assertNull("executionContext parameter: " + el, executionContext.get(el)));
- // remove pendingRequestId because it's added by default
- executionContext.remove(EaafConstants.PROCESS_ENGINE_PENDINGREQUESTID);
-
+ // remove pendingRequestId and changeLanguage because it's added by default
+ executionContext.remove(EaafConstants.PROCESS_ENGINE_PENDINGREQUESTID);
+ executionContext.remove("changeLanguage");
+
// in case of 'ReceiveOtherLoginMethodGuiResponseTask.ALL_EXECUTIONCONTEXT_PARAMETERS' does not include all parameters
assertTrue("ExecutionContext is not empty", executionContext.keySet().isEmpty());
}
+
+ @Test
+ @SneakyThrows
+ public void jsonResponseInsertErnp() throws TaskExecutionException, UnsupportedEncodingException {
+ String reason = RandomStringUtils.randomAlphabetic(5);
+ executionContext.put(Constants.TRANSITION_TO_REQUESTING_NEW_ERNP_ENTRY_TASK, true);
+ httpReq.addHeader("Accept", "application/json");
+
+ task.execute(pendingReq, executionContext);
+
+ //result validation
+ Assert.assertEquals("httpStausCode", 200, httpResp.getStatus());
+ Assert.assertEquals("http ContentType", "application/json;charset=UTF-8", httpResp.getContentType());
+ final String content = httpResp.getContentAsString();
+ assertNotNull("response body is null", content);
+ Assert.assertFalse("response body is empty", content.isEmpty());
+ final JsonNode json = new JsonMapper().readTree(content);
+ assertNotNull("response body is null", json);
+ assertNull("advancedMatchFailed", json.get(Constants.HTML_FORM_ADVANCED_MATCHING_FAILED));
+ assertNotNull("createNewErnpEntry", json.get(Constants.HTML_FORM_CREATE_NEW_ERNP_ENTRY));
+ assertTrue("createNewErnpEntry", json.get(Constants.HTML_FORM_CREATE_NEW_ERNP_ENTRY).asBoolean());
+
+ assertNull("advancedMatchingFailedReason", json.get(Constants.HTML_FORM_ADVANCED_MATCHING_FAILED_REASON));
+
+ assertNotNull("pendingRequest not stored",
+ storage.getPendingRequest(pendingReq.getPendingRequestId()));
+
+ }
+
@Test
@SneakyThrows
- public void jsonResponse() throws TaskExecutionException, UnsupportedEncodingException {
+ public void jsonResponseMathingFailed() throws TaskExecutionException, UnsupportedEncodingException {
String reason = RandomStringUtils.randomAlphabetic(5);
executionContext.put(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED, true);
executionContext.put(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED_REASON, reason);
@@ -138,11 +169,33 @@ public class GenerateOtherLoginMethodGuiTaskTest {
assertEquals("advancedMatchingFailedReason", reason,
json.get(Constants.HTML_FORM_ADVANCED_MATCHING_FAILED_REASON).asText());
+ assertNotNull("createNewErnpEntry", json.get(Constants.HTML_FORM_CREATE_NEW_ERNP_ENTRY));
+ assertFalse("createNewErnpEntry", json.get(Constants.HTML_FORM_CREATE_NEW_ERNP_ENTRY).asBoolean());
+
assertNotNull("pendingRequest not stored",
storage.getPendingRequest(pendingReq.getPendingRequestId()));
}
+ @Test
+ public void insertErnpRequested() throws TaskExecutionException, UnsupportedEncodingException {
+ executionContext.put(Constants.TRANSITION_TO_REQUESTING_NEW_ERNP_ENTRY_TASK, true);
+
+ task.execute(pendingReq, executionContext);
+
+ Assert.assertEquals("Wrong http StatusCode", 200, httpResp.getStatus());
+ Assert.assertEquals("Wrong http ContentType", "text/html;charset=UTF-8", httpResp.getContentType());
+
+ String html = httpResp.getContentAsString();
+ Assert.assertNotNull("html result is null", html);
+ Assert.assertFalse("html result is empty", html.isEmpty());
+ Assert.assertTrue("No language selector with pendingRequestId",
+ html.contains("/otherLoginMethod?lang=en&pendingid=" + pendingReq.getPendingRequestId()));
+ Assert.assertTrue("Missing eIDAS infos",
+ html.contains(MessageFormat.format(TEST_PATTER_REQ_PARAM, SelectedLoginMethod.ADD_ME_AS_NEW)));
+
+ }
+
@Test
public void advancedMatchingFailedMsg() throws TaskExecutionException, UnsupportedEncodingException {
executionContext.put(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED, true);
@@ -150,7 +203,7 @@ public class GenerateOtherLoginMethodGuiTaskTest {
task.execute(pendingReq, executionContext);
String html = doBasicValidation();
- Assert.assertTrue("Missing eIDAS infos",
+ Assert.assertFalse("Missing eIDAS infos",
