + assertNotNull("PersonAender KITT req.", zmrReq.getAllValues().get(2).getPersonAendernRequest()); + checkBasicRequestParameters(zmrReq.getAllValues().get(2), ZmrClientTest.PROCESS_TASK_UPDATE, + new BigInteger("367100000000079"), "jUnit123456"); + + assertNotNull("Personensuche KITT req.", zmrReq.getAllValues().get(3).getPersonSuchenRequest()); + checkBasicRequestParameters(zmrReq.getAllValues().get(3), ZmrClientTest.PROCESS_TASK_SEARCH, + new BigInteger("367100000000079"), "jUnit123456"); + + } + + @Test + @SneakyThrows + public void seachCcSpecificSuccess() { + //inject initial eIDAS data + MatchingTaskUtils.storeInitialEidasData(pendingReq, SimpleEidasData.builder() + .personalIdentifier("DE/AT/7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit") + .pseudonym("cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit") + .givenName("XXXKlaus - Maria") + .familyName("XXXvon Brandenburg") + .dateOfBirth("1994-12-31") + .citizenCountryCode("DE") + .build()); + + // inject matching intermediate state + RegisterStatusResults matchingState = new RegisterStatusResults( + new RegisterOperationStatus(new BigInteger(RandomStringUtils.randomNumeric(5))), + Arrays.asList(RegisterResult.builder() + .bpk("UgeknNsc26lVuB7U/uYGVmWtnnA=") + .givenName("XXXKlaus - Maria") + .familyName("XXXvon Brandenburg") + .dateOfBirth("1994-12-31") + .pseudonym(Arrays.asList("7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit")) + .build()), + Collections.emptyList()); + MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, matchingState ); + + //inject alternative eIDAS data + pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( + Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE, + buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg", + "DE/AT/7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "1994-12-31", + null, "Hintergigritzpotschn", "XXXvon Heuburg")); + + // inject response + final ArgumentCaptor zmrReq = ArgumentCaptor.forClass(RequestType.class); + when(zmrMock.service(zmrReq.capture(), any())) + .thenReturn(loadResponseFromFile("/data/zmr/empty_zmr_result.xml")) + .thenReturn(loadResponseFromFile("/data/zmr/seq_1-8_search_with_personalId_only_resp.xml")) + .thenReturn(loadResponseFromFile("/data/zmr/seq_3-4_kitt_get_latest_version_resp.xml")) + .thenReturn(loadResponseFromFile("/data/zmr/seq_3-6_kitt_update_resp.xml")) + .thenReturn(loadResponseFromFile("/data/zmr/seq_3-8_kitt_get_latest_version_resp.xml")) + .thenReturn(loadResponseFromFile("/data/zmr/seq_3-10_kitt_update_resp.xml")) + .thenThrow(new RuntimeException("This request is not needed any more")); + + // execute task + task.execute(pendingReq, executionContext); + + // validate state + //INFO: has to be the old givenName because ZMR allows no update of MDS information + checkMatchingSuccessState(pendingReq, "UgeknNsc26lVuB7U/uYGVmWtnnA=", "XXXvon Brandenburg", + "XXXClaus - Maria", "1994-12-31", "DE"); + assertNull("wrong executionContextFlag 'alternative eIDAS result'", + executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK)); + + + // validate request + assertEquals("wrong number of req.", 6, zmrReq.getAllValues().size()); + assertNotNull("Personensuche req.", zmrReq.getAllValues().get(0).getPersonSuchenRequest()); + checkBasicRequestParameters(zmrReq.getAllValues().get(0), ZmrClientTest.PROCESS_TASK_SEARCH, + matchingState.getOperationStatus().getZmrProcessId(), "jUnit123456"); + checkEidasDocumentResult(zmrReq.getAllValues().get(0).getPersonSuchenRequest().getEidasSuchdaten(), + "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", + "DE", "7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit"); + + assertNotNull("Personensuche CC-specific req.", zmrReq.getAllValues().get(0).getPersonSuchenRequest()); + checkBasicRequestParameters(zmrReq.getAllValues().get(1), ZmrClientTest.PROCESS_TASK_SEARCH, + new