diff options
author | rudolf <rudolf@d688527b-c9ab-4aba-bd8d-4036d912da1d> | 2003-10-24 08:34:56 +0000 |
---|---|---|
committer | rudolf <rudolf@d688527b-c9ab-4aba-bd8d-4036d912da1d> | 2003-10-24 08:34:56 +0000 |
commit | dd45e938564249a5e6897bd92dd29808d8990868 (patch) | |
tree | 372d8a4b128cff09262ad09d6a4cf5765d672d61 /id.server/src/test/abnahme/A/Test300VerifyAuthBlock.java | |
parent | 59f78a67d7357fd31de68fc2b623f95b3d654ebc (diff) | |
download | moa-id-spss-dd45e938564249a5e6897bd92dd29808d8990868.tar.gz moa-id-spss-dd45e938564249a5e6897bd92dd29808d8990868.tar.bz2 moa-id-spss-dd45e938564249a5e6897bd92dd29808d8990868.zip |
MOA-ID version 1.1 (initial)
git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@19 d688527b-c9ab-4aba-bd8d-4036d912da1d
Diffstat (limited to 'id.server/src/test/abnahme/A/Test300VerifyAuthBlock.java')
-rw-r--r-- | id.server/src/test/abnahme/A/Test300VerifyAuthBlock.java | 597 |
1 files changed, 597 insertions, 0 deletions
diff --git a/id.server/src/test/abnahme/A/Test300VerifyAuthBlock.java b/id.server/src/test/abnahme/A/Test300VerifyAuthBlock.java new file mode 100644 index 000000000..d9e69eba4 --- /dev/null +++ b/id.server/src/test/abnahme/A/Test300VerifyAuthBlock.java @@ -0,0 +1,597 @@ +package test.abnahme.A; + +import java.util.Calendar; + +import org.w3c.dom.Element; +import test.abnahme.AbnahmeTestCase; + +import at.gv.egovernment.moa.id.AuthenticationException; +import at.gv.egovernment.moa.id.BuildException; +import at.gv.egovernment.moa.id.ParseException; +import at.gv.egovernment.moa.id.auth.AuthenticationServer; +import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataAssertionBuilder; +import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder; +import at.gv.egovernment.moa.id.auth.builder.VPKBuilder; +import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; +import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; +import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; +import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser; +import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; +import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; +import at.gv.egovernment.moa.id.auth.validator.CreateXMLSignatureResponseValidator; +import at.gv.egovernment.moa.id.auth.validator.ValidateException; +import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator; +import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.data.AuthenticationData; +import at.gv.egovernment.moa.id.util.Random; +import at.gv.egovernment.moa.util.DOMUtils; +import at.gv.egovernment.moa.util.DateTimeUtils; + +/** + * @author Stefan Knirsch + * @version $Id$ + * + */ + +public class Test300VerifyAuthBlock extends AbnahmeTestCase { + + public Test300VerifyAuthBlock(String name) { + super(name); + } + + public void testA301() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServer(sessionID); + //authDataWriter(authData,this.getName()+"new.xml"); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA302() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServer(sessionID); + //authDataWriter(authData,this.getName()+"new.xml"); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA303() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServer(sessionID); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA304() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServer(sessionID); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA305() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServer(sessionID); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA306() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServer(sessionID); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA307() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServer(sessionID); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA308() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServer(sessionID); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + + } + + public void testA309() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA310() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA311() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA351() throws Exception { + try { + String sessionID = startAuthentication(); + System.out.println(sessionID); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + server.verifyIdentityLink(sessionID, infoboxReadResponse); + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); + IdentityLink idl = irrp.parseIdentityLink(); + Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); + Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); + new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); + //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); + // System.out.println(createXMLSignatureRequest); + String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); + + // nicht existierende Session.... + try { + server.verifyAuthenticationBlock("0", createXMLSignatureResponse); + fail(); + } + catch (AuthenticationException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA352() throws Exception { + try { + String sessionID = startAuthentication(); + System.out.println(sessionID); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + server.verifyIdentityLink(sessionID, infoboxReadResponse); + server.setSecondsSessionTimeOut(-100); + server.cleanup(); + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); + IdentityLink idl = irrp.parseIdentityLink(); + Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); + Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); + new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); + //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); + // System.out.println(createXMLSignatureRequest); + String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); + + // abgelaufene Session.... + server.setSecondsSessionTimeOut(1000); + try { + server.verifyAuthenticationBlock("0", createXMLSignatureResponse); + fail(); + } + catch (AuthenticationException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA353() throws Exception { + try { + String sessionID = startAuthentication(); + System.out.println(sessionID); + + String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); + + // Session for VerifyIdentityLink-Aufruf + try { + + server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); + fail(); + } + //NOCH SEHR UNSCHÖN..... (fliegt raus im AuthenticationServer, Methode buildAuthenticationData + // ( IdentityLink identityLink = session.getIdentityLink(); ==> liefert dann NULL... + catch (NullPointerException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA354() throws Exception { + try { + String sessionID = startAuthentication(); + System.out.println(sessionID); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + server.verifyIdentityLink(sessionID, infoboxReadResponse); + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); + IdentityLink idl = irrp.parseIdentityLink(); + Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); + Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); + new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); + //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); + // System.out.println(createXMLSignatureRequest); + String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); + + // nicht existierende Session.... + + server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); + try { + server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); + fail(); + } + catch (AuthenticationException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA355() throws Exception { + try { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ParseException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA356() throws Exception { + try { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ParseException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA357() throws Exception { + try { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ValidateException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA358() throws Exception { + try { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ValidateException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA359() throws Exception { + try { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ValidateException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA360() throws Exception { + try { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ValidateException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA361() throws Exception { + try { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ValidateException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA362() throws Exception { + try { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ValidateException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA363() throws Exception { + try { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ValidateException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA364() throws Exception { + try { + String sessionID = startAuthentication(); + try { + + initServer(sessionID); + fail(); + } + catch (ValidateException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + /* public void testA365() throws Exception { + String sessionID = startAuthentication(); + try { + // wegen sinnlosigkeit gestrichen + initServer(sessionID); + fail(); + } + catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");} + }*/ + + public void testA366() throws Exception { + + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");} + } + public void testA367() throws Exception { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");} + } + + + private AuthenticationData initServer(String sessionID) throws Exception { + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + server.verifyIdentityLink(sessionID, infoboxReadResponse); + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); + IdentityLink idl = irrp.parseIdentityLink(); + Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, "TrustProfile1"); + Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); + new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); + //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); + // System.out.println(createXMLSignatureRequest); + String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); + // CreateXMLSignatureResponseValidator.getInstance().validate(new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(),"gb","https://localhost:9443/"); + String samlArtifact = server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); + AuthenticationData authData = server.getAuthenticationData(samlArtifact); + return authData; + } + + private AuthenticationData initServerWithoutValidateAuthBlock(String sessionID) throws Exception { + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + server.verifyIdentityLink(sessionID, infoboxReadResponse); + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); + IdentityLink idl = irrp.parseIdentityLink(); + Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, "TrustProfile1"); + Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); + new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); + //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); + // System.out.println(createXMLSignatureRequest); + String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); + // CreateXMLSignatureResponseValidator.getInstance().validate(new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(),"gb","https://localhost:9443/"); + + AuthenticationSession session = AuthenticationServer.getSession(sessionID); + AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance(); + // parses <CreateXMLSignatureResponse> + CreateXMLSignatureResponse csresp = + new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(); + // validates <CreateXMLSignatureResponse> + new CreateXMLSignatureResponseValidator().validate(csresp, session.getTarget(), session.getPublicOAURLPrefix()); + // builds a <VerifyXMLSignatureRequest> for a MOA-SPSS call + String[] vtids = authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs(); + String tpid = authConf.getMoaSpAuthBlockTrustProfileID(); + Element domVsreq = new VerifyXMLSignatureRequestBuilder().build(csresp, vtids, tpid); + // invokes the call + Element domVsresp = new SignatureVerificationInvoker().verifyXMLSignature(domVsreq); + // parses the <VerifyXMLSignatureResponse> + VerifyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponseParser(domVsresp).parseData(); + // validates the <VerifyXMLSignatureResponse> + VerifyXMLSignatureResponseValidator.getInstance().validate(vsresp, null, VerifyXMLSignatureResponseValidator.CHECK_AUTH_BLOCK); + // compares the public keys from the identityLink with the AuthBlock + + // builds authentication data and stores it together with a SAML artifact + AuthenticationData authData = buildAuthenticationData(session, vsresp); + return authData; + } + private AuthenticationData buildAuthenticationData( + AuthenticationSession session, + VerifyXMLSignatureResponse verifyXMLSigResp) + throws ConfigurationException, BuildException { + + IdentityLink identityLink = session.getIdentityLink(); + AuthenticationData authData = new AuthenticationData(); + authData.setMajorVersion(1); + authData.setMinorVersion(0); + authData.setAssertionID(Random.nextRandom()); + authData.setIssuer(session.getAuthURL()); + authData.setIssueInstant(DateTimeUtils.buildDateTime(Calendar.getInstance())); + String vpkBase64 = new VPKBuilder().buildVPK( + identityLink.getIdentificationValue(), identityLink.getDateOfBirth(), session.getTarget()); + authData.setVPK(vpkBase64); + authData.setGivenName(identityLink.getGivenName()); + authData.setFamilyName(identityLink.getFamilyName()); + authData.setDateOfBirth(identityLink.getDateOfBirth()); + authData.setQualifiedCertificate(verifyXMLSigResp.isQualifiedCertificate()); + authData.setPublicAuthority(verifyXMLSigResp.isPublicAuthority()); + authData.setPublicAuthorityCode(verifyXMLSigResp.getPublicAuthorityCode()); + OAAuthParameter oaParam = + AuthConfigurationProvider.getInstance().getOnlineApplicationParameter( + session.getPublicOAURLPrefix()); + String prPerson = new PersonDataBuilder().build( + identityLink, oaParam.getProvideZMRZahl()); + + try { + String ilAssertion = + oaParam.getProvideIdentityLink() ? DOMUtils.serializeNode(identityLink.getSamlAssertion()) : ""; + String authBlock = oaParam.getProvideAuthBlock() ? session.getAuthBlock() : ""; + String samlAssertion = new AuthenticationDataAssertionBuilder().build( + authData, prPerson, authBlock, ilAssertion); + authData.setSamlAssertion(samlAssertion); + return authData; + } + catch (Throwable ex) { + throw new BuildException( + "builder.00", + new Object[] { "AuthenticationData", ex.getMessage() }, + ex); + } + } +} |