html.contains(MessageFormat.format(TEST_PATTER_REQ_PARAM, SelectedLoginMethod.ADD_ME_AS_NEW)));
Assert.assertTrue("missing errorfield",
html.contains("
"));
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAustrianResidenceGuiResponseTaskRegisterTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAustrianResidenceGuiResponseTaskRegisterTest.java
index 649fa48c..8d52baf3 100644
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAustrianResidenceGuiResponseTaskRegisterTest.java
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAustrianResidenceGuiResponseTaskRegisterTest.java
@@ -127,17 +127,17 @@ public class ReceiveAustrianResidenceGuiResponseTaskRegisterTest {
@Test
public void canceledByUser() throws Exception {
- AdresssucheOutput userInput = setupUserInput();
- SimpleEidasData eidasData = setupEidasData();
RegisterStatusResults registerSearchResult = buildEmptyResult();
MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerSearchResult);
httpReq.setParameter(ReceiveAustrianResidenceGuiResponseTask.HTTP_PARAM_NO_RESIDENCE, "true");
task.execute(pendingReq, executionContext);
- assertEquals("Transition To S9", true, executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK));
- assertEquals("matching failed flag", true, executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED));
- assertEquals("failed reason", "module.eidasauth.matching.20", executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED_REASON));
+ assertEquals("Transition To RequestInserErnp", true,
+ executionContext.get(Constants.TRANSITION_TO_REQUESTING_NEW_ERNP_ENTRY_TASK));
+ assertEquals("Transition To AddressSearchForm", false,
+ executionContext.get(Constants.TRANSITION_TO_GENERATE_GUI_QUERY_AUSTRIAN_RESIDENCE_TASK));
+ assertNull("matching failed flag", executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED));
assertNull("no final matching result", MatchingTaskUtils.getFinalMatchingResult(pendingReq));
}
@@ -157,7 +157,9 @@ public class ReceiveAustrianResidenceGuiResponseTaskRegisterTest {
task.execute(pendingReq, executionContext);
// validate state
- assertEquals("Transition To S9", true, executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK));
+ assertEquals("Transition To RequestInserErnp", false, executionContext.get(Constants.TRANSITION_TO_REQUESTING_NEW_ERNP_ENTRY_TASK));
+ assertEquals("Transition To AddressSearchForm", true,
+ executionContext.get(Constants.TRANSITION_TO_GENERATE_GUI_QUERY_AUSTRIAN_RESIDENCE_TASK));
assertEquals("matching failed flag", true, executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED));
assertEquals("failed reason", "module.eidasauth.matching.22", executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED_REASON));
assertNull("no final matching result", MatchingTaskUtils.getFinalMatchingResult(pendingReq));
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAustrianResidenceGuiResponseTaskTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAustrianResidenceGuiResponseTaskTest.java
index ece0f16d..d7c0acc4 100644
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAustrianResidenceGuiResponseTaskTest.java
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAustrianResidenceGuiResponseTaskTest.java
@@ -100,9 +100,11 @@ public class ReceiveAustrianResidenceGuiResponseTaskTest {
task.execute(pendingReq, executionContext);
- assertEquals("Transition To S9", true, executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK));
- assertEquals("matching failed flag", true, executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED));
- assertEquals("failed reason", "module.eidasauth.matching.20", executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED_REASON));
+ assertEquals("Transition To RequestInserErnp", true,
+ executionContext.get(Constants.TRANSITION_TO_REQUESTING_NEW_ERNP_ENTRY_TASK));
+ assertEquals("Transition To AddressSearchForm", false,
+ executionContext.get(Constants.TRANSITION_TO_GENERATE_GUI_QUERY_AUSTRIAN_RESIDENCE_TASK));
+ assertNull("matching failed flag", executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED));
assertNull("no final matching result", MatchingTaskUtils.getFinalMatchingResult(pendingReq));
}
@@ -114,7 +116,9 @@ public class ReceiveAustrianResidenceGuiResponseTaskTest {
