/* * Copyright 2018 A-SIT Plus GmbH * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ, * A-SIT Plus GmbH, A-SIT, and Graz University of Technology. * * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by * the European Commission - subsequent versions of the EUPL (the "License"); * You may not use this work except in compliance with the License. * You may obtain a copy of the License at: * https://joinup.ec.europa.eu/news/understanding-eupl-v12 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" basis, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. * * This product combines work with different licenses. See the "NOTICE" text * file for details on the various modules and licenses. * The "NOTICE" text file is part of the distribution. Any derivative works * that you distribute must include a readable copy of the "NOTICE" text file. */ package at.asitplus.eidas.specific.modules.auth.eidas.v2.test; import static org.mockito.ArgumentMatchers.any; import static org.mockito.Mockito.when; import java.io.IOException; import java.security.InvalidKeyException; import java.security.MessageDigest; import java.security.NoSuchProviderException; import javax.xml.bind.JAXBContext; import javax.xml.bind.JAXBException; import javax.xml.bind.Unmarshaller; import javax.xml.parsers.ParserConfigurationException; import javax.xml.ws.soap.SOAPFaultException; import org.apache.commons.lang3.StringUtils; import org.apache.cxf.binding.soap.SoapFault; import org.junit.Assert; import org.junit.BeforeClass; import org.junit.Ignore; import org.junit.Rule; import org.junit.Test; import org.junit.runner.RunWith; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import org.springframework.util.Base64Utils; import org.w3c.dom.Element; import org.xml.sax.SAXException; import com.skjolberg.mockito.soap.SoapServiceRule; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.szr.SzrClient; import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils; import at.gv.e_government.reference.namespace.persondata._20020228.PersonNameType; import at.gv.e_government.reference.namespace.persondata._20020228.PhysicalPersonType; import at.gv.egiz.eaaf.core.api.data.EaafConstants; import at.gv.egiz.eaaf.core.api.idp.IConfiguration; import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink; import at.gv.egiz.eaaf.core.exceptions.EaafParserException; import at.gv.egiz.eaaf.core.impl.data.Trible; import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser; import at.gv.egiz.eaaf.core.impl.utils.DomUtils; import szrservices.GetIdentityLinkEidasResponse; import szrservices.IdentityLinkType; import szrservices.PersonInfoType; import szrservices.SZR; import szrservices.SZRException_Exception; import szrservices.TravelDocumentType; @RunWith(SpringJUnit4ClassRunner.class) @ContextConfiguration("/SpringTest-context_tasks_test.xml") public class SzrClientTest { private static final Logger log = LoggerFactory.getLogger(SzrClientTest.class); @Autowired SzrClient szrClient; @Autowired IConfiguration basicConfig; private static final String givenName = "Franz"; private static final String familyName = "Mustermann"; private static final String dateOfBirth = "1989-05-05"; private static final String eIDASeID = "IS/AT/1234sdgsdfg56789ABCDEF"; private static final String DUMMY_TARGET = EaafConstants.URN_PREFIX_CDID + "ZP"; /** * jUnit class initializer. * * @throws IOException In case of an error */ @BeforeClass public static void classInitializer() throws IOException { final String current = new java.io.File(".").toURI().toString(); System.setProperty("eidas.ms.configuration", current + "../../basicConfig/default_config.properties"); } @Rule public SoapServiceRule soap = SoapServiceRule.newInstance(); @Test public void getIdentityLinkRawModeValidResponse() throws SZRException_Exception, EaafParserException, NoSuchProviderException, IOException, InvalidKeyException, EidasSAuthenticationException, JAXBException { setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml", "http://localhost:1234/demoszr"); try { log.debug("Starting connecting SZR Gateway"); final IdentityLinkType result = szrClient.getIdentityLinkInRawMode( getPersonInfo()); Assert.assertNotNull(result); Assert.assertNotNull(result.getAssertion()); final IIdentityLink identityLink = new SimpleIdentityLinkAssertionParser((Element) result .getAssertion()).parseIdentityLink(); Assert.assertNotNull(identityLink); System.out.println(identityLink.getSerializedSamlAssertion()); checkElement("Mustermann", identityLink.getFamilyName()); checkElement("Hans", identityLink.getGivenName()); checkElement("1989-05-05", identityLink.getDateOfBirth()); checkElement("urn:publicid:gv.at:baseid", identityLink.getIdentificationType()); checkElement("k+zDM1BVpN1WJO4x7ZQ3ng==", identityLink.getIdentificationValue()); Assert.assertNotNull(identityLink.getSerializedSamlAssertion()); Assert.assertNotNull(identityLink.getSamlAssertion()); } catch (final SzrCommunicationException