diff options
| author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2013-09-04 11:33:35 +0200 |
|---|---|---|
| committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2013-09-04 11:33:35 +0200 |
| commit | 0d8dfd1b3b0892164fbd9d3d13eb231adad4062b (patch) | |
| tree | 7b336240678bf008c3cdc1063eb8cfee7492178e /id/server/idserverlib/src/test/java/test/abnahme/A | |
| parent | eadd6dd97f1b30608b31ffcd90382874fbcdaddc (diff) | |
| download | moa-id-spss-0d8dfd1b3b0892164fbd9d3d13eb231adad4062b.tar.gz moa-id-spss-0d8dfd1b3b0892164fbd9d3d13eb231adad4062b.tar.bz2 moa-id-spss-0d8dfd1b3b0892164fbd9d3d13eb231adad4062b.zip | |
MOA-ID-LIB tests deactivated
Diffstat (limited to 'id/server/idserverlib/src/test/java/test/abnahme/A')
7 files changed, 2108 insertions, 2108 deletions
diff --git a/id/server/idserverlib/src/test/java/test/abnahme/A/Test100StartAuthentication.java b/id/server/idserverlib/src/test/java/test/abnahme/A/Test100StartAuthentication.java index 818773794..f875ea809 100644 --- a/id/server/idserverlib/src/test/java/test/abnahme/A/Test100StartAuthentication.java +++ b/id/server/idserverlib/src/test/java/test/abnahme/A/Test100StartAuthentication.java @@ -1,200 +1,200 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package test.abnahme.A; - -import test.abnahme.AbnahmeTestCase; -import at.gv.egovernment.moa.id.AuthenticationException; -import at.gv.egovernment.moa.id.auth.WrongParametersException; - -/** - * @author Stefan Knirsch - * @version $Id$ - * - */ -public class Test100StartAuthentication extends AbnahmeTestCase { - - public Test100StartAuthentication(String name) { - super(name); - } - - public void testA101() throws Exception { - try { - String htmlForm = server.startAuthentication("https://localhost:8443/auth", //authURL - "gb", //target - null, - "http://localhost:9080/", //oaURL - "file:" + findXmldata("AuthTemplate.html"), - "http://localhost:3495/http-security-layer-request", - null, null, null, null); - htmlForm = killExclusive(htmlForm, "MOASessionID=","\"","DELETED"); - //writeXmldata("htmlForm_out.html",htmlForm.getBytes("UTF-8")); - assertEquals(readXmldata("htmlForm.html"),htmlForm); - System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA102() throws Exception { - try { - String htmlForm = server.startAuthentication("https://localhost:8443/auth", //authURL - "gb", //target - null, - "http://localhost:9080/", //oaURL - null, - "http://localhost:3495/http-security-layer-request", null, null, null, null); - htmlForm = killExclusive(htmlForm, "MOASessionID=","\"","DELETED"); - //writeXmldata("htmlForm_out.html",htmlForm.getBytes("UTF-8")); - assertEquals(readXmldata("htmlForm.html"),htmlForm); - - System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA103() throws Exception { - try { - String htmlForm = server.startAuthentication("https://localhost:8443/auth", //authURL - "gb", //target - null, - "http://localhost:9080/", //oaURL - "file:" + findXmldata("AuthTemplate.html"), - null, - null, - null, null, null); - htmlForm = killExclusive(htmlForm, "MOASessionID=","\"","DELETED"); - //writeXmldata("htmlForm_out.html",htmlForm.getBytes("UTF-8")); - assertEquals(readXmldata("htmlForm.html"),htmlForm); - System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA151() throws Exception { - try { - try { - server.startAuthentication(null, //authURL - "gb", //target - null, - "http://localhost:9080/", //oaURL - null, null, null, null, null, null); - //assertEquals("",htmlForm); - System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); - fail(this.getName() + " hat KEINE FEHLER geworfen"); - } - catch (WrongParametersException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA152() throws Exception { - try { - try { - server.startAuthentication("http://localhost:8080/auth", //authURL - "gb", null, "http://localhost:9080/", //oaURL - null, null, null, null, null, null); - System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); - fail(this.getName() + " hat KEINE FEHLER geworfen"); - } - catch (AuthenticationException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA153() throws Exception { - try { - try { - server.startAuthentication("https://localhost:8443/auth", //authURL - "gb", null, "http://host_not_in_config/", //oaURL - null, null, null, null, null, null); - System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); - fail(this.getName() + " hat KEINE FEHLER geworfen"); - } - catch (AuthenticationException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA154() throws Exception { - try { - try { - server.startAuthentication("https://localhost:8443/auth", //authURL - "gb", null, null, //oaURL - null, null, null, null, null, null); - System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); - fail(this.getName() + " hat KEINE FEHLER geworfen"); - } - catch (WrongParametersException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA155() throws Exception { - try { - try { - server.startAuthentication("https://localhost:8443/auth", //authURL - null, null, "http://localhost:9080/", //oaURL - null, null, null, null, null, null); - System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); - fail(this.getName() + " hat KEINE FEHLER geworfen"); - } - catch (WrongParametersException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - //assertEquals("",htmlForm); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - -} +///* +// * Copyright 2003 Federal Chancellery Austria +// * MOA-ID has been developed in a cooperation between BRZ, the Federal +// * Chancellery Austria - ICT staff unit, and Graz University of Technology. +// * +// * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by +// * the European Commission - subsequent versions of the EUPL (the "Licence"); +// * You may not use this work except in compliance with the Licence. +// * You may obtain a copy of the Licence at: +// * http://www.osor.eu/eupl/ +// * +// * Unless required by applicable law or agreed to in writing, software +// * distributed under the Licence is distributed on an "AS IS" basis, +// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// * See the Licence for the specific language governing permissions and +// * limitations under the Licence. +// * +// * This product combines work with different licenses. See the "NOTICE" text +// * file for details on the various modules and licenses. +// * The "NOTICE" text file is part of the distribution. Any derivative works +// * that you distribute must include a readable copy of the "NOTICE" text file. +// */ +// +// +//package test.abnahme.A; +// +//import test.abnahme.AbnahmeTestCase; +//import at.gv.egovernment.moa.id.AuthenticationException; +//import at.gv.egovernment.moa.id.auth.WrongParametersException; +// +///** +// * @author Stefan Knirsch +// * @version $Id$ +// * +// */ +//public class Test100StartAuthentication extends AbnahmeTestCase { +// +// public Test100StartAuthentication(String name) { +// super(name); +// } +// +// public void testA101() throws Exception { +// try { +// String htmlForm = server.startAuthentication("https://localhost:8443/auth", //authURL +// "gb", //target +// null, +// "http://localhost:9080/", //oaURL +// "file:" + findXmldata("AuthTemplate.html"), +// "http://localhost:3495/http-security-layer-request", +// null, null, null, null); +// htmlForm = killExclusive(htmlForm, "MOASessionID=","\"","DELETED"); +// //writeXmldata("htmlForm_out.html",htmlForm.getBytes("UTF-8")); +// assertEquals(readXmldata("htmlForm.html"),htmlForm); +// System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testA102() throws Exception { +// try { +// String htmlForm = server.startAuthentication("https://localhost:8443/auth", //authURL +// "gb", //target +// null, +// "http://localhost:9080/", //oaURL +// null, +// "http://localhost:3495/http-security-layer-request", null, null, null, null); +// htmlForm = killExclusive(htmlForm, "MOASessionID=","\"","DELETED"); +// //writeXmldata("htmlForm_out.html",htmlForm.getBytes("UTF-8")); +// assertEquals(readXmldata("htmlForm.html"),htmlForm); +// +// System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// public void testA103() throws Exception { +// try { +// String htmlForm = server.startAuthentication("https://localhost:8443/auth", //authURL +// "gb", //target +// null, +// "http://localhost:9080/", //oaURL +// "file:" + findXmldata("AuthTemplate.html"), +// null, +// null, +// null, null, null); +// htmlForm = killExclusive(htmlForm, "MOASessionID=","\"","DELETED"); +// //writeXmldata("htmlForm_out.html",htmlForm.getBytes("UTF-8")); +// assertEquals(readXmldata("htmlForm.html"),htmlForm); +// System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testA151() throws Exception { +// try { +// try { +// server.startAuthentication(null, //authURL +// "gb", //target +// null, +// "http://localhost:9080/", //oaURL +// null, null, null, null, null, null); +// //assertEquals("",htmlForm); +// System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); +// fail(this.getName() + " hat KEINE FEHLER geworfen"); +// } +// catch (WrongParametersException e) { +// System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); +// } +// +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// public void testA152() throws Exception { +// try { +// try { +// server.startAuthentication("http://localhost:8080/auth", //authURL +// "gb", null, "http://localhost:9080/", //oaURL +// null, null, null, null, null, null); +// System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); +// fail(this.getName() + " hat KEINE FEHLER geworfen"); +// } +// catch (AuthenticationException e) { +// System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// public void testA153() throws Exception { +// try { +// try { +// server.startAuthentication("https://localhost:8443/auth", //authURL +// "gb", null, "http://host_not_in_config/", //oaURL +// null, null, null, null, null, null); +// System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); +// fail(this.getName() + " hat KEINE FEHLER geworfen"); +// } +// catch (AuthenticationException e) { +// System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); +// } +// +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// public void testA154() throws Exception { +// try { +// try { +// server.startAuthentication("https://localhost:8443/auth", //authURL +// "gb", null, null, //oaURL +// null, null, null, null, null, null); +// System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); +// fail(this.getName() + " hat KEINE FEHLER geworfen"); +// } +// catch (WrongParametersException e) { +// System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testA155() throws Exception { +// try { +// try { +// server.startAuthentication("https://localhost:8443/auth", //authURL +// null, null, "http://localhost:9080/", //oaURL +// null, null, null, null, null, null); +// System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); +// fail(this.getName() + " hat KEINE FEHLER geworfen"); +// } +// catch (WrongParametersException e) { +// System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); +// } +// //assertEquals("",htmlForm); +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +//} diff --git a/id/server/idserverlib/src/test/java/test/abnahme/A/Test200VerifyIdentityLink.java b/id/server/idserverlib/src/test/java/test/abnahme/A/Test200VerifyIdentityLink.java index 9a6058370..2d00458e5 100644 --- a/id/server/idserverlib/src/test/java/test/abnahme/A/Test200VerifyIdentityLink.java +++ b/id/server/idserverlib/src/test/java/test/abnahme/A/Test200VerifyIdentityLink.java @@ -1,393 +1,393 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package test.abnahme.A; - -import java.util.HashMap; -import java.util.Vector; - -import org.w3c.dom.Element; - -import test.abnahme.AbnahmeTestCase; -import at.gv.egovernment.moa.id.AuthenticationException; -import at.gv.egovernment.moa.id.ParseException; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; -import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; -import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; -import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; -import at.gv.egovernment.moa.id.auth.validator.ValidateException; -import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; - -/** - * @author Stefan Knirsch - * @version $Id$ - * - */ -public class Test200VerifyIdentityLink extends AbnahmeTestCase { - - public Test200VerifyIdentityLink(String name) { - super(name); - } - - public void testA201() throws Exception { - try { - String sessionID = startAuthentication(); - System.out.println(sessionID); - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - String createXMLSignatureRequest = server.verifyIdentityLink(sessionID, parameters); - - InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); - IdentityLink idl = irrp.parseIdentityLink(); - Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); - Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); - - VerifyXMLSignatureResponseParser respParser = new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); - VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames(), VerifyXMLSignatureResponseValidator.CHECK_IDENTITY_LINK, true); - - /* - * HINWEIS: clearSamlAssertion löscht aus einer beliebiegen String-Repräsentation einer XML-Struktur - * AUSSLIESSLICH die Attribute IssueInstand und die AssertionID heraus, von dem her ist diese - * Method hier verwendbar - */ - - assertXmlEquals(clearSamlAssertion(readXmldata("CreateXMLSignatureRequest.xml")), clearSamlAssertion(createXMLSignatureRequest)); - System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - - } - public void testA251() throws Exception { - try { - startAuthentication(); - String sessionID = "0"; - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - - try { - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); - fail(this.getName() + " hat KEINE FEHLER geworfen"); - } - catch (AuthenticationException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA252() throws Exception { - try { - String sessionID = startAuthentication(); - - server.setSecondsSessionTimeOut(-100); - server.cleanup(); - server.setSecondsSessionTimeOut(1000); - - System.out.println(sessionID); - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - try { - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); - fail(this.getName() + " hat KEINE FEHLER geworfen"); - } - catch (AuthenticationException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA253() throws Exception { - try { - String sessionID = startAuthentication(); - System.out.println(sessionID); - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - try { - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); - fail(this.getName() + " hat KEINE FEHLER geworfen"); - } - catch (AuthenticationException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA254() throws Exception { - try { - String sessionID = startAuthentication(); - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - try { - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); - fail(this.getName() + " hat KEINE FEHLER geworfen"); - } - catch (ValidateException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA255() throws Exception { - try { - String sessionID = startAuthentication(); - System.out.println(sessionID); - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - try { - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - } - catch (ParseException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA256() throws Exception { - try { - String sessionID = startAuthentication(); - System.out.println(sessionID); - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - try { - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - } - catch (ValidateException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA257() throws Exception { - try { - String sessionID = startAuthentication(); - System.out.println(sessionID); - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - try { - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); - fail(this.getName() + " hat KEINE FEHLER geworfen"); - - } - catch (ValidateException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA258() throws Exception { - try { - String sessionID = startAuthentication(); - System.out.println(sessionID); - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - try { - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); - fail(this.getName() + " hat KEINE FEHLER geworfen"); - } - catch (ValidateException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA259() throws Exception { - try { - String sessionID = startAuthentication(); - System.out.println(sessionID); - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - try { - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); - fail(this.getName() + " hat KEINE FEHLER geworfen"); - } - catch (ValidateException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA260() throws Exception { - try { - String sessionID = startAuthentication(); - System.out.println(sessionID); - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - try { - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); - fail(this.getName() + " hat KEINE FEHLER geworfen"); - } - catch (ValidateException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA261() throws Exception { - try { - String sessionID = startAuthentication(); - System.out.println(sessionID); - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - - try { - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); - fail(this.getName() + " hat KEINE FEHLER geworfen"); - } - catch (ValidateException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA262() throws Exception { - try { - String sessionID = startAuthentication(); - System.out.println(sessionID); - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - new InfoboxReadResponseParser(infoboxReadResponse).parseIdentityLink(); - // System.out.println(infoboxReadResponse); - - try { - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); - fail(this.getName() + " hat KEINE FEHLER geworfen"); - } - catch (ValidateException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA263() throws Exception { - try { - String sessionID = startAuthentication(); - System.out.println(sessionID); - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); - IdentityLink idl = irrp.parseIdentityLink(); - Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); - Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); - - VerifyXMLSignatureResponseParser respParser = new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); - - // String createXMLSignatureRequest = server.verifyIdentityLink(sessionID, infoboxReadResponse); - // System.out.println(createXMLSignatureRequest); - // String createXMLSignatureResponse = readFile(TESTDATA_ROOT + "xmldata/standard/"+"CreateXMLSignatureResponse.xml"); - // String samlArtifact = server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); - Vector identityLinkSigners = new Vector(); - identityLinkSigners.add("CN=TEST,OU=TEST,O=TEST,C=AT"); - try { - VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), identityLinkSigners, VerifyXMLSignatureResponseValidator.CHECK_IDENTITY_LINK, true); - System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); - fail(this.getName() + " hat KEINE FEHLER geworfen"); - } - catch (ValidateException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } -} +///* +// * Copyright 2003 Federal Chancellery Austria +// * MOA-ID has been developed in a cooperation between BRZ, the Federal +// * Chancellery Austria - ICT staff unit, and Graz University of Technology. +// * +// * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by +// * the European Commission - subsequent versions of the EUPL (the "Licence"); +// * You may not use this work except in compliance with the Licence. +// * You may obtain a copy of the Licence at: +// * http://www.osor.eu/eupl/ +// * +// * Unless required by applicable law or agreed to in writing, software +// * distributed under the Licence is distributed on an "AS IS" basis, +// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// * See the Licence for the specific language governing permissions and +// * limitations under the Licence. +// * +// * This product combines work with different licenses. See the "NOTICE" text +// * file for details on the various modules and licenses. +// * The "NOTICE" text file is part of the distribution. Any derivative works +// * that you distribute must include a readable copy of the "NOTICE" text file. +// */ +// +// +//package test.abnahme.A; +// +//import java.util.HashMap; +//import java.util.Vector; +// +//import org.w3c.dom.Element; +// +//import test.abnahme.AbnahmeTestCase; +//import at.gv.egovernment.moa.id.AuthenticationException; +//import at.gv.egovernment.moa.id.ParseException; +//import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; +//import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; +//import at.gv.egovernment.moa.id.auth.data.IdentityLink; +//import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; +//import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; +//import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; +//import at.gv.egovernment.moa.id.auth.validator.ValidateException; +//import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator; +//import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +// +///** +// * @author Stefan Knirsch +// * @version $Id$ +// * +// */ +//public class Test200VerifyIdentityLink extends AbnahmeTestCase { +// +// public Test200VerifyIdentityLink(String name) { +// super(name); +// } +// +// public void testA201() throws Exception { +// try { +// String sessionID = startAuthentication(); +// System.out.println(sessionID); +// String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); +// HashMap parameters = new HashMap(1); +// parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); +// String createXMLSignatureRequest = server.verifyIdentityLink(sessionID, parameters); +// +// InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); +// IdentityLink idl = irrp.parseIdentityLink(); +// Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); +// Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); +// +// VerifyXMLSignatureResponseParser respParser = new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); +// VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames(), VerifyXMLSignatureResponseValidator.CHECK_IDENTITY_LINK, true); +// +// /* +// * HINWEIS: clearSamlAssertion l�scht aus einer beliebiegen String-Repr�sentation einer XML-Struktur +// * AUSSLIESSLICH die Attribute IssueInstand und die AssertionID heraus, von dem her ist diese +// * Method hier verwendbar +// */ +// +// assertXmlEquals(clearSamlAssertion(readXmldata("CreateXMLSignatureRequest.xml")), clearSamlAssertion(createXMLSignatureRequest)); +// System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// +// } +// public void testA251() throws Exception { +// try { +// startAuthentication(); +// String sessionID = "0"; +// String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); +// +// try { +// HashMap parameters = new HashMap(1); +// parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); +// server.verifyIdentityLink(sessionID, parameters); +// System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); +// fail(this.getName() + " hat KEINE FEHLER geworfen"); +// } +// catch (AuthenticationException e) { +// System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testA252() throws Exception { +// try { +// String sessionID = startAuthentication(); +// +// server.setSecondsSessionTimeOut(-100); +// server.cleanup(); +// server.setSecondsSessionTimeOut(1000); +// +// System.out.println(sessionID); +// String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); +// try { +// HashMap parameters = new HashMap(1); +// parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); +// server.verifyIdentityLink(sessionID, parameters); +// System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); +// fail(this.getName() + " hat KEINE FEHLER geworfen"); +// } +// catch (AuthenticationException e) { +// System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); +// } +// +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testA253() throws Exception { +// try { +// String sessionID = startAuthentication(); +// System.out.println(sessionID); +// String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); +// try { +// HashMap parameters = new HashMap(1); +// parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); +// server.verifyIdentityLink(sessionID, parameters); +// System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); +// fail(this.getName() + " hat KEINE FEHLER geworfen"); +// } +// catch (AuthenticationException e) { +// System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testA254() throws Exception { +// try { +// String sessionID = startAuthentication(); +// String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); +// try { +// HashMap parameters = new HashMap(1); +// parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); +// server.verifyIdentityLink(sessionID, parameters); +// System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); +// fail(this.getName() + " hat KEINE FEHLER geworfen"); +// } +// catch (ValidateException e) { +// System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testA255() throws Exception { +// try { +// String sessionID = startAuthentication(); +// System.out.println(sessionID); +// String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); +// try { +// HashMap parameters = new HashMap(1); +// parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); +// server.verifyIdentityLink(sessionID, parameters); +// } +// catch (ParseException e) { +// System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// public void testA256() throws Exception { +// try { +// String sessionID = startAuthentication(); +// System.out.println(sessionID); +// String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); +// try { +// HashMap parameters = new HashMap(1); +// parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); +// server.verifyIdentityLink(sessionID, parameters); +// } +// catch (ValidateException e) { +// System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); +// } +// +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// public void testA257() throws Exception { +// try { +// String sessionID = startAuthentication(); +// System.out.println(sessionID); +// String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); +// try { +// HashMap parameters = new HashMap(1); +// parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); +// server.verifyIdentityLink(sessionID, parameters); +// System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); +// fail(this.getName() + " hat KEINE FEHLER geworfen"); +// +// } +// catch (ValidateException e) { +// System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testA258() throws Exception { +// try { +// String sessionID = startAuthentication(); +// System.out.println(sessionID); +// String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); +// try { +// HashMap parameters = new HashMap(1); +// parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); +// server.verifyIdentityLink(sessionID, parameters); +// System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); +// fail(this.getName() + " hat KEINE FEHLER geworfen"); +// } +// catch (ValidateException e) { +// System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testA259() throws Exception { +// try { +// String sessionID = startAuthentication(); +// System.out.println(sessionID); +// String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); +// try { +// HashMap parameters = new HashMap(1); +// parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); +// server.verifyIdentityLink(sessionID, parameters); +// System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); +// fail(this.getName() + " hat KEINE FEHLER geworfen"); +// } +// catch (ValidateException e) { +// System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testA260() throws Exception { +// try { +// String sessionID = startAuthentication(); +// System.out.println(sessionID); +// String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); +// try { +// HashMap parameters = new HashMap(1); +// parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); +// server.verifyIdentityLink(sessionID, parameters); +// System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); +// fail(this.getName() + " hat KEINE FEHLER geworfen"); +// } +// catch (ValidateException e) { +// System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// public void testA261() throws Exception { +// try { +// String sessionID = startAuthentication(); +// System.out.println(sessionID); +// String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); +// +// try { +// HashMap parameters = new HashMap(1); +// parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); +// server.verifyIdentityLink(sessionID, parameters); +// System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); +// fail(this.getName() + " hat KEINE FEHLER geworfen"); +// } +// catch (ValidateException e) { +// System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); +// } +// +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testA262() throws Exception { +// try { +// String sessionID = startAuthentication(); +// System.out.println(sessionID); +// String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); +// new InfoboxReadResponseParser(infoboxReadResponse).parseIdentityLink(); +// // System.out.println(infoboxReadResponse); +// +// try { +// HashMap parameters = new HashMap(1); +// parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); +// server.verifyIdentityLink(sessionID, parameters); +// System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); +// fail(this.getName() + " hat KEINE FEHLER geworfen"); +// } +// catch (ValidateException e) { +// System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testA263() throws Exception { +// try { +// String sessionID = startAuthentication(); +// System.out.println(sessionID); +// String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); +// HashMap parameters = new HashMap(1); +// parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); +// server.verifyIdentityLink(sessionID, parameters); +// InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); +// IdentityLink idl = irrp.parseIdentityLink(); +// Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); +// Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); +// +// VerifyXMLSignatureResponseParser respParser = new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); +// +// // String createXMLSignatureRequest = server.verifyIdentityLink(sessionID, infoboxReadResponse); +// // System.out.println(createXMLSignatureRequest); +// // String createXMLSignatureResponse = readFile(TESTDATA_ROOT + "xmldata/standard/"+"CreateXMLSignatureResponse.xml"); +// // String samlArtifact = server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); +// Vector identityLinkSigners = new Vector(); +// identityLinkSigners.add("CN=TEST,OU=TEST,O=TEST,C=AT"); +// try { +// VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), identityLinkSigners, VerifyXMLSignatureResponseValidator.CHECK_IDENTITY_LINK, true); +// System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); +// fail(this.getName() + " hat KEINE FEHLER geworfen"); +// } +// catch (ValidateException e) { +// System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +//} diff --git a/id/server/idserverlib/src/test/java/test/abnahme/A/Test300VerifyAuthBlock.java b/id/server/idserverlib/src/test/java/test/abnahme/A/Test300VerifyAuthBlock.java index 6e6092b3f..9d07b6620 