task.execute(pendingReq, executionContext);
- assertEquals("Transition To S9", true, executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK));
+ assertEquals("Transition To RequestInserErnp", false, executionContext.get(Constants.TRANSITION_TO_REQUESTING_NEW_ERNP_ENTRY_TASK));
+ assertEquals("Transition To AddressSearchForm", true,
+ executionContext.get(Constants.TRANSITION_TO_GENERATE_GUI_QUERY_AUSTRIAN_RESIDENCE_TASK));
assertEquals("matching failed flag", true, executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED));
assertEquals("failed reason", "module.eidasauth.matching.21", executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED_REASON));
assertNull("no final matching result", MatchingTaskUtils.getFinalMatchingResult(pendingReq));
@@ -131,7 +135,9 @@ public class ReceiveAustrianResidenceGuiResponseTaskTest {
task.execute(pendingReq, executionContext);
- assertEquals("Transition To S9", true, executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK));
+ assertEquals("Transition To RequestInserErnp", false, executionContext.get(Constants.TRANSITION_TO_REQUESTING_NEW_ERNP_ENTRY_TASK));
+ assertEquals("Transition To AddressSearchForm", true,
+ executionContext.get(Constants.TRANSITION_TO_GENERATE_GUI_QUERY_AUSTRIAN_RESIDENCE_TASK));
assertEquals("matching failed flag", true, executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED));
assertEquals("failed reason", "module.eidasauth.matching.22", executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED_REASON));
assertNull("no final matching result", MatchingTaskUtils.getFinalMatchingResult(pendingReq));
@@ -189,7 +195,9 @@ public class ReceiveAustrianResidenceGuiResponseTaskTest {
task.execute(pendingReq, executionContext);
- assertEquals("Transition To S9", true, executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK));
+ assertEquals("Transition To RequestInserErnp", false, executionContext.get(Constants.TRANSITION_TO_REQUESTING_NEW_ERNP_ENTRY_TASK));
+ assertEquals("Transition To AddressSearchForm", true,
+ executionContext.get(Constants.TRANSITION_TO_GENERATE_GUI_QUERY_AUSTRIAN_RESIDENCE_TASK));
assertEquals("matching failed flag", true, executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED));
assertEquals("failed reason", "module.eidasauth.matching.22", executionContext.get(Constants.CONTEXT_FLAG_ADVANCED_MATCHING_FAILED_REASON));
assertNull("no final matching result", MatchingTaskUtils.getFinalMatchingResult(pendingReq));
--
cgit v1.2.3
From 1cfd49dacd0ad5970b5c360d2c903b60244e587b Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Thu, 5 May 2022 18:23:16 +0200
Subject: test(ZMR/ERnP): disable two tests in register integration tests based
on real registers operated by BM.I
---
.../auth/eidas/v2/test/clients/ErnpRestClientProductionTest.java | 3 ++-
.../modules/auth/eidas/v2/test/clients/ZmrClientProductionTest.java | 3 ++-
2 files changed, 4 insertions(+), 2 deletions(-)
(limited to 'modules')
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ErnpRestClientProductionTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ErnpRestClientProductionTest.java
index fc0f7698..59cf4520 100644
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ErnpRestClientProductionTest.java
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ErnpRestClientProductionTest.java
@@ -66,6 +66,7 @@ public class ErnpRestClientProductionTest {
}
+ @Ignore
@Test
@SneakyThrows
public void searchWithPersonalIdentifierSuccess() {
@@ -117,7 +118,7 @@ public class ErnpRestClientProductionTest {
}
-
+ @Ignore
@Test
@SneakyThrows
public void searchWithMdsSuccess() {
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ZmrClientProductionTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ZmrClientProductionTest.java
index 97ea5bfa..b99bd302 100644
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ZmrClientProductionTest.java
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ZmrClientProductionTest.java
@@ -94,7 +94,7 @@ public class ZmrClientProductionTest {
* Ignore this test because "javier", "Garcia", "1964-12-31", "EE" is used as test-identity
* in test-country on vidp.gv.at. vidp.gv.at uses Test-SZR, but Test-SZR is connected to
* Q-ZMR and Q-ERnP. There is a staging problem because this test uses T-ZMR and T-ERnP.
