From 968ba90c987ad1df6aa6434dfe9e43e6c5b6a2a3 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Tue, 7 Jun 2022 12:18:46 +0200
Subject: refact(eidas): rename package names, because there was a copy&past
mistake
---
.../test/EidasProxyMessageSourceTest.java | 50 --
.../MsProxyServiceSpringResourceProviderTest.java | 56 --
.../protocol/EidasProxyServiceControllerTest.java | 663 ---------------------
.../ProxyServiceAuthenticationActionTest.java | 635 --------------------
.../test/EidasProxyMessageSourceTest.java | 50 ++
.../MsProxyServiceSpringResourceProviderTest.java | 56 ++
.../protocol/EidasProxyServiceControllerTest.java | 663 +++++++++++++++++++++
.../ProxyServiceAuthenticationActionTest.java | 635 ++++++++++++++++++++
8 files changed, 1404 insertions(+), 1404 deletions(-)
delete mode 100644 modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/EidasProxyMessageSourceTest.java
delete mode 100644 modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/MsProxyServiceSpringResourceProviderTest.java
delete mode 100644 modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/protocol/EidasProxyServiceControllerTest.java
delete mode 100644 modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/protocol/ProxyServiceAuthenticationActionTest.java
create mode 100644 modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/EidasProxyMessageSourceTest.java
create mode 100644 modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/MsProxyServiceSpringResourceProviderTest.java
create mode 100644 modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/EidasProxyServiceControllerTest.java
create mode 100644 modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/ProxyServiceAuthenticationActionTest.java
(limited to 'modules')
diff --git a/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/EidasProxyMessageSourceTest.java b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/EidasProxyMessageSourceTest.java
deleted file mode 100644
index efe572b5..00000000
--- a/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/EidasProxyMessageSourceTest.java
+++ /dev/null
@@ -1,50 +0,0 @@
-package at.asitplus.eidas.specific.modules.auth.idaustria.test;
-
-import java.util.List;
-
-import org.junit.Assert;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.core.io.Resource;
-import org.springframework.core.io.ResourceLoader;
-import org.springframework.test.context.ContextConfiguration;
-import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
-
-import at.asitplus.eidas.specific.modules.msproxyservice.EidasProxyMessageSource;
-import at.gv.egiz.eaaf.core.api.logging.IMessageSourceLocation;
-
-@RunWith(SpringJUnit4ClassRunner.class)
-@ContextConfiguration(locations = {
- "/spring/SpringTest-context_basic_test.xml",
- "/spring/SpringTest-context_basic_mapConfig.xml",
- })
-public class EidasProxyMessageSourceTest {
-
- @Autowired
- private ResourceLoader loader;
- @Autowired(required = false)
- private List<IMessageSourceLocation> messageSources;
-
- @Test
- public void checkMessageSources() {
- Assert.assertNotNull("No messageSource", messageSources);
- Assert.assertFalse("No message source", messageSources.isEmpty());
-
- boolean found = false;
-
- for (final IMessageSourceLocation messageSource : messageSources) {
- found = found ? found : messageSource instanceof EidasProxyMessageSource;
-
- Assert.assertNotNull("No sourcePath", messageSource.getMessageSourceLocation());
- for (final String el : messageSource.getMessageSourceLocation()) {
- final Resource messages = loader.getResource(el + ".properties");
- Assert.assertTrue("Source not exist", messages.exists());
-
- }
- }
-
- Assert.assertTrue("Internal messagesource not found", found);
-
- }
-}
diff --git a/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/MsProxyServiceSpringResourceProviderTest.java b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/MsProxyServiceSpringResourceProviderTest.java
deleted file mode 100644
index 8c6da366..00000000
--- a/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/MsProxyServiceSpringResourceProviderTest.java
+++ /dev/null
@@ -1,56 +0,0 @@
-package at.asitplus.eidas.specific.modules.auth.idaustria.test;
-
-import java.io.IOException;
-import java.io.InputStream;
-
-import org.apache.commons.io.IOUtils;
-import org.junit.Assert;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.junit.runners.BlockJUnit4ClassRunner;
-import org.springframework.core.io.Resource;
-
-import at.asitplus.eidas.specific.modules.msproxyservice.MsProxyServiceSpringResourceProvider;
-import at.gv.egiz.eaaf.core.test.TestConstants;
-
-
-
-@RunWith(BlockJUnit4ClassRunner.class)
-public class MsProxyServiceSpringResourceProviderTest {
-
- @Test
- public void testSpringConfig() {
- final MsProxyServiceSpringResourceProvider test =
- new MsProxyServiceSpringResourceProvider();
- for (final Resource el : test.getResourcesToLoad()) {
- try {
- IOUtils.toByteArray(el.getInputStream());
-
- } catch (final IOException e) {
- Assert.fail("Ressouce: " + el.getFilename() + " not found");
- }
-
- }
-
- Assert.assertNotNull("no Name", test.getName());
- Assert.assertNull("Find package definitions", test.getPackagesToScan());
-
- }
-
- @Test
- public void testSpILoaderConfig() {
- final InputStream el = this.getClass().getResourceAsStream(TestConstants.TEST_SPI_LOADER_PATH);
- try {
- final String spiFile = IOUtils.toString(el, "UTF-8");
-
- Assert.assertEquals("Wrong classpath in SPI file",
- MsProxyServiceSpringResourceProvider.class.getName(), spiFile);
-
-
- } catch (final IOException e) {
- Assert.fail("Ressouce: " + TestConstants.TEST_SPI_LOADER_PATH + " not found");
-
- }
- }
-
-}
diff --git a/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/protocol/EidasProxyServiceControllerTest.java b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/protocol/EidasProxyServiceControllerTest.java
deleted file mode 100644
index 2b652f79..00000000
--- a/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/protocol/EidasProxyServiceControllerTest.java
+++ /dev/null
@@ -1,663 +0,0 @@
-package at.asitplus.eidas.specific.modules.auth.idaustria.test.protocol;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertThrows;
-import static org.junit.Assert.assertTrue;
-
-import java.io.IOException;
-import java.net.URISyntaxException;
-import java.net.URLDecoder;
-import java.text.MessageFormat;
-import java.util.Arrays;
-import java.util.List;
-import java.util.UUID;
-
-import org.apache.commons.lang3.RandomStringUtils;
-import org.apache.commons.lang3.StringUtils;
-import org.junit.Assert;
-import org.junit.Before;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.opensaml.saml.saml2.core.NameIDType;
-import org.opensaml.saml.saml2.core.StatusCode;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.ApplicationContext;
-import org.springframework.mock.web.MockHttpServletRequest;
-import org.springframework.mock.web.MockHttpServletResponse;
-import org.springframework.test.context.ContextConfiguration;
-import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
-import org.springframework.web.context.request.RequestContextHolder;
-import org.springframework.web.context.request.ServletRequestAttributes;
-import org.springframework.web.servlet.config.annotation.EnableWebMvc;
-
-import com.google.common.collect.ImmutableSortedSet;
-
-import at.asitplus.eidas.specific.core.config.ServiceProviderConfiguration;
-import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
-import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants;
-import at.asitplus.eidas.specific.modules.core.eidas.service.EidasAttributeRegistry;
-import at.asitplus.eidas.specific.modules.core.eidas.test.dummy.DummySpecificCommunicationService;
-import at.asitplus.eidas.specific.modules.msproxyservice.MsProxyServiceConstants;
-import at.asitplus.eidas.specific.modules.msproxyservice.exception.EidasProxyServiceException;
-import at.asitplus.eidas.specific.modules.msproxyservice.protocol.EidasProxyServiceController;
-import at.asitplus.eidas.specific.modules.msproxyservice.protocol.ProxyServicePendingRequest;
-import at.gv.egiz.eaaf.core.api.data.EaafConstants;
-import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions.SpMandateModes;
-import at.gv.egiz.eaaf.core.exceptions.EaafException;
-import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
-import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyProtocolAuthService;
-import eu.eidas.auth.commons.EidasParameterKeys;
-import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
-import eu.eidas.auth.commons.light.ILightResponse;
-import eu.eidas.auth.commons.light.impl.LightRequest;
-import eu.eidas.specificcommunication.SpecificCommunicationDefinitionBeanNames;
-import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
-import eu.eidas.specificcommunication.protocol.SpecificCommunicationService;
-
-@RunWith(SpringJUnit4ClassRunner.class)
-@ContextConfiguration(locations = {
- "/spring/SpringTest-context_basic_test.xml",
- "/spring/SpringTest-context_basic_mapConfig.xml",
- })
-@EnableWebMvc
-public class EidasProxyServiceControllerTest {
-
- @Autowired private EidasProxyServiceController controller;
-
- @Autowired private DummySpecificCommunicationService proxyService;
- @Autowired private DummyProtocolAuthService authService;
- @Autowired private EidasAttributeRegistry attrRegistry;
- @Autowired private ApplicationContext context;
-
- @Autowired MsConnectorDummyConfigMap config;
-
- private MockHttpServletRequest httpReq;
- private MockHttpServletResponse httpResp;
-
- private SpecificCommunicationService springManagedSpecificConnectorCommunicationService;
-
- /**
- * jUnit test set-up.