100644 --- a/id/server/idserverlib/src/test/java/test/abnahme/A/Test300VerifyAuthBlock.java +++ b/id/server/idserverlib/src/test/java/test/abnahme/A/Test300VerifyAuthBlock.java @@ -1,633 +1,633 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package test.abnahme.A; - -import java.util.Calendar; -import java.util.HashMap; - -import org.w3c.dom.Element; -import test.abnahme.AbnahmeTestCase; - -import at.gv.egovernment.moa.id.AuthenticationException; -import at.gv.egovernment.moa.id.BuildException; -import at.gv.egovernment.moa.id.ParseException; -import at.gv.egovernment.moa.id.auth.AuthenticationServer; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataAssertionBuilder; -import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder; -import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; -import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; -import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; -import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; -import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser; -import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; -import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; -import at.gv.egovernment.moa.id.auth.validator.CreateXMLSignatureResponseValidator; -import at.gv.egovernment.moa.id.auth.validator.ValidateException; -import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.data.AuthenticationData; -import at.gv.egovernment.moa.id.util.Random; -import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.egovernment.moa.util.DateTimeUtils; - -/** - * @author Stefan Knirsch - * @version $Id$ - * - */ - -public class Test300VerifyAuthBlock extends AbnahmeTestCase { - - public Test300VerifyAuthBlock(String name) { - super(name); - } - - public void testA301() throws Exception { - try { - String sessionID = startAuthentication(); - AuthenticationData authData = initServer(sessionID); - //authDataWriter(authData,this.getName()+"new.xml"); - assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); - System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA302() throws Exception { - try { - String sessionID = startAuthentication(); - AuthenticationData authData = initServer(sessionID); - //authDataWriter(authData,this.getName()+"new.xml"); - assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); - System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA303() throws Exception { - try { - String sessionID = startAuthentication(); - AuthenticationData authData = initServer(sessionID); - assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); - System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA304() throws Exception { - try { - String sessionID = startAuthentication(); - AuthenticationData authData = initServer(sessionID); - assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); - System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA305() throws Exception { - try { - String sessionID = startAuthentication(); - AuthenticationData authData = initServer(sessionID); - assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); - System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA306() throws Exception { - try { - String sessionID = startAuthentication(); - AuthenticationData authData = initServer(sessionID); - assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); - System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA307() throws Exception { - try { - String sessionID = startAuthentication(); - AuthenticationData authData = initServer(sessionID); - assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); - System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA308() throws Exception { - try { - String sessionID = startAuthentication(); - AuthenticationData authData = initServer(sessionID); - assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); - System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - - } - - public void testA309() throws Exception { - try { - String sessionID = startAuthentication(); - AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID); - assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); - System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA310() throws Exception { - try { - String sessionID = startAuthentication(); - AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID); - assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); - System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA311() throws Exception { - try { - String sessionID = startAuthentication(); - AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID); - assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); - System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA351() throws Exception { - try { - String sessionID = startAuthentication(); - System.out.println(sessionID); - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); - IdentityLink idl = irrp.parseIdentityLink(); - Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); - Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); - new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); - //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); - // System.out.println(createXMLSignatureRequest); - String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); - - // nicht existierende Session.... - try { - server.verifyAuthenticationBlock("0", createXMLSignatureResponse); - fail(); - } - catch (AuthenticationException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA352() throws Exception { - try { - String sessionID = startAuthentication(); - System.out.println(sessionID); - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - server.setSecondsSessionTimeOut(-100); - server.cleanup(); - InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); - IdentityLink idl = irrp.parseIdentityLink(); - Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); - Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); - new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); - //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); - // System.out.println(createXMLSignatureRequest); - String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); - - // abgelaufene Session.... - server.setSecondsSessionTimeOut(1000); - try { - server.verifyAuthenticationBlock("0", createXMLSignatureResponse); - fail(); - } - catch (AuthenticationException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA353() throws Exception { - try { - String sessionID = startAuthentication(); - System.out.println(sessionID); - - String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); - - // Session for VerifyIdentityLink-Aufruf - try { - - server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); - fail(); - } - //NOCH SEHR UNSCHÖN..... (fliegt raus im AuthenticationServer, Methode buildAuthenticationData - // ( IdentityLink identityLink = session.getIdentityLink(); ==> liefert dann NULL... - catch (NullPointerException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA354() throws Exception { - try { - String sessionID = startAuthentication(); - System.out.println(sessionID); - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); - IdentityLink idl = irrp.parseIdentityLink(); - Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); - Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); - new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); - //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); - // System.out.println(createXMLSignatureRequest); - String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); - - // nicht existierende Session.... - - server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); - try { - server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); - fail(); - } - catch (AuthenticationException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA355() throws Exception { - try { - String sessionID = startAuthentication(); - try { - initServer(sessionID); - fail(); - } - catch (ParseException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA356() throws Exception { - try { - String sessionID = startAuthentication(); - try { - initServer(sessionID); - fail(); - } - catch (ParseException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA357() throws Exception { - try { - String sessionID = startAuthentication(); - try { - initServer(sessionID); - fail(); - } - catch (ValidateException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA358() throws Exception { - try { - String sessionID = startAuthentication(); - try { - initServer(sessionID); - fail(); - } - catch (ValidateException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA359() throws Exception { - try { - String sessionID = startAuthentication(); - try { - initServer(sessionID); - fail(); - } - catch (ValidateException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA360() throws Exception { - try { - String sessionID = startAuthentication(); - try { - initServer(sessionID); - fail(); - } - catch (ValidateException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA361() throws Exception { - try { - String sessionID = startAuthentication(); - try { - initServer(sessionID); - fail(); - } - catch (ValidateException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA362() throws Exception { - try { - String sessionID = startAuthentication(); - try { - initServer(sessionID); - fail(); - } - catch (ValidateException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA363() throws Exception { - try { - String sessionID = startAuthentication(); - try { - initServer(sessionID); - fail(); - } - catch (ValidateException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA364() throws Exception { - try { - String sessionID = startAuthentication(); - try { - - initServer(sessionID); - fail(); - } - catch (ValidateException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - /* public void testA365() throws Exception { - String sessionID = startAuthentication(); - try { - // wegen sinnlosigkeit gestrichen - initServer(sessionID); - fail(); - } - catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");} - }*/ - - public void testA366() throws Exception { - - String sessionID = startAuthentication(); - try { - initServer(sessionID); - fail(); - } - catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");} - } - public void testA367() throws Exception { - String sessionID = startAuthentication(); - try { - initServer(sessionID); - fail(); - } - catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");} - } - - - private AuthenticationData initServer(String sessionID) throws Exception { - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); - IdentityLink idl = irrp.parseIdentityLink(); - Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, "TrustProfile1"); - Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); - new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); - //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); - // System.out.println(createXMLSignatureRequest); - String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); - // CreateXMLSignatureResponseValidator.getInstance().validate(new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(),"gb","https://localhost:9443/"); - String samlArtifact = server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); - AuthenticationData authData = server.getAuthenticationData(samlArtifact); - return authData; - } - - private AuthenticationData initServerWithoutValidateAuthBlock(String sessionID) throws Exception { - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); - IdentityLink idl = irrp.parseIdentityLink(); - Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, "TrustProfile1"); - Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); - new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); - //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); - // System.out.println(createXMLSignatureRequest); - String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); - // CreateXMLSignatureResponseValidator.getInstance().validate(new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(),"gb","https://localhost:9443/"); - - AuthenticationSession session = AuthenticationServer.getSession(sessionID); - AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance(); - // parses <CreateXMLSignatureResponse> - CreateXMLSignatureResponse csresp = - new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(); - // validates <CreateXMLSignatureResponse> - new CreateXMLSignatureResponseValidator().validate(csresp, session); - // builds a <VerifyXMLSignatureRequest> for a MOA-SPSS call - String[] vtids = authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs(); - String tpid = authConf.getMoaSpAuthBlockTrustProfileID(); - Element domVsreq = new VerifyXMLSignatureRequestBuilder().build(csresp, vtids, tpid); - // invokes the call - Element domVsresp = new SignatureVerificationInvoker().verifyXMLSignature(domVsreq); - // parses the <VerifyXMLSignatureResponse> - VerifyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponseParser(domVsresp).parseData(); - // validates the <VerifyXMLSignatureResponse> - VerifyXMLSignatureResponseValidator.getInstance().validate(vsresp, null, VerifyXMLSignatureResponseValidator.CHECK_AUTH_BLOCK, true); - // compares the public keys from the identityLink with the AuthBlock - - // builds authentication data and stores it together with a SAML artifact - AuthenticationData authData = buildAuthenticationData(session, vsresp); - return authData; - } - private AuthenticationData buildAuthenticationData( - AuthenticationSession session, - VerifyXMLSignatureResponse verifyXMLSigResp) - throws ConfigurationException, BuildException { - - IdentityLink identityLink = session.getIdentityLink(); - AuthenticationData authData = new AuthenticationData(); - authData.setMajorVersion(1); - authData.setMinorVersion(0); - authData.setAssertionID(Random.nextRandom()); - authData.setIssuer(session.getAuthURL()); - authData.setIssueInstant(DateTimeUtils.buildDateTime(Calendar.getInstance(), false)); - String vpkBase64 = new BPKBuilder().buildBPK( - identityLink.getIdentificationValue(), session.getTarget()); - authData.setBPK(vpkBase64); - authData.setGivenName(identityLink.getGivenName()); - authData.setFamilyName(identityLink.getFamilyName()); - authData.setDateOfBirth(identityLink.getDateOfBirth()); - authData.setQualifiedCertificate(verifyXMLSigResp.isQualifiedCertificate()); - authData.setPublicAuthority(verifyXMLSigResp.isPublicAuthority()); - authData.setPublicAuthorityCode(verifyXMLSigResp.getPublicAuthorityCode()); - OAAuthParameter oaParam = - AuthConfigurationProvider.getInstance().getOnlineApplicationParameter( - session.getPublicOAURLPrefix()); - String prPerson = new PersonDataBuilder().build( - identityLink, oaParam.getProvideStammzahl()); - - try { - String ilAssertion = - oaParam.getProvideIdentityLink() ? DOMUtils.serializeNode(identityLink.getSamlAssertion()) : ""; - String authBlock = oaParam.getProvideAuthBlock() ? session.getAuthBlock() : ""; - String samlAssertion = new AuthenticationDataAssertionBuilder().build( - authData, prPerson, authBlock, ilAssertion, session.getBkuURL(), "", false, null, false, -1); - authData.setSamlAssertion(samlAssertion); - return authData; - } - catch (Throwable ex) { - throw new BuildException( - "builder.00", - new Object[] { "AuthenticationData", ex.getMessage() }, - ex); - } - } -} +///* +// * Copyright 2003 Federal Chancellery Austria +// * MOA-ID has been developed in a cooperation between BRZ, the Federal +// * Chancellery Austria - ICT staff unit, and Graz University of Technology. +// * +// * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by +// * the European Commission - subsequent versions of the EUPL (the "Licence"); +// * You may not use this work except in compliance with the Licence. +// * You may obtain a copy of the Licence at: +// * http://www.osor.eu/eupl/ +// * +// * Unless required by applicable law or agreed to in writing, software +// * distributed under the Licence is distributed on an "AS IS" basis, +// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// * See the Licence for the specific language governing permissions and +// * limitations under the Licence. +// * +// * This product combines work with different licenses. See the "NOTICE" text +// * file for details on the various modules and licenses. +// * The "NOTICE" text file is part of the distribution. Any derivative works +// * that you distribute must include a readable copy of the "NOTICE" text file. +// */ +// +// +//package test.abnahme.A; +// +//import java.util.Calendar; +//import java.util.HashMap; +// +//import org.w3c.dom.Element; +//import test.abnahme.AbnahmeTestCase; +// +//import at.gv.egovernment.moa.id.AuthenticationException; +//import at.gv.egovernment.moa.id.BuildException; +//import at.gv.egovernment.moa.id.ParseException; +//import at.gv.egovernment.moa.id.auth.AuthenticationServer; +//import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; +//import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataAssertionBuilder; +//import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder; +//import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; +//import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; +//import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +//import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; +//import at.gv.egovernment.moa.id.auth.data.IdentityLink; +//import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; +//import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; +//import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser; +//import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; +//import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; +//import at.gv.egovernment.moa.id.auth.validator.CreateXMLSignatureResponseValidator; +//import at.gv.egovernment.moa.id.auth.validator.ValidateException; +//import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator; +//import at.gv.egovernment.moa.id.config.ConfigurationException; +//import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +//import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +//import at.gv.egovernment.moa.id.data.AuthenticationData; +//import at.gv.egovernment.moa.id.util.Random; +//import at.gv.egovernment.moa.util.DOMUtils; +//import at.gv.egovernment.moa.util.DateTimeUtils; +// +///** +// * @author Stefan Knirsch +// * @version $Id$ +// * +// */ +// +//public class Test300VerifyAuthBlock extends AbnahmeTestCase { +// +// public Test300VerifyAuthBlock(String name) { +// super(name); +// } +// +// public void testA301() throws Exception { +// try { +// String sessionID = startAuthentication(); +// AuthenticationData authData = initServer(sessionID); +// //authDataWriter(authData,this.getName()+"new.xml"); +// assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); +// System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testA302() throws Exception { +// try { +// String sessionID = startAuthentication(); +// AuthenticationData authData = initServer(sessionID); +// //authDataWriter(authData,this.getName()+"new.xml"); +// assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); +// System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// public void testA303() throws Exception { +// try { +// String sessionID = startAuthentication(); +// AuthenticationData authData = initServer(sessionID); +// assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); +// System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// public void testA304() throws Exception { +// try { +// String sessionID = startAuthentication(); +// AuthenticationData authData = initServer(sessionID); +// assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); +// System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// public void testA305() throws Exception { +// try { +// String sessionID = startAuthentication(); +// AuthenticationData authData = initServer(sessionID); +// assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); +// System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// public void testA306() throws Exception { +// try { +// String sessionID = startAuthentication(); +// AuthenticationData authData = initServer(sessionID); +// assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); +// System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// public void testA307() throws Exception { +// try { +// String sessionID = startAuthentication(); +// AuthenticationData authData = initServer(sessionID); +// assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); +// System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// public void testA308() throws Exception { +// try { +// String sessionID = startAuthentication(); +// AuthenticationData authData = initServer(sessionID); +// assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); +// System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// +// } +// +// public void testA309() throws Exception { +// try { +// String sessionID = startAuthentication(); +// AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID); +// assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); +// System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// public void testA310() throws Exception { +// try { +// String sessionID = startAuthentication(); +// AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID); +// assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); +// System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// public void testA311() throws Exception { +// try { +// String sessionID = startAuthentication(); +// AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID); +// assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); +// System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testA351() throws Exception { +// try { +// String sessionID = startAuthentication(); +// System.out.println(sessionID); +// String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); +// HashMap parameters = new HashMap(1); +// parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); +// server.verifyIdentityLink(sessionID, parameters); +// InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); +// IdentityLink idl = irrp.parseIdentityLink(); +// Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); +// Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); +// new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); +// //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); +// // System.out.println(createXMLSignatureRequest); +// String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); +// +// // nicht existierende Session.... +// try { +// server.verifyAuthenticationBlock("0", createXMLSignatureResponse); +// fail(); +// } +// catch (AuthenticationException e) { +// System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); +// } +// +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testA352() throws Exception { +// try { +// String sessionID = startAuthentication(); +// System.out.println(sessionID); +// String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); +// HashMap parameters = new HashMap(1); +// parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); +// server.verifyIdentityLink(sessionID, parameters); +// server.setSecondsSessionTimeOut(-100); +// server.cleanup(); +// InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); +// IdentityLink idl = irrp.parseIdentityLink(); +// Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); +// Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); +// new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); +// //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); +// // System.out.println(createXMLSignatureRequest); +// String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); +// +// // abgelaufene Session.... +// server.setSecondsSessionTimeOut(1000); +// try { +// server.verifyAuthenticationBlock("0", createXMLSignatureResponse); +// fail(); +// } +// catch (AuthenticationException e) { +// System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); +// } +// +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testA353() throws Exception { +// try { +// String sessionID = startAuthentication(); +// System.out.println(sessionID); +// +// String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); +// +// // Session for VerifyIdentityLink-Aufruf +// try { +// +// server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); +// fail(); +// } +// //NOCH SEHR UNSCH�N..... (fliegt raus im AuthenticationServer, Methode buildAuthenticationData +// // ( IdentityLink identityLink = session.getIdentityLink(); ==> liefert dann NULL... +// catch (NullPointerException e) { +// System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testA354() throws Exception { +// try { +// String sessionID = startAuthentication(); +// System.out.println(sessionID); +// String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); +// HashMap parameters = new HashMap(1); +// parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); +// server.verifyIdentityLink(sessionID, parameters); +// InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); +// IdentityLink idl = irrp.parseIdentityLink(); +// Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); +// Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); +// new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); +// //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); +// // System.out.println(createXMLSignatureRequest); +// String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); +// +// // nicht existierende Session.... +// +// server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); +// try { +// server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); +// fail(); +// } +// catch (AuthenticationException e) { +// System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testA355() throws Exception { +// try { +// String sessionID = startAuthentication(); +// try { +// initServer(sessionID); +// fail(); +// } +// catch (ParseException e) { +// System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testA356() throws Exception { +// try { +// String sessionID = startAuthentication(); +// try { +// initServer(sessionID); +// fail(); +// } +// catch (ParseException e) { +// System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// public void testA357() throws Exception { +// try { +// String sessionID = startAuthentication(); +// try { +// initServer(sessionID); +// fail(); +// } +// catch (ValidateException e) { +// System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// public void testA358() throws Exception { +// try { +// String sessionID = startAuthentication(); +// try { +// initServer(sessionID); +// fail(); +// } +// catch (ValidateException e) { +// System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// public void testA359() throws Exception { +// try { +// String sessionID = startAuthentication(); +// try { +// initServer(sessionID); +// fail(); +// } +// catch (ValidateException e) { +// System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// public void testA360() throws Exception { +// try { +// String sessionID = startAuthentication(); +// try { +// initServer(sessionID); +// fail(); +// } +// catch (ValidateException e) { +// System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// public void testA361() throws Exception { +// try { +// String sessionID = startAuthentication(); +// try { +// initServer(sessionID); +// fail(); +// } +// catch (ValidateException e) { +// System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// public void testA362() throws Exception { +// try { +// String sessionID = startAuthentication(); +// try { +// initServer(sessionID); +// fail(); +// } +// catch (ValidateException e) { +// System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testA363() throws Exception { +// try { +// String sessionID = startAuthentication(); +// try { +// initServer(sessionID); +// fail(); +// } +// catch (ValidateException e) { +// System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testA364() throws Exception { +// try { +// String sessionID = startAuthentication(); +// try { +// +// initServer(sessionID); +// fail(); +// } +// catch (ValidateException e) { +// System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// /* public void testA365() throws Exception { +// String sessionID = startAuthentication(); +// try { +// // wegen sinnlosigkeit gestrichen +// initServer(sessionID); +// fail(); +// } +// catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");} +// }*/ +// +// public void testA366() throws Exception { +// +// String sessionID = startAuthentication(); +// try { +// initServer(sessionID); +// fail(); +// } +// catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");} +// } +// public void testA367() throws Exception { +// String sessionID = startAuthentication(); +// try { +// initServer(sessionID); +// fail(); +// } +// catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");} +// } +// +// +// private AuthenticationData initServer(String sessionID) throws Exception { +// String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); +// HashMap parameters = new HashMap(1); +// parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); +// server.verifyIdentityLink(sessionID, parameters); +// InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); +// IdentityLink idl = irrp.parseIdentityLink(); +// Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, "TrustProfile1"); +// Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); +// new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); +// //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); +// // System.out.println(createXMLSignatureRequest); +// String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); +// // CreateXMLSignatureResponseValidator.getInstance().validate(new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(),"gb","https://localhost:9443/"); +// String samlArtifact = server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); +// AuthenticationData authData = server.getAuthenticationData(samlArtifact); +// return authData; +// } +// +// private AuthenticationData initServerWithoutValidateAuthBlock(String sessionID) throws Exception { +// String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); +// HashMap parameters = new HashMap(1); +// parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); +// server.verifyIdentityLink(sessionID, parameters); +// InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); +// IdentityLink idl = irrp.parseIdentityLink(); +// Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, "TrustProfile1"); +// Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); +// new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); +// //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); +// // System.out.println(createXMLSignatureRequest); +// String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); +// // CreateXMLSignatureResponseValidator.getInstance().validate(new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(),"gb","https://localhost:9443/"); +// +// AuthenticationSession session = AuthenticationServer.getSession(sessionID); +// AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance(); +// // parses <CreateXMLSignatureResponse> +// CreateXMLSignatureResponse csresp = +// new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(); +// // validates <CreateXMLSignatureResponse> +// new CreateXMLSignatureResponseValidator().validate(csresp, session); +// // builds a <VerifyXMLSignatureRequest> for a MOA-SPSS call +// String[] vtids = authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs(); +// String