package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks; import static at.asitplus.eidas.specific.connector.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE; import static org.mockito.ArgumentMatchers.any; import static org.mockito.Mockito.times; import static org.mockito.Mockito.verify; import static org.powermock.api.mockito.PowerMockito.when; import java.net.URISyntaxException; import java.security.KeyStore; import java.security.Provider; import java.security.cert.X509Certificate; import java.util.Arrays; import java.util.Collections; import java.util.HashMap; import java.util.Iterator; import java.util.List; import java.util.Map; import org.apache.commons.lang3.RandomStringUtils; import org.jetbrains.annotations.NotNull; import org.jose4j.jwa.AlgorithmConstraints; import org.jose4j.jwa.AlgorithmConstraints.ConstraintType; import org.jose4j.jws.AlgorithmIdentifiers; import org.junit.Assert; import org.junit.Before; import org.junit.Rule; import org.junit.Test; import org.junit.runner.RunWith; import org.mockito.ArgumentCaptor; import org.powermock.core.classloader.annotations.PrepareForTest; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.test.annotation.DirtiesContext; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.ServletRequestAttributes; import com.fasterxml.jackson.databind.JsonNode; import com.fasterxml.jackson.databind.ObjectMapper; import com.skjolberg.mockito.soap.SoapServiceRule; import at.asitplus.eidas.specific.connector.MsEidasNodeConstants; import at.asitplus.eidas.specific.connector.test.config.MsConnectorDummyConfigMap; import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants; import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException; import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry; import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask; import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils; import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils.JwsResult; import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.IRequestStorage; import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants; import at.gv.egiz.eaaf.core.api.data.EaafConstants; import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; import at.gv.egiz.eaaf.core.exceptions.EaafException; import at.gv.egiz.eaaf.core.exceptions.EaafStorageException; import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory; import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreUtils; import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration; import at.gv.egiz.eaaf.core.impl.data.Pair; import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper; import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration; import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; import at.gv.egiz.eaaf.core.impl.utils.Random; import eu.eidas.auth.commons.attribute.AttributeDefinition; import eu.eidas.auth.commons.attribute.ImmutableAttributeMap; import eu.eidas.auth.commons.attribute.ImmutableAttributeMap.Builder; import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse; import lombok.val; import szrservices.JwsHeaderParam; import szrservices.PersonInfoType; import szrservices.SZR; import szrservices.SignContentEntry; import szrservices.SignContentResponseType; @RunWith(SpringJUnit4ClassRunner.class) @PrepareForTest(CreateIdentityLinkTask.class) @DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS) @ContextConfiguration(locations = { "/SpringTest-context_tasks_test.xml", "/SpringTest-context_basic_mapConfig.xml"}) public class CreateIdentityLinkTaskEidNewTest { @Autowired(required = true) private CreateIdentityLinkTask task; @Autowired(required = true) private MsConnectorDummyConfigMap basicConfig; @Autowired protected EidasAttributeRegistry attrRegistry; @Autowired EaafKeyStoreFactory keyStoreFactory; @Autowired private IRequestStorage requestStorage; final ExecutionContext executionContext = new ExecutionContextImpl(); private MockHttpServletRequest httpReq; private MockHttpServletResponse httpResp; private TestRequestImpl pendingReq; private DummySpConfiguration oaParam; private SZR szrMock; private static final String PW = "f/+saJBc3a}*/T^s"; private static final