- */
- @Before
- public void setUp() throws EaafStorageException, URISyntaxException {
- httpReq = new MockHttpServletRequest("POST", "http://localhost/ms_connector/eidas/light/idp/redirect");
- httpResp = new MockHttpServletResponse();
- RequestContextHolder.resetRequestAttributes();
- RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
-
- proxyService.setiLightRequest(null);
- proxyService.setError(null);
-
- config.putConfigValue("eidas.ms.auth.eIDAS.node_v2.proxy.forward.endpoint",
- "http://eidas.proxy/endpoint");
-
- springManagedSpecificConnectorCommunicationService =
- (SpecificCommunicationService) context.getBean(
- SpecificCommunicationDefinitionBeanNames.SPECIFIC_PROXYSERVICE_COMMUNICATION_SERVICE
- .toString());
-
- }
-
- @Test
- public void generateErrorResponseWrongPendingReq() throws Throwable {
- Assert.assertFalse("wrong statusCode", controller.generateErrorMessage(
- new EaafException("1000"),
- httpReq, httpResp, null));
-
- }
-
- @Test
- public void generateErrorResponse() throws Throwable {
- ProxyServicePendingRequest pendingReq = new ProxyServicePendingRequest();
- pendingReq.initialize(httpReq, config);
-
- LightRequest.Builder eidasRequestBuilder = LightRequest.builder()
- .id(UUID.randomUUID().toString())
- .issuer(RandomStringUtils.randomAlphabetic(10))
- .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
- .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
- .spCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
- .spType("public")
- .requesterId(RandomStringUtils.randomAlphanumeric(10))
- .providerName(RandomStringUtils.randomAlphanumeric(10));
- pendingReq.setEidasRequest(eidasRequestBuilder.build());
-
-
- // execute test
- Assert.assertTrue("wrong statusCode", controller.generateErrorMessage(
- new EaafException("1000"),
- httpReq, httpResp,
- pendingReq));
-
- // validate state
- assertNotNull("not redirct Header", httpResp.getHeader("Location"));
- assertTrue("wrong redirect URL", httpResp.getHeader("Location").startsWith("http://eidas.proxy/endpoint?token="));
- String token = httpResp.getHeader("Location").substring("http://eidas.proxy/endpoint?token=".length());
-
- ILightResponse resp = springManagedSpecificConnectorCommunicationService.getAndRemoveResponse(URLDecoder.decode(token, "UTF-8"),
- ImmutableSortedSet.copyOf(attrRegistry.getCoreAttributeRegistry().getAttributes()));
-
- assertNotNull("responseId", resp.getId());
- assertEquals("inResponseTo", pendingReq.getEidasRequest().getId(), resp.getInResponseToId());
- assertEquals("relayState", pendingReq.getEidasRequest().getRelayState(), resp.getRelayState());
-
- assertNotNull("subjectNameId", resp.getSubject());
- assertEquals("subjectNameIdFormat", NameIDType.TRANSIENT, resp.getSubjectNameIdFormat());
- assertTrue("not attributes", resp.getAttributes().isEmpty());
-
- assertEquals("StatusCode", StatusCode.RESPONDER, resp.getStatus().getStatusCode());
- //assertEquals("SubStatusCode", "", resp.getStatus().getSubStatusCode());
- //assertEquals("StatusMsg", "", resp.getStatus().getStatusMessage());
-
- }
-
- @Test
- public void missingEidasToken() {
- EidasProxyServiceException exception = assertThrows(EidasProxyServiceException.class,
- () -> controller.receiveEidasAuthnRequest(httpReq, httpResp));
- Assert.assertEquals("wrong errorCode", "eidas.proxyservice.02", exception.getErrorId());
-
- }
-
- @Test
- public void wrongEidasTokenWithNullpointerException() {
- //initialize state
- httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));
-
- //validate state
- EidasProxyServiceException exception = assertThrows(EidasProxyServiceException.class,
- () -> controller.receiveEidasAuthnRequest(httpReq, httpResp));
- Assert.assertEquals("wrong errorCode", "eidas.proxyservice.11", exception.getErrorId());
-
- }
-
- @Test
- public void wrongEidasTokenCacheCommunicationError() {
- //initialize state
- httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));
- proxyService.setError(new SpecificCommunicationException(RandomStringUtils.randomAlphanumeric(10)));
-
- //validate state
- EidasProxyServiceException exception = assertThrows(EidasProxyServiceException.class,
- () -> controller.receiveEidasAuthnRequest(httpReq, httpResp));
- Assert.assertEquals("wrong errorCode", "eidas.proxyservice.03", exception.getErrorId());
- Assert.assertTrue("Wrong exception", (exception.getCause() instanceof SpecificCommunicationException));
-
- }
-
- @Test
- public void missingServiceProviderCountry() {
- //initialize state
- httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));
- LightRequest.Builder authnReqBuilder = LightRequest.builder()
- .id(UUID.randomUUID().toString())
- .issuer(RandomStringUtils.randomAlphabetic(10))
- .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
- .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH);
-
- proxyService.setiLightRequest(authnReqBuilder.build());
-
- //validate state
- EidasProxyServiceException exception = assertThrows(EidasProxyServiceException.class,
- () -> controller.receiveEidasAuthnRequest(httpReq, httpResp));
- Assert.assertEquals("wrong errorCode", "eidas.proxyservice.07", exception.getErrorId());
-
- }
-
- @Test
- public void requestingLegalAndNaturalPerson() {
- //initialize state
- httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));
- LightRequest.Builder authnReqBuilder = LightRequest.builder()
- .id(UUID.randomUUID().toString())
- .issuer(RandomStringUtils.randomAlphabetic(10))
- .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
- .spCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
- .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
- .requestedAttributes(ImmutableAttributeMap.builder()
- .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
- EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first())
- .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
- EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first())
- .build());
-
- proxyService.setiLightRequest(authnReqBuilder.build());
-
- //validate state
- EidasProxyServiceException exception = assertThrows(EidasProxyServiceException.class,
- () -> controller.receiveEidasAuthnRequest(httpReq, httpResp));
- Assert.assertEquals("wrong errorCode", "eidas.proxyservice.08", exception.getErrorId());
-
- }
-
- @Test
- public void requestLegalPersonButNoMandates() throws IOException, EaafException {
- //initialize state
- httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));
- String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
- LightRequest.Builder authnReqBuilder = LightRequest.builder()
- .id(UUID.randomUUID().toString())
- .issuer(RandomStringUtils.randomAlphabetic(10))
- .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
- .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
- .spCountryCode(spCountryCode)
- .spType("public")
- .requestedAttributes(ImmutableAttributeMap.builder()
- .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
- EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()).build());
-
- proxyService.setiLightRequest(authnReqBuilder.build());
-
- config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "false");
- config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL,
- StringUtils.join(Arrays.asList(
- RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
-
- //validate state
- EidasProxyServiceException exception = assertThrows(EidasProxyServiceException.class,
- () -> controller.receiveEidasAuthnRequest(httpReq, httpResp));
- Assert.assertEquals("wrong errorCode", "eidas.proxyservice.09", exception.getErrorId());
-
- }
-
- @Test
- public void validAuthnRequest() throws IOException, EaafException {
- //initialize state
- httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));
- String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
- LightRequest.Builder authnReqBuilder = LightRequest.builder()
- .id(UUID.randomUUID().toString())
- .issuer(RandomStringUtils.randomAlphabetic(10))
- .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
- .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
- .spCountryCode(spCountryCode)
- .spType("public")
- .requestedAttributes(ImmutableAttributeMap.builder()
- .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
- EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first()).build());
-
- proxyService.setiLightRequest(authnReqBuilder.build());
-
-
- config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "false");
- config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL,
- StringUtils.join(Arrays.asList(
- RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
-
-
- //execute
- controller.receiveEidasAuthnRequest(httpReq, httpResp);
-
- //validate state
- Assert.assertNotNull("pendingRequest", authService.getPendingReq());
- Assert.assertTrue("wrong pendingRequest", authService.getPendingReq() instanceof ProxyServicePendingRequest);
- ProxyServicePendingRequest pendingReq = (ProxyServicePendingRequest) authService.getPendingReq();
- Assert.assertNotNull("missing uniqueSpId", pendingReq.getSpEntityId());
- Assert.assertNotNull("missing eidasReq", pendingReq.getEidasRequest());
-
- Assert.assertFalse("isPassive", pendingReq.isPassiv());
- Assert.assertTrue("isPassive", pendingReq.forceAuth());
- Assert.assertFalse("isPassive", pendingReq.isAuthenticated());
- Assert.assertFalse("isPassive", pendingReq.isAbortedByUser());
- Assert.assertTrue("isPassive", pendingReq.isNeedAuthentication());
-
- Assert.assertNotNull("missing spConfig", pendingReq.getServiceProviderConfiguration());
- ServiceProviderConfiguration spConfig =
- pendingReq.getServiceProviderConfiguration(ServiceProviderConfiguration.class);
- Assert.assertNotNull("uniqueId", spConfig.getUniqueIdentifier());
- Assert.assertEquals("uniqueId wrong pattern",
- authnReqBuilder.build().getIssuer(),
- spConfig.getUniqueIdentifier());
- Assert.assertEquals("friendlyName wrong pattern",
- MessageFormat.format(MsProxyServiceConstants.TEMPLATE_SP_UNIQUE_ID, spCountryCode, "public"),
- spConfig.getFriendlyName());
-
- Assert.assertEquals("uniqueId not match to pendingReq",
- pendingReq.getSpEntityId(), spConfig.getUniqueIdentifier());
- Assert.assertNotNull("bpkTarget", spConfig.getAreaSpecificTargetIdentifier());
- Assert.assertEquals("wrong bPK Target",
- EaafConstants.URN_PREFIX_EIDAS + "AT+" + spCountryCode,
- spConfig.getAreaSpecificTargetIdentifier());
-
- assertNotNull("mandateprofiles", spConfig.getMandateProfiles());
- assertTrue("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty());
- assertEquals("MandateMode", SpMandateModes.NONE, spConfig.getMandateMode());
-
- }
-
- @Test
- public void validAuthnRequestWithMandatesDefaultProfilesNat() throws IOException, EaafException {
- //initialize state
- httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));
- String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
- LightRequest.Builder authnReqBuilder = LightRequest.builder()
- .id(UUID.randomUUID().toString())
- .issuer(RandomStringUtils.randomAlphabetic(10))
- .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
- .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
- .spCountryCode(spCountryCode)
- .spType("public")
- .requestedAttributes(ImmutableAttributeMap.builder()
- .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
- EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first()).build());
-
-
- proxyService.setiLightRequest(authnReqBuilder.build());
-
- List<String> mandateProfilesNat =
- Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
- List<String> mandateProfilesJur =
- Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
- config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true");
- config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL,
- StringUtils.join(mandateProfilesNat, ","));
- config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL,
- StringUtils.join(mandateProfilesJur, ","));
-
- //execute
- controller.receiveEidasAuthnRequest(httpReq, httpResp);
-
- //validate state
- ServiceProviderConfiguration spConfig =
- authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class);
- assertNotNull("mandateprofiles", spConfig.getMandateProfiles());
- assertFalse("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty());
- assertEquals("mandateprofile size", mandateProfilesNat.size(), spConfig.getMandateProfiles().size());
- spConfig.getMandateProfiles().stream()
- .forEach(el -> assertTrue("missing mandateProfile: " + el, mandateProfilesNat.contains(el)));
- assertEquals("MandateMode", SpMandateModes.NATURAL, spConfig.getMandateMode());
-
- }
-
- @Test
- public void validAuthnRequestWithMandatesDefaultProfilesJur() throws IOException, EaafException {
- //initialize state
- httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));
- String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
- LightRequest.Builder authnReqBuilder = LightRequest.builder()
- .id(UUID.randomUUID().toString())
- .issuer(RandomStringUtils.randomAlphabetic(10))
- .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
- .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
- .spCountryCode(spCountryCode)
- .spType("public")
- .requestedAttributes(ImmutableAttributeMap.builder()
- .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
- EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()).build());
-
-
- proxyService.setiLightRequest(authnReqBuilder.build());
-
- List<String> mandateProfilesNat =
- Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
- List<String> mandateProfilesJur =
- Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
- config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true");
- config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL,
- StringUtils.join(mandateProfilesNat, ","));
- config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL,
- StringUtils.join(mandateProfilesJur, ","));
-
- //execute
- controller.receiveEidasAuthnRequest(httpReq, httpResp);
-
- //validate state
- ServiceProviderConfiguration spConfig =
- authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class);
- assertNotNull("mandateprofiles", spConfig.getMandateProfiles());
- assertFalse("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty());
- assertEquals("mandateprofile size", mandateProfilesJur.size(), spConfig.getMandateProfiles().size());
- spConfig.getMandateProfiles().stream()
- .forEach(el -> assertTrue("missing mandateProfile: " + el, mandateProfilesJur.contains(el)));
- assertEquals("MandateMode", SpMandateModes.LEGAL_FORCE, spConfig.getMandateMode());
-
- }
-
- @Test
- public void validAuthnRequestWithMandatesDefaultNoJurProfiles() throws IOException, EaafException {