- */
+ */
@Ignore
@Test
public void searchWithMdsOnlyEidasIdentity() throws EidasSAuthenticationException {
@@ -126,6 +126,7 @@ public class ZmrClientProductionTest {
}
+ @Ignore
@Test
public void searchWithCountrySpecificsWithPersonalId() throws EidasSAuthenticationException {
final ZmrRegisterResult result = client.searchCountrySpecific(null,
--
cgit v1.2.3
From 332a953758ab2626095ae5bd0169ff2edd9adcae Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Thu, 12 May 2022 10:39:31 +0200
Subject: fix(matching): remove prefix from bPK aftern an ID Austria login
---
.../ReceiveMobilePhoneSignatureResponseTask.java | 38 ++++++++++++----
.../v2/test/clients/ZmrClientProductionTest.java | 7 ++-
...eceiveMobilePhoneSignatureResponseTaskTest.java | 25 ++++++++++-
.../Response_with_EID_deprecated_bpk_encoding.xml | 52 ++++++++++++++++++++++
4 files changed, 109 insertions(+), 13 deletions(-)
create mode 100644 modules/authmodule-eIDAS-v2/src/test/resources/data/Response_with_EID_deprecated_bpk_encoding.xml
(limited to 'modules')
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java
index 286b63b1..b212d133 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java
@@ -127,7 +127,9 @@ public class ReceiveMobilePhoneSignatureResponseTask extends AbstractAuthServlet
private static final String ERROR_MSG_01 = "Processing PVP response from 'ID Austria system' FAILED.";
private static final String ERROR_MSG_02 = "PVP response decryption FAILED. No credential found.";
private static final String ERROR_MSG_03 = "PVP response validation FAILED.";
-
+ private static final String ERROR_GENERIC = "Matching failed, because response from ID Austria was "
+ + "invalid or contains an error. Detail: {}";
+
private static final String MSG_PROP_23 = "module.eidasauth.matching.23";
private static final String MSG_PROP_24 = "module.eidasauth.matching.24";
@@ -155,6 +157,7 @@ public class ReceiveMobilePhoneSignatureResponseTask extends AbstractAuthServlet
InboundMessage inboundMessage = decodeAndVerifyMessage(request, response, decoder, comparator);
Pair
processedMsg = validateAssertion((PvpSProfileResponse) inboundMessage);
if (processedMsg.getSecond()) {
+ log.info("Matching failed, because ID Austria login was stopped by user.");
// forward to next matching step in case of ID Autria authentication was stopped by user
executionContext.put(TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK, true);
executionContext.put(CONTEXT_FLAG_ADVANCED_MATCHING_FAILED_REASON, MSG_PROP_23);
@@ -177,6 +180,7 @@ public class ReceiveMobilePhoneSignatureResponseTask extends AbstractAuthServlet
// check if MDS from ID Austria authentication matchs to eIDAS authentication
if (!simpleMobileSignatureData.equalsSimpleEidasData(eidasData)) {
+ log.info("Matching failed, because MDS from ID-Austria login does not match to MDS from initial eIDAS");
executionContext.put(TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK, true);
executionContext.put(CONTEXT_FLAG_ADVANCED_MATCHING_FAILED_REASON, MSG_PROP_24);
executionContext.put(CONTEXT_FLAG_ADVANCED_MATCHING_FAILED, true);
@@ -207,28 +211,27 @@ public class ReceiveMobilePhoneSignatureResponseTask extends AbstractAuthServlet
}
} catch (final AuthnResponseValidationException e) {
+ log.info(ERROR_GENERIC, e.getMessage());
throw new TaskExecutionException(pendingReq, ERROR_MSG_03, e);
} catch (MessageDecodingException | SecurityException | SamlSigningException e) {
- //final String samlRequest = request.getParameter("SAMLRequest");
- //log.debug("Receive INVALID PVP Response from 'ms-specific eIDAS node': {}",
- // samlRequest, null, e);
+ log.info(ERROR_GENERIC, e.getMessage());
throw new TaskExecutionException(pendingReq, ERROR_MSG_00,
new AuthnResponseValidationException(ERROR_PVP_11, new Object[]{MODULE_NAME_FOR_LOGGING}, e));
} catch (IOException | MarshallingException | TransformerException e) {
- log.debug("Processing PVP response from 'ms-specific eIDAS node' FAILED.", e);
+ log.info("Processing PVP response from 'ms-specific eIDAS node' FAILED.", e);
throw new TaskExecutionException(pendingReq, ERROR_MSG_01,
new AuthnResponseValidationException(ERROR_PVP_12, new Object[]{MODULE_NAME_FOR_LOGGING, e.getMessage()}, e));
} catch (final CredentialsNotAvailableException e) {
- log.debug("PVP response decryption FAILED. No credential found.", e);
+ log.info("PVP response decryption FAILED. No credential found.", e);
throw new TaskExecutionException(pendingReq, ERROR_MSG_02,
new AuthnResponseValidationException(ERROR_PVP_10, new Object[]{MODULE_NAME_FOR_LOGGING}, e));
} catch (final Exception e) {
// todo catch ManualFixNecessaryException in any other way?
