diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2021-12-20 15:54:56 +0100 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2021-12-20 15:54:56 +0100 |
commit | 506ab3232b2c237a1d83c9e970dccdb9445d5d81 (patch) | |
tree | 3c94a1a8b4849bdcdbe56d12d0dd7b2e964b234f /id/server/modules | |
parent | fc0385dbeee71f1ce18783ef1c7a4d06288fdb0d (diff) | |
parent | 600369d4ffa753716a9572824de7a96a04cb05a7 (diff) | |
download | moa-id-spss-master.tar.gz moa-id-spss-master.tar.bz2 moa-id-spss-master.zip |
Diffstat (limited to 'id/server/modules')
91 files changed, 6128 insertions, 355 deletions
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml b/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml index b1dd44779..b5d99d53d 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml +++ b/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml @@ -3,7 +3,7 @@ <parent> <groupId>MOA.id.server.modules</groupId> <artifactId>moa-id-modules</artifactId> - <version>4.1.5</version> + <version>4.2.0</version> </parent> <artifactId>moa-id-modul-citizencard_authentication</artifactId> diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml index b826597e9..8ae8c9a63 100644 --- a/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml +++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml @@ -5,7 +5,7 @@ <parent> <groupId>MOA.id.server.modules</groupId> <artifactId>moa-id-modules</artifactId> - <version>4.1.5</version> + <version>4.2.0</version> </parent> <artifactId>moa-id-module-AT_eIDAS_connector</artifactId> <name>moa-id-module-AT_eIDAS_connector</name> diff --git a/id/server/modules/moa-id-module-E-ID_connector/pom.xml b/id/server/modules/moa-id-module-E-ID_connector/pom.xml index 9764a8ee6..ac08879d3 100644 --- a/id/server/modules/moa-id-module-E-ID_connector/pom.xml +++ b/id/server/modules/moa-id-module-E-ID_connector/pom.xml @@ -5,7 +5,7 @@ <parent> <groupId>MOA.id.server.modules</groupId> <artifactId>moa-id-modules</artifactId> - <version>4.1.5</version> + <version>4.2.0</version> </parent> <artifactId>moa-id-module-EID_connector</artifactId> <name>moa-id-module-E-ID_connector</name> @@ -50,7 +50,13 @@ <dependency> <groupId>at.gv.egiz.eaaf</groupId> <artifactId>eaaf_module_pvp2_core</artifactId> - </dependency> + <exclusions> + <exclusion> + <groupId>log4j</groupId> + <artifactId>log4j</artifactId> + </exclusion> + </exclusions> + </dependency> <dependency> <groupId>at.gv.egiz.eaaf</groupId> <artifactId>eaaf_module_pvp2_sp</artifactId> diff --git a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml index e3cc3cb52..a190c861a 100644 --- a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml +++ b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml @@ -3,7 +3,7 @@ <parent> <groupId>MOA.id.server.modules</groupId> <artifactId>moa-id-modules</artifactId> - <version>4.1.5</version> + <version>4.2.0</version> </parent> <artifactId>moa-id-module-bkaMobilaAuthSAML2Test</artifactId> <description>BKA MobileAuth Test for SAML2 applications</description> @@ -12,12 +12,12 @@ <dependency> <groupId>org.bouncycastle</groupId> <artifactId>bcprov-jdk15on</artifactId> - <version>1.52</version> + <version>1.70</version> </dependency> <dependency> <groupId>org.bouncycastle</groupId> <artifactId>bcpkix-jdk15on</artifactId> - <version>1.52</version> + <version>1.70</version> </dependency> <!-- JSON JWT implementation --> diff --git a/id/server/modules/moa-id-module-dummyAuth/pom.xml b/id/server/modules/moa-id-module-dummyAuth/pom.xml new file mode 100644 index 000000000..7b7e2d77e --- /dev/null +++ b/id/server/modules/moa-id-module-dummyAuth/pom.xml @@ -0,0 +1,42 @@ +<?xml version="1.0" encoding="UTF-8"?