- //initialize state
- httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));
- String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
- LightRequest.Builder authnReqBuilder = LightRequest.builder()
- .id(UUID.randomUUID().toString())
- .issuer(RandomStringUtils.randomAlphabetic(10))
- .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
- .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
- .spCountryCode(spCountryCode)
- .spType("public")
- .requestedAttributes(ImmutableAttributeMap.builder()
- .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
- EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()).build());
-
-
- proxyService.setiLightRequest(authnReqBuilder.build());
-
- List<String> mandateProfilesNat =
- Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
- config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true");
- config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL,
- StringUtils.join(mandateProfilesNat, ","));
- config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL, "");
-
- //validate state
- EidasProxyServiceException exception = assertThrows(EidasProxyServiceException.class,
- () -> controller.receiveEidasAuthnRequest(httpReq, httpResp));
- Assert.assertEquals("wrong errorCode", "eidas.proxyservice.10", exception.getErrorId());
-
- }
-
- @Test
- public void validAuthnRequestWithMandatesDefaultNoNatProfiles() throws IOException, EaafException {
- //initialize state
- httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));
- String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
- LightRequest.Builder authnReqBuilder = LightRequest.builder()
- .id(UUID.randomUUID().toString())
- .issuer(RandomStringUtils.randomAlphabetic(10))
- .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
- .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
- .spCountryCode(spCountryCode)
- .spType("public")
- .requestedAttributes(ImmutableAttributeMap.builder()
- .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
- EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first()).build());
-
-
- proxyService.setiLightRequest(authnReqBuilder.build());
-
- config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true");
- config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, "");
- config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL, "");
-
- //execute
- controller.receiveEidasAuthnRequest(httpReq, httpResp);
-
- //validate state
- ServiceProviderConfiguration spConfig =
- authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class);
- assertNotNull("mandateprofiles", spConfig.getMandateProfiles());
- assertTrue("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty());
- assertEquals("MandateMode", SpMandateModes.NONE, spConfig.getMandateMode());
-
- }
-
- @Test
- public void validAuthnRequestIssueSpecificNoMandates() throws IOException, EaafException {
- //initialize state
- httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));
-
- String issuer = RandomStringUtils.randomAlphabetic(10);
- LightRequest.Builder authnReqBuilder = LightRequest.builder()
- .id(UUID.randomUUID().toString())
- .issuer(issuer)
- .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
- .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
- .spCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
- .spType("public")
- .requestedAttributes(ImmutableAttributeMap.builder()
- .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
- EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first()).build());
-
- proxyService.setiLightRequest(authnReqBuilder.build());
-
-
- // set default mandate configuration
- config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true");
- config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL,
- StringUtils.join(Arrays.asList(
- RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
- config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL,
- StringUtils.join(Arrays.asList(
- RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
-
- // set specific mandate configuration
- String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
- addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_UNIQUEID, issuer);
- addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_COUNTRYCODE, spCountryCode);
- addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_ENABLED, "false");
-
- List<String> mandateProfiles =
- Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
- addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_NATURAL,
- StringUtils.join(mandateProfiles, ","));
- addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_LEGAL,
- StringUtils.join(Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
-
- //execute
- controller.receiveEidasAuthnRequest(httpReq, httpResp);
-
- //validate state
- ServiceProviderConfiguration spConfig =
- authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class);
- assertNotNull("mandateprofiles", spConfig.getMandateProfiles());
- assertTrue("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty());
- assertEquals("MandateMode", SpMandateModes.NONE, spConfig.getMandateMode());
-
- }
-
- @Test
- public void validAuthnRequestIssueSpecificMandatesNat() throws IOException, EaafException {
- //initialize state
- httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));
-
- String issuer = "https://apps.egiz.gv.at/EidasNode//ConnectorMetadata";
- LightRequest.Builder authnReqBuilder = LightRequest.builder()
- .id(UUID.randomUUID().toString())
- .issuer(issuer)
- .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
- .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
- .spCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
- .spType("public")
- .requestedAttributes(ImmutableAttributeMap.builder()
- .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
- EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first()).build());
-
- proxyService.setiLightRequest(authnReqBuilder.build());
-
-
- // set default mandate configuration
- config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "false");
- config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL,
- StringUtils.join(Arrays.asList(
- RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
- config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL,
- StringUtils.join(Arrays.asList(
- RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
-
- // set specific mandate configuration
- String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
- addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_UNIQUEID, issuer);
- addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_COUNTRYCODE, spCountryCode);
- addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_ENABLED, "true");
-
- List<String> mandateProfiles =
- Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
- addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_NATURAL,
- StringUtils.join(mandateProfiles, ","));
- addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_LEGAL,
- StringUtils.join(Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
-
- //execute
- controller.receiveEidasAuthnRequest(httpReq, httpResp);
-
- //validate state
- ServiceProviderConfiguration spConfig =
- authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class);
- assertNotNull("mandateprofiles", spConfig.getMandateProfiles());
- assertFalse("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty());
- assertEquals("mandateprofile size", mandateProfiles.size(), spConfig.getMandateProfiles().size());
- spConfig.getMandateProfiles().stream()
- .forEach(el -> assertTrue("missing mandateProfile: " + el, mandateProfiles.contains(el)));
- assertEquals("MandateMode", SpMandateModes.NATURAL, spConfig.getMandateMode());
-
- }
-
- @Test
- public void validAuthnRequestIssueSpecificMandatesJur() throws IOException, EaafException {
- //initialize state
- httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));
-
- String issuer = RandomStringUtils.randomAlphabetic(10);
- LightRequest.Builder authnReqBuilder = LightRequest.builder()
- .id(UUID.randomUUID().toString())
- .issuer(issuer)
- .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
- .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
- .spCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
- .spType("public")
- .requestedAttributes(ImmutableAttributeMap.builder()
- .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
- EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()).build());
-
- proxyService.setiLightRequest(authnReqBuilder.build());
-
-
- // set default mandate configuration
- config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true");
- config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL,
- StringUtils.join(Arrays.asList(
- RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
- config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL,
- StringUtils.join(Arrays.asList(
- RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
-
- // set specific mandate configuration
- String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
- addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_UNIQUEID, issuer);
- addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_COUNTRYCODE, spCountryCode);
- addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_ENABLED, "true");
-
- List<String> mandateProfiles =
- Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
- addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_LEGAL,
- StringUtils.join(mandateProfiles, ","));
- addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_NATURAL,
- StringUtils.join(Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
-
- //execute
- controller.receiveEidasAuthnRequest(httpReq, httpResp);
-
- //validate state
- ServiceProviderConfiguration spConfig =
- authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class);
- assertNotNull("mandateprofiles", spConfig.getMandateProfiles());
- assertFalse("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty());
- assertEquals("mandateprofile size", mandateProfiles.size(), spConfig.getMandateProfiles().size());
- spConfig.getMandateProfiles().stream()
- .forEach(el -> assertTrue("missing mandateProfile: " + el, mandateProfiles.contains(el)));
- assertEquals("MandateMode", SpMandateModes.LEGAL_FORCE, spConfig.getMandateMode());
-
- }
-
- private void addConnectorConfig(int i, String key, String value) {
- config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_PREFIX + String.valueOf(i) + "." + key,
- value);
-
- }
-
-}
-
-
diff --git a/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/protocol/ProxyServiceAuthenticationActionTest.java b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/protocol/ProxyServiceAuthenticationActionTest.java
deleted file mode 100644
index 97b5bc03..00000000
--- a/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/protocol/ProxyServiceAuthenticationActionTest.java
+++ /dev/null
@@ -1,635 +0,0 @@
-package at.asitplus.eidas.specific.modules.auth.idaustria.test.protocol;
-
-import static at.asitplus.eidas.specific.core.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertNull;
-import static org.junit.Assert.assertThrows;
-import static org.junit.Assert.assertTrue;
-
-import java.net.URISyntaxException;
-import java.net.URLDecoder;
-import java.time.Instant;
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.UUID;
-
-import org.apache.commons.lang3.RandomStringUtils;
-import org.joda.time.DateTime;
-import org.junit.Assert;
-import org.junit.Before;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.opensaml.saml.saml2.core.NameIDType;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.ApplicationContext;
-import org.springframework.mock.web.MockHttpServletRequest;
-import org.springframework.mock.web.MockHttpServletResponse;
-import org.springframework.test.context.ContextConfiguration;
-import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
-import org.springframework.web.context.request.RequestContextHolder;
-import org.springframework.web.context.request.ServletRequestAttributes;
-
-import com.google.common.collect.ImmutableSortedSet;
-
-import at.asitplus.eidas.specific.core.MsEidasNodeConstants;
-import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
-import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummySpConfiguration;
-import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants;
-import at.asitplus.eidas.specific.modules.core.eidas.service.EidasAttributeRegistry;
-import at.asitplus.eidas.specific.modules.msproxyservice.protocol.ProxyServiceAuthenticationAction;
-import at.asitplus.eidas.specific.modules.msproxyservice.protocol.ProxyServicePendingRequest;
-import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
-import at.gv.egiz.eaaf.core.api.data.EaafConstants;
-import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
-import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions.EidIdentityStatusLevelValues;
-import at.gv.egiz.eaaf.core.api.idp.IAuthData;
-import at.gv.egiz.eaaf.core.api.idp.IEidAuthData;
-import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
-import at.gv.egiz.eaaf.core.api.idp.slo.SloInformationInterface;
-import at.gv.egiz.eaaf.core.exceptions.EaafException;
-import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
-import eu.eidas.auth.commons.attribute.AttributeDefinition;
-import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
-import eu.eidas.auth.commons.light.ILightResponse;
-import eu.eidas.auth.commons.light.impl.LightRequest;
-import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
-import eu.eidas.specificcommunication.SpecificCommunicationDefinitionBeanNames;
-import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
-import eu.eidas.specificcommunication.protocol.SpecificCommunicationService;
-
-@RunWith(SpringJUnit4ClassRunner.class)
-@ContextConfiguration(locations = {
- "/spring/SpringTest-context_basic_test.xml",
- "/spring/SpringTest-context_basic_mapConfig.xml",
- })
-public class ProxyServiceAuthenticationActionTest {
-
- @Autowired private MsConnectorDummyConfigMap basicConfig;
- @Autowired private ProxyServiceAuthenticationAction action;
- @Autowired private ApplicationContext context;
- @Autowired EidasAttributeRegistry attrRegistry;
-
- private MockHttpServletRequest httpReq;
- private MockHttpServletResponse httpResp;
- private ProxyServicePendingRequest pendingReq;
- private MsConnectorDummySpConfiguration oaParam;
- private SpecificCommunicationService springManagedSpecificConnectorCommunicationService;
-
-
- /**
- * jUnit test set-up.