tpid = authConf.getMoaSpAuthBlockTrustProfileID(); +// Element domVsreq = new VerifyXMLSignatureRequestBuilder().build(csresp, vtids, tpid); +// // invokes the call +// Element domVsresp = new SignatureVerificationInvoker().verifyXMLSignature(domVsreq); +// // parses the <VerifyXMLSignatureResponse> +// VerifyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponseParser(domVsresp).parseData(); +// // validates the <VerifyXMLSignatureResponse> +// VerifyXMLSignatureResponseValidator.getInstance().validate(vsresp, null, VerifyXMLSignatureResponseValidator.CHECK_AUTH_BLOCK, true); +// // compares the public keys from the identityLink with the AuthBlock +// +// // builds authentication data and stores it together with a SAML artifact +// AuthenticationData authData = buildAuthenticationData(session, vsresp); +// return authData; +// } +// private AuthenticationData buildAuthenticationData( +// AuthenticationSession session, +// VerifyXMLSignatureResponse verifyXMLSigResp) +// throws ConfigurationException, BuildException { +// +// IdentityLink identityLink = session.getIdentityLink(); +// AuthenticationData authData = new AuthenticationData(); +// authData.setMajorVersion(1); +// authData.setMinorVersion(0); +// authData.setAssertionID(Random.nextRandom()); +// authData.setIssuer(session.getAuthURL()); +// authData.setIssueInstant(DateTimeUtils.buildDateTime(Calendar.getInstance(), false)); +// String vpkBase64 = new BPKBuilder().buildBPK( +// identityLink.getIdentificationValue(), session.getTarget()); +// authData.setBPK(vpkBase64); +// authData.setGivenName(identityLink.getGivenName()); +// authData.setFamilyName(identityLink.getFamilyName()); +// authData.setDateOfBirth(identityLink.getDateOfBirth()); +// authData.setQualifiedCertificate(verifyXMLSigResp.isQualifiedCertificate()); +// authData.setPublicAuthority(verifyXMLSigResp.isPublicAuthority()); +// authData.setPublicAuthorityCode(verifyXMLSigResp.getPublicAuthorityCode()); +// OAAuthParameter oaParam = +// AuthConfigurationProvider.getInstance().getOnlineApplicationParameter( +// session.getPublicOAURLPrefix()); +// String prPerson = new PersonDataBuilder().build( +// identityLink, oaParam.getProvideStammzahl()); +// +// try { +// String ilAssertion = +// oaParam.getProvideIdentityLink() ? DOMUtils.serializeNode(identityLink.getSamlAssertion()) : ""; +// String authBlock = oaParam.getProvideAuthBlock() ? session.getAuthBlock() : ""; +// String samlAssertion = new AuthenticationDataAssertionBuilder().build( +// authData, prPerson, authBlock, ilAssertion, session.getBkuURL(), "", false, null, false, -1); +// authData.setSamlAssertion(samlAssertion); +// return authData; +// } +// catch (Throwable ex) { +// throw new BuildException( +// "builder.00", +// new Object[] { "AuthenticationData", ex.getMessage() }, +// ex); +// } +// } +//} diff --git a/id/server/idserverlib/src/test/java/test/abnahme/A/Test400GetAuthenticationData.java b/id/server/idserverlib/src/test/java/test/abnahme/A/Test400GetAuthenticationData.java index 370949ac4..666f16f98 100644 --- a/id/server/idserverlib/src/test/java/test/abnahme/A/Test400GetAuthenticationData.java +++ b/id/server/idserverlib/src/test/java/test/abnahme/A/Test400GetAuthenticationData.java @@ -1,161 +1,161 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package test.abnahme.A; - -import java.util.HashMap; - -import org.w3c.dom.Element; -import test.abnahme.AbnahmeTestCase; - -import at.gv.egovernment.moa.id.AuthenticationException; -import at.gv.egovernment.moa.id.auth.AuthenticationServer; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; -import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; -import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser; -import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; -import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; -import at.gv.egovernment.moa.id.auth.validator.CreateXMLSignatureResponseValidator; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; -import at.gv.egovernment.moa.id.data.AuthenticationData; - -/** - * @author Stefan Knirsch - * @version $Id$ - */ - -public class Test400GetAuthenticationData extends AbnahmeTestCase { - - private String samlArtifact; - - public Test400GetAuthenticationData(String name) { - super(name); - } - - protected void setUp() throws Exception { - super.setUp(); - String sessionID = startAuthentication(); - AuthenticationSession session = AuthenticationServer.getSession(sessionID); - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); - IdentityLink idl = irrp.parseIdentityLink(); - Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); - Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); - new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); - //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); - // System.out.println(createXMLSignatureRequest); - String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); - CreateXMLSignatureResponseValidator.getInstance().validate(new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(), session); - samlArtifact = server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); - } - - public void testA401() throws Exception { - try { - - AuthenticationData authData = server.getAuthenticationData(samlArtifact); -// authDataWriter(authData,"NEWA401"); - assertXmlEquals(clearSamlAssertion(authData.getSamlAssertion()), readXmldata("AuthenticationData.xml")); - System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA451() throws Exception { - try { - try { - AuthenticationData authData = server.getAuthenticationData("AAGu1JFbyGKqJ+3NAonwMu5bNyUc7kooeMK6bxeXBbnK6NL0DfuVJsGi"); - authDataWriter(authData, "A45"); - if (authData != null) - fail(); - } - catch (AuthenticationException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA452() throws Exception { - try { - server.getAuthenticationData(samlArtifact); - try { - server.getAuthenticationData(samlArtifact); - fail(); - } - catch (AuthenticationException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA453() throws Exception { - try { - server.setSecondsAuthDataTimeOut(-1000); - server.cleanup(); - try { - server.getAuthenticationData(samlArtifact); - fail(); - } - catch (AuthenticationException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA454() throws Exception { - try { - try { - server.getAuthenticationData("blabla123"); - fail(); - } - catch (AuthenticationException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - -} +///* +// * Copyright 2003 Federal Chancellery Austria +// * MOA-ID has been developed in a cooperation between BRZ, the Federal +// * Chancellery Austria - ICT staff unit, and Graz University of Technology. +// * +// * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by +// * the European Commission - subsequent versions of the EUPL (the "Licence"); +// * You may not use this work except in compliance with the Licence. +// * You may obtain a copy of the Licence at: +// * http://www.osor.eu/eupl/ +// * +// * Unless required by applicable law or agreed to in writing, software +// * distributed under the Licence is distributed on an "AS IS" basis, +// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// * See the Licence for the specific language governing permissions and +// * limitations under the Licence. +// * +// * This product combines work with different licenses. See the "NOTICE" text +// * file for details on the various modules and licenses. +// * The "NOTICE" text file is part of the distribution. Any derivative works +// * that you distribute must include a readable copy of the "NOTICE" text file. +// */ +// +// +//package test.abnahme.A; +// +//import java.util.HashMap; +// +//import org.w3c.dom.Element; +//import test.abnahme.AbnahmeTestCase; +// +//import at.gv.egovernment.moa.id.AuthenticationException; +//import at.gv.egovernment.moa.id.auth.AuthenticationServer; +//import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; +//import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; +//import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +//import at.gv.egovernment.moa.id.auth.data.IdentityLink; +//import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; +//import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser; +//import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; +//import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; +//import at.gv.egovernment.moa.id.auth.validator.CreateXMLSignatureResponseValidator; +//import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +//import at.gv.egovernment.moa.id.data.AuthenticationData; +// +///** +// * @author Stefan Knirsch +// * @version $Id$ +// */ +// +//public class Test400GetAuthenticationData extends AbnahmeTestCase { +// +// private String samlArtifact; +// +// public Test400GetAuthenticationData(String name) { +// super(name); +// } +// +// protected void setUp() throws Exception { +// super.setUp(); +// String sessionID = startAuthentication(); +// AuthenticationSession session = AuthenticationServer.getSession(sessionID); +// String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); +// HashMap parameters = new HashMap(1); +// parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); +// server.verifyIdentityLink(sessionID, parameters); +// InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); +// IdentityLink idl = irrp.parseIdentityLink(); +// Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); +// Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); +// new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); +// //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); +// // System.out.println(createXMLSignatureRequest); +// String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); +// CreateXMLSignatureResponseValidator.getInstance().validate(new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(), session); +// samlArtifact = server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); +// } +// +// public void testA401() throws Exception { +// try { +// +// AuthenticationData authData = server.getAuthenticationData(samlArtifact); +//// authDataWriter(authData,"NEWA401"); +// assertXmlEquals(clearSamlAssertion(authData.getSamlAssertion()), readXmldata("AuthenticationData.xml")); +// System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testA451() throws Exception { +// try { +// try { +// AuthenticationData authData = server.getAuthenticationData("AAGu1JFbyGKqJ+3NAonwMu5bNyUc7kooeMK6bxeXBbnK6NL0DfuVJsGi"); +// authDataWriter(authData, "A45"); +// if (authData != null) +// fail(); +// } +// catch (AuthenticationException e) { +// System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testA452() throws Exception { +// try { +// server.getAuthenticationData(samlArtifact); +// try { +// server.getAuthenticationData(samlArtifact); +// fail(); +// } +// catch (AuthenticationException e) { +// System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// public void testA453() throws Exception { +// try { +// server.setSecondsAuthDataTimeOut(-1000); +// server.cleanup(); +// try { +// server.getAuthenticationData(samlArtifact); +// fail(); +// } +// catch (AuthenticationException e) { +// System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testA454() throws Exception { +// try { +// try { +// server.getAuthenticationData("blabla123"); +// fail(); +// } +// catch (AuthenticationException e) { +// System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +//} diff --git a/id/server/idserverlib/src/test/java/test/abnahme/A/Test500StartAuthenticationServlet.java b/id/server/idserverlib/src/test/java/test/abnahme/A/Test500StartAuthenticationServlet.java index 2445985ce..eb1e85cb9 100644 --- a/id/server/idserverlib/src/test/java/test/abnahme/A/Test500StartAuthenticationServlet.java +++ b/id/server/idserverlib/src/test/java/test/abnahme/A/Test500StartAuthenticationServlet.java @@ -1,329 +1,329 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package test.abnahme.A; - -import java.io.OutputStream; -import java.net.URL; -import java.security.Security; - -import javax.net.ssl.SSLSocketFactory; - -import test.abnahme.AbnahmeTestCase; - -import at.gv.egovernment.moa.util.StreamUtils; -import at.gv.egovernment.moa.util.URLEncoder; - -import com.sun.net.ssl.HostnameVerifier; -import com.sun.net.ssl.HttpsURLConnection; - -/** - * @author Stefan Knirsch - * @version $Id$ - * - */ -public class Test500StartAuthenticationServlet extends AbnahmeTestCase { - - private String testdataRoot = TESTDATA_ROOT + "xmldata/standard/"; - SSLSocketFactory ssf; - public Test500StartAuthenticationServlet(String name) { - super(name); - } - protected void setUp() throws Exception { - super.setUp(); - Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); - System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol"); - System.setProperty("javax.net.ssl.trustStore", "C:/Programme/ApacheGroup/abnahme/server.keystore"); - System.setProperty("javax.net.ssl.trustStorePassword", "changeit"); - } - - public void testA501() throws Exception { - //NUR einmal für alle folgenden Testfälle - //---------------------------------------- - - //---------------------------------------- - - try { - String targetURL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); - HttpsURLConnection conn = giveConnection(targetURL, "GET"); - conn.connect(); - int resultCode = conn.getResponseCode(); - String contentType = conn.getHeaderField("Content-Type"); - if (resultCode != 200) - fail("Wrong HTTP-Code"); - if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/html")) - fail("Wrong contentType: expected text/html and was " + conn.getHeaderField("Content-Type")); - conn.disconnect(); - System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); - - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA502() throws Exception { - try { - String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); - HttpsURLConnection conn = giveConnection(URL, "GET"); - conn.connect(); - int resultCode = conn.getResponseCode(); - String contentType = conn.getHeaderField("Content-Type"); - if (resultCode != 200) - fail("Wrong HTTP-Code: expected '200' and was '" + resultCode + "'"); - if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/html")) - fail("Wrong contentType: expected text/html and was " + conn.getHeaderField("Content-Type")); - String result = new String(StreamUtils.readStream(conn.getInputStream())); - - conn.disconnect(); - - URL = parseDataURL(result); - conn = giveConnection(URL, "POST"); - conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); - - String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); - System.out.println("File gelesen, Daten in Outputstream einpflegen"); - OutputStream out = conn.getOutputStream(); - out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes("UTF-8")); - out.flush(); - out.close(); - - System.out.println("Verbinden zu " + URL); - conn.connect(); - resultCode = conn.getResponseCode(); - System.out.println("resultCode :" + resultCode); - String redirectLoc = conn.getHeaderField("Location"); - System.out.println("redirectLoc :" + redirectLoc); - // Austausch von VerifyIdentityLink in der POST-URL durch VerifyAuthBlock... rest MUSS gleich sein! - if (!killInclusive(URL, "VerifyI", "Link", "VerifyAuthBlock").equals(redirectLoc)) - fail("Wrong Redirect-Location: expected " + URL + " and was " + conn.getHeaderField("Location")); - if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/xml")) - fail("Wrong contentType: expected text/xml and was " + conn.getHeaderField("Content-Type")); - conn.disconnect(); - System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA503() throws Exception { - try { - String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); - HttpsURLConnection conn = giveConnection(URL, "GET"); - conn.connect(); - - assertEquals(200,conn.getResponseCode()); - if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/html")) - fail("Wrong