- log.debug("PVP response validation FAILED. Msg:" + e.getMessage(), e);
+ log.info("PVP response validation FAILED. Msg: {}",e.getMessage(), e);
throw new TaskExecutionException(pendingReq, ERROR_MSG_03,
new AuthnResponseValidationException(ERROR_PVP_12, new Object[]{MODULE_NAME_FOR_LOGGING, e.getMessage()}, e));
@@ -356,7 +359,7 @@ public class ReceiveMobilePhoneSignatureResponseTask extends AbstractAuthServlet
final Set includedAttrNames = extractor.getAllIncludeAttributeNames();
for (final String attrName : includedAttrNames) {
if (PvpAttributeDefinitions.BPK_NAME.equals(attrName)) {
- builder.bpk(extractor.getSingleAttributeValue(attrName));
+ builder.bpk(removeTargetPrefixFromBpk(extractor.getSingleAttributeValue(attrName)));
}
if (PvpAttributeDefinitions.GIVEN_NAME_NAME.equals(attrName)) {
builder.givenName(extractor.getSingleAttributeValue(attrName));
@@ -377,5 +380,24 @@ public class ReceiveMobilePhoneSignatureResponseTask extends AbstractAuthServlet
}
+ private String removeTargetPrefixFromBpk(String bpkWithPrefix) {
+ if (StringUtils.isNotEmpty(bpkWithPrefix)) {
+ final String[] spitted = bpkWithPrefix.split(":");
+ if (spitted.length == 2) {
+ log.debug("Find PVP-Attr: {}", PvpAttributeDefinitions.BPK_FRIENDLY_NAME);
+ return spitted[1];
+
+ } else {
+ log.info("Find PVP-Attr: {} without prefix. Use it as it is", PvpAttributeDefinitions.BPK_FRIENDLY_NAME);
+ return spitted[0];
+
+ }
+ } else {
+ log.warn("Receive no bPK in response from ID Austria System. There is something wrong on IDA side!!!");
+ return null;
+
+ }
+ }
+
}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ZmrClientProductionTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ZmrClientProductionTest.java
index b99bd302..cada6f40 100644
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ZmrClientProductionTest.java
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ZmrClientProductionTest.java
@@ -197,7 +197,6 @@ public class ZmrClientProductionTest {
}
- @Ignore
@Test
public void updateZmrEntryTestIdentity() throws EidasSAuthenticationException {
final String personalIdentifier = "7cEYSvKZasdfsafsaf4CDVzNT4E7cjkU4Vq";
@@ -205,9 +204,9 @@ public class ZmrClientProductionTest {
final SimpleEidasData eidasData = SimpleEidasData.builder()
.citizenCountryCode(cc)
- .familyName("XXXĂ–hlinger")
- .givenName("XXXHildegard")
- .dateOfBirth("1971-02-18")
+ .familyName("Muster301")
+ .givenName("Eric")
+ .dateOfBirth("1988-01-03")
.personalIdentifier(cc + "/AT/" + personalIdentifier)
.pseudonym(personalIdentifier)
.build();
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveMobilePhoneSignatureResponseTaskTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveMobilePhoneSignatureResponseTaskTest.java
index 8fae81b1..034f06d1 100644
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveMobilePhoneSignatureResponseTaskTest.java
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveMobilePhoneSignatureResponseTaskTest.java
@@ -79,7 +79,7 @@ import net.shibboleth.utilities.java.support.xml.ParserPool;
public class ReceiveMobilePhoneSignatureResponseTaskTest {
private static final String METADATA_PATH = "classpath:/data/idp_metadata_classpath_entity.xml";
- private static final String BPK_FROM_ID_AUSTRIA = "BF:QVGm48cqcM4UcyhDTNGYmVdrIoY=";
+ private static final String BPK_FROM_ID_AUSTRIA = "QVGm48cqcM4UcyhDTNGYmVdrIoY=";
@Autowired
protected MsConnectorDummyConfigMap authConfig;
@@ -377,6 +377,29 @@ public class ReceiveMobilePhoneSignatureResponseTaskTest {
//Mockito.verify(registerSearchService).step7aKittProcess(eq(registerSearchResult), eq(eidData));
}
+ @Test