- * @throws EaafException In case of an error
- */
- @Before
- public void setUp() throws URISyntaxException, EaafException {
- httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
- httpResp = new MockHttpServletResponse();
- RequestContextHolder.resetRequestAttributes();
- RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
-
- basicConfig.putConfigValue("eidas.ms.auth.eIDAS.node_v2.proxy.forward.endpoint",
- "http://eidas.proxy/endpoint");
- basicConfig.putConfigValue("auth.eIDAS.proxy.workaround.mandates.legalperson",
- "false");
-
- final Map<String, String> spConfig = new HashMap<>();
- spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
- spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
- spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "true");
- oaParam = new MsConnectorDummySpConfiguration(spConfig, basicConfig);
- oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH));
-
- pendingReq = new ProxyServicePendingRequest();
- pendingReq.initialize(httpReq, basicConfig);
- pendingReq.setOnlineApplicationConfiguration(oaParam);
-
- LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest();
- pendingReq.setEidasRequest(eidasRequestBuilder.build());
-
-
- springManagedSpecificConnectorCommunicationService =
- (SpecificCommunicationService) context.getBean(
- SpecificCommunicationDefinitionBeanNames.SPECIFIC_PROXYSERVICE_COMMUNICATION_SERVICE
- .toString());
-
- }
-
- @Test
- public void wrongPendingRequestType() {
- IAuthData authData = generateDummyAuthData();
- TestRequestImpl internalPendingReq = new TestRequestImpl();
-
- EaafException exception = assertThrows(EaafException.class,
- () -> action.processRequest(internalPendingReq, httpReq, httpResp, authData));
- Assert.assertEquals("wrong errorCode", "eidas.proxyservice.99", exception.getErrorId());
-
- }
-
- @Test
- public void missingForwardUrl() {
- Map<String, Object> attr = new HashMap<>();
- attr.put(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER,
- "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));
- IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
- RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", false);
- basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.proxy.forward.endpoint");
-
- EaafException exception = assertThrows(EaafException.class,
- () -> action.processRequest(pendingReq, httpReq, httpResp, authData));
- Assert.assertEquals("wrong errorCode", "config.08", exception.getErrorId());
-
- }
-
- @Test
- public void responseWithoutMandate() throws EaafException, SpecificCommunicationException {
- Map<String, Object> attr = new HashMap<>();
- attr.put(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER,
- "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));
- IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
- RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", false);
-
- //perform test
- SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData);
-
- //validate state
- Assert.assertNotNull("Result should be not null", result);
-
- ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData);
- assertEquals("wrong attr. size", 4, respAttr.size());
- checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER,
- (String) attr.get(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER));
- checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME, authData.getFamilyName());
- checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME, authData.getGivenName());
- checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_DATEOFBIRTH,
- authData.getDateOfBirth());
-
- }
-
- @Test
- public void responseWithNatMandate() throws EaafException, SpecificCommunicationException {
- Map<String, Object> attr = new HashMap<>();
- attr.put(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER,
- "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));
-
- attr.put(MsEidasNodeConstants.ATTR_EIDAS_NAT_MANDATOR_PERSONAL_IDENTIFIER,
- RandomStringUtils.randomAlphabetic(10));
- attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME,
- RandomStringUtils.randomAlphabetic(10));
- attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME,
- RandomStringUtils.randomAlphabetic(10));
- attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME,
- "1985-11-15");
-
-
- IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
- RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
-
- //perform test
- SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData);
-
- //validate state
- Assert.assertNotNull("Result should be not null", result);
-
- ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData);
- assertEquals("wrong attr. size", 8, respAttr.size());
- checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_PERSONALIDENTIFIER,
- (String) attr.get(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER));
- checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_CURRENTFAMILYNAME, authData.getFamilyName());
- checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_CURRENTGIVENNAME, authData.getGivenName());
- checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_DATEOFBIRTH, authData.getDateOfBirth());
-
- checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER,
- (String) attr.get(MsEidasNodeConstants.ATTR_EIDAS_NAT_MANDATOR_PERSONAL_IDENTIFIER));
- checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME,
- (String) attr.get(PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME));
- checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME,
- (String) attr.get(PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME));
- checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_DATEOFBIRTH,
- (String) attr.get(PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME));
-
- }
-
- @Test
- public void responseWithJurMandate() throws EaafException, SpecificCommunicationException {
- Map<String, Object> attr = new HashMap<>();
- attr.put(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER,
- "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));
- IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
- RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
-
- attr.put(MsEidasNodeConstants.ATTR_EIDAS_JUR_MANDATOR_PERSONAL_IDENTIFIER,
- RandomStringUtils.randomAlphabetic(10));
- attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME,
- RandomStringUtils.randomAlphabetic(10));
-
- //perform test
- SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData);
-
- //validate state
- Assert.assertNotNull("Result should be not null", result);
-
- ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData);
- assertEquals("wrong attr. size", 6, respAttr.size());
- checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_PERSONALIDENTIFIER,
- (String) attr.get(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER));
- checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_CURRENTFAMILYNAME, authData.getFamilyName());
- checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_CURRENTGIVENNAME, authData.getGivenName());
- checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_DATEOFBIRTH, authData.getDateOfBirth());
-
- checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER,
- (String) attr.get(MsEidasNodeConstants.ATTR_EIDAS_JUR_MANDATOR_PERSONAL_IDENTIFIER));
- checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_LEGALNAME,
- (String) attr.get(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME));
-
- assertNull("find nat. person subject: personalId",
- getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER));
- assertNull("find nat. person subject: familyName",
- getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME));
- assertNull("find nat. person subject: givenName",
- getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME));
- assertNull("find nat. person subject: dateOfBirth",
- getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_DATEOFBIRTH));
-
- }
-
- @Test
- public void responseWithNatMandateWithWorkAround() throws EaafException, SpecificCommunicationException {
- basicConfig.putConfigValue("auth.eIDAS.proxy.workaround.mandates.legalperson",
- "true");
-
- //request natural person subject only
- LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest();
- eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder().put(
- attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first()).build());
- pendingReq.setEidasRequest(eidasRequestBuilder.build());
-
-
- Map<String, Object> attr = new HashMap<>();
- attr.put(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER,
- "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));
-
- attr.put(MsEidasNodeConstants.ATTR_EIDAS_NAT_MANDATOR_PERSONAL_IDENTIFIER,
- RandomStringUtils.randomAlphabetic(10));
- attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME,
- RandomStringUtils.randomAlphabetic(10));
- attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME,
- RandomStringUtils.randomAlphabetic(10));
- attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME,
- "1985-11-15");
-
-
- IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
- RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
-
- //perform test
- SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData);
-
- //validate state
- Assert.assertNotNull("Result should be not null", result);
-
- ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData);
- assertEquals("wrong attr. size", 8, respAttr.size());
-
- }
-
- @Test
- public void responseWithJurMandateWithWorkAround() throws EaafException, SpecificCommunicationException {
- basicConfig.putConfigValue("auth.eIDAS.proxy.workaround.mandates.legalperson",
- "true");
-
- //request natural person subject only
- LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest();
- eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder()
- .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first())
- .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first())
- .build());
- pendingReq.setEidasRequest(eidasRequestBuilder.build());
-
- Map<String, Object> attr = new HashMap<>();
- attr.put(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER,
- "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));
- IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
- RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
-
- attr.put(MsEidasNodeConstants.ATTR_EIDAS_JUR_MANDATOR_PERSONAL_IDENTIFIER,
- RandomStringUtils.randomAlphabetic(10));
- attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME,
- RandomStringUtils.randomAlphabetic(10));
-
- //perform test
- SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData);
-
- //validate state
- Assert.assertNotNull("Result should be not null", result);
-
- ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData);
- assertEquals("wrong attr. size", 10, respAttr.size());
- checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER,
- (String) attr.get(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER));
- checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME, authData.getFamilyName());
- checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME, authData.getGivenName());
- checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_DATEOFBIRTH, authData.getDateOfBirth());
-
- }
-
- @Test
- public void responseWithJurMandateWithWorkAroundNoNatSubject() throws EaafException, SpecificCommunicationException {
- basicConfig.putConfigValue("auth.eIDAS.proxy.workaround.mandates.legalperson",
- "true");
-
- //request natural person subject only
- LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest();
- eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder()
- .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
- EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first())
- .build());
- pendingReq.setEidasRequest(eidasRequestBuilder.build());
-
- Map<String, Object> attr = new HashMap<>();
- attr.put(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER,
- "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));
- IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
- RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
-
- attr.put(MsEidasNodeConstants.ATTR_EIDAS_JUR_MANDATOR_PERSONAL_IDENTIFIER,
- RandomStringUtils.randomAlphabetic(10));
- attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME,
- RandomStringUtils.randomAlphabetic(10));
-
- //perform test
- SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData);
-
- //validate state
- Assert.assertNotNull("Result should be not null", result);
-
- ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData);
- assertEquals("wrong attr. size", 6, respAttr.size());
- assertNull("find nat. person subject: personalId",
- getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER));
- assertNull("find nat. person subject: familyName",
- getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME));
- assertNull("find nat. person subject: givenName",
- getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME));
- assertNull("find nat. person subject: dateOfBirth",
- getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_DATEOFBIRTH));
-
- }
-
- @Test
- public void checkBasicConstrainsInAction() {
-
- Assert.assertTrue("Wrong NeedAuthentication", action.needAuthentication(pendingReq, httpReq, httpResp));
- Assert.assertNotNull("Missing ActionName", action.getDefaultActionName());