> +<project xmlns="http://maven.apache.org/POM/4.0.0" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> + <modelVersion>4.0.0</modelVersion> + <parent> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-modules</artifactId> + <version>4.2.0</version> + </parent> + <artifactId>moa-id-module-dummy-authenticatiuon</artifactId> + <version>${moa-id-dummy-auth.version}</version> + <description>Module for dummy authentication in MOA-ID</description> + + <dependencies> + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-test</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>at.gv.egiz.eaaf</groupId> + <artifactId>eaaf_core_utils</artifactId> + <scope>test</scope> + <type>test-jar</type> + </dependency> + <dependency> + <groupId>at.gv.egiz.eaaf</groupId> + <artifactId>eaaf-core</artifactId> + <scope>test</scope> + <type>test-jar</type> + </dependency> + </dependencies> + + + +</project> diff --git a/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/ConfigurationProperties.java b/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/ConfigurationProperties.java new file mode 100644 index 000000000..b42e5b0f7 --- /dev/null +++ b/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/ConfigurationProperties.java @@ -0,0 +1,58 @@ +/* + * Copyright 2021 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.auth.dummy; + +import java.util.Collection; +import java.util.Set; + +import com.google.common.collect.Sets; + +import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions; + +public class ConfigurationProperties { + + // configuration properties + private static final String MODULE_PREFIX = "modules.dummyauth."; + + public static final String PROP_MODULE_ENABLED = MODULE_PREFIX + "enabled"; + public static final String PROP_MODULE_SP_PREFIX = MODULE_PREFIX + "sp"; + public static final String PROP_MODULE_IDENTITY_STORE_PATH = MODULE_PREFIX + "identity.store.path"; + + // http parameter + public static final String HTTP_PARAM_START_DUMMY_AUTH = "dummyauth"; + + // configuration filetype + public static final String ALLOWED_FILE_TYPE = "json"; + + + //minimum required attributes + public static final Collection<String> MINIMUM_REQ_ATTRIBUTES = Sets.newHashSet( + PVPAttributeDefinitions.BIRTHDATE_NAME, + PVPAttributeDefinitions.GIVEN_NAME_NAME, + PVPAttributeDefinitions.PRINCIPAL_NAME_NAME, + PVPAttributeDefinitions.BPK_NAME); + + private ConfigurationProperties() { + // hide constructor or static class + } +} diff --git a/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/DummyIdentityAuthModule.java b/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/DummyIdentityAuthModule.java new file mode 100644 index 000000000..e2f550736 --- /dev/null +++ b/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/DummyIdentityAuthModule.java @@ -0,0 +1,152 @@ +/* + * Copyright 2021 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.auth.dummy; + +import java.io.Serializable; +import java.util.Collection; +import java.util.Collections; +import java.util.stream.Collectors; + +import javax.annotation.PostConstruct; + +import org.apache.commons.lang3.StringUtils; +import org.springframework.beans.factory.annotation.Autowired; + +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; +import at.gv.egiz.eaaf.core.api.idp.auth.IAuthenticationManager; +import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule; +import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; +import at.gv.egovernment.moa.logging.Logger; + +/** + * @author tlenz + * + */ +public class DummyIdentityAuthModule implements AuthModule { + + private int priority = 2; + + @Autowired(required = true) + protected IConfigurationWithSP authConfig; + @Autowired(required = true) + private IAuthenticationManager authManager; + + private Collection<String> uniqueIDsDummyAuthEnabled; + + /* + * (non-Javadoc) + * + * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getPriority() + */ + @Override + public int getPriority() { + return priority; + } + + /** + * Sets the priority of this module. Default value is {@code 0}. + * + * @param priority The priority. + */ + public void setPriority(int priority) { + this.priority = priority; + } + + @PostConstruct + private void initialDummyAuthWhiteList() { + if (authConfig.getBasicConfigurationBoolean(ConfigurationProperties.PROP_MODULE_ENABLED, false)) { + Logger.info("AuthModule for 'dummy-identities' is