BigInteger("367100000000079"), "jUnit123456"); + checkEidasDocumentResult(zmrReq.getAllValues().get(1).getPersonSuchenRequest().getEidasSuchdaten(), + "http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth", + "DE", "Hintergigritzpotschn"); + checkEidasDocumentResult(zmrReq.getAllValues().get(1).getPersonSuchenRequest().getEidasSuchdaten(), + "http://eidas.europa.eu/attributes/naturalperson/BirthName", + "DE", "XXXvon Heuburg"); + + + assertNotNull("Personensuche KITT req.", zmrReq.getAllValues().get(2).getPersonSuchenRequest()); + checkBasicRequestParameters(zmrReq.getAllValues().get(2), ZmrClientTest.PROCESS_TASK_SEARCH, + new BigInteger("367100000000079"), "jUnit123456"); + + assertNotNull("PersonAender KITT req.", zmrReq.getAllValues().get(3).getPersonAendernRequest()); + checkBasicRequestParameters(zmrReq.getAllValues().get(3), ZmrClientTest.PROCESS_TASK_UPDATE, + new BigInteger("367100000000079"), "jUnit123456"); + + assertNotNull("Personensuche KITT req.", zmrReq.getAllValues().get(4).getPersonSuchenRequest()); + checkBasicRequestParameters(zmrReq.getAllValues().get(4), ZmrClientTest.PROCESS_TASK_SEARCH, + new BigInteger("367100000000079"), "jUnit123456"); + + assertNotNull("PersonAender KITT req.", zmrReq.getAllValues().get(5).getPersonAendernRequest()); + checkBasicRequestParameters(zmrReq.getAllValues().get(5), ZmrClientTest.PROCESS_TASK_UPDATE, + new BigInteger("367100000000079"), "jUnit123456"); + } + + @Test + @SneakyThrows + public void seachCcSpecificNotPossible() { + //inject initial eIDAS data + MatchingTaskUtils.storeInitialEidasData(pendingReq, SimpleEidasData.builder() + .personalIdentifier("DE/AT/7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit") + .pseudonym("cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit") + .givenName("XXXKlaus - Maria") + .familyName("XXXvon Brandenburg") + .dateOfBirth("1994-12-31") + .citizenCountryCode("EE") + .build()); + + // inject matching intermediate state + RegisterStatusResults matchingState = new RegisterStatusResults( + new RegisterOperationStatus(new BigInteger(RandomStringUtils.randomNumeric(5))), + Arrays.asList(RegisterResult.builder() + .bpk("UgeknNsc26lVuB7U/uYGVmWtnnA=") + .givenName("XXXKlaus - Maria") + .familyName("XXXvon Brandenburg") + .dateOfBirth("1994-12-31") + .pseudonym(Arrays.asList("7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit")) + .build()), + Collections.emptyList()); + MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, matchingState ); + + //inject alternative eIDAS data + pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( + Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE, + buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg", + "EE/AT/7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "1994-12-31", + null, "Hintergigritzpotschn", "XXXvon Heuburg")); + + // inject response + final ArgumentCaptor zmrReq = ArgumentCaptor.forClass(RequestType.class); + when(zmrMock.service(zmrReq.capture(), any())) + .thenReturn(loadResponseFromFile("/data/zmr/empty_zmr_result.xml")) + .thenThrow(new RuntimeException("This request is not needed any more")); + + // execute task + task.execute(pendingReq, executionContext); + + // validate state + assertNotNull("find no eIDAS inbut data", MatchingTaskUtils.getInitialEidasData(pendingReq)); + assertNull("final matching result", MatchingTaskUtils.getFinalMatchingResult(pendingReq)); + assertEquals("wrong executionContextFlag 'alternative eIDAS result'", true, + executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK)); + + + // validate request + assertEquals("wrong number of req.", 1, zmrReq.getAllValues().size()); + assertNotNull("Personensuche req.", zmrReq.getAllValues().get(0).getPersonSuchenRequest()); + checkBasicRequestParameters(zmrReq.getAllValues().get(0), ZmrClientTest.PROCESS_TASK_SEARCH, + matchingState.getOperationStatus().getZmrProcessId(), "jUnit123456"); + checkEidasDocumentResult(zmrReq.getAllValues().get(0).getPersonSuchenRequest().getEidasSuchdaten(), + "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", + "EE", "7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit"); + + } + + @Test + @SneakyThrows + public void seachCcSpecificMoreThanOneResult() { + //inject initial eIDAS data + MatchingTaskUtils.storeInitialEidasData(pendingReq, SimpleEidasData.builder() + .personalIdentifier("DE/AT/7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit") + .pseudonym("cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit") + .givenName("XXXKlaus - Maria") + .familyName("XXXvon Brandenburg") + .dateOfBirth("1994-12-31") + .citizenCountryCode("DE") + .build()); + + // inject matching intermediate state + RegisterStatusResults matchingState = new RegisterStatusResults( + new RegisterOperationStatus(new BigInteger(RandomStringUtils.randomNumeric(5))), + Arrays.asList(RegisterResult.builder() + .bpk("UgeknNsc26lVuB7U/uYGVmWtnnA=") + .givenName("XXXKlaus - Maria") + .familyName("XXXvon Brandenburg") + .dateOfBirth("1994-12-31") + .pseudonym(Arrays.asList("7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit")) + .build()), + Collections.emptyList()); + MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, matchingState ); + + //inject alternative eIDAS data + pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( + Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE, + buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg", + "DE/AT/7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "1994-12-31", + null, "Hintergigritzpotschn", "XXXvon Heuburg")); + + // inject response + final ArgumentCaptor zmrReq = ArgumentCaptor.forClass(RequestType.class); + when(zmrMock.service(zmrReq.capture(), any())) + .thenReturn(loadResponseFromFile("/data/zmr/empty_zmr_result.xml")) + .thenReturn(loadResponseFromFile("/data/zmr/search_with_personalId_only_resp_moreThanOne.xml")) + .thenThrow(new RuntimeException("This request is not needed any more")); + + // execute task + TaskExecutionException exception = assertThrows(TaskExecutionException.class, + () -> task.execute(pendingReq, executionContext)); + + // validate state + assertTrue("Wrong exception", (exception.getOriginalException() instanceof WorkflowException)); + assertEquals("wrong errorparam 1", "searchWithCountrySpecifics", ((EaafException) exception.getOriginalException()).getParams()[0]); + assertTrue("Wrong flag 'step11'", + ((WorkflowException) exception.getOriginalException()).isRequiresManualFix()); + + + // validate request + assertEquals("wrong number of req.", 2, zmrReq.getAllValues().size()); + assertNotNull("Personensuche req.", zmrReq.getAllValues().get(0).getPersonSuchenRequest()); + checkBasicRequestParameters(zmrReq.getAllValues().get(0), ZmrClientTest.PROCESS_TASK_SEARCH, + matchingState.getOperationStatus().getZmrProcessId(), "jUnit123456"); + checkEidasDocumentResult(zmrReq.getAllValues().get(0).getPersonSuchenRequest().getEidasSuchdaten(), + "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", + "DE", "7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit"); + + assertNotNull("Personensuche CC-specific req.", zmrReq.getAllValues().get(0).getPersonSuchenRequest()); + checkBasicRequestParameters(zmrReq.getAllValues().get(1), ZmrClientTest.PROCESS_TASK_SEARCH, + new BigInteger("367100000000079"), "jUnit123456"); + checkEidasDocumentResult(zmrReq.getAllValues().get(1).getPersonSuchenRequest().getEidasSuchdaten(), + "http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth", + "DE", "Hintergigritzpotschn"); + checkEidasDocumentResult(zmrReq.getAllValues().get(1).getPersonSuchenRequest().getEidasSuchdaten(), + "http://eidas.europa.eu/attributes/naturalperson/BirthName", + "DE", "XXXvon Heuburg"); + + } + + @Test + @SneakyThrows + public void seachCcSpecificEmptyResult() { + //inject initial eIDAS data + MatchingTaskUtils.storeInitialEidasData(pendingReq, SimpleEidasData.builder() + .personalIdentifier("DE/AT/7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit") + .pseudonym("cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit") + .givenName("XXXKlaus - Maria") + .familyName("XXXvon Brandenburg") + .dateOfBirth("1994-12-31") + .citizenCountryCode("DE") + .build()); + + // inject matching intermediate state + RegisterStatusResults matchingState = new RegisterStatusResults( + new RegisterOperationStatus(new BigInteger(RandomStringUtils.randomNumeric(5))), + Arrays.asList(RegisterResult.builder() + .bpk("UgeknNsc26lVuB7U/uYGVmWtnnA=") + .givenName("XXXKlaus - Maria") + .familyName("XXXvon Brandenburg") + .dateOfBirth("1994-12-31") + .pseudonym(Arrays.asList("7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit")) + .build()), + Collections.emptyList()); + MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, matchingState ); + + //inject alternative eIDAS data + pendingReq.getSessionData(AuthProcessDataWrapper.class).setGenericDataToSession( + Constants.DATA_FULL_EIDAS_RESPONSE_ALTERNATIVE, + buildDummyAuthResponse("XXXKlaus - Maria", "XXXvon Brandenburg", + "DE/AT/7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit", "1994-12-31", + null, "Hintergigritzpotschn", "XXXvon Heuburg")); + + // inject response + final ArgumentCaptor zmrReq = ArgumentCaptor.forClass(RequestType.class); + when(zmrMock.service(zmrReq.capture(), any())) + .thenReturn(loadResponseFromFile("/data/zmr/empty_zmr_result.xml")) + .thenReturn(loadResponseFromFile("/data/zmr/empty_zmr_result.xml")) + .thenThrow(new RuntimeException("This request is not needed any more")); + + // execute task + task.execute(pendingReq, executionContext); + + // validate state + assertNotNull("find no eIDAS inbut data", MatchingTaskUtils.getInitialEidasData(pendingReq)); + assertNull("final matching result", MatchingTaskUtils.getFinalMatchingResult(pendingReq)); + assertEquals("wrong executionContextFlag 'alternative eIDAS result'", true, + executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK)); + + + // validate request + assertEquals("wrong number of req.", 2, zmrReq.getAllValues().size()); + assertNotNull("Personensuche req.", zmrReq.getAllValues().get(0).getPersonSuchenRequest()); + checkBasicRequestParameters(zmrReq.getAllValues().get(0), ZmrClientTest.PROCESS_TASK_SEARCH, + matchingState.getOperationStatus().getZmrProcessId(), "jUnit123456"); + checkEidasDocumentResult(zmrReq.getAllValues().get(0).getPersonSuchenRequest().getEidasSuchdaten(), + "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", + "DE", "7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit"); + + assertNotNull("Personensuche CC-specific req.", zmrReq.getAllValues().get(0).getPersonSuchenRequest()); + checkBasicRequestParameters(zmrReq.getAllValues().get(1), ZmrClientTest.PROCESS_TASK_SEARCH, + new BigInteger("367100000000079"), "jUnit123456"); + checkEidasDocumentResult(zmrReq.getAllValues().get(1).getPersonSuchenRequest().getEidasSuchdaten(), + "http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth", + "DE", "Hintergigritzpotschn"); + checkEidasDocumentResult(zmrReq.getAllValues().get(1).getPersonSuchenRequest().getEidasSuchdaten(), + "http://eidas.europa.eu/attributes/naturalperson/BirthName", + "DE", "XXXvon Heuburg"); + + } + + @NotNull + private ICcSpecificEidProcessingService createEidPostProcessor() { + return new ICcSpecificEidProcessingService() { + + private final GenericEidProcessor genericEidProcessor = new GenericEidProcessor(); + + @Override + public SimpleEidasData postProcess(Map eidasAttrMap) throws EidPostProcessingException, EidasAttributeException { + return genericEidProcessor.postProcess(eidasAttrMap); + } + + @Override + public void preProcess(String selectedCC, IRequest pendingReq, LightRequest.Builder authnRequestBuilder) { + genericEidProcessor.preProcess(pendingReq, authnRequestBuilder); + } + }; + } + + @NotNull + private