String ALIAS = "connectorkeypair"; private static final List BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING = Collections.unmodifiableList(Arrays .asList(AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256, AlgorithmIdentifiers.ECDSA_USING_P521_CURVE_AND_SHA512, AlgorithmIdentifiers.RSA_PSS_USING_SHA256, AlgorithmIdentifiers.RSA_PSS_USING_SHA512)); private static ObjectMapper mapper = new ObjectMapper(); private AuthenticationResponse response; @Rule public final SoapServiceRule soap = SoapServiceRule.newInstance(); /** * jUnit test set-up. */ @Before public void setUp() throws EaafStorageException, URISyntaxException { httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler"); httpResp = new MockHttpServletResponse(); RequestContextHolder.resetRequestAttributes(); RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false"); final Map spConfig = new HashMap<>(); spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp"); spConfig.put("target", "urn:publicid:gv.at:cdid+XX"); spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "true"); oaParam = new DummySpConfiguration(spConfig, basicConfig); pendingReq = new TestRequestImpl(); response = buildDummyAuthResponse(false); pendingReq.getSessionData(AuthProcessDataWrapper.class) .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response); pendingReq.setSpConfig(oaParam); pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue()); pendingReq.setAuthUrl("http://test.com/"); pendingReq.setTransactionId("avaasbav"); pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10)); executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "XX"); executionContext.put(EaafConstants.PROCESS_ENGINE_REQUIRES_NO_POSTAUTH_REDIRECT, true); szrMock = soap.mock(SZR.class, "http://localhost:1234/demoszr"); } @Test public void successfulProcessWithDeInfos() throws Exception { //initialize test response = buildDummyAuthResponse(true); pendingReq.getSessionData(AuthProcessDataWrapper.class) .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response); String vsz = RandomStringUtils.randomNumeric(10); when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(vsz); val signContentResp = new SignContentResponseType(); final SignContentEntry signContentEntry = new SignContentEntry(); signContentEntry.setValue(RandomStringUtils.randomAlphanumeric(10)); signContentResp.getOut().add(signContentEntry); when(szrMock, "signContent", any(), any(), any()).thenReturn(signContentResp); String randomTestSp = RandomStringUtils.randomAlphabetic(10); pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); //perform test task.execute(pendingReq, executionContext); //validate state // check if pendingRequest was stored IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId()); Assert.assertNotNull("pendingReq not stored", storedPendingReq); //check data in session final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class); Assert.assertNotNull("AuthProcessData", authProcessData); Assert.assertNotNull("eidasBind", authProcessData.getGenericDataFromSession(Constants.EIDAS_BIND, String.class)); String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class); Assert.assertNotNull("AuthBlock", authBlock); Assert.assertTrue("EID process", authProcessData.isEidProcess()); Assert.assertTrue("foreigner process", authProcessData.isForeigner()); Assert.assertEquals("EID-ISSUING_NATION", "LU", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class)); Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel()); Assert.assertEquals("LoA", response.getLevelOfAssurance(), authProcessData.getQaaLevel()); // check authblock signature final AlgorithmConstraints constraints = new AlgorithmConstraints(ConstraintType.PERMIT, BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.toArray(new String[BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.size()])); Pair keyStore = getKeyStore(); X509Certificate[] trustedCerts = EaafKeyStoreUtils .getPrivateKeyAndCertificates(keyStore.getFirst(), ALIAS, PW.toCharArray(), true, "junit").getSecond(); JwsResult result = JoseUtils.validateSignature(authBlock, Arrays.asList(trustedCerts), constraints); Assert.assertTrue("AuthBlock not valid", result.isValid()); JsonNode