enabled"); + + // load allowed service-provider Id's + uniqueIDsDummyAuthEnabled = authConfig.getBasicConfigurationWithPrefix( + ConfigurationProperties.PROP_MODULE_SP_PREFIX).values().stream() + .filter(el -> StringUtils.isNotEmpty(el)) + .collect(Collectors.toSet()); + + if (!uniqueIDsDummyAuthEnabled.isEmpty()) { + Logger.info("Dummy authentication is enabled for ...."); + uniqueIDsDummyAuthEnabled.forEach(el -> Logger.info(" EntityID: " + el)); + + } + + // TODO: do we need a selection parameter from external + authManager.addParameterNameToWhiteList(ConfigurationProperties.HTTP_PARAM_START_DUMMY_AUTH); + + } else { + uniqueIDsDummyAuthEnabled = Collections.emptySet(); + Logger.info("AuthModule for 'dummy-identities' is disabled"); + + } + + } + + /* + * (non-Javadoc) + * + * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv. + * egovernment.moa.id.process.api.ExecutionContext) + */ + @Override + public String selectProcess(ExecutionContext context, IRequest pendingReq) { + + if (authConfig.getBasicConfigurationBoolean(ConfigurationProperties.PROP_MODULE_ENABLED, false)) { + final String spEntityID = pendingReq.getServiceProviderConfiguration().getUniqueIdentifier(); + Logger.trace("Check dummy-auth for SP: " + spEntityID); + if (uniqueIDsDummyAuthEnabled.contains(spEntityID)) { + final Serializable flagObj = context.get(ConfigurationProperties.HTTP_PARAM_START_DUMMY_AUTH); + if (flagObj instanceof String && Boolean.valueOf((String) flagObj)) { + Logger.info("Starting Dummy-Identity authentication for SP: " + spEntityID); + return "dummyIdentityAuthentication"; + + } else { + Logger.debug("Dummy-Identity authentication flag not 'true'. Skip it ... "); + + } + + } else { + Logger.debug("Unique SP-Id: " + spEntityID + + " is not in whitelist for Dummy-Identity authentication."); + + } + + } else { + Logger.trace("Dummy-Identity authentication is disabled"); + + } + + return null; + + } + + /* + * (non-Javadoc) + * + * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getProcessDefinitions() + */ + @Override + public String[] getProcessDefinitions() { + return new String[] { "classpath:/dummy_identity_auth.process.xml" }; + } + +} diff --git a/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/DummyIdentityAuthSpringResourceProvider.java b/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/DummyIdentityAuthSpringResourceProvider.java new file mode 100644 index 000000000..d8218b7f1 --- /dev/null +++ b/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/DummyIdentityAuthSpringResourceProvider.java @@ -0,0 +1,62 @@ +/* + * Copyright 2021 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.auth.dummy; + +import org.springframework.core.io.ClassPathResource; +import org.springframework.core.io.Resource; + +import at.gv.egiz.components.spring.api.SpringResourceProvider; + +/** + * @author tlenz + * + */ +public class DummyIdentityAuthSpringResourceProvider implements SpringResourceProvider { + + /* (non-Javadoc) + * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getResourcesToLoad() + */ + @Override + public Resource[] getResourcesToLoad() { + ClassPathResource authConfig = new ClassPathResource("/moaid_dummy_identity_auth.beans.xml", DummyIdentityAuthSpringResourceProvider.class); + return new Resource[] {authConfig}; + } + + /* (non-Javadoc) + * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getPackagesToScan() + */ + @Override + public String[] getPackagesToScan() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getName() + */ + @Override + public String getName() { + return "Module for 'Dummy Authentication'"; + } + +} diff --git a/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/service/DummyIdentityService.java b/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/service/DummyIdentityService.java new file mode 100644 index 000000000..9bb961e47 --- /dev/null +++ b/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/service/DummyIdentityService.java @@ -0,0 +1,182 @@ +package