contentType: expected text/html and was " + conn.getHeaderField("Content-Type")); - String result = new String(StreamUtils.readStream(conn.getInputStream())); - URL = parseDataURL(result); - - conn.disconnect(); - conn = giveConnection(URL, "POST"); - conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); - String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); - OutputStream out = conn.getOutputStream(); - out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); - out.flush(); - out.close(); - conn.connect(); - String redirectLoc = conn.getHeaderField("Location"); - // Austausch von VerifyIdentityLink in der POST-URL durch VerifyAuthBlock... rest MUSS gleich sein! - if (!killInclusive(URL, "VerifyI", "Link", "VerifyAuthBlock").equals(redirectLoc)) - fail("Wrong Redirect-Location: expected " + URL + " and was " + conn.getHeaderField("Location")); - if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/xml")) - fail("Wrong contentType: expected text/xml and was " + conn.getHeaderField("Content-Type")); - conn.disconnect(); - - conn = giveConnection(redirectLoc, "POST"); - System.out.println("Redirect Location: " + redirectLoc); - String createXMLSignatureResponse = URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8"); - out = conn.getOutputStream(); - out.write(("XMLResponse=" +createXMLSignatureResponse).getBytes()); - out.flush(); - out.close(); - - System.out.println("Sending Data to " + redirectLoc); - conn.connect(); - - redirectLoc = conn.getHeaderField("Location"); - System.out.println("redirectLoc: " + redirectLoc); - /* RandomAccessFile raf = new RandomAccessFile("C://503.xml", "rw"); - raf.write(StreamUtils.readStream(conn.getInputStream())); - raf.close();*/ - conn.disconnect(); - assertEquals(302, conn.getResponseCode()); - assertTrue(redirectLoc.startsWith("https://localhost:9443/?Target=gb&SAMLArtifact=")); - System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); - - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA551() throws Exception { - try { - String targetURL = getURL("https://localhost:8443/moa-id-auth/", "gb", ""); - HttpsURLConnection conn = giveConnection(targetURL, "GET"); - conn.connect(); - String result = new String(StreamUtils.readStream(conn.getInputStream())); - assertTrue(result.indexOf("Die Angabe der Parameter ist unvollständig") >= 0); - conn.disconnect(); - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: Die Angabe der Parameter ist unvollständig.\n-----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA552() throws Exception { - try { - String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); - HttpsURLConnection conn = giveConnection(URL, "GET"); - conn.connect(); - int resultCode = conn.getResponseCode(); - assertEquals(200, resultCode); - if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/html")) - fail("Wrong contentType: expected text/html and was " + conn.getHeaderField("Content-Type")); - conn.disconnect(); - URL = "https://localhost:8443/moa-id-auth/" + "VerifyIdentityLink?MOASessionID=0000"; - conn = giveConnection(URL, "POST"); - conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); - - String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); - OutputStream out = conn.getOutputStream(); - out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); - out.flush(); - out.close(); - - conn.connect(); - String result = new String(StreamUtils.readStream(conn.getInputStream())); - assertTrue(result.indexOf("MOASessionID ist unbekannt") >= 0); - System.out.println("Fehler in testA552 erfolgreich abgefangen: MOASessionID ist unbekannt"); - conn.disconnect(); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA553() throws Exception { - try { - String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); - HttpsURLConnection conn = giveConnection(URL, "GET"); - conn.connect(); - int resultCode = conn.getResponseCode(); - assertEquals(200,resultCode); - if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/html")) - fail("Wrong contentType: expected text/html and was " + conn.getHeaderField("Content-Type")); - String result = new String(StreamUtils.readStream(conn.getInputStream())); - String MOASessionID = parseSessionIDFromForm(result); - URL = parseDataURL(result); - conn.disconnect(); - - conn = giveConnection(URL, "POST"); - conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); - - String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); - OutputStream out = conn.getOutputStream(); - out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); - out.flush(); - out.close(); - conn.connect(); - result = new String(StreamUtils.readStream(conn.getInputStream())); - String redirectLoc = conn.getHeaderField("Location"); - // Austausch von VerifyIdentityLink in der POST-URL durch VerifyAuthBlock... rest MUSS gleich sein! - if (!killInclusive(URL, "VerifyI", "Link", "VerifyAuthBlock").equals(redirectLoc)) - fail("Wrong Redirect-Location: expected " + URL + " and was " + conn.getHeaderField("Location")); - if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/xml")) - fail("Wrong contentType: expected text/xml and was " + conn.getHeaderField("Content-Type")); - conn.disconnect(); - conn = giveConnection(redirectLoc + "XXX", "POST"); - System.out.println("Redirect Location: " + redirectLoc + "XXX"); - String createXMLSignatureResponse = "XMLResponse=" + URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8"); - - out = conn.getOutputStream(); - out.write(new String("MOASessionID=" + MOASessionID + "&").getBytes()); - out.write(createXMLSignatureResponse.getBytes("UTF-8")); - out.flush(); - out.close(); - System.out.println("Sending Data to " + redirectLoc); - conn.connect(); - resultCode = conn.getResponseCode(); - - result = new String(StreamUtils.readStream(conn.getInputStream())); - conn.disconnect(); - assertEquals(200, resultCode); - assertTrue(result.indexOf("MOASessionID ist unbekannt") >= 0); - System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - private String parseDataURL(String input) { - String ret = getSubString(input.substring(input.indexOf("DataURL"), input.length()), "value=\"", "\""); - return ret; - } - - private String getSubString(String input, String startsWith, String endsWith) { - return input.substring(input.indexOf(startsWith) + startsWith.length(), input.indexOf(endsWith, input.indexOf(startsWith) + startsWith.length())); - } - private String getURL(String authURL, String target, String oaURL) { - return authURL + "StartAuthentication?Target=" + target + "&OA=" + oaURL; - } - private String parseSessionIDFromForm(String htmlForm) { - String parName = "MOASessionID="; - assertTrue("HTML Form enthält keine SessionID", htmlForm.indexOf(parName) >= 0); - int i1 = htmlForm.indexOf(parName) + parName.length(); - int i2 = htmlForm.indexOf("\"", i1); - assertTrue("HTML Form enthält keine gültige SessionID", i2 > i1); - return htmlForm.substring(i1, i2); - } - - private class HostnameVerifierHack implements HostnameVerifier { - public boolean verify(String arg0, String arg1) { - return true; - } - } - private HttpsURLConnection giveConnection(String targetURL, String requestMethod) throws Exception { - URL url = new URL(targetURL); - HttpsURLConnection conn = (HttpsURLConnection) url.openConnection(); - conn.setRequestMethod(requestMethod); - conn.setDoInput(true); - conn.setDoOutput(true); - conn.setUseCaches(false); - conn.setAllowUserInteraction(false); - conn.setHostnameVerifier(new HostnameVerifierHack()); - return conn; - } - -}
\ No newline at end of file +///* +// * Copyright 2003 Federal Chancellery Austria +// * MOA-ID has been developed in a cooperation between BRZ, the Federal +// * Chancellery Austria - ICT staff unit, and Graz University of Technology. +// * +// * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by +// * the European Commission - subsequent versions of the EUPL (the "Licence"); +// * You may not use this work except in compliance with the Licence. +// * You may obtain a copy of the Licence at: +// * http://www.osor.eu/eupl/ +// * +// * Unless required by applicable law or agreed to in writing, software +// * distributed under the Licence is distributed on an "AS IS" basis, +// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// * See the Licence for the specific language governing permissions and +// * limitations under the Licence. +// * +// * This product combines work with different licenses. See the "NOTICE" text +// * file for details on the various modules and licenses. +// * The "NOTICE" text file is part of the distribution. Any derivative works +// * that you distribute must include a readable copy of the "NOTICE" text file. +// */ +// +// +//package test.abnahme.A; +// +//import java.io.OutputStream; +//import java.net.URL; +//import java.security.Security; +// +//import javax.net.ssl.SSLSocketFactory; +// +//import test.abnahme.AbnahmeTestCase; +// +//import at.gv.egovernment.moa.util.StreamUtils; +//import at.gv.egovernment.moa.util.URLEncoder; +// +//import com.sun.net.ssl.HostnameVerifier; +//import com.sun.net.ssl.HttpsURLConnection; +// +///** +// * @author Stefan Knirsch +// * @version $Id$ +// * +// */ +//public class Test500StartAuthenticationServlet extends AbnahmeTestCase { +// +// private String testdataRoot = TESTDATA_ROOT + "xmldata/standard/"; +// SSLSocketFactory ssf; +// public Test500StartAuthenticationServlet(String name) { +// super(name); +// } +// protected void setUp() throws Exception { +// super.setUp(); +// Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); +// System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol"); +// System.setProperty("javax.net.ssl.trustStore", "C:/Programme/ApacheGroup/abnahme/server.keystore"); +// System.setProperty("javax.net.ssl.trustStorePassword", "changeit"); +// } +// +// public void testA501() throws Exception { +// //NUR einmal f�r alle folgenden Testf�lle +// //---------------------------------------- +// +// //---------------------------------------- +// +// try { +// String targetURL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); +// HttpsURLConnection conn = giveConnection(targetURL, "GET"); +// conn.connect(); +// int resultCode = conn.getResponseCode(); +// String contentType = conn.getHeaderField("Content-Type"); +// if (resultCode != 200) +// fail("Wrong HTTP-Code"); +// if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/html")) +// fail("Wrong contentType: expected text/html and was " + conn.getHeaderField("Content-Type")); +// conn.disconnect(); +// System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); +// +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testA502() throws Exception { +// try { +// String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); +// HttpsURLConnection conn = giveConnection(URL, "GET"); +// conn.connect(); +// int resultCode = conn.getResponseCode(); +// String contentType = conn.getHeaderField("Content-Type"); +// if (resultCode != 200) +// fail("Wrong HTTP-Code: expected '200' and was '" + resultCode + "'"); +// if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/html")) +// fail("Wrong contentType: expected text/html and was " + conn.getHeaderField("Content-Type")); +// String result = new String(StreamUtils.readStream(conn.getInputStream())); +// +// conn.disconnect(); +// +// URL = parseDataURL(result); +// conn = giveConnection(URL, "POST"); +// conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); +// +// String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); +// System.out.println("File gelesen, Daten in Outputstream einpflegen"); +// OutputStream out = conn.getOutputStream(); +// out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes("UTF-8")); +// out.flush(); +// out.close(); +// +// System.out.println("Verbinden zu " + URL); +// conn.connect(); +// resultCode = conn.getResponseCode(); +// System.out.println("resultCode :" + resultCode); +// String redirectLoc = conn.getHeaderField("Location"); +// System.out.println("redirectLoc :" + redirectLoc); +// // Austausch von VerifyIdentityLink in der POST-URL durch VerifyAuthBlock... rest MUSS gleich sein! +// if (!killInclusive(URL, "VerifyI", "Link", "VerifyAuthBlock").equals(redirectLoc)) +// fail("Wrong Redirect-Location: expected " + URL + " and was " + conn.getHeaderField("Location")); +// if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/xml")) +// fail("Wrong contentType: expected text/xml and was " + conn.getHeaderField("Content-Type")); +// conn.disconnect(); +// System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testA503() throws Exception { +// try { +// String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); +// HttpsURLConnection conn = giveConnection(URL, "GET"); +// conn.connect(); +// +// assertEquals(200,conn.getResponseCode()); +// if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/html")) +// fail("Wrong contentType: expected text/html and was " + conn.getHeaderField("Content-Type")); +// String result = new String(StreamUtils.readStream(conn.getInputStream())); +// URL = parseDataURL(result); +// +// conn.disconnect(); +// conn = giveConnection(URL, "POST"); +// conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); +// String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); +// OutputStream out = conn.getOutputStream(); +// out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); +// out.flush(); +// out.close(); +// conn.connect(); +// String redirectLoc = conn.getHeaderField("Location"); +// // Austausch von VerifyIdentityLink in der POST-URL durch VerifyAuthBlock... rest MUSS gleich sein! +// if (!killInclusive(URL, "VerifyI", "Link", "VerifyAuthBlock").equals(redirectLoc)) +// fail("Wrong Redirect-Location: expected " + URL + " and was " + conn.getHeaderField("Location")); +// if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/xml")) +// fail("Wrong contentType: expected text/xml and was " + conn.getHeaderField("Content-Type")); +// conn.disconnect(); +// +// conn = giveConnection(redirectLoc, "POST"); +// System.out.println("Redirect Location: " + redirectLoc); +// String createXMLSignatureResponse = URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8"); +// out = conn.getOutputStream(); +// out.write(("XMLResponse=" +createXMLSignatureResponse).getBytes()); +// out.flush(); +// out.close(); +// +// System.out.println("Sending Data to " + redirectLoc); +// conn.connect(); +// +// redirectLoc = conn.getHeaderField("Location"); +// System.out.println("redirectLoc: " + redirectLoc); +// /* RandomAccessFile raf = new RandomAccessFile("C://503.xml", "rw"); +// raf.write(StreamUtils.readStream(conn.getInputStream())); +// raf.close();*/ +// conn.disconnect(); +// assertEquals(302, conn.getResponseCode()); +// assertTrue(redirectLoc.startsWith("https://localhost:9443/?Target=gb&SAMLArtifact=")); +// System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); +// +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// public void testA551() throws Exception { +// try { +// String targetURL = getURL("https://localhost:8443/moa-id-auth/", "gb", ""); +// HttpsURLConnection conn = giveConnection(targetURL, "GET"); +// conn.connect(); +// String result = new String(StreamUtils.readStream(conn.getInputStream())); +// assertTrue(result.indexOf("Die Angabe der Parameter ist unvollständig") >= 0); +// conn.disconnect(); +// System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: Die Angabe der Parameter ist unvollst�ndig.