-
- Assert.assertNotNull("missing ActionBean", context.getBean(ProxyServiceAuthenticationAction.class));
-
- }
-
- private IAuthData generateDummyAuthData() {
- return generateDummyAuthData(Collections.emptyMap(), EaafConstants.EIDAS_LOA_LOW,
- RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1940-01-01", false);
-
- }
-
- private Object getAttrValue(ImmutableAttributeMap respAttr, String attrName) {
- final AttributeDefinition<?> attrDef =
- attrRegistry.getCoreAttributeRegistry().getByFriendlyName(attrName).first();
- return respAttr.getFirstValue(attrDef);
-
- }
-
- private void checkAttrValue(ImmutableAttributeMap respAttr, String attrName, String expected) {
- Object value = getAttrValue(respAttr, attrName);
- assertNotNull("not attr value: " + attrName, value);
-
- if (value instanceof String) {
- assertEquals("wrong attr. value: " + attrName, expected, value);
-
- } else if ( value instanceof DateTime) {
- assertEquals("wrong attr. value: " + attrName, expected, ((DateTime)value).toString("yyyy-MM-dd"));
-
- }
- }
-
- private ImmutableAttributeMap validateBasicEidasResponse(IAuthData authData) throws SpecificCommunicationException {
- assertNotNull("not redirct Header", httpResp.getHeader("Location"));
- assertTrue("wrong redirect URL", httpResp.getHeader("Location").startsWith("http://eidas.proxy/endpoint?token="));
- String token = httpResp.getHeader("Location").substring("http://eidas.proxy/endpoint?token=".length());
-
- ILightResponse resp = springManagedSpecificConnectorCommunicationService.getAndRemoveResponse(URLDecoder.decode(token),
- ImmutableSortedSet.copyOf(attrRegistry.getCoreAttributeRegistry().getAttributes()));
-
- assertNotNull("responseId", resp.getId());
- assertEquals("inResponseTo", pendingReq.getEidasRequest().getId(), resp.getInResponseToId());
- assertEquals("relayState", pendingReq.getEidasRequest().getRelayState(), resp.getRelayState());
- assertEquals("LoA", authData.getEidasQaaLevel(), resp.getLevelOfAssurance());
-
- assertNotNull("subjectNameId", resp.getSubject());
- assertEquals("subjectNameIdFormat", NameIDType.TRANSIENT, resp.getSubjectNameIdFormat());
-
- assertFalse("not attributes", resp.getAttributes().isEmpty());
- return resp.getAttributes();
-
- }
-
- private Builder generateBasicLightRequest() {
- return LightRequest.builder()
- .id(UUID.randomUUID().toString())
- .issuer(RandomStringUtils.randomAlphabetic(10))
- .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
- .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
- .spCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
- .spType("public")
- .requesterId(RandomStringUtils.randomAlphanumeric(10))
- .providerName(RandomStringUtils.randomAlphanumeric(10));
-
- }
-
- private IAuthData generateDummyAuthData(Map<String, Object> attrs, String loa, String familyName, String givenName, String dateOfBirth,
- boolean useMandates) {
- return new IEidAuthData() {
-
- @Override
- public boolean isSsoSession() {
- // TODO Auto-generated method stub
- return false;
- }
-
- @Override
- public boolean isForeigner() {
- // TODO Auto-generated method stub
- return false;
- }
-
- @Override
- public boolean isBaseIdTransferRestrication() {
- // TODO Auto-generated method stub
- return false;
- }
-
- @Override
- public Instant getSsoSessionValidTo() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public String getSessionIndex() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public String getNameIdFormat() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public String getNameID() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public IIdentityLink getIdentityLink() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public String getIdentificationValue() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public String getIdentificationType() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public String getGivenName() {
- return givenName;
- }
-
- @Override
- public <T> T getGenericData(String key, Class<T> clazz) {
- if (attrs.containsKey(key)) {
- return (T) attrs.get(key);
-
- } else {
- return null;
- }
-
- }
-
- @Override
- public String getDateOfBirth() {
- return dateOfBirth;
- }
-
- @Override
- public String getFamilyName() {
- return familyName;
- }
-
- @Override
- public String getEncryptedSourceIdType() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public String getEncryptedSourceId() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public String getEidasQaaLevel() {
- return loa;
-
- }
-
-
- @Override
- public String getCiticenCountryCode() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public String getBpkType() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public String getBpk() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public String getAuthenticationIssuer() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public String getAuthenticationIssueInstantString() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public Instant getAuthenticationIssueInstant() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public byte[] getSignerCertificate() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public byte[] getEidToken() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public EidIdentityStatusLevelValues getEidStatus() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public String getVdaEndPointUrl() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public boolean isUseMandate() {
- return useMandates;
-
- }
-
- @Override
- public String getDateOfBirthFormated(String pattern) {
- // TODO Auto-generated method stub
- return null;
- }
- };
-
- }
-}
diff --git a/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/EidasProxyMessageSourceTest.java b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/EidasProxyMessageSourceTest.java
new file mode 100644
index 00000000..efe572b5
--- /dev/null
+++ b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/EidasProxyMessageSourceTest.java
@@ -0,0 +1,50 @@
+package at.asitplus.eidas.specific.modules.auth.idaustria.test;
+
+import java.util.List;
+
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.core.io.Resource;
+import org.springframework.core.io.ResourceLoader;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.asitplus.eidas.specific.modules.msproxyservice.EidasProxyMessageSource;
+import at.gv.egiz.eaaf.core.api.logging.IMessageSourceLocation;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+ "/spring/SpringTest-context_basic_test.xml",
+ "/spring/SpringTest-context_basic_mapConfig.xml",
+ })
+public class EidasProxyMessageSourceTest {
+
+ @Autowired
+ private ResourceLoader loader;
+ @Autowired(required = false)
+ private List<IMessageSourceLocation> messageSources;
+
+ @Test
+ public void checkMessageSources() {
+ Assert.assertNotNull("No messageSource", messageSources);
+ Assert.assertFalse("No message source", messageSources.isEmpty());
+
+ boolean found = false;
+
+ for (final IMessageSourceLocation messageSource : messageSources) {
+ found = found ? found : messageSource instanceof EidasProxyMessageSource;
+
+ Assert.assertNotNull("No sourcePath", messageSource.getMessageSourceLocation());
+ for (final String el : messageSource.getMessageSourceLocation()) {
+ final Resource messages = loader.getResource(el + ".properties");
+ Assert.assertTrue("Source not exist", messages.exists());
+
+ }
+ }
+
+ Assert.assertTrue("Internal messagesource not found", found);
+
+ }
+}
diff --git a/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/MsProxyServiceSpringResourceProviderTest.java b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/MsProxyServiceSpringResourceProviderTest.java
new file mode 100644
index 00000000..8c6da366
--- /dev/null
+++ b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/MsProxyServiceSpringResourceProviderTest.java
@@ -0,0 +1,56 @@
+package at.asitplus.eidas.specific.modules.auth.idaustria.test;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+import org.apache.commons.io.IOUtils;
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.BlockJUnit4ClassRunner;
+import org.springframework.core.io.Resource;
+
+import at.asitplus.eidas.specific.modules.msproxyservice.MsProxyServiceSpringResourceProvider;
+import at.gv.egiz.eaaf.core.test.TestConstants;
+
+
+
+@RunWith(BlockJUnit4ClassRunner.class)
+public class MsProxyServiceSpringResourceProviderTest {
+
+ @Test
+ public void testSpringConfig() {
+ final MsProxyServiceSpringResourceProvider test =
+ new MsProxyServiceSpringResourceProvider();
+ for (final Resource el : test.getResourcesToLoad()) {
+ try {
+ IOUtils.toByteArray(el.getInputStream());
+
+ } catch (final IOException e) {
+ Assert.fail("Ressouce: " + el.getFilename() + " not found");
+ }
+
+ }
+
+ Assert.assertNotNull("no Name", test.getName());
+ Assert.assertNull("Find package definitions", test.getPackagesToScan());
+
+ }
+
+ @Test
+ public void testSpILoaderConfig() {
+ final InputStream el = this.getClass().getResourceAsStream(TestConstants.TEST_SPI_LOADER_PATH);
+ try {
+ final String spiFile = IOUtils.toString(el, "UTF-8");
+
+ Assert.assertEquals("Wrong classpath in SPI file",
+ MsProxyServiceSpringResourceProvider.class.getName(), spiFile);
+
+
+ } catch (final IOException e) {
+ Assert.fail("Ressouce: " + TestConstants.TEST_SPI_LOADER_PATH + " not found");
+
+ }
+ }
+
+}
diff --git a/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/EidasProxyServiceControllerTest.java b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/EidasProxyServiceControllerTest.java
new file mode 100644
index 00000000..2b652f79
--- /dev/null
+++ b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/EidasProxyServiceControllerTest.java
@@ -0,0 +1,663 @@
+package at.asitplus.eidas.specific.modules.auth.idaustria.test.protocol;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertThrows;
+import static org.junit.Assert.assertTrue;
+
+import java.io.IOException;
+import java.net.URISyntaxException;
+import java.net.URLDecoder;
+import java.text.MessageFormat;
+import java.util.Arrays;
+import java.util.List;
+import java.util.UUID;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.opensaml.saml.saml2.core.NameIDType;
+import org.opensaml.saml.saml2.core.StatusCode;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+import org.springframework.web.servlet.config.annotation.EnableWebMvc;
+
+import com.google.common.collect.ImmutableSortedSet;
+
+import at.asitplus.eidas.specific.core.config.ServiceProviderConfiguration;
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants;
+import at.asitplus.eidas.specific.modules.core.eidas.service.EidasAttributeRegistry;
+import at.asitplus.eidas.specific.modules.core.eidas.test.dummy.DummySpecificCommunicationService;
+import at.asitplus.eidas.specific.modules.msproxyservice.MsProxyServiceConstants;
+import at.asitplus.eidas.specific.modules.msproxyservice.exception.EidasProxyServiceException;
+import at.asitplus.eidas.specific.modules.msproxyservice.protocol.EidasProxyServiceController;
+import at.asitplus.eidas.specific.modules.msproxyservice.protocol.ProxyServicePendingRequest;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions.SpMandateModes;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyProtocolAuthService;
+import eu.eidas.auth.commons.EidasParameterKeys;
+import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
+import eu.eidas.auth.commons.light.ILightResponse;
+import eu.eidas.auth.commons.light.impl.LightRequest;
+import eu.eidas.specificcommunication.SpecificCommunicationDefinitionBeanNames;
+import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
+import eu.eidas.specificcommunication.protocol.SpecificCommunicationService;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+ "/spring/SpringTest-context_basic_test.xml",
+ "/spring/SpringTest-context_basic_mapConfig.xml",
+ })
+@EnableWebMvc
+public class EidasProxyServiceControllerTest {
+
+ @Autowired private EidasProxyServiceController controller;
+
+ @Autowired private DummySpecificCommunicationService proxyService;
+ @Autowired private DummyProtocolAuthService authService;
+ @Autowired private EidasAttributeRegistry attrRegistry;
+ @Autowired private ApplicationContext context;
+
+ @Autowired MsConnectorDummyConfigMap config;
+
+ private MockHttpServletRequest httpReq;
+ private MockHttpServletResponse httpResp;
+
+ private SpecificCommunicationService springManagedSpecificConnectorCommunicationService;
+
+ /**
+ * jUnit test set-up.
+ */
+ @Before
+ public void setUp() throws EaafStorageException, URISyntaxException {
+ httpReq = new MockHttpServletRequest("POST", "http://localhost/ms_connector/eidas/light/idp/redirect");
+ httpResp = new MockHttpServletResponse();
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+ proxyService.setiLightRequest(null);
+ proxyService.setError(null);
+
+ config.putConfigValue("eidas.ms.auth.eIDAS.node_v2.proxy.forward.endpoint",
+ "http://eidas.proxy/endpoint");
+
+ springManagedSpecificConnectorCommunicationService =
+ (SpecificCommunicationService) context.getBean(
+ SpecificCommunicationDefinitionBeanNames.SPECIFIC_PROXYSERVICE_COMMUNICATION_SERVICE
+ .toString());
+
+ }
+
+ @Test
+ public void generateErrorResponseWrongPendingReq() throws Throwable {
+ Assert.assertFalse("wrong statusCode", controller.generateErrorMessage(