+ public void httpPostValidSignedAssertionEidValid_ExactlyOneRegisterResultDeprecadedBpkEnc() throws Exception {
+ setupMetadataResolver();
+ initResponse("/data/Response_with_EID_deprecated_bpk_encoding.xml", true);
+ AuthProcessDataWrapper authProcessData = pendingReq.getSessionData(AuthProcessDataWrapper.class);
+ SimpleEidasData eidData = createEidasDataMatchingToSamlResponse().build();
+ authProcessData.setGenericDataToSession(Constants.DATA_SIMPLE_EIDAS, eidData);
+ RegisterStatusResults registerSearchResult = buildResultWithOneMatch();
+ MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerSearchResult);
+
+ task.execute(pendingReq, executionContext);
+
+ AuthProcessDataWrapper session = pendingReq.getSessionData(AuthProcessDataWrapper.class);
+ assertEquals("LoA", "http://eidas.europa.eu/LoA/low", session.getQaaLevel());
+ assertEquals("IssueInstant", "2014-03-05T06:39:51Z", session.getIssueInstantString());
+ assertNull("Transition To S16", executionContext.get(Constants.TRANSITION_TO_GENERATE_GUI_QUERY_AUSTRIAN_RESIDENCE_TASK));
+
+ //TODO: update this check because this task selects one result from MDS search result before and creates a new element
+ //Mockito.verify(registerSearchService).step7aKittProcess(eq(registerSearchResult), eq(eidData));
+ }
+
+
+
//TODO: implement new test that this test makes no sense any more
@Ignore
@Test
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/Response_with_EID_deprecated_bpk_encoding.xml b/modules/authmodule-eIDAS-v2/src/test/resources/data/Response_with_EID_deprecated_bpk_encoding.xml
new file mode 100644
index 00000000..92ace06c
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/Response_with_EID_deprecated_bpk_encoding.xml
@@ -0,0 +1,52 @@
+
+
+ classpath:/data/idp_metadata_classpath_entity.xml
+
+
+
+
+ https://demo.egiz.gv.at/demoportal_moaid-2.0/pvp/metadata
+
+ QVGm48cqcM4UcyhDTNGYmVdrIoY=
+
+
+
+
+
+
+ https://localhost/authhandler/sp/idaustria/metadata
+
+
+
+
+ http://eidas.europa.eu/LoA/high
+
+
+
+
+ Mustermann
+
+
+ 2.1
+
+
+ http://eidas.europa.eu/LoA/low
+
+
+ IT
+
+
+ Max
+
+
+ 1940-01-01
+
+
+ QVGm48cqcM4UcyhDTNGYmVdrIoY=
+
+
+ MIIBbjCCARSgAwIBAgIEXh7TNzAKBggqhkjOPQQDAjA/MQswCQYDVQQGEwJBVDENMAsGA1UECgwERUdJWjEOMAwGA1UECwwFalVuaXQxETAPBgNVBAMMCG1ldGFkYXRhMB4XDTIwMDExNTA4NTQxNVoXDTMwMDExNDA4NTQxNVowPzELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVHSVoxDjAMBgNVBAsMBWpVbml0MREwDwYDVQQDDAhtZXRhZGF0YTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBdBkaxt31p++aZeP3SmlWITj9SYO4McV2ccXFsH4X4QMHuKAMUvjxPm1kdU01eTOWdiQX0GpDIBspYMZh8ZKcwwCgYIKoZIzj0EAwIDSAAwRQIhAJ3QKlk9cd90s+i8y62fvmGF6LtfNO+JvkWqDUBeQImnAiA2KwFtzO7STAp9MEwQGe0vt0F8mO1ttrLE+rr6YxdwGA==
+
+
+
+
--
cgit v1.2.3
From a988c0af75d96fdf03337b47a68b3a7876abfbac Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Thu, 12 May 2022 13:56:38 +0200
Subject: refact(ernp): change configuration keys for SSL keystore
---
.../specific/modules/auth/eidas/v2/Constants.java | 23 ++++++++++++++++++++++
.../auth/eidas/v2/clients/ernp/ErnpRestClient.java | 12 +++++------
.../resources/config/junit_config_1.properties | 10 +++++-----
.../config/junit_config_1_springboot.properties | 10 +++++-----
4 files changed, 39 insertions(+), 16 deletions(-)
(limited to 'modules')
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
index 0b5d086d..588ea912 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
@@ -170,6 +170,29 @@ public class Constants {
public static final String CONIG_PROPS_EIDAS_ERNPCLIENT = CONIG_PROPS_EIDAS_PREFIX + ".ernpclient";
public static final String CONIG_PROPS_EIDAS_ERNPCLIENT_ENDPOINT = CONIG_PROPS_EIDAS_ERNPCLIENT
+ ".endpoint";
+ public static final String CONIG_PROPS_EIDAS_ERNPCLIENT_SSL_KEYSTORE_PATH = CONIG_PROPS_EIDAS_ERNPCLIENT