authBlockJson = mapper.readTree(result.getPayLoad()); Assert.assertNotNull("deserialized AuthBlock", authBlockJson); Assert.assertNotNull("no piiTransactionId in pendingRequesdt", storedPendingReq.getUniquePiiTransactionIdentifier()); Assert.assertEquals("piiTransactionId", storedPendingReq.getUniquePiiTransactionIdentifier(), authBlockJson.get("piiTransactionId").asText()); Assert.assertEquals("appId", randomTestSp, authBlockJson.get("appId").asText()); Assert.assertFalse("'challenge' is null", authBlockJson.get("challenge").asText().isEmpty()); Assert.assertFalse("'timestamp' is null", authBlockJson.get("timestamp").asText().isEmpty()); // check vsz request ArgumentCaptor argument4 = ArgumentCaptor.forClass(PersonInfoType.class); ArgumentCaptor argument5 = ArgumentCaptor.forClass(Boolean.class); verify(szrMock, times(1)).getStammzahlEncrypted(argument4.capture(), argument5.capture()); Boolean param5 = argument5.getValue(); Assert.assertTrue("insertERnP flag", param5); PersonInfoType person = argument4.getValue(); Assert.assertEquals("FamilyName", response.getAttributes().getAttributeValuesByFriendlyName("FamilyName").getFirstValue( response.getAttributes().getDefinitionsByFriendlyName("FamilyName").iterator().next()), person.getPerson().getName().getFamilyName()); Assert.assertEquals("GivenName", response.getAttributes().getAttributeValuesByFriendlyName("FirstName").getFirstValue( response.getAttributes().getDefinitionsByFriendlyName("FirstName").iterator().next()), person.getPerson().getName().getGivenName()); Assert.assertEquals("DateOfBirth", response.getAttributes().getAttributeValuesByFriendlyName("DateOfBirth").getFirstValue( response.getAttributes().getDefinitionsByFriendlyName("DateOfBirth").iterator().next()) .toString().split("T")[0], person.getPerson().getDateOfBirth()); Assert.assertEquals("PlaceOfBirth", response.getAttributes().getAttributeValuesByFriendlyName("PlaceOfBirth").getFirstValue( response.getAttributes().getDefinitionsByFriendlyName("PlaceOfBirth").iterator().next()), person.getPerson().getPlaceOfBirth()); Assert.assertEquals("BirthName", response.getAttributes().getAttributeValuesByFriendlyName("BirthName").getFirstValue( response.getAttributes().getDefinitionsByFriendlyName("BirthName").iterator().next()), person.getPerson().getAlternativeName().getFamilyName()); Assert.assertEquals("CitizenCountry", "LU", person.getTravelDocument().getIssuingCountry()); Assert.assertEquals("DocumentType", "ELEKTR_DOKUMENT", person.getTravelDocument().getDocumentType()); Assert.assertEquals("Identifier", response.getAttributes().getAttributeValuesByFriendlyName("PersonIdentifier").getFirstValue( response.getAttributes().getDefinitionsByFriendlyName("PersonIdentifier").iterator().next()) .toString().split("/")[2], person.getTravelDocument().getDocumentNumber()); // check bcBind singing request ArgumentCaptor argument1 = ArgumentCaptor.forClass(Boolean.class); ArgumentCaptor> argument2 = ArgumentCaptor.forClass(List.class); ArgumentCaptor> argument3 = ArgumentCaptor.forClass(List.class); verify(szrMock, times(1)).signContent(argument1.capture(), argument2.capture(), argument3.capture()); Boolean param1 = argument1.getValue(); Assert.assertFalse("addCert flag", param1); List param2 = argument2.getValue(); Assert.assertNotNull("JWS Headers", param2); Assert.assertFalse("JWS Headers empty", param2.isEmpty()); Assert.assertEquals("Wrong JWS header size", 1, param2.size()); Assert.assertEquals("Missing JWS header key", "urn:at.gv.eid:bindtype", param2.get(0).getKey()); Assert.assertEquals("Missing JWS header value", "urn:at.gv.eid:eidasBind", param2.get(0).getValue()); List param3 = argument3.getValue(); Assert.assertNotNull("sign Payload", param3); Assert.assertEquals("wrong sign-payload size", 1, param3.size()); Assert.assertNotNull("payload", param3.get(0).getValue().getBytes()); JsonNode bcBind = mapper.readTree(param3.get(0).getValue().getBytes()); Assert.assertNotNull("bcbind req", bcBind); Assert.assertEquals("vsz", vsz, bcBind.get("urn:eidgvat:attributes.vsz.value").asText()); Assert.assertEquals("eid