+ new EaafException("1000"),
+ httpReq, httpResp, null));
+
+ }
+
+ @Test
+ public void generateErrorResponse() throws Throwable {
+ ProxyServicePendingRequest pendingReq = new ProxyServicePendingRequest();
+ pendingReq.initialize(httpReq, config);
+
+ LightRequest.Builder eidasRequestBuilder = LightRequest.builder()
+ .id(UUID.randomUUID().toString())
+ .issuer(RandomStringUtils.randomAlphabetic(10))
+ .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+ .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+ .spCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+ .spType("public")
+ .requesterId(RandomStringUtils.randomAlphanumeric(10))
+ .providerName(RandomStringUtils.randomAlphanumeric(10));
+ pendingReq.setEidasRequest(eidasRequestBuilder.build());
+
+
+ // execute test
+ Assert.assertTrue("wrong statusCode", controller.generateErrorMessage(
+ new EaafException("1000"),
+ httpReq, httpResp,
+ pendingReq));
+
+ // validate state
+ assertNotNull("not redirct Header", httpResp.getHeader("Location"));
+ assertTrue("wrong redirect URL", httpResp.getHeader("Location").startsWith("http://eidas.proxy/endpoint?token="));
+ String token = httpResp.getHeader("Location").substring("http://eidas.proxy/endpoint?token=".length());
+
+ ILightResponse resp = springManagedSpecificConnectorCommunicationService.getAndRemoveResponse(URLDecoder.decode(token, "UTF-8"),
+ ImmutableSortedSet.copyOf(attrRegistry.getCoreAttributeRegistry().getAttributes()));
+
+ assertNotNull("responseId", resp.getId());
+ assertEquals("inResponseTo", pendingReq.getEidasRequest().getId(), resp.getInResponseToId());
+ assertEquals("relayState", pendingReq.getEidasRequest().getRelayState(), resp.getRelayState());
+
+ assertNotNull("subjectNameId", resp.getSubject());
+ assertEquals("subjectNameIdFormat", NameIDType.TRANSIENT, resp.getSubjectNameIdFormat());
+ assertTrue("not attributes", resp.getAttributes().isEmpty());
+
+ assertEquals("StatusCode", StatusCode.RESPONDER, resp.getStatus().getStatusCode());
+ //assertEquals("SubStatusCode", "", resp.getStatus().getSubStatusCode());
+ //assertEquals("StatusMsg", "", resp.getStatus().getStatusMessage());
+
+ }
+
+ @Test
+ public void missingEidasToken() {
+ EidasProxyServiceException exception = assertThrows(EidasProxyServiceException.class,
+ () -> controller.receiveEidasAuthnRequest(httpReq, httpResp));
+ Assert.assertEquals("wrong errorCode", "eidas.proxyservice.02", exception.getErrorId());
+
+ }
+
+ @Test
+ public void wrongEidasTokenWithNullpointerException() {
+ //initialize state
+ httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));
+
+ //validate state
+ EidasProxyServiceException exception = assertThrows(EidasProxyServiceException.class,
+ () -> controller.receiveEidasAuthnRequest(httpReq, httpResp));
+ Assert.assertEquals("wrong errorCode", "eidas.proxyservice.11", exception.getErrorId());
+
+ }
+
+ @Test
+ public void wrongEidasTokenCacheCommunicationError() {
+ //initialize state
+ httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));
+ proxyService.setError(new SpecificCommunicationException(RandomStringUtils.randomAlphanumeric(10)));
+
+ //validate state
+ EidasProxyServiceException exception = assertThrows(EidasProxyServiceException.class,
+ () -> controller.receiveEidasAuthnRequest(httpReq, httpResp));
+ Assert.assertEquals("wrong errorCode", "eidas.proxyservice.03", exception.getErrorId());
+ Assert.assertTrue("Wrong exception", (exception.getCause() instanceof SpecificCommunicationException));
+
+ }
+
+ @Test
+ public void missingServiceProviderCountry() {
+ //initialize state
+ httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));
+ LightRequest.Builder authnReqBuilder = LightRequest.builder()
+ .id(UUID.randomUUID().toString())
+ .issuer(RandomStringUtils.randomAlphabetic(10))
+ .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+ .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH);
+
+ proxyService.setiLightRequest(authnReqBuilder.build());
+
+ //validate state
+ EidasProxyServiceException exception = assertThrows(EidasProxyServiceException.class,
+ () -> controller.receiveEidasAuthnRequest(httpReq, httpResp));
+ Assert.assertEquals("wrong errorCode", "eidas.proxyservice.07", exception.getErrorId());
+
+ }
+
+ @Test
+ public void requestingLegalAndNaturalPerson() {
+ //initialize state
+ httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));
+ LightRequest.Builder authnReqBuilder = LightRequest.builder()
+ .id(UUID.randomUUID().toString())
+ .issuer(RandomStringUtils.randomAlphabetic(10))
+ .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+ .spCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+ .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+ .requestedAttributes(ImmutableAttributeMap.builder()
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first())
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first())
+ .build());
+
+ proxyService.setiLightRequest(authnReqBuilder.build());
+
+ //validate state
+ EidasProxyServiceException exception = assertThrows(EidasProxyServiceException.class,
+ () -> controller.receiveEidasAuthnRequest(httpReq, httpResp));
+ Assert.assertEquals("wrong errorCode", "eidas.proxyservice.08", exception.getErrorId());
+
+ }
+
+ @Test
+ public void requestLegalPersonButNoMandates() throws IOException, EaafException {
+ //initialize state
+ httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));
+ String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+ LightRequest.Builder authnReqBuilder = LightRequest.builder()
+ .id(UUID.randomUUID().toString())
+ .issuer(RandomStringUtils.randomAlphabetic(10))
+ .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+ .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+ .spCountryCode(spCountryCode)
+ .spType("public")
+ .requestedAttributes(ImmutableAttributeMap.builder()
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()).build());
+
+ proxyService.setiLightRequest(authnReqBuilder.build());
+
+ config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "false");
+ config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL,
+ StringUtils.join(Arrays.asList(
+ RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
+
+ //validate state
+ EidasProxyServiceException exception = assertThrows(EidasProxyServiceException.class,
+ () -> controller.receiveEidasAuthnRequest(httpReq, httpResp));
+ Assert.assertEquals("wrong errorCode", "eidas.proxyservice.09", exception.getErrorId());
+
+ }
+
+ @Test
+ public void validAuthnRequest() throws IOException, EaafException {
+ //initialize state
+ httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));
+ String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+ LightRequest.Builder authnReqBuilder = LightRequest.builder()
+ .id(UUID.randomUUID().toString())
+ .issuer(RandomStringUtils.randomAlphabetic(10))
+ .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+ .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+ .spCountryCode(spCountryCode)
+ .spType("public")
+ .requestedAttributes(ImmutableAttributeMap.builder()
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first()).build());
+
+ proxyService.setiLightRequest(authnReqBuilder.build());
+
+
+ config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "false");
+ config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL,
+ StringUtils.join(Arrays.asList(
+ RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
+
+
+ //execute
+ controller.receiveEidasAuthnRequest(httpReq, httpResp);
+
+ //validate state
+ Assert.assertNotNull("pendingRequest", authService.getPendingReq());
+ Assert.assertTrue("wrong pendingRequest", authService.getPendingReq() instanceof ProxyServicePendingRequest);
+ ProxyServicePendingRequest pendingReq = (ProxyServicePendingRequest) authService.getPendingReq();
+ Assert.assertNotNull("missing uniqueSpId", pendingReq.getSpEntityId());
+ Assert.assertNotNull("missing eidasReq", pendingReq.getEidasRequest());
+
+ Assert.assertFalse("isPassive", pendingReq.isPassiv());
+ Assert.assertTrue("isPassive", pendingReq.forceAuth());
+ Assert.assertFalse("isPassive", pendingReq.isAuthenticated());
+ Assert.assertFalse("isPassive", pendingReq.isAbortedByUser());
+ Assert.assertTrue("isPassive", pendingReq.isNeedAuthentication());
+
+ Assert.assertNotNull("missing spConfig", pendingReq.getServiceProviderConfiguration());
+ ServiceProviderConfiguration spConfig =
+ pendingReq.getServiceProviderConfiguration(ServiceProviderConfiguration.class);
+ Assert.assertNotNull("uniqueId", spConfig.getUniqueIdentifier());
+ Assert.assertEquals("uniqueId wrong pattern",
+ authnReqBuilder.build().getIssuer(),
+ spConfig.getUniqueIdentifier());
+ Assert.assertEquals("friendlyName wrong pattern",
+ MessageFormat.format(MsProxyServiceConstants.TEMPLATE_SP_UNIQUE_ID, spCountryCode, "public"),
+ spConfig.getFriendlyName());
+
+ Assert.assertEquals("uniqueId not match to pendingReq",
+ pendingReq.getSpEntityId(), spConfig.getUniqueIdentifier());
+ Assert.assertNotNull("bpkTarget", spConfig.getAreaSpecificTargetIdentifier());
+ Assert.assertEquals("wrong bPK Target",
+ EaafConstants.URN_PREFIX_EIDAS + "AT+" + spCountryCode,
+ spConfig.getAreaSpecificTargetIdentifier());
+
+ assertNotNull("mandateprofiles", spConfig.getMandateProfiles());
+ assertTrue("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty());
+ assertEquals("MandateMode", SpMandateModes.NONE, spConfig.getMandateMode());
+
+ }
+
+ @Test
+ public void validAuthnRequestWithMandatesDefaultProfilesNat() throws IOException, EaafException {
+ //initialize state
+ httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));
+ String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+ LightRequest.Builder authnReqBuilder = LightRequest.builder()
+ .id(UUID.randomUUID().toString())
+ .issuer(RandomStringUtils.randomAlphabetic(10))
+ .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+ .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+ .spCountryCode(spCountryCode)
+ .spType("public")
+ .requestedAttributes(ImmutableAttributeMap.builder()
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first()).build());
+
+
+ proxyService.setiLightRequest(authnReqBuilder.build());
+
+ List<String> mandateProfilesNat =
+ Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
+ List<String> mandateProfilesJur =
+ Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
+ config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true");
+ config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL,
+ StringUtils.join(mandateProfilesNat, ","));
+ config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL,
+ StringUtils.join(mandateProfilesJur, ","));
+
+ //execute
+ controller.receiveEidasAuthnRequest(httpReq, httpResp);
+
+ //validate state
+ ServiceProviderConfiguration spConfig =
+ authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class);
+ assertNotNull("mandateprofiles", spConfig.getMandateProfiles());
+ assertFalse("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty());
+ assertEquals("mandateprofile size", mandateProfilesNat.size(), spConfig.getMandateProfiles().size());
+ spConfig.getMandateProfiles().stream()
+ .forEach(el -> assertTrue("missing mandateProfile: " + el, mandateProfilesNat.contains(el)));
+ assertEquals("MandateMode", SpMandateModes.NATURAL, spConfig.getMandateMode());
+
+ }
+
+ @Test
+ public void validAuthnRequestWithMandatesDefaultProfilesJur() throws IOException, EaafException {
+ //initialize state
+ httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));
+ String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+ LightRequest.Builder authnReqBuilder = LightRequest.builder()
+ .id(UUID.randomUUID().toString())
+ .issuer(RandomStringUtils.randomAlphabetic(10))
+ .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+ .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+ .spCountryCode(spCountryCode)
+ .spType("public")
+ .requestedAttributes(ImmutableAttributeMap.builder()
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()).build());
+
+
+ proxyService.setiLightRequest(authnReqBuilder.build());
+
+ List<String> mandateProfilesNat =
+ Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
+ List<String> mandateProfilesJur =
+ Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
+ config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true");
+ config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL,
+ StringUtils.join(mandateProfilesNat, ","));
+ config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL,
+ StringUtils.join(mandateProfilesJur, ","));
+
+ //execute
+ controller.receiveEidasAuthnRequest(httpReq, httpResp);
+
+ //validate state
+ ServiceProviderConfiguration spConfig =
+ authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class);
+ assertNotNull("mandateprofiles", spConfig.getMandateProfiles());
+ assertFalse("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty());
+ assertEquals("mandateprofile size", mandateProfilesJur.size(), spConfig.getMandateProfiles().size());
+ spConfig.getMandateProfiles().stream()
+ .forEach(el -> assertTrue("missing mandateProfile: " + el, mandateProfilesJur.contains(el)));
+ assertEquals("MandateMode", SpMandateModes.LEGAL_FORCE, spConfig.getMandateMode());
+
+ }
+
+ @Test