ZmrRegisterResult zmrRegisterResult(RegisterResult registerResult, BigInteger processId) { + return new ZmrRegisterResult(Collections.singletonList(registerResult), processId); + } + + @NotNull + private ZmrRegisterResult zmrRegisterResult(RegisterResult registerResult) { + return zmrRegisterResult(registerResult, generateRandomProcessId()); + } + + + private BigInteger generateRandomProcessId() { + return new BigInteger(RandomStringUtils.randomNumeric(10)); + + } + + private void checkMatchingSuccessState(IRequest pendingReq, String bpk, String familyName, String givenName, + String birhday, String countryCode) { + assertNull("Find intermediate matching data but matching should be finished", + MatchingTaskUtils.getIntermediateMatchingResult(pendingReq)); + assertNotNull("find no eIDAS inbut data", MatchingTaskUtils.getInitialEidasData(pendingReq)); + + MatchedPersonResult personInfo = MatchingTaskUtils.getFinalMatchingResult(pendingReq); + assertNotNull("no final matching result", personInfo); + assertEquals("wrong bpk", bpk, personInfo.getBpk()); + assertEquals("wrong givenName", givenName, personInfo.getGivenName()); + assertEquals("wrong familyName", familyName, personInfo.getFamilyName()); + assertEquals("wrong dateOfBirth", birhday, personInfo.getDateOfBirth()); + assertEquals("wrong countryCode", countryCode, personInfo.getCountryCode()); + + } + + private void checkIntermediateResult(int resultSize) { + Boolean transitionGUI = (Boolean) executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK); + Assert.assertTrue("Wrong transition", transitionGUI); + Boolean transitionErnb = (Boolean) executionContext.get(Constants.TRANSITION_TO_CREATE_NEW_ERNP_ENTRY_TASK); + Assert.assertNull("Wrong transition", transitionErnb); + + assertNotNull("find no eIDAS inbut data", MatchingTaskUtils.getInitialEidasData(pendingReq)); + assertNull("Find final matching data but no match sould be found", + MatchingTaskUtils.getFinalMatchingResult(pendingReq)); + + RegisterStatusResults result = MatchingTaskUtils.getIntermediateMatchingResult(pendingReq); + assertNotNull("Find no intermediate matching data", result); + assertEquals("wrong intermediate result size", resultSize, result.getResultCount()); + + } + + @NotNull + private AuthenticationResponse buildDummyAuthResponse(String givenName, String familyName, String identifier, + String dateOfBirth) throws URISyntaxException { + return buildDummyAuthResponse(givenName, familyName, identifier, dateOfBirth, null, null, null); + } + + @NotNull + private AuthenticationResponse buildDummyAuthResponseDE(String givenName, String familyName, String identifier, + String dateOfBirth, String placeOfBirth, + String birthName) throws URISyntaxException { + return buildDummyAuthResponse(givenName, familyName, identifier, dateOfBirth, null, placeOfBirth, birthName); + } + + @NotNull + private AuthenticationResponse buildDummyAuthResponse(String givenName, String familyName, String identifier, + String dateOfBirth, String taxNumber, String placeOfBirth, + String birthName) throws URISyntaxException { + ImmutableAttributeMap.Builder builder = ImmutableAttributeMap.builder() + .put(generateStringAttribute(Constants.eIDAS_ATTR_PERSONALIDENTIFIER, + randomAlphabetic(2), randomAlphabetic(2)), identifier) + .put(generateStringAttribute(Constants.eIDAS_ATTR_CURRENTFAMILYNAME, + randomAlphabetic(3), randomAlphabetic(3)), familyName) + .put(generateStringAttribute(Constants.eIDAS_ATTR_CURRENTGIVENNAME, + randomAlphabetic(4), randomAlphabetic(4)), givenName) + .put(generateDateTimeAttribute(Constants.eIDAS_ATTR_DATEOFBIRTH, + randomAlphabetic(5), randomAlphabetic(5)), dateOfBirth); + if (taxNumber != null) { + builder.put(generateStringAttribute(Constants.eIDAS_ATTR_TAXREFERENCE, + randomAlphabetic(6), randomAlphabetic(6)), taxNumber); + } + if (birthName != null) { + builder.put(generateStringAttribute(Constants.eIDAS_ATTR_BIRTHNAME, + randomAlphabetic(7), randomAlphabetic(7)), birthName); + } + if (placeOfBirth != null) { + builder.put(generateStringAttribute(Constants.eIDAS_ATTR_PLACEOFBIRTH, + randomAlphabetic(8), randomAlphabetic(8)), placeOfBirth); + } + final ImmutableAttributeMap attributeMap = builder.build(); + + return new AuthenticationResponse.Builder().id(randomAlphabetic(5)) + .issuer(randomAlphabetic(5)).subject(randomAlphabetic(5)).statusCode("200") + .inResponseTo(randomAlphabetic(5)).subjectNameIdFormat(randomAlphabetic(5)) + .attributes(attributeMap).build(); + } + + private AttributeDefinition generateStringAttribute(String friendlyName, String fragment, String prefix) + throws URISyntaxException { + return generateAttribute(friendlyName, fragment, prefix, "eu.eidas.auth.commons.attribute.impl" + + ".LiteralStringAttributeValueMarshaller"); + } + + @SuppressWarnings("SameParameterValue") + private AttributeDefinition generateDateTimeAttribute(String friendlyName, String fragment, String prefix) + throws URISyntaxException { + return generateAttribute(friendlyName, fragment, prefix, "eu.eidas.auth.commons.attribute.impl" + + ".DateTimeAttributeValueMarshaller"); + } + + private AttributeDefinition generateAttribute(String friendlyName, String fragment, String prefix, + String marshaller) throws URISyntaxException { + return AttributeDefinition.builder() + .friendlyName(friendlyName).nameUri(new URI("ad", "sd", fragment)) + .personType(PersonType.LEGAL_PERSON).xmlType(new QName("http://saf", "as", prefix)) + .attributeValueMarshaller(marshaller).build(); + } + + private ResponseType loadResponseFromFile(String filepath) throws JAXBException { + final Unmarshaller unmarshaller = jaxbContext.createUnmarshaller(); + JAXBElement resp = (JAXBElement) unmarshaller.unmarshal(ZmrClientTest.class.getResourceAsStream( + filepath)); + return (ResponseType) resp.getValue(); + + } + + private void checkBasicRequestParameters(RequestType requestType, String vorgangName, BigInteger processId, + String behoerdennummer) { + assertNotNull("no workflow infos", requestType.getWorkflowInfoClient()); + assertEquals("processName", ZmrClientTest.PROCESS_GENERAL, requestType.getWorkflowInfoClient().getProzessName()); + assertEquals("vorgangsName", vorgangName, requestType.getWorkflowInfoClient().getVorgangName()); + + if (processId != null) { + assertEquals("processId", processId, requestType.getWorkflowInfoClient().getProzessInstanzID()); + } else { + assertNull("processId", requestType.getWorkflowInfoClient().getProzessInstanzID()); + } + + assertNotNull("no client infos", requestType.getClientInfo()); + assertEquals("behoerdennummer", behoerdennummer, requestType.getClientInfo().getOrganisation() + .getBehoerdenNr()); + } + + private void checkEidasDocumentResult(List list, String type, String cc, String value) { + Optional eidasDoc = list.stream() + .filter(el -> type.equals(el.getEidasArt())) + .findFirst(); + + assertTrue("eidas doc: " + type, eidasDoc.isPresent()); + assertEquals("eIDAS docType", type, eidasDoc.get().getEidasArt()); + assertEquals("eIDAS docValue", value, eidasDoc.get().getEidasWert()); + assertEquals("eIDAS docCC", cc, eidasDoc.get().getStaatscode2()); + + } + + + +} diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_3-10_kitt_update_resp.xml b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_3-10_kitt_update_resp.xml new file mode 100644 index 00000000..2be8a419 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_3-10_kitt_update_resp.xml @@ -0,0 +1,123 @@ + + + + GP_EIDAS + 366200000000082 + 0 + + + ZMR-Server Version: 5.9.0.0-SNAPSHOT + 2021-11-12T08:24:39.695 + 1877200000000131 + + + + 4 + Personenänderung erfolgreich durchgeführt. + + + + 2021-11-12T08:24:39.695 + + + + 44453600000000697 + 2020-02-05T13:07:06.311 + + 2021-11-12T08:24:39.695 + PERS_AENDERN + Person ändern + KITT for eIDAS Matching + + + 109091 + + melch@bmi.gv.at + + + 000430320173 + + + UgeknNsc26lVuB7U/uYGVmWtnnA= + urn:publicid:gv.at:cdid+ZP + + + XXXClaus - Maria + XXXvon Brandenburg + + unbekannt + männlich + 1994-12-31 + Wien + Wien + Österreich + + AUT + Österreich + + + 44453600000000727 + 2020-02-05T13:07:06.311 + + 2020-02-05T13:07:06.311 + STAATSANGEH_ANLEGEN + Staatsangehörigkeit anlegen + Testerperson + + + 109091 + + melch@bmi.gv.at + + + + + + + + 1879000000000005 + 2021-11-12T08:24:39.695 + + 2021-11-12T08:24:39.695 + EIDAS_ANLEGEN + KITT for eIDAS Matching + + + 101179 + + eidtapp@bmi.gv.at + + + http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier + DE + + 7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit + 9999-12-31 + 9999-12-31 + + + + + 1879000000000005 + 2021-11-12T08:24:39.695 + + 2021-11-12T08:24:39.695 + EIDAS_ANLEGEN + KITT for eIDAS Matching + + + 101179 + + eidtapp@bmi.gv.at + + + http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier + DE + + 7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit + 9999-12-31 + 9999-12-31 + + + + diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_3-4_kitt_get_latest_version_resp.xml b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_3-4_kitt_get_latest_version_resp.xml new file mode 100644 index 00000000..01dac890 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_3-4_kitt_get_latest_version_resp.xml @@ -0,0 +1,208 @@ + + + + GP_EIDAS + 366200000000081 + 0 + + + ZMR-Server Version: 5.9.0.0-SNAPSHOT + 2021-11-12T08:24:39.330 + 1877300000000133 + + + + + KITT get-latest-version + + true + false + + + false + + 10 + + + + UgeknNsc26lVuB7U/uYGVmWtnnA= + urn:publicid:gv.at:cdid+ZP + + + XXXClaus - Maria + XXXvon Brandenburg + + 1994-12-31 + + + + 5020 + Person gefunden. + + + 1 + 0 + 0 + 1 + + + + + 2020-02-05T13:07:06.311 + + + + 44453600000000697 + 2020-02-05T13:07:06.311 + + 2020-02-05T13:07:06.311 + SONSTIGES + Sonstiges + Testerperson + + + 109091 + + + + 000430320173 + + + UgeknNsc26lVuB7U/uYGVmWtnnA= + urn:publicid:gv.at:cdid+ZP + + + XXXClaus - Maria + XXXvon Brandenburg + + unbekannt + männlich + 1994-12-31 + Wien7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit + Wien + Österreich + + AUT + Österreich + + + 44453600000000727 + 2020-02-05T13:07:06.311 + + 2020-02-05T13:07:06.311 + STAATSANGEH_ANLEGEN + Staatsangehörigkeit anlegen + Testerperson + + + 109091 + + + + + + + + + 1879000000000005 + 2021-11-12T08:24:39.695 + + 2021-11-12T08:24:39.695 + EIDAS_ANLEGEN + KITT for eIDAS Matching + + + 101179 + + eidtapp@bmi.gv.at + + + http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier + DE + + 7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit + 9999-12-31 + 9999-12-31 + + + + + + + 2020-02-05T13:07:06.311 + + + + 44453500000005242 + 2020-02-05T13:07:06.311 + + 2020-02-05T13:07:06.311 + WSANM + Wohnsitz anmelden + + + 109091 + + + + + + 0088 + Testgemeinde + 09988 + Testort A + + Testgasse + 1a-2b + Stg. 3c-4d + 5 + H + false + 0001 + + T800001 + 001 + T800001 + + + + HST111WWW + + T8001 + T80001 + T80000000001 + T80000000002 + + H + Testpostort + + 2020-02-05T13:07:06.311 + WSANM + Wohnsitz anmelden + + + + 44453500000005262 + 2020-02-05T13:07:06.311 + + 2020-02-05T13:07:06.311 + AUSK_SPERRE_SETZ + Auskunftssperre setzen + + + 109091 + + + + 2020-02-05T13:07:06.311 + 9999-12-31T23:59:59.000 + ASMG + Auskunftssperre nach § 18 / 2ff MeldeG + automatische Auskunftssperre + + + + + + + diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_3-6_kitt_update_resp.xml b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_3-6_kitt_update_resp.xml new file mode 100644 index 00000000..2be8a419 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_3-6_kitt_update_resp.xml @@ -0,0 +1,123 @@ + + + + GP_EIDAS + 366200000000082 + 0 + + + ZMR-Server Version: 5.9.0.0-SNAPSHOT + 2021-11-12T08:24:39.695 + 1877200000000131 + + + + 4 + Personenänderung erfolgreich durchgeführt. + + + + 2021-11-12T08:24:39.695 + + + + 44453600000000697 + 2020-02-05T13:07:06.311 + + 2021-11-12T08:24:39.695 + PERS_AENDERN + Person ändern + KITT for eIDAS Matching + + + 109091 + + melch@bmi.gv.at + + + 000430320173 + + + UgeknNsc26lVuB7U/uYGVmWtnnA= + urn:publicid:gv.at:cdid+ZP + + + XXXClaus - Maria + XXXvon Brandenburg + + unbekannt + männlich + 1994-12-31 + Wien + Wien + Österreich + + AUT + Österreich + + + 44453600000000727 + 2020-02-05T13:07:06.311 + + 2020-02-05T13:07:06.311 + STAATSANGEH_ANLEGEN + Staatsangehörigkeit anlegen + Testerperson + + + 109091 + + melch@bmi.gv.at + + + + + + + + 1879000000000005 + 2021-11-12T08:24:39.695 + + 2021-11-12T08:24:39.695 + EIDAS_ANLEGEN + KITT for eIDAS Matching + + + 101179 + + eidtapp@bmi.gv.at + + + http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier + DE + + 7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit + 9999-12-31 + 9999-12-31 + + + + + 1879000000000005 + 2021-11-12T08:24:39.695 + + 2021-11-12T08:24:39.695 + EIDAS_ANLEGEN + KITT for eIDAS Matching + + + 101179 + + eidtapp@bmi.gv.at + + + http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier + DE + + 7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit + 9999-12-31 + 9999-12-31 + + + + diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_3-8_kitt_get_latest_version_resp.xml b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_3-8_kitt_get_latest_version_resp.xml new file mode 100644 index 00000000..447d2b55 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/zmr/seq_3-8_kitt_get_latest_version_resp.xml @@ -0,0 +1,231 @@ + + + + GP_EIDAS + 366200000000081 + 0 + + + ZMR-Server Version: 5.9.0.0-SNAPSHOT + 2021-11-12T08:24:39.330 + 1877300000000133 + + + + + KITT get-latest-version + + true + false + + + false + + 10 + + + + UgeknNsc26lVuB7U/uYGVmWtnnA= + urn:publicid:gv.at:cdid+ZP + + + XXXClaus - Maria + XXXvon Brandenburg + + 1994-12-31 + + + + 5020 + Person gefunden. + + + 1 + 0 + 0 + 1 + + + + + 2020-02-05T13:07:06.311 + + + + 44453600000000697 + 2020-02-05T13:07:06.311 + + 2020-02-05T13:07:06.311 + SONSTIGES + Sonstiges + Testerperson + + + 109091 + + + + 000430320173 + + + UgeknNsc26lVuB7U/uYGVmWtnnA= + urn:publicid:gv.at:cdid+ZP + + + XXXClaus - Maria + XXXvon Brandenburg + + unbekannt + männlich + 1994-12-31 + Wien7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit + Wien + Österreich + + AUT + Österreich + + + 44453600000000727 + 2020-02-05T13:07:06.311 + + 2020-02-05T13:07:06.311 + STAATSANGEH_ANLEGEN + Staatsangehörigkeit anlegen + Testerperson + + + 109091 + + + + + + + + + 1879000000000005 + 2021-11-12T08:24:39.695 + + 2021-11-12T08:24:39.695 + EIDAS_ANLEGEN + KITT for eIDAS Matching + + + 101179 + + eidtapp@bmi.gv.at + + + http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier + DE + + 7cEYWithDEElementsasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit + 9999-12-31 + 9999-12-31 + + + + + 1879000000000005 + 2021-11-12T08:24:39.695 + + 2021-11-12T08:24:39.695 + EIDAS_ANLEGEN + KITT for eIDAS Matching + + + 101179 + + eidtapp@bmi.gv.at + + + http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier + DE + + 7cEYasdfsafsaf4CDVzNT4E7cjkU4VqForjUnit + 9999-12-31 + 9999-12-31 + + + + + + + 2020-02-05T13:07:06.311 + + + + 44453500000005242 + 2020-02-05T13:07:06.311 + + 2020-02-05T13:07:06.311 + WSANM + Wohnsitz anmelden + + + 109091 + + + + + + 0088 + Testgemeinde + 09988 + Testort A + + Testgasse + 1a-2b + Stg. 3c-4d + 5 + H + false + 0001 + + T800001 + 001 + T800001 + + + + HST111WWW + + T8001 + T80001 + T80000000001 + T80000000002 + + H + Testpostort + + 2020-02-05T13:07:06.311 + WSANM + Wohnsitz anmelden + + + + 44453500000005262 + 2020-02-05T13:07:06.311 + + 2020-02-05T13:07:06.311 + AUSK_SPERRE_SETZ + Auskunftssperre setzen + + + 109091 + + + + 2020-02-05T13:07:06.311 + 9999-12-31T23:59:59.000 + ASMG + Auskunftssperre nach § 18 / 2ff MeldeG + automatische Auskunftssperre + + + + + + + -- cgit v1.2.3