\n-----------------------"); +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testA552() throws Exception { +// try { +// String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); +// HttpsURLConnection conn = giveConnection(URL, "GET"); +// conn.connect(); +// int resultCode = conn.getResponseCode(); +// assertEquals(200, resultCode); +// if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/html")) +// fail("Wrong contentType: expected text/html and was " + conn.getHeaderField("Content-Type")); +// conn.disconnect(); +// URL = "https://localhost:8443/moa-id-auth/" + "VerifyIdentityLink?MOASessionID=0000"; +// conn = giveConnection(URL, "POST"); +// conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); +// +// String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); +// OutputStream out = conn.getOutputStream(); +// out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); +// out.flush(); +// out.close(); +// +// conn.connect(); +// String result = new String(StreamUtils.readStream(conn.getInputStream())); +// assertTrue(result.indexOf("MOASessionID ist unbekannt") >= 0); +// System.out.println("Fehler in testA552 erfolgreich abgefangen: MOASessionID ist unbekannt"); +// conn.disconnect(); +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// public void testA553() throws Exception { +// try { +// String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); +// HttpsURLConnection conn = giveConnection(URL, "GET"); +// conn.connect(); +// int resultCode = conn.getResponseCode(); +// assertEquals(200,resultCode); +// if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/html")) +// fail("Wrong contentType: expected text/html and was " + conn.getHeaderField("Content-Type")); +// String result = new String(StreamUtils.readStream(conn.getInputStream())); +// String MOASessionID = parseSessionIDFromForm(result); +// URL = parseDataURL(result); +// conn.disconnect(); +// +// conn = giveConnection(URL, "POST"); +// conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); +// +// String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); +// OutputStream out = conn.getOutputStream(); +// out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); +// out.flush(); +// out.close(); +// conn.connect(); +// result = new String(StreamUtils.readStream(conn.getInputStream())); +// String redirectLoc = conn.getHeaderField("Location"); +// // Austausch von VerifyIdentityLink in der POST-URL durch VerifyAuthBlock... rest MUSS gleich sein! +// if (!killInclusive(URL, "VerifyI", "Link", "VerifyAuthBlock").equals(redirectLoc)) +// fail("Wrong Redirect-Location: expected " + URL + " and was " + conn.getHeaderField("Location")); +// if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/xml")) +// fail("Wrong contentType: expected text/xml and was " + conn.getHeaderField("Content-Type")); +// conn.disconnect(); +// conn = giveConnection(redirectLoc + "XXX", "POST"); +// System.out.println("Redirect Location: " + redirectLoc + "XXX"); +// String createXMLSignatureResponse = "XMLResponse=" + URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8"); +// +// out = conn.getOutputStream(); +// out.write(new String("MOASessionID=" + MOASessionID + "&").getBytes()); +// out.write(createXMLSignatureResponse.getBytes("UTF-8")); +// out.flush(); +// out.close(); +// System.out.println("Sending Data to " + redirectLoc); +// conn.connect(); +// resultCode = conn.getResponseCode(); +// +// result = new String(StreamUtils.readStream(conn.getInputStream())); +// conn.disconnect(); +// assertEquals(200, resultCode); +// assertTrue(result.indexOf("MOASessionID ist unbekannt") >= 0); +// System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// private String parseDataURL(String input) { +// String ret = getSubString(input.substring(input.indexOf("DataURL"), input.length()), "value=\"", "\""); +// return ret; +// } +// +// private String getSubString(String input, String startsWith, String endsWith) { +// return input.substring(input.indexOf(startsWith) + startsWith.length(), input.indexOf(endsWith, input.indexOf(startsWith) + startsWith.length())); +// } +// private String getURL(String authURL, String target, String oaURL) { +// return authURL + "StartAuthentication?Target=" + target + "&OA=" + oaURL; +// } +// private String parseSessionIDFromForm(String htmlForm) { +// String parName = "MOASessionID="; +// assertTrue("HTML Form enth�lt keine SessionID", htmlForm.indexOf(parName) >= 0); +// int i1 = htmlForm.indexOf(parName) + parName.length(); +// int i2 = htmlForm.indexOf("\"", i1); +// assertTrue("HTML Form enth�lt keine g�ltige SessionID", i2 > i1); +// return htmlForm.substring(i1, i2); +// } +// +// private class HostnameVerifierHack implements HostnameVerifier { +// public boolean verify(String arg0, String arg1) { +// return true; +// } +// } +// private HttpsURLConnection giveConnection(String targetURL, String requestMethod) throws Exception { +// URL url = new URL(targetURL); +// HttpsURLConnection conn = (HttpsURLConnection) url.openConnection(); +// conn.setRequestMethod(requestMethod); +// conn.setDoInput(true); +// conn.setDoOutput(true); +// conn.setUseCaches(false); +// conn.setAllowUserInteraction(false); +// conn.setHostnameVerifier(new HostnameVerifierHack()); +// return conn; +// } +// +//}
\ No newline at end of file diff --git a/id/server/idserverlib/src/test/java/test/abnahme/A/Test600GetAuthenticationDataService.java b/id/server/idserverlib/src/test/java/test/abnahme/A/Test600GetAuthenticationDataService.java index fab258e09..c973473a6 100644 --- a/id/server/idserverlib/src/test/java/test/abnahme/A/Test600GetAuthenticationDataService.java +++ b/id/server/idserverlib/src/test/java/test/abnahme/A/Test600GetAuthenticationDataService.java @@ -1,305 +1,305 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package test.abnahme.A; - -import java.io.OutputStream; -import java.net.URL; -import java.security.Security; -import java.util.Calendar; -import java.util.Vector; - -import javax.xml.namespace.QName; -import javax.xml.rpc.Call; -import javax.xml.rpc.Service; -import javax.xml.rpc.ServiceFactory; - -import org.apache.axis.message.SOAPBodyElement; -import org.w3c.dom.Element; - -import com.sun.net.ssl.HostnameVerifier; -import com.sun.net.ssl.HttpsURLConnection; - -import test.abnahme.AbnahmeTestCase; - -import at.gv.egovernment.moa.id.proxy.builder.SAMLRequestBuilder; -import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.egovernment.moa.util.DateTimeUtils; -import at.gv.egovernment.moa.util.StreamUtils; -import at.gv.egovernment.moa.util.URLDecoder; -import at.gv.egovernment.moa.util.URLEncoder; - -/** - * @author Stefan Knirsch - * @version $Id$ - */ - -public class Test600GetAuthenticationDataService extends AbnahmeTestCase { - - private String moaSessionID; - private String samlArtifact; - private static final QName SERVICE_QNAME = new QName("SignatureCreation"); - - public Test600GetAuthenticationDataService(String name) { - super(name); - } - - protected void setUp() throws Exception { - super.setUp(); - Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); - System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol"); - System.setProperty("javax.net.ssl.trustStore", "C:/Programme/ApacheGroup/abnahme/server.keystore"); - System.setProperty("javax.net.ssl.trustStorePassword", "changeit"); - } - - public void testA601() throws Exception { - try { - - // Anmelden - String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); - HttpsURLConnection conn = giveConnection(URL, "GET"); - conn.connect(); - String result = new String(StreamUtils.readStream(conn.getInputStream())); - String MOASessionID = parseSessionIDFromForm(result); - conn.disconnect(); - - URL = parseDataURL(result); - // Verify Identity Link - conn = giveConnection(URL, "POST"); - conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); - String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); - OutputStream out = conn.getOutputStream(); - out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); - out.flush(); - out.close(); - conn.connect(); - String redirectLoc = conn.getHeaderField("Location"); - conn.disconnect(); - //Verify Auth Block - conn = giveConnection(redirectLoc, "POST"); - String createXMLSignatureResponse = URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8"); - out = conn.getOutputStream(); - out.write(("MOASessionID=" + moaSessionID + "&XMLResponse=" + createXMLSignatureResponse).getBytes("UTF-8")); - out.flush(); - out.close(); - conn.connect(); - redirectLoc = conn.getHeaderField("Location"); - samlArtifact = parseSamlArtifact(redirectLoc); - System.out.println("SamlArtifact: " + samlArtifact); - conn.disconnect(); - - assertTrue(redirectLoc.startsWith("https://localhost:9443/?Target=gb&SAMLArtifact=")); - - conn = null; - - SAMLRequestBuilder srb = new SAMLRequestBuilder(); - - Element erg = doCall(srb.build(moaSessionID,URLDecoder.decode(samlArtifact, "UTF-8"))); - result = DOMUtils.serializeNode(erg); - result = killInclusive(result,"IssueInstant=\"","\"",""); - result = killInclusive(result,"AssertionID=\"","\"",""); - result = killInclusive(result,"ResponseID=\"","\"",""); - -// writeXmldata("GetAuthenticationDataWebServiceResponse.xml", result.getBytes("UTF-8")); - - assertEquals(result,readXmldata("GetAuthenticationDataWebServiceResponse.xml")); - - System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA651() throws Exception { - try { - - // Anmelden - String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); - HttpsURLConnection conn = giveConnection(URL, "GET"); - conn.connect(); - String result = new String(StreamUtils.readStream(conn.getInputStream())); - String MOASessionID = parseSessionIDFromForm(result); - conn.disconnect(); - - URL = parseDataURL(result); - // Verify Identity Link - conn = giveConnection(URL, "POST"); - conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); - String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); - OutputStream out = conn.getOutputStream(); - out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); - out.flush(); - out.close(); - conn.connect(); - String redirectLoc = conn.getHeaderField("Location"); - conn.disconnect(); - //Verify Auth Block - conn = giveConnection(redirectLoc, "POST"); - String createXMLSignatureResponse = URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8"); - out = conn.getOutputStream(); - out.write(("MOASessionID=" + moaSessionID + "&XMLResponse=" + createXMLSignatureResponse).getBytes("UTF-8")); - out.flush(); - out.close(); - conn.connect(); - redirectLoc = conn.getHeaderField("Location"); - samlArtifact = "AAGu1JFbyGKqJ+3NAonwMu5bNyUc7kooeMK6bxeXBbnK6NL0DfuVJsGi"; - System.out.println("SamlArtifact: " + samlArtifact); - conn.disconnect(); - - assertTrue(redirectLoc.startsWith("https://localhost:9443/?Target=gb&SAMLArtifact=")); - - conn = null; - - SAMLRequestBuilder srb = new SAMLRequestBuilder(); - Element samlPRequest = srb.build(moaSessionID,samlArtifact); - - assertTrue(DOMUtils.serializeNode(doCall(samlPRequest)).indexOf("unbekanntes SAML-Artifakt")!=-1); - - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: Fehler beim Abholen der Anmeldedaten, unbekanntes SAML-Artifakt\n-----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA652() throws Exception { - try { - - // Anmelden - String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); - HttpsURLConnection conn = giveConnection(URL, "GET"); - conn.connect(); - String result = new String(StreamUtils.readStream(conn.getInputStream())); - String MOASessionID = parseSessionIDFromForm(result); - conn.disconnect(); - - URL = parseDataURL(result); - // Verify Identity Link - conn = giveConnection(URL, "POST"); - conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); - String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); - OutputStream out = conn.getOutputStream(); - out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); - out.flush(); - out.close(); - conn.connect(); - String redirectLoc = conn.getHeaderField("Location"); - conn.disconnect(); - //Verify Auth Block - conn = giveConnection(redirectLoc, "POST"); - String createXMLSignatureResponse = URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8"); - out = conn.getOutputStream(); - out.write(("MOASessionID=" + moaSessionID + "&XMLResponse=" + createXMLSignatureResponse).getBytes("UTF-8")); - out.flush(); - out.close(); - conn.connect(); - redirectLoc = conn.getHeaderField("Location"); - samlArtifact = parseSamlArtifact(redirectLoc); - System.out.println("SamlArtifact: " + samlArtifact); - conn.disconnect(); - - assertTrue(redirectLoc.startsWith("https://localhost:9443/?Target=gb&SAMLArtifact=")); - - conn = null; - String request = - "<samlp:Request xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" RequestID=\"" + - moaSessionID + "\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"" + - DateTimeUtils.buildDateTime(Calendar.getInstance(), false)+"\">" + - "</samlp:Request>"; - - Element samlPRequest = DOMUtils.parseDocument(request, false, ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); - - assertTrue(DOMUtils.serializeNode(doCall(samlPRequest)).indexOf("Fehlerhaftes Requestformat")!=-1); -// writeXmldata("GetAuthenticationDataWebServiceResponse.xml", result.getBytes("UTF-8")); - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: Fehlerhaftes Requestformat\n-----------------------"); } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - protected Element doCall(Element request) - throws Exception { - QName serviceName = new QName("GetAuthenticationData"); - String endPoint = "http://localhost:8080/moa-id-auth/services/GetAuthenticationData"; - Service service = ServiceFactory.newInstance().createService(serviceName); - Call call = service.createCall(); - SOAPBodyElement body = - new SOAPBodyElement(request); - SOAPBodyElement[] params = new SOAPBodyElement[] {body}; - Vector responses; - SOAPBodyElement response; - - call.setTargetEndpointAddress(endPoint); - responses = (Vector) call.invoke(params); - response = (SOAPBodyElement) responses.get(0); - - return response.getAsDOM(); - } - - private String parseDataURL(String input) - { - return getSubString(input.substring(input.indexOf("DataURL"),input.length()),"value=\"","\""); - } - private String parseSamlArtifact(String input) - { - return getSubString(input+"@@@","SAMLArtifact=","@@@"); - } - private String getSubString(String input, String startsWith, String endsWith) - { - return input.substring(input.indexOf(startsWith)+startsWith.length(), input.indexOf(endsWith, input.indexOf(startsWith)+startsWith.length())); - } - private String getURL(String authURL, String target, String oaURL) - { - return authURL + "StartAuthentication?Target=" + target + "&OA=" + oaURL; - } - private String parseSessionIDFromForm(String htmlForm) { - String parName = "MOASessionID="; - assertTrue( - "HTML Form enthält keine SessionID", - htmlForm.indexOf(parName) >= 0); - int i1 = htmlForm.indexOf(parName) + parName.length(); - int i2 = htmlForm.indexOf("\"", i1); - assertTrue("HTML Form enthält keine gültige SessionID", i2 > i1); - return htmlForm.substring(i1, i2); - } - private HttpsURLConnection giveConnection(String targetURL, String requestMethod) throws Exception { - HttpsURLConnection conn = (HttpsURLConnection) new URL(targetURL).openConnection(); - conn.setRequestMethod(requestMethod); - conn.setDoInput(true); - conn.setDoOutput(true); - conn.setUseCaches(false); - conn.setAllowUserInteraction(false); - conn.setHostnameVerifier(new HostnameVerifierHack()); - return conn; - } - private class HostnameVerifierHack implements HostnameVerifier { - public boolean verify(String arg0, String arg1) { - return true; - } - } -} +///* +// * Copyright 2003 Federal Chancellery Austria +// * MOA-ID has been developed in a cooperation between BRZ, the Federal +// * Chancellery Austria - ICT staff unit, and Graz University of Technology. +// * +// * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by +// * the European Commission - subsequent versions of the EUPL (the "Licence"); +// * You may not use this work except in compliance with the Licence. +// * You may obtain a copy of the Licence at: +// * http://www.osor.eu/eupl/ +// * +// * Unless required by applicable law or agreed to in writing, software +// * distributed under the Licence is distributed on an "AS