+ public void validAuthnRequestWithMandatesDefaultNoJurProfiles() throws IOException, EaafException {
+ //initialize state
+ httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));
+ String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+ LightRequest.Builder authnReqBuilder = LightRequest.builder()
+ .id(UUID.randomUUID().toString())
+ .issuer(RandomStringUtils.randomAlphabetic(10))
+ .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+ .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+ .spCountryCode(spCountryCode)
+ .spType("public")
+ .requestedAttributes(ImmutableAttributeMap.builder()
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()).build());
+
+
+ proxyService.setiLightRequest(authnReqBuilder.build());
+
+ List<String> mandateProfilesNat =
+ Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
+ config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true");
+ config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL,
+ StringUtils.join(mandateProfilesNat, ","));
+ config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL, "");
+
+ //validate state
+ EidasProxyServiceException exception = assertThrows(EidasProxyServiceException.class,
+ () -> controller.receiveEidasAuthnRequest(httpReq, httpResp));
+ Assert.assertEquals("wrong errorCode", "eidas.proxyservice.10", exception.getErrorId());
+
+ }
+
+ @Test
+ public void validAuthnRequestWithMandatesDefaultNoNatProfiles() throws IOException, EaafException {
+ //initialize state
+ httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));
+ String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+ LightRequest.Builder authnReqBuilder = LightRequest.builder()
+ .id(UUID.randomUUID().toString())
+ .issuer(RandomStringUtils.randomAlphabetic(10))
+ .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+ .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+ .spCountryCode(spCountryCode)
+ .spType("public")
+ .requestedAttributes(ImmutableAttributeMap.builder()
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first()).build());
+
+
+ proxyService.setiLightRequest(authnReqBuilder.build());
+
+ config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true");
+ config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, "");
+ config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL, "");
+
+ //execute
+ controller.receiveEidasAuthnRequest(httpReq, httpResp);
+
+ //validate state
+ ServiceProviderConfiguration spConfig =
+ authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class);
+ assertNotNull("mandateprofiles", spConfig.getMandateProfiles());
+ assertTrue("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty());
+ assertEquals("MandateMode", SpMandateModes.NONE, spConfig.getMandateMode());
+
+ }
+
+ @Test
+ public void validAuthnRequestIssueSpecificNoMandates() throws IOException, EaafException {
+ //initialize state
+ httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));
+
+ String issuer = RandomStringUtils.randomAlphabetic(10);
+ LightRequest.Builder authnReqBuilder = LightRequest.builder()
+ .id(UUID.randomUUID().toString())
+ .issuer(issuer)
+ .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+ .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+ .spCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+ .spType("public")
+ .requestedAttributes(ImmutableAttributeMap.builder()
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first()).build());
+
+ proxyService.setiLightRequest(authnReqBuilder.build());
+
+
+ // set default mandate configuration
+ config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true");
+ config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL,
+ StringUtils.join(Arrays.asList(
+ RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
+ config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL,
+ StringUtils.join(Arrays.asList(
+ RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
+
+ // set specific mandate configuration
+ String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+ addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_UNIQUEID, issuer);
+ addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_COUNTRYCODE, spCountryCode);
+ addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_ENABLED, "false");
+
+ List<String> mandateProfiles =
+ Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
+ addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_NATURAL,
+ StringUtils.join(mandateProfiles, ","));
+ addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_LEGAL,
+ StringUtils.join(Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
+
+ //execute
+ controller.receiveEidasAuthnRequest(httpReq, httpResp);
+
+ //validate state
+ ServiceProviderConfiguration spConfig =
+ authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class);
+ assertNotNull("mandateprofiles", spConfig.getMandateProfiles());
+ assertTrue("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty());
+ assertEquals("MandateMode", SpMandateModes.NONE, spConfig.getMandateMode());
+
+ }
+
+ @Test
+ public void validAuthnRequestIssueSpecificMandatesNat() throws IOException, EaafException {
+ //initialize state
+ httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));
+
+ String issuer = "https://apps.egiz.gv.at/EidasNode//ConnectorMetadata";
+ LightRequest.Builder authnReqBuilder = LightRequest.builder()
+ .id(UUID.randomUUID().toString())
+ .issuer(issuer)
+ .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+ .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+ .spCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+ .spType("public")
+ .requestedAttributes(ImmutableAttributeMap.builder()
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first()).build());
+
+ proxyService.setiLightRequest(authnReqBuilder.build());
+
+
+ // set default mandate configuration
+ config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "false");
+ config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL,
+ StringUtils.join(Arrays.asList(
+ RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
+ config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL,
+ StringUtils.join(Arrays.asList(
+ RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
+
+ // set specific mandate configuration
+ String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+ addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_UNIQUEID, issuer);
+ addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_COUNTRYCODE, spCountryCode);
+ addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_ENABLED, "true");
+
+ List<String> mandateProfiles =
+ Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
+ addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_NATURAL,
+ StringUtils.join(mandateProfiles, ","));
+ addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_LEGAL,
+ StringUtils.join(Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
+
+ //execute
+ controller.receiveEidasAuthnRequest(httpReq, httpResp);
+
+ //validate state
+ ServiceProviderConfiguration spConfig =
+ authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class);
+ assertNotNull("mandateprofiles", spConfig.getMandateProfiles());
+ assertFalse("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty());
+ assertEquals("mandateprofile size", mandateProfiles.size(), spConfig.getMandateProfiles().size());
+ spConfig.getMandateProfiles().stream()
+ .forEach(el -> assertTrue("missing mandateProfile: " + el, mandateProfiles.contains(el)));
+ assertEquals("MandateMode", SpMandateModes.NATURAL, spConfig.getMandateMode());
+
+ }
+
+ @Test
+ public void validAuthnRequestIssueSpecificMandatesJur() throws IOException, EaafException {
+ //initialize state
+ httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));
+
+ String issuer = RandomStringUtils.randomAlphabetic(10);
+ LightRequest.Builder authnReqBuilder = LightRequest.builder()
+ .id(UUID.randomUUID().toString())
+ .issuer(issuer)
+ .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+ .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+ .spCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+ .spType("public")
+ .requestedAttributes(ImmutableAttributeMap.builder()
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()).build());
+
+ proxyService.setiLightRequest(authnReqBuilder.build());
+
+
+ // set default mandate configuration
+ config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true");
+ config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL,
+ StringUtils.join(Arrays.asList(
+ RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
+ config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL,
+ StringUtils.join(Arrays.asList(
+ RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
+
+ // set specific mandate configuration
+ String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+ addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_UNIQUEID, issuer);
+ addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_COUNTRYCODE, spCountryCode);
+ addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_ENABLED, "true");
+
+ List<String> mandateProfiles =
+ Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
+ addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_LEGAL,
+ StringUtils.join(mandateProfiles, ","));
+ addConnectorConfig(0, MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_NATURAL,
+ StringUtils.join(Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
+
+ //execute
+ controller.receiveEidasAuthnRequest(httpReq, httpResp);
+
+ //validate state
+ ServiceProviderConfiguration spConfig =
+ authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class);
+ assertNotNull("mandateprofiles", spConfig.getMandateProfiles());
+ assertFalse("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty());
+ assertEquals("mandateprofile size", mandateProfiles.size(), spConfig.getMandateProfiles().size());
+ spConfig.getMandateProfiles().stream()
+ .forEach(el -> assertTrue("missing mandateProfile: " + el, mandateProfiles.contains(el)));
+ assertEquals("MandateMode", SpMandateModes.LEGAL_FORCE, spConfig.getMandateMode());
+
+ }
+
+ private void addConnectorConfig(int i, String key, String value) {
+ config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_PREFIX + String.valueOf(i) + "." + key,
+ value);
+
+ }
+
+}
+
+
diff --git a/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/ProxyServiceAuthenticationActionTest.java b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/ProxyServiceAuthenticationActionTest.java
new file mode 100644
index 00000000..97b5bc03
--- /dev/null
+++ b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/ProxyServiceAuthenticationActionTest.java
@@ -0,0 +1,635 @@
+package at.asitplus.eidas.specific.modules.auth.idaustria.test.protocol;
+
+import static at.asitplus.eidas.specific.core.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertThrows;
+import static org.junit.Assert.assertTrue;
+
+import java.net.URISyntaxException;
+import java.net.URLDecoder;
+import java.time.Instant;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.UUID;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.joda.time.DateTime;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.opensaml.saml.saml2.core.NameIDType;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import com.google.common.collect.ImmutableSortedSet;
+
+import at.asitplus.eidas.specific.core.MsEidasNodeConstants;
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummySpConfiguration;
+import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants;
+import at.asitplus.eidas.specific.modules.core.eidas.service.EidasAttributeRegistry;
+import at.asitplus.eidas.specific.modules.msproxyservice.protocol.ProxyServiceAuthenticationAction;
+import at.asitplus.eidas.specific.modules.msproxyservice.protocol.ProxyServicePendingRequest;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
+import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions.EidIdentityStatusLevelValues;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IEidAuthData;
+import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
+import at.gv.egiz.eaaf.core.api.idp.slo.SloInformationInterface;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
+import eu.eidas.auth.commons.light.ILightResponse;
+import eu.eidas.auth.commons.light.impl.LightRequest;
+import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
+import eu.eidas.specificcommunication.SpecificCommunicationDefinitionBeanNames;
+import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
+import eu.eidas.specificcommunication.protocol.SpecificCommunicationService;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+ "/spring/SpringTest-context_basic_test.xml",
+ "/spring/SpringTest-context_basic_mapConfig.xml",
+ })
+public class ProxyServiceAuthenticationActionTest {
+
+ @Autowired private MsConnectorDummyConfigMap basicConfig;
+ @Autowired private ProxyServiceAuthenticationAction action;
+ @Autowired private ApplicationContext context;
+ @Autowired EidasAttributeRegistry attrRegistry;
+
+ private MockHttpServletRequest httpReq;
+ private MockHttpServletResponse httpResp;
+ private ProxyServicePendingRequest pendingReq;
+ private MsConnectorDummySpConfiguration oaParam;
+ private SpecificCommunicationService springManagedSpecificConnectorCommunicationService;
+
+
+ /**
+ * jUnit test set-up.