e) { Assert.fail(); } } @Test public void getIdentityLinkRawModeErrorTravelerDocExists() throws SZRException_Exception, EaafParserException, NoSuchProviderException, IOException, InvalidKeyException, EidasSAuthenticationException, JAXBException, ParserConfigurationException, SAXException { setSzrExceptionIdentityLink("/data/szr/szr_resp_error_travelerdocexists.xml", "http://localhost:1234/demoszr"); try { log.debug("Starting connecting SZR Gateway"); szrClient.getIdentityLinkInRawMode( getPersonInfo()); Assert.fail(); } catch (final SzrCommunicationException e) { checkElement("ernb.02", e.getErrorId()); Assert.assertNotNull(e.getCause()); org.springframework.util.Assert.isInstanceOf(SOAPFaultException.class, e.getCause()); Assert.assertNotNull(((SOAPFaultException) e.getCause()).getFault()); checkElement("p344:F455", ((SOAPFaultException) e.getCause()).getFault().getFaultCode()); checkElement( "The travel document you sent to insert a person already exists for another person. " + "Either check the document or have the person altered accordingly", ((SOAPFaultException) e.getCause()).getFault().getFaultString()); } } @Ignore @Test public void getBpkTest() throws SZRException_Exception, EidasSAuthenticationException { final String bPK = szrClient.getBpk(getPersonInfo(), DUMMY_TARGET, basicConfig.getBasicConfiguration( Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_VKZ, "no VKZ defined")); if (StringUtils.isEmpty(bPK)) { throw new SzrCommunicationException("ernb.01", new Object[] { "bPK is null or empty" }); } } private void checkElement(String expected, String value) { Assert.assertNotNull(value); Assert.assertEquals(expected, value); } private void setSzrResponseIdentityLink(String responseXmlPath, String serviceUrl) throws JAXBException, SZRException_Exception { final SZR szrServiceMock = soap.mock(SZR.class, serviceUrl); final JAXBContext jaxbContext = JAXBContext.newInstance( szrservices.ObjectFactory.class, org.xmlsoap.schemas.ws._2002._04.secext.ObjectFactory.class, org.w3._2001._04.xmldsig_more.ObjectFactory.class, org.w3._2000._09.xmldsig.ObjectFactory.class, at.gv.egov.pvp1.ObjectFactory.class, at.gv.e_government.reference.namespace.persondata._20020228.ObjectFactory.class); final Unmarshaller jaxbUnmarshaller = jaxbContext.createUnmarshaller(); final GetIdentityLinkEidasResponse szrResponse = (GetIdentityLinkEidasResponse) jaxbUnmarshaller .unmarshal(this.getClass().getResourceAsStream(responseXmlPath)); when(szrServiceMock.getIdentityLinkEidas(any(PersonInfoType.class))).thenReturn(szrResponse .getGetIdentityLinkReturn()); } private void setSzrExceptionIdentityLink(String responseXmlPath, String serviceUrl) throws JAXBException, ParserConfigurationException, SAXException, IOException, SZRException_Exception { final SZR szrServiceMock = soap.mock(SZR.class, serviceUrl); final Element detailerror = DomUtils.parseXmlNonValidating(this.getClass().getResourceAsStream( responseXmlPath)); final javax.xml.namespace.QName qName = new javax.xml.namespace.QName("urn:SZRServices", "F455", "p344"); final SoapFault fault = new SoapFault( "The travel document you sent to insert a person already exists for another person. " + "Either check the document or have the person altered accordingly", qName); fault.setRole("urn:SZRServices"); fault.setDetail(detailerror); when(szrServiceMock.getIdentityLinkEidas(any(PersonInfoType.class))).thenThrow(fault); } private String createHashFromUniqueId(String uniqueId) throws EidasSAuthenticationException { try { final MessageDigest md = MessageDigest.getInstance("SHA-256"); final byte[] hash = md.digest(uniqueId.getBytes("UTF-8")); final String hashBase64 = new String(Base64Utils.encode(hash), "UTF-8").replaceAll("\r\n", ""); return hashBase64; } catch (final Exception ex) { throw new EidasSAuthenticationException("internal.03", new Object[] {}, ex); } } private PersonInfoType getPersonInfo() throws EidasSAuthenticationException { final PersonInfoType personInfo = new PersonInfoType(); final PersonNameType personName = new PersonNameType(); final PhysicalPersonType naturalPerson = new PhysicalPersonType(); final TravelDocumentType eDocument = new TravelDocumentType(); naturalPerson.setName(personName); personInfo.setPerson(naturalPerson); personInfo.setTravelDocument(eDocument); // parse some eID attributes final Trible eIdentifier = EidasResponseUtils.parseEidasPersonalIdentifier(eIDASeID); final String uniqueId = createHashFromUniqueId(eIdentifier.getThird()); final String citizenCountry = eIdentifier.getFirst(); // person information personName.setFamilyName(familyName); personName.setGivenName(givenName); naturalPerson.setDateOfBirth(dateOfBirth); eDocument.setIssuingCountry(citizenCountry); eDocument.setDocumentNumber(uniqueId); // eID document information eDocument.setDocumentType(basicConfig.getBasicConfiguration( Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_EDOCUMENTTYPE, Constants.SZR_CONSTANTS_DEFAULT_DOCUMENT_TYPE)); return personInfo; } }