IS" basis, +// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// * See the Licence for the specific language governing permissions and +// * limitations under the Licence. +// * +// * This product combines work with different licenses. See the "NOTICE" text +// * file for details on the various modules and licenses. +// * The "NOTICE" text file is part of the distribution. Any derivative works +// * that you distribute must include a readable copy of the "NOTICE" text file. +// */ +// +// +//package test.abnahme.A; +// +//import java.io.OutputStream; +//import java.net.URL; +//import java.security.Security; +//import java.util.Calendar; +//import java.util.Vector; +// +//import javax.xml.namespace.QName; +//import javax.xml.rpc.Call; +//import javax.xml.rpc.Service; +//import javax.xml.rpc.ServiceFactory; +// +//import org.apache.axis.message.SOAPBodyElement; +//import org.w3c.dom.Element; +// +//import com.sun.net.ssl.HostnameVerifier; +//import com.sun.net.ssl.HttpsURLConnection; +// +//import test.abnahme.AbnahmeTestCase; +// +//import at.gv.egovernment.moa.id.proxy.builder.SAMLRequestBuilder; +//import at.gv.egovernment.moa.util.DOMUtils; +//import at.gv.egovernment.moa.util.DateTimeUtils; +//import at.gv.egovernment.moa.util.StreamUtils; +//import at.gv.egovernment.moa.util.URLDecoder; +//import at.gv.egovernment.moa.util.URLEncoder; +// +///** +// * @author Stefan Knirsch +// * @version $Id$ +// */ +// +//public class Test600GetAuthenticationDataService extends AbnahmeTestCase { +// +// private String moaSessionID; +// private String samlArtifact; +// private static final QName SERVICE_QNAME = new QName("SignatureCreation"); +// +// public Test600GetAuthenticationDataService(String name) { +// super(name); +// } +// +// protected void setUp() throws Exception { +// super.setUp(); +// Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); +// System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol"); +// System.setProperty("javax.net.ssl.trustStore", "C:/Programme/ApacheGroup/abnahme/server.keystore"); +// System.setProperty("javax.net.ssl.trustStorePassword", "changeit"); +// } +// +// public void testA601() throws Exception { +// try { +// +// // Anmelden +// String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); +// HttpsURLConnection conn = giveConnection(URL, "GET"); +// conn.connect(); +// String result = new String(StreamUtils.readStream(conn.getInputStream())); +// String MOASessionID = parseSessionIDFromForm(result); +// conn.disconnect(); +// +// URL = parseDataURL(result); +// // Verify Identity Link +// conn = giveConnection(URL, "POST"); +// conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); +// String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); +// OutputStream out = conn.getOutputStream(); +// out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); +// out.flush(); +// out.close(); +// conn.connect(); +// String redirectLoc = conn.getHeaderField("Location"); +// conn.disconnect(); +// //Verify Auth Block +// conn = giveConnection(redirectLoc, "POST"); +// String createXMLSignatureResponse = URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8"); +// out = conn.getOutputStream(); +// out.write(("MOASessionID=" + moaSessionID + "&XMLResponse=" + createXMLSignatureResponse).getBytes("UTF-8")); +// out.flush(); +// out.close(); +// conn.connect(); +// redirectLoc = conn.getHeaderField("Location"); +// samlArtifact = parseSamlArtifact(redirectLoc); +// System.out.println("SamlArtifact: " + samlArtifact); +// conn.disconnect(); +// +// assertTrue(redirectLoc.startsWith("https://localhost:9443/?Target=gb&SAMLArtifact=")); +// +// conn = null; +// +// SAMLRequestBuilder srb = new SAMLRequestBuilder(); +// +// Element erg = doCall(srb.build(moaSessionID,URLDecoder.decode(samlArtifact, "UTF-8"))); +// result = DOMUtils.serializeNode(erg); +// result = killInclusive(result,"IssueInstant=\"","\"",""); +// result = killInclusive(result,"AssertionID=\"","\"",""); +// result = killInclusive(result,"ResponseID=\"","\"",""); +// +//// writeXmldata("GetAuthenticationDataWebServiceResponse.xml", result.getBytes("UTF-8")); +// +// assertEquals(result,readXmldata("GetAuthenticationDataWebServiceResponse.xml")); +// +// System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testA651() throws Exception { +// try { +// +// // Anmelden +// String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); +// HttpsURLConnection conn = giveConnection(URL, "GET"); +// conn.connect(); +// String result = new String(StreamUtils.readStream(conn.getInputStream())); +// String MOASessionID = parseSessionIDFromForm(result); +// conn.disconnect(); +// +// URL = parseDataURL(result); +// // Verify Identity Link +// conn = giveConnection(URL, "POST"); +// conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); +// String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); +// OutputStream out = conn.getOutputStream(); +// out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); +// out.flush(); +// out.close(); +// conn.connect(); +// String redirectLoc = conn.getHeaderField("Location"); +// conn.disconnect(); +// //Verify Auth Block +// conn = giveConnection(redirectLoc, "POST"); +// String createXMLSignatureResponse = URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8"); +// out = conn.getOutputStream(); +// out.write(("MOASessionID=" + moaSessionID + "&XMLResponse=" + createXMLSignatureResponse).getBytes("UTF-8")); +// out.flush(); +// out.close(); +// conn.connect(); +// redirectLoc = conn.getHeaderField("Location"); +// samlArtifact = "AAGu1JFbyGKqJ+3NAonwMu5bNyUc7kooeMK6bxeXBbnK6NL0DfuVJsGi"; +// System.out.println("SamlArtifact: " + samlArtifact); +// conn.disconnect(); +// +// assertTrue(redirectLoc.startsWith("https://localhost:9443/?Target=gb&SAMLArtifact=")); +// +// conn = null; +// +// SAMLRequestBuilder srb = new SAMLRequestBuilder(); +// Element samlPRequest = srb.build(moaSessionID,samlArtifact); +// +// assertTrue(DOMUtils.serializeNode(doCall(samlPRequest)).indexOf("unbekanntes SAML-Artifakt")!=-1); +// +// System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: Fehler beim Abholen der Anmeldedaten, unbekanntes SAML-Artifakt\n-----------------------"); +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testA652() throws Exception { +// try { +// +// // Anmelden +// String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); +// HttpsURLConnection conn = giveConnection(URL, "GET"); +// conn.connect(); +// String result = new String(StreamUtils.readStream(conn.getInputStream())); +// String MOASessionID = parseSessionIDFromForm(result); +// conn.disconnect(); +// +// URL = parseDataURL(result); +// // Verify Identity Link +// conn = giveConnection(URL, "POST"); +// conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); +// String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); +// OutputStream out = conn.getOutputStream(); +// out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); +// out.flush(); +// out.close(); +// conn.connect(); +// String redirectLoc = conn.getHeaderField("Location"); +// conn.disconnect(); +// //Verify Auth Block +// conn = giveConnection(redirectLoc, "POST"); +// String createXMLSignatureResponse = URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8"); +// out = conn.getOutputStream(); +// out.write(("MOASessionID=" + moaSessionID + "&XMLResponse=" + createXMLSignatureResponse).getBytes("UTF-8")); +// out.flush(); +// out.close(); +// conn.connect(); +// redirectLoc = conn.getHeaderField("Location"); +// samlArtifact = parseSamlArtifact(redirectLoc); +// System.out.println("SamlArtifact: " + samlArtifact); +// conn.disconnect(); +// +// assertTrue(redirectLoc.startsWith("https://localhost:9443/?Target=gb&SAMLArtifact=")); +// +// conn = null; +// String request = +// "<samlp:Request xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" RequestID=\"" + +// moaSessionID + "\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"" + +// DateTimeUtils.buildDateTime(Calendar.getInstance(), false)+"\">" + +// "</samlp:Request>"; +// +// Element samlPRequest = DOMUtils.parseDocument(request, false, ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); +// +// assertTrue(DOMUtils.serializeNode(doCall(samlPRequest)).indexOf("Fehlerhaftes Requestformat")!=-1); +//// writeXmldata("GetAuthenticationDataWebServiceResponse.xml", result.getBytes("UTF-8")); +// System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: Fehlerhaftes Requestformat\n-----------------------"); } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// protected Element doCall(Element request) +// throws Exception { +// QName serviceName = new QName("GetAuthenticationData"); +// String endPoint = "http://localhost:8080/moa-id-auth/services/GetAuthenticationData"; +// Service service = ServiceFactory.newInstance().createService(serviceName); +// Call call = service.createCall(); +// SOAPBodyElement body = +// new SOAPBodyElement(request); +// SOAPBodyElement[] params = new SOAPBodyElement[] {body}; +// Vector responses; +// SOAPBodyElement response; +// +// call.setTargetEndpointAddress(endPoint); +// responses = (Vector) call.invoke(params); +// response = (SOAPBodyElement) responses.get(0); +// +// return response.getAsDOM(); +// } +// +// private String parseDataURL(String input) +// { +// return getSubString(input.substring(input.indexOf("DataURL"),input.length()),"value=\"","\""); +// } +// private String parseSamlArtifact(String input) +// { +// return getSubString(input+"@@@","SAMLArtifact=","@@@"); +// } +// private String getSubString(String input, String startsWith, String endsWith) +// { +// return input.substring(input.indexOf(startsWith)+startsWith.length(), input.indexOf(endsWith, input.indexOf(startsWith)+startsWith.length())); +// } +// private String getURL(String authURL, String target, String oaURL) +// { +// return authURL + "StartAuthentication?Target=" + target + "&OA=" + oaURL; +// } +// private String parseSessionIDFromForm(String htmlForm) { +// String parName = "MOASessionID="; +// assertTrue( +// "HTML Form enth�lt keine SessionID", +// htmlForm.indexOf(parName) >= 0); +// int i1 = htmlForm.indexOf(parName) + parName.length(); +// int i2 = htmlForm.indexOf("\"", i1); +// assertTrue("HTML Form enth�lt keine g�ltige SessionID", i2 > i1); +// return htmlForm.substring(i1, i2); +// } +// private HttpsURLConnection giveConnection(String targetURL, String requestMethod) throws Exception { +// HttpsURLConnection conn = (HttpsURLConnection) new URL(targetURL).openConnection(); +// conn.setRequestMethod(requestMethod); +// conn.setDoInput(true); +// conn.setDoOutput(true); +// conn.setUseCaches(false); +// conn.setAllowUserInteraction(false); +// conn.setHostnameVerifier(new HostnameVerifierHack()); +// return conn; +// } +// private class HostnameVerifierHack implements HostnameVerifier { +// public boolean verify(String arg0, String arg1) { +// return true; +// } +// } +//} diff --git a/id/server/idserverlib/src/test/java/test/abnahme/A/Test700SelectBKU.java b/id/server/idserverlib/src/test/java/test/abnahme/A/Test700SelectBKU.java index 386a2b454..120e6dc44 100644 --- a/id/server/idserverlib/src/test/java/test/abnahme/A/Test700SelectBKU.java +++ b/id/server/idserverlib/src/test/java/test/abnahme/A/Test700SelectBKU.java @@ -1,87 +1,87 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package test.abnahme.A; - -import test.abnahme.AbnahmeTestCase; - -/* - * @author Paul Ivancsics - * @version $Id$ - */ -public class Test700SelectBKU extends AbnahmeTestCase { - - public Test700SelectBKU(String name) { - super(name); - } - - public void testA701() throws Exception { - try { - String form = server.selectBKU( - "https://localhost:8443/auth", - "gb", - "https://localhost:9443/", - "file:" + getTestCaseDirectory() + "BKUSelectionTemplate.html", - "file:" + getTestCaseDirectory() + "Template.html"); - //writeXmldata("SelectBKUForm_out.html", form.getBytes()); - assertEqualsIgnoreSessionID(readXmldata("SelectBKUForm.html"), form); - } - catch (Exception ex) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + ex.getLocalizedMessage()); - throw ex; - } - } - public void testA702() throws Exception { - try { - String form = server.selectBKU( - "https://localhost:8443/auth", - "gb", - "https://localhost:9443/", - null, - null); - //writeXmldata("SelectBKUForm_out.html", form.getBytes()); - assertEqualsIgnoreSessionID(readXmldata("SelectBKUForm.html"), form); - } - catch (Exception ex) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + ex.getLocalizedMessage()); - throw ex; - } - } - public void testA703() throws Exception { - try { - String form = server.selectBKU( - "https://localhost:8443/auth", - "gb", - "https://localhost:9443/", - null, - null); - //writeXmldata("SelectBKUForm_out.html", form.getBytes()); - assertEqualsIgnoreSessionID(readXmldata("SelectBKUForm.html"), form); - } - catch (Exception ex) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + ex.getLocalizedMessage()); - throw ex; - } - } -} +///* +// * Copyright 2003 Federal Chancellery Austria +// * MOA-ID has been developed in a cooperation between BRZ, the Federal +// * Chancellery Austria - ICT staff unit, and Graz University of Technology. +// * +// * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by +// * the European Commission - subsequent versions of the EUPL (the "Licence"); +// * You may not use this work except in compliance with the Licence. +// * You may obtain a copy of the Licence at: +// * http://www.osor.eu/eupl/ +// * +// * Unless required by applicable law or agreed to in writing, software +// * distributed under the Licence is distributed on an "AS IS" basis, +// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// * See the Licence for the specific language governing permissions and +// * limitations under the Licence. +// * +// * This product combines work with different licenses. See the "NOTICE" text +// * file for details on the various modules and licenses. +// * The "NOTICE" text file is part of the distribution. Any derivative works +// * that you distribute must include a readable copy of the "NOTICE" text file. +// */ +// +// +//package test.abnahme.A; +// +//import test.abnahme.AbnahmeTestCase; +// +///* +// * @author Paul Ivancsics +// * @version $Id$ +// */ +//public class Test700SelectBKU extends AbnahmeTestCase { +// +// public Test700SelectBKU(String name) { +// super(name); +// } +// +// public void testA701() throws Exception { +// try { +// String form = server.selectBKU( +// "https://localhost:8443/auth", +// "gb", +// "https://localhost:9443/", +// "file:" + getTestCaseDirectory() + "BKUSelectionTemplate.html", +// "file:" + getTestCaseDirectory() + "Template.html"); +// //writeXmldata("SelectBKUForm_out.html", form.getBytes()); +// assertEqualsIgnoreSessionID(readXmldata("SelectBKUForm.html"), form); +// } +// catch (Exception ex) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + ex.getLocalizedMessage()); +// throw ex; +// } +// } +// public void testA702() throws Exception { +// try { +// String form = server.selectBKU( +// "https://localhost:8443/auth", +// "gb", +// "https://localhost:9443/", +// null, +// null); +// //writeXmldata("SelectBKUForm_out.html", form.getBytes()); +// assertEqualsIgnoreSessionID(readXmldata("SelectBKUForm.html"), form); +// } +// catch (Exception ex) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + ex.getLocalizedMessage()); +// throw ex; +// } +// } +// public void testA703() throws Exception { +// try { +// String form = server.selectBKU( +// "https://localhost:8443/auth", +// "gb", +// "https://localhost:9443/", +// null, +// null); +// //writeXmldata("SelectBKUForm_out.html", form.getBytes()); +// assertEqualsIgnoreSessionID(readXmldata("SelectBKUForm.html"), form); +// } +// catch (Exception ex) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + ex.getLocalizedMessage()); +// throw ex; +// } +// } +//} |