+ + ".ssl.keyStore.path";
+ public static final String CONIG_PROPS_EIDAS_ERNPCLIENT_SSL_KEYSTORE_PASSWORD = CONIG_PROPS_EIDAS_ERNPCLIENT
+ + ".ssl.keyStore.password";
+ public static final String CONIG_PROPS_EIDAS_ERNPCLIENT_SSL_KEYSTORE_TYPE = CONIG_PROPS_EIDAS_ERNPCLIENT
+ + ".ssl.keyStore.type";
+ public static final String CONIG_PROPS_EIDAS_ERNPCLIENT_SSL_KEYSTORE_NAME = CONIG_PROPS_EIDAS_ERNPCLIENT
+ + ".ssl.keyStore.name";
+ public static final String CONIG_PROPS_EIDAS_ERNPCLIENT_SSL_KEYS_ALIAS = CONIG_PROPS_EIDAS_ERNPCLIENT
+ + ".ssl.key.alias";
+ public static final String CONIG_PROPS_EIDAS_ERNPCLIENT_SSL_KEY_PASSWORD = CONIG_PROPS_EIDAS_ERNPCLIENT
+ + ".ssl.key.password";
+ public static final String CONIG_PROPS_EIDAS_ERNPCLIENT_SSL_TRUSTSTORE_PATH = CONIG_PROPS_EIDAS_ERNPCLIENT
+ + ".ssl.trustStore.path";
+ public static final String CONIG_PROPS_EIDAS_ERNPCLIENT_SSL_TRUSTSTORE_PASSWORD = CONIG_PROPS_EIDAS_ERNPCLIENT
+ + ".ssl.trustStore.password";
+ public static final String CONIG_PROPS_EIDAS_ERNPCLIENT_SSL_TRUSTSTORE_TYPE = CONIG_PROPS_EIDAS_ERNPCLIENT
+ + ".ssl.trustStore.type";
+ public static final String CONIG_PROPS_EIDAS_ERNPCLIENT_SSL_TRUSTSTORE_NAME = CONIG_PROPS_EIDAS_ERNPCLIENT
+ + ".ssl.trustStore.name";
+
+
+
public static final String CONIG_PROPS_EIDAS_ERNPCLIENT_TIMEOUT_CONNECTION = CONIG_PROPS_EIDAS_ERNPCLIENT
+ ".timeout.connection";
public static final String CONIG_PROPS_EIDAS_ERNPCLIENT_TIMEOUT_RESPONSE = CONIG_PROPS_EIDAS_ERNPCLIENT
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/ernp/ErnpRestClient.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/ernp/ErnpRestClient.java
index 4c4e3d87..6a732a0d 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/ernp/ErnpRestClient.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/ernp/ErnpRestClient.java
@@ -809,16 +809,16 @@ public class ErnpRestClient implements IErnpClient {
// Set keystore configuration
config.buildKeyStoreConfig(
- basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_COMMON_CLIENT_SSL_KEYSTORE_TYPE),
- basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_COMMON_CLIENT_SSL_KEYSTORE_PATH),
- basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_COMMON_CLIENT_SSL_KEYSTORE_PASSWORD),
- basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_COMMON_CLIENT_SSL_KEYSTORE_NAME));
+ basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_ERNPCLIENT_SSL_KEYSTORE_TYPE),
+ basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_ERNPCLIENT_SSL_KEYSTORE_PATH),
+ basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_ERNPCLIENT_SSL_KEYSTORE_PASSWORD),
+ basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_ERNPCLIENT_SSL_KEYSTORE_NAME));
// Set key information
config.setSslKeyAlias(
- basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_COMMON_CLIENT_SSL_KEYS_ALIAS));
+ basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_ERNPCLIENT_SSL_KEYS_ALIAS));
config.setSslKeyPassword(
- basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_COMMON_CLIENT_SSL_KEY_PASSWORD));
+ basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_ERNPCLIENT_SSL_KEY_PASSWORD));
// Set connection parameters
// TODO: update EAAF-components to allow custom HTTP Connection-Timeouts
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1.properties b/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1.properties
index d84777f3..6d97513a 100644
--- a/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1.properties
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1.properties
@@ -104,11 +104,11 @@ eidas.ms.auth.eIDAS.zmrclient.req.update.reason.code=EIDAS-KITT