status", "urn:eidgvat:eid.status.eidas", bcBind.get("urn:eidgvat:attributes.eid.status").asText()); Assert.assertTrue("pubKeys", bcBind.has("urn:eidgvat:attributes.user.pubkeys")); Assert.assertTrue("pubKeys", bcBind.get("urn:eidgvat:attributes.user.pubkeys").isArray()); Iterator pubKeys = bcBind.get("urn:eidgvat:attributes.user.pubkeys").elements(); Assert.assertTrue("No PubKey", pubKeys.hasNext()); Assert.assertEquals("Wrong pubKey", "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxcB5jnrAwGn7xjgVFv1UBUv1pluwDRFQx7x5O6rSn7pblYfwaWeKa8y" + "jS5BDDaZ00mhhnSlm2XByNrkg5yBGetTgBGtQVAxV5apfuAWN8TS3uSXgdZol7Khd6kraUITtnulvLe8tNaboom5P0zN6UxbJN" + "NVLishVp80HiRXiDbplCTUk8b5cYtmivdb0+5JBTa7L5N/anRVnHHoJCXgNPTouO8daUHZbG1mPk0HgqD8rhZ+OBzE+APKH9No" + "agedSrGRDLdIgZxkrg0mxmfsZQIi2wdJSi3y0PAjEps/s4j0nmw9bPRgCMNLBqqjxtN5JKC8E1yyLm7YefXv/nPaMwIDAQAB", pubKeys.next().asText()); Assert.assertFalse("More than one PubKey", pubKeys.hasNext()); } @Test public void successfulProcessWithStandardInfos() throws Exception { //initialize test String vsz = RandomStringUtils.randomNumeric(10); when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(vsz); val signContentResp = new SignContentResponseType(); final SignContentEntry signContentEntry = new SignContentEntry(); signContentEntry.setValue(RandomStringUtils.randomAlphanumeric(10)); signContentResp.getOut().add(signContentEntry); when(szrMock, "signContent", any(), any(), any()).thenReturn(signContentResp); String randomTestSp = RandomStringUtils.randomAlphabetic(10); pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp); //perform test task.execute(pendingReq, executionContext); //validate state // check if pendingRequest was stored IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId()); Assert.assertNotNull("pendingReq not stored", storedPendingReq); //check data in session final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class); Assert.assertNotNull("AuthProcessData", authProcessData); Assert.assertNotNull("eidasBind", authProcessData.getGenericDataFromSession(Constants.EIDAS_BIND, String.class)); String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class); Assert.assertNotNull("AuthBlock", authBlock); Assert.assertTrue("EID process", authProcessData.isEidProcess()); Assert.assertTrue("foreigner process", authProcessData.isForeigner()); Assert.assertEquals("EID-ISSUING_NATION", "LU", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class)); Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel()); Assert.assertEquals("LoA", response.getLevelOfAssurance(), authProcessData.getQaaLevel()); // check vsz request ArgumentCaptor argument4 = ArgumentCaptor.forClass(PersonInfoType.class); ArgumentCaptor argument5 = ArgumentCaptor.forClass(Boolean.class); verify(szrMock, times(1)).getStammzahlEncrypted(argument4.capture(), argument5.capture()); Boolean param5 = argument5.getValue(); Assert.assertTrue("insertERnP flag", param5); PersonInfoType person = argument4.getValue(); Assert.assertEquals("FamilyName", response.getAttributes().getAttributeValuesByFriendlyName("FamilyName").getFirstValue( response.getAttributes().getDefinitionsByFriendlyName("FamilyName").iterator().next()), person.getPerson().getName().getFamilyName()); Assert.assertEquals("GivenName", response.getAttributes().getAttributeValuesByFriendlyName("FirstName").getFirstValue( response.getAttributes().getDefinitionsByFriendlyName("FirstName").iterator().next()), person.getPerson().getName().getGivenName()); Assert.assertEquals("DateOfBirth", response.getAttributes().getAttributeValuesByFriendlyName("DateOfBirth").getFirstValue( response.getAttributes().getDefinitionsByFriendlyName("DateOfBirth").iterator().next()) .toString().split("T")[0], person.getPerson().getDateOfBirth()); Assert.assertNull("PlaceOfBirth", person.getPerson().getPlaceOfBirth()); Assert.assertNull("BirthName", person.getPerson().getAlternativeName()); Assert.assertEquals("CitizenCountry", "LU", person.getTravelDocument().getIssuingCountry()); Assert.assertEquals("DocumentType", "ELEKTR_DOKUMENT", person.getTravelDocument().getDocumentType()); Assert.assertEquals("Identifier", response.getAttributes().getAttributeValuesByFriendlyName("PersonIdentifier").getFirstValue( response.getAttributes().getDefinitionsByFriendlyName("PersonIdentifier").iterator().next()) .toString().split("/")[2], person.getTravelDocument().getDocumentNumber()); } @Test