+ * @throws EaafException In case of an error
+ */
+ @Before
+ public void setUp() throws URISyntaxException, EaafException {
+ httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+ httpResp = new MockHttpServletResponse();
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+ basicConfig.putConfigValue("eidas.ms.auth.eIDAS.node_v2.proxy.forward.endpoint",
+ "http://eidas.proxy/endpoint");
+ basicConfig.putConfigValue("auth.eIDAS.proxy.workaround.mandates.legalperson",
+ "false");
+
+ final Map<String, String> spConfig = new HashMap<>();
+ spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
+ spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
+ spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "true");
+ oaParam = new MsConnectorDummySpConfiguration(spConfig, basicConfig);
+ oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH));
+
+ pendingReq = new ProxyServicePendingRequest();
+ pendingReq.initialize(httpReq, basicConfig);
+ pendingReq.setOnlineApplicationConfiguration(oaParam);
+
+ LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest();
+ pendingReq.setEidasRequest(eidasRequestBuilder.build());
+
+
+ springManagedSpecificConnectorCommunicationService =
+ (SpecificCommunicationService) context.getBean(
+ SpecificCommunicationDefinitionBeanNames.SPECIFIC_PROXYSERVICE_COMMUNICATION_SERVICE
+ .toString());
+
+ }
+
+ @Test
+ public void wrongPendingRequestType() {
+ IAuthData authData = generateDummyAuthData();
+ TestRequestImpl internalPendingReq = new TestRequestImpl();
+
+ EaafException exception = assertThrows(EaafException.class,
+ () -> action.processRequest(internalPendingReq, httpReq, httpResp, authData));
+ Assert.assertEquals("wrong errorCode", "eidas.proxyservice.99", exception.getErrorId());
+
+ }
+
+ @Test
+ public void missingForwardUrl() {
+ Map<String, Object> attr = new HashMap<>();
+ attr.put(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER,
+ "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));
+ IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
+ RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", false);
+ basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.proxy.forward.endpoint");
+
+ EaafException exception = assertThrows(EaafException.class,
+ () -> action.processRequest(pendingReq, httpReq, httpResp, authData));
+ Assert.assertEquals("wrong errorCode", "config.08", exception.getErrorId());
+
+ }
+
+ @Test
+ public void responseWithoutMandate() throws EaafException, SpecificCommunicationException {
+ Map<String, Object> attr = new HashMap<>();
+ attr.put(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER,
+ "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));
+ IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
+ RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", false);
+
+ //perform test
+ SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData);
+
+ //validate state
+ Assert.assertNotNull("Result should be not null", result);
+
+ ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData);
+ assertEquals("wrong attr. size", 4, respAttr.size());
+ checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER,
+ (String) attr.get(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER));
+ checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME, authData.getFamilyName());
+ checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME, authData.getGivenName());
+ checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_DATEOFBIRTH,
+ authData.getDateOfBirth());
+
+ }
+
+ @Test
+ public void responseWithNatMandate() throws EaafException, SpecificCommunicationException {
+ Map<String, Object> attr = new HashMap<>();
+ attr.put(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER,
+ "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));
+
+ attr.put(MsEidasNodeConstants.ATTR_EIDAS_NAT_MANDATOR_PERSONAL_IDENTIFIER,
+ RandomStringUtils.randomAlphabetic(10));
+ attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME,
+ RandomStringUtils.randomAlphabetic(10));
+ attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME,
+ RandomStringUtils.randomAlphabetic(10));
+ attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME,
+ "1985-11-15");
+
+
+ IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
+ RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
+
+ //perform test
+ SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData);
+
+ //validate state
+ Assert.assertNotNull("Result should be not null", result);
+
+ ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData);
+ assertEquals("wrong attr. size", 8, respAttr.size());
+ checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_PERSONALIDENTIFIER,
+ (String) attr.get(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER));
+ checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_CURRENTFAMILYNAME, authData.getFamilyName());
+ checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_CURRENTGIVENNAME, authData.getGivenName());
+ checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_DATEOFBIRTH, authData.getDateOfBirth());
+
+ checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER,
+ (String) attr.get(MsEidasNodeConstants.ATTR_EIDAS_NAT_MANDATOR_PERSONAL_IDENTIFIER));
+ checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME,
+ (String) attr.get(PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME));
+ checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME,
+ (String) attr.get(PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME));
+ checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_DATEOFBIRTH,
+ (String) attr.get(PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME));
+
+ }
+
+ @Test
+ public void responseWithJurMandate() throws EaafException, SpecificCommunicationException {
+ Map<String, Object> attr = new HashMap<>();
+ attr.put(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER,
+ "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));
+ IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
+ RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
+
+ attr.put(MsEidasNodeConstants.ATTR_EIDAS_JUR_MANDATOR_PERSONAL_IDENTIFIER,
+ RandomStringUtils.randomAlphabetic(10));
+ attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME,
+ RandomStringUtils.randomAlphabetic(10));
+
+ //perform test
+ SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData);
+
+ //validate state
+ Assert.assertNotNull("Result should be not null", result);
+
+ ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData);
+ assertEquals("wrong attr. size", 6, respAttr.size());
+ checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_PERSONALIDENTIFIER,
+ (String) attr.get(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER));
+ checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_CURRENTFAMILYNAME, authData.getFamilyName());
+ checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_CURRENTGIVENNAME, authData.getGivenName());
+ checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_DATEOFBIRTH, authData.getDateOfBirth());
+
+ checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER,
+ (String) attr.get(MsEidasNodeConstants.ATTR_EIDAS_JUR_MANDATOR_PERSONAL_IDENTIFIER));
+ checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_LEGALNAME,
+ (String) attr.get(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME));
+
+ assertNull("find nat. person subject: personalId",
+ getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER));
+ assertNull("find nat. person subject: familyName",
+ getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME));
+ assertNull("find nat. person subject: givenName",
+ getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME));
+ assertNull("find nat. person subject: dateOfBirth",
+ getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_DATEOFBIRTH));
+
+ }
+
+ @Test
+ public void responseWithNatMandateWithWorkAround() throws EaafException, SpecificCommunicationException {
+ basicConfig.putConfigValue("auth.eIDAS.proxy.workaround.mandates.legalperson",
+ "true");
+
+ //request natural person subject only
+ LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest();
+ eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder().put(
+ attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first()).build());
+ pendingReq.setEidasRequest(eidasRequestBuilder.build());
+
+
+ Map<String, Object> attr = new HashMap<>();
+ attr.put(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER,
+ "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));
+
+ attr.put(MsEidasNodeConstants.ATTR_EIDAS_NAT_MANDATOR_PERSONAL_IDENTIFIER,
+ RandomStringUtils.randomAlphabetic(10));
+ attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME,
+ RandomStringUtils.randomAlphabetic(10));
+ attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME,
+ RandomStringUtils.randomAlphabetic(10));
+ attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME,
+ "1985-11-15");
+
+
+ IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
+ RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
+
+ //perform test
+ SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData);
+
+ //validate state
+ Assert.assertNotNull("Result should be not null", result);
+
+ ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData);
+ assertEquals("wrong attr. size", 8, respAttr.size());
+
+ }
+
+ @Test
+ public void responseWithJurMandateWithWorkAround() throws EaafException, SpecificCommunicationException {
+ basicConfig.putConfigValue("auth.eIDAS.proxy.workaround.mandates.legalperson",
+ "true");
+
+ //request natural person subject only
+ LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest();
+ eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder()
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first())
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first())
+ .build());
+ pendingReq.setEidasRequest(eidasRequestBuilder.build());
+
+ Map<String, Object> attr = new HashMap<>();
+ attr.put(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER,
+ "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));
+ IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
+ RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
+
+ attr.put(MsEidasNodeConstants.ATTR_EIDAS_JUR_MANDATOR_PERSONAL_IDENTIFIER,
+ RandomStringUtils.randomAlphabetic(10));
+ attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME,
+ RandomStringUtils.randomAlphabetic(10));
+
+ //perform test
+ SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData);
+
+ //validate state
+ Assert.assertNotNull("Result should be not null", result);
+
+ ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData);
+ assertEquals("wrong attr. size", 10, respAttr.size());
+ checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER,
+ (String) attr.get(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER));
+ checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME, authData.getFamilyName());
+ checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME, authData.getGivenName());
+ checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_DATEOFBIRTH, authData.getDateOfBirth());
+
+ }
+
+ @Test
+ public void responseWithJurMandateWithWorkAroundNoNatSubject() throws EaafException, SpecificCommunicationException {
+ basicConfig.putConfigValue("auth.eIDAS.proxy.workaround.mandates.legalperson",
+ "true");
+
+ //request natural person subject only
+ LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest();
+ eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder()
+ .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+ EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first())
+ .build());
+ pendingReq.setEidasRequest(eidasRequestBuilder.build());
+
+ Map<String, Object> attr = new HashMap<>();
+ attr.put(MsEidasNodeConstants.ATTR_EIDAS_PERSONAL_IDENTIFIER,
+ "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));
+ IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
+ RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
+
+ attr.put(MsEidasNodeConstants.ATTR_EIDAS_JUR_MANDATOR_PERSONAL_IDENTIFIER,
+ RandomStringUtils.randomAlphabetic(10));
+ attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME,
+ RandomStringUtils.randomAlphabetic(10));
+
+ //perform test
+ SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData);
+
+ //validate state
+ Assert.assertNotNull("Result should be not null", result);
+
+ ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData);
+ assertEquals("wrong attr. size", 6, respAttr.size());
+ assertNull("find nat. person subject: personalId",
+ getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER));
+ assertNull("find nat. person subject: familyName",
+ getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME));
+ assertNull("find nat. person subject: givenName",
+ getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME));
+ assertNull("find nat. person subject: dateOfBirth",
+ getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_DATEOFBIRTH));
+
+ }
+
+ @Test
+ public void checkBasicConstrainsInAction() {
+
+ Assert.assertTrue("Wrong NeedAuthentication", action.needAuthentication(pendingReq, httpReq, httpResp));
+ Assert.assertNotNull("Missing ActionName", action.getDefaultActionName());
+
+ Assert.assertNotNull("missing ActionBean", context.getBean(ProxyServiceAuthenticationAction.class));
+
+ }
+
+ private IAuthData generateDummyAuthData() {
+ return generateDummyAuthData(Collections.emptyMap(), EaafConstants.EIDAS_LOA_LOW,
+ RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1940-01-01", false);
+
+ }
+
+ private Object getAttrValue(ImmutableAttributeMap respAttr, String attrName) {
+ final AttributeDefinition<?> attrDef =
+ attrRegistry.getCoreAttributeRegistry().getByFriendlyName(attrName).first();
+ return respAttr.getFirstValue(attrDef);
+
+ }
+
+ private void checkAttrValue(ImmutableAttributeMap respAttr, String attrName, String expected) {
+ Object value = getAttrValue(respAttr, attrName);
+ assertNotNull("not attr value: " + attrName, value);
+
+ if (value instanceof String) {
+ assertEquals("wrong attr. value: " + attrName, expected, value);
+
+ } else if ( value instanceof DateTime) {
+ assertEquals("wrong attr. value: " + attrName, expected, ((DateTime)value).toString("yyyy-MM-dd"));
+
+ }
+ }
+
+ private ImmutableAttributeMap validateBasicEidasResponse(IAuthData authData) throws SpecificCommunicationException {
+ assertNotNull("not redirct Header", httpResp.getHeader("Location"));
+ assertTrue("wrong redirect URL", httpResp.getHeader("Location").startsWith("http://eidas.proxy/endpoint?token="));
+ String token = httpResp.getHeader("Location").substring("http://eidas.proxy/endpoint?token=".length());
+
+ ILightResponse resp = springManagedSpecificConnectorCommunicationService.getAndRemoveResponse(URLDecoder.decode(token),
+ ImmutableSortedSet.copyOf(attrRegistry.getCoreAttributeRegistry().getAttributes()));
+
+ assertNotNull("responseId", resp.getId());
+ assertEquals("inResponseTo", pendingReq.getEidasRequest().getId(), resp.getInResponseToId());
+ assertEquals("relayState", pendingReq.getEidasRequest().getRelayState(), resp.getRelayState());
+ assertEquals("LoA", authData.getEidasQaaLevel(), resp.getLevelOfAssurance());
+
+ assertNotNull("subjectNameId", resp.getSubject());
+ assertEquals("subjectNameIdFormat", NameIDType.TRANSIENT, resp.getSubjectNameIdFormat());
+
+ assertFalse("not attributes", resp.getAttributes().isEmpty());
+ return resp.getAttributes();
+
+ }
+
+ private Builder generateBasicLightRequest() {
+ return LightRequest.builder()
+ .id(UUID.randomUUID().toString())
+ .issuer(RandomStringUtils.randomAlphabetic(10))
+ .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+ .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+ .spCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+ .spType("public")
+ .requesterId(RandomStringUtils.randomAlphanumeric(10))
+ .providerName(RandomStringUtils.randomAlphanumeric(10));
+
+ }
+
+ private IAuthData generateDummyAuthData(Map<String, Object> attrs, String loa, String familyName, String givenName, String dateOfBirth,
+ boolean useMandates) {
+ return new IEidAuthData() {
+
+ @Override
+ public boolean isSsoSession() {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+ @Override
+ public boolean isForeigner() {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+ @Override
+ public boolean isBaseIdTransferRestrication() {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+ @Override
+ public Instant getSsoSessionValidTo() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getSessionIndex() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getNameIdFormat() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getNameID() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public IIdentityLink getIdentityLink() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getIdentificationValue() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getIdentificationType() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getGivenName() {
+ return givenName;
+ }
+
+ @Override
+ public <T> T getGenericData(String key, Class<T> clazz) {
+ if (attrs.containsKey(key)) {
+ return (T) attrs.get(key);
+
+ } else {
+ return null;
+ }
+
+ }
+
+ @Override
+ public String getDateOfBirth() {
+ return dateOfBirth;
+ }
+
+ @Override
+ public String getFamilyName() {
+ return familyName;
+ }
+
+ @Override
+ public String getEncryptedSourceIdType() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getEncryptedSourceId() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getEidasQaaLevel() {
+ return loa;
+
+ }
+
+
+ @Override
+ public String getCiticenCountryCode() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getBpkType() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getBpk() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getAuthenticationIssuer() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getAuthenticationIssueInstantString() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Instant getAuthenticationIssueInstant() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public byte[] getSignerCertificate() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public byte[] getEidToken() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public EidIdentityStatusLevelValues getEidStatus() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getVdaEndPointUrl() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public boolean isUseMandate() {
+ return useMandates;
+
+ }
+
+ @Override
+ public String getDateOfBirthFormated(String pattern) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+ };
+
+ }
+}
--
cgit v1.2.3