# ERnP communication
eidas.ms.auth.eIDAS.ernpclient.endpoint=http://localhost:1718/demoernp
eidas.ms.auth.eIDAS.ernpclient.req.organisation.behoerdennr=jUnit123456
-eidas.ms.auth.eIDAS.client.common.ssl.keyStore.type=jks
-eidas.ms.auth.eIDAS.client.common.ssl.keyStore.path=../keystore/junit_test.jks
-eidas.ms.auth.eIDAS.client.common.ssl.keyStore.password=password
-eidas.ms.auth.eIDAS.client.common.ssl.key.alias=meta
-eidas.ms.auth.eIDAS.client.common.ssl.key.password=password
+eidas.ms.auth.eIDAS.ernpclient.ssl.keyStore.type=jks
+eidas.ms.auth.eIDAS.ernpclient.ssl.keyStore.path=../keystore/junit_test.jks
+eidas.ms.auth.eIDAS.ernpclient.ssl.keyStore.password=password
+eidas.ms.auth.eIDAS.ernpclient.ssl.key.alias=meta
+eidas.ms.auth.eIDAS.ernpclient.ssl.key.password=password
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1_springboot.properties b/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1_springboot.properties
index 0cc89a4a..22003513 100644
--- a/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1_springboot.properties
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1_springboot.properties
@@ -60,11 +60,11 @@ eidas.ms.auth.eIDAS.zmrclient.req.update.reason.text=KITT for eIDAS Matching
# ERnP communication
eidas.ms.auth.eIDAS.ernpclient.endpoint=http://localhost:1718/demoernp
eidas.ms.auth.eIDAS.ernpclient.req.organisation.behoerdennr=jUnit123456
-eidas.ms.auth.eIDAS.client.common.ssl.keyStore.type=jks
-eidas.ms.auth.eIDAS.client.common.ssl.keyStore.path=../keystore/junit_test.jks
-eidas.ms.auth.eIDAS.client.common.ssl.keyStore.password=password
-eidas.ms.auth.eIDAS.client.common.ssl.key.alias=meta
-eidas.ms.auth.eIDAS.client.common.ssl.key.password=password
+eidas.ms.auth.eIDAS.ernpclient.ssl.keyStore.type=jks
+eidas.ms.auth.eIDAS.ernpclient.ssl.keyStore.path=../keystore/junit_test.jks
+eidas.ms.auth.eIDAS.ernpclient.ssl.keyStore.password=password
+eidas.ms.auth.eIDAS.ernpclient.ssl.key.alias=meta
+eidas.ms.auth.eIDAS.ernpclient.ssl.key.password=password
--
cgit v1.2.3
From 1c8dc5ec1faf8efd931db79206d9696df91db459 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Thu, 12 May 2022 13:58:27 +0200
Subject: build(core): switch to next snapshot version
---
modules/authmodule-eIDAS-v2/pom.xml | 2 +-
modules/core_common_lib/pom.xml | 2 +-
modules/core_common_webapp/pom.xml | 2 +-
modules/pom.xml | 2 +-
4 files changed, 4 insertions(+), 4 deletions(-)
(limited to 'modules')
diff --git a/modules/authmodule-eIDAS-v2/pom.xml b/modules/authmodule-eIDAS-v2/pom.xml
index be78cb76..2cb8d82e 100644
--- a/modules/authmodule-eIDAS-v2/pom.xml
+++ b/modules/authmodule-eIDAS-v2/pom.xml
@@ -6,7 +6,7 @@
at.asitplus.eidas.ms_specific
modules
- 1.2.5-SNAPSHOT
+ 1.3.0-SNAPSHOT
at.asitplus.eidas.ms_specific.modules
authmodule-eIDAS-v2
diff --git a/modules/core_common_lib/pom.xml b/modules/core_common_lib/pom.xml
index e52216d3..8b06a9ee 100644
--- a/modules/core_common_lib/pom.xml
+++ b/modules/core_common_lib/pom.xml
@@ -7,7 +7,7 @@
at.asitplus.eidas.ms_specific
modules
- 1.2.5-SNAPSHOT
+ 1.3.0-SNAPSHOT
core_common_lib
ms_specific_common_lib
diff --git a/modules/core_common_webapp/pom.xml b/modules/core_common_webapp/pom.xml
index a7efdf15..a7090761 100644
--- a/modules/core_common_webapp/pom.xml
+++ b/modules/core_common_webapp/pom.xml
@@ -3,7 +3,7 @@
at.asitplus.eidas.ms_specific
modules
- 1.2.5-SNAPSHOT
+ 1.3.0-SNAPSHOT
core_common_webapp
WebApplication commons
diff --git a/modules/pom.xml b/modules/pom.xml
index fff02aa5..a6e9c696 100644
--- a/modules/pom.xml
+++ b/modules/pom.xml
@@ -4,7 +4,7 @@
at.asitplus.eidas
ms_specific
- 1.2.5-SNAPSHOT
+ 1.3.0-SNAPSHOT
at.asitplus.eidas.ms_specific
modules
--
cgit v1.2.3