public void getStammzahlEncryptedExceptionTest() throws Exception { try { when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(null); task.execute(pendingReq, executionContext); } catch (TaskExecutionException e) { Assert.assertEquals("Incorrect exception thrown", e.getMessage(), "IdentityLink generation for foreign person " + "FAILED."); Assert.assertEquals("Incorrect exception thrown", ((SzrCommunicationException) e.getCause()).getErrorId(), "ernb.01"); Assert.assertTrue("Incorrect exception thrown", e.getCause().getMessage().contains("Stammzahl response empty")); } } @Test public void signContentExceptionTest() throws Exception { try { when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(RandomStringUtils.randomNumeric(10)); when(szrMock, "signContent", any(), any(), any()).thenReturn(null); task.execute(pendingReq, executionContext); } catch (TaskExecutionException e) { Assert.assertEquals("Incorrect exception thrown", e.getMessage(), "IdentityLink generation for foreign person " + "FAILED."); Assert.assertEquals("Incorrect exception thrown", ((SzrCommunicationException) e.getCause()).getErrorId(), "ernb.01"); Assert.assertTrue("Incorrect exception thrown", e.getCause().getMessage().contains("BcBind response empty")); } } private Pair getKeyStore() throws EaafException { // read Connector wide config data TODO connector wide! String keyStoreName = basicConfig.getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEYSTORE_NAME); String keyStorePw = basicConfig.getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEYSTORE_PASSWORD); String keyStorePath = basicConfig.getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEYSTORE_PATH); String keyStoreType = basicConfig.getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEYSTORE_TYPE); //build new KeyStore configuration KeyStoreConfiguration keyStoreConfiguration = new KeyStoreConfiguration(); keyStoreConfiguration.setFriendlyName("jUnit test"); keyStoreConfiguration.setSoftKeyStoreFilePath(keyStorePath); keyStoreConfiguration.setSoftKeyStorePassword(keyStorePw); keyStoreConfiguration.setKeyStoreType(KeyStoreConfiguration.KeyStoreType.fromString(keyStoreType)); keyStoreConfiguration.setKeyStoreName(keyStoreName); //build new KeyStore based on configuration return keyStoreFactory.buildNewKeyStore(keyStoreConfiguration); } @NotNull private AuthenticationResponse buildDummyAuthResponse(boolean withAll) throws URISyntaxException { final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first(); final AttributeDefinition attributeDef2 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( Constants.eIDAS_ATTR_CURRENTFAMILYNAME).first(); final AttributeDefinition attributeDef3 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( Constants.eIDAS_ATTR_CURRENTGIVENNAME).first(); final AttributeDefinition attributeDef4 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( Constants.eIDAS_ATTR_DATEOFBIRTH).first(); final AttributeDefinition attributeDef5 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( Constants.eIDAS_ATTR_PLACEOFBIRTH).first(); final AttributeDefinition attributeDef6 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName( Constants.eIDAS_ATTR_BIRTHNAME).first(); final Builder attributeMap = ImmutableAttributeMap.builder(); attributeMap.put(attributeDef, "LU/AT/" + RandomStringUtils.randomNumeric(64)); attributeMap.put(attributeDef2, RandomStringUtils.randomAlphabetic(10)); attributeMap.put(attributeDef3, RandomStringUtils.randomAlphabetic(10)); attributeMap.put(attributeDef4, "2001-01-01"); if (withAll) { attributeMap.put(attributeDef5, RandomStringUtils.randomAlphabetic(10)); attributeMap.put(attributeDef6, RandomStringUtils.randomAlphabetic(10)); } val b = new AuthenticationResponse.Builder(); return b.id("_".concat(Random.nextHexRandom16())) .issuer(RandomStringUtils.randomAlphabetic(10)) .subject(RandomStringUtils.randomAlphabetic(10)) .statusCode(Constants.SUCCESS_URI) .inResponseTo("_".concat(Random.nextHexRandom16())) .subjectNameIdFormat("afaf") .levelOfAssurance(EaafConstants.EIDAS_LOA_PREFIX + RandomStringUtils.randomAlphabetic(5)) .attributes(attributeMap.build()) .build(); } }