at.gv.egovernment.moa.id.auth.modules.auth.dummy.service; + +import java.io.IOException; +import java.nio.file.FileVisitOption; +import java.nio.file.Files; +import java.nio.file.Path; +import java.nio.file.Paths; +import java.util.ArrayList; +import java.util.Collection; +import java.util.HashSet; +import java.util.List; +import java.util.Map; +import java.util.Set; +import java.util.stream.Collectors; + +import javax.annotation.PostConstruct; + +import org.apache.commons.io.FilenameUtils; +import org.apache.commons.lang3.RandomStringUtils; +import org.apache.commons.lang3.StringUtils; +import org.springframework.beans.factory.annotation.Autowired; + +import com.fasterxml.jackson.annotation.JsonAutoDetect.Visibility; +import com.fasterxml.jackson.annotation.PropertyAccessor; +import com.fasterxml.jackson.databind.DeserializationFeature; +import com.fasterxml.jackson.databind.ObjectMapper; + +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.exceptions.EAAFAuthenticationException; +import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException; +import at.gv.egiz.eaaf.core.exceptions.EAAFException; +import at.gv.egiz.eaaf.core.impl.utils.FileUtils; +import at.gv.egiz.eaaf.core.impl.utils.Random; +import at.gv.egovernment.moa.id.auth.modules.auth.dummy.ConfigurationProperties; +import at.gv.egovernment.moa.logging.Logger; + +/** + * Service that holdes and selects dummy-identities for dummy-authentication. + * + * @author tlenz + * + */ +public class DummyIdentityService { + + @Autowired IConfiguration config; + + private List<Map<String, String>> availableIdentities = new ArrayList<>(); + + + private static ObjectMapper jsonMapper = new ObjectMapper(); + + static { + // initialize JSON Mapper + jsonMapper.configure(DeserializationFeature.FAIL_ON_READING_DUP_TREE_KEY, true); + jsonMapper.configure(DeserializationFeature.FAIL_ON_TRAILING_TOKENS, true); + jsonMapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, true); + jsonMapper.setVisibility(PropertyAccessor.ALL, Visibility.NONE); + jsonMapper.setVisibility(PropertyAccessor.GETTER, Visibility.PUBLIC_ONLY); + jsonMapper.setVisibility(PropertyAccessor.IS_GETTER, Visibility.PUBLIC_ONLY); + + } + + + /** + * Get an identity randomly from available identities. + * + * @return Map of identity attributes + * @throws EAAFAuthenticationException In case of an empty identity store + */ + public Map<String, String> getIdentityRandomly() throws EAAFAuthenticationException { + if (availableIdentities.isEmpty()) { + throw new EAAFAuthenticationException("builder.08", new Object[] {"No Dummy-Identity available"}); + + } + + + + int num = (int) (Math.random() * 1000000) % availableIdentities.size(); + Logger.debug("Select element: " + num + " from dummy-identity store"); + return availableIdentities.get(num); + + } + + /** + * Get number of available identity sets. + * + * @return available dummy identities + */ + public int getNumberOfLoadedIdentitySets( ) { + return availableIdentities.size(); + + } + + + @PostConstruct + private void initialize() throws EAAFException { + try { + Logger.debug("Initializing Dummy-Identity authentication service ... "); + + //get all files from datastore + Set<Path> identityConfigFiles = getAllFilesFromIdentityStore(); + Logger.debug("Find #" + identityConfigFiles.size() + " files in identity-store. Starting identity extraction ... "); + + //extract identity informations + identityConfigFiles.stream() + .filter(el -> FilenameUtils.isExtension(el.getFileName().toString(), ConfigurationProperties.ALLOWED_FILE_TYPE)) + .forEach(el -> loadJson(el)); + + Logger.info("Dummy-Identity authentication service contains #" + availableIdentities.size() + " data-sets"); + + } catch (EAAFException e) { + handleError(e); + + } catch (IOException e) { + handleError(new EAAFException("config.05", + new Object[] {ConfigurationProperties.PROP_MODULE_IDENTITY_STORE_PATH}, e)); + + } + } + + + private void loadJson(Path file) { + try { + Logger.debug("Reading dummy-identity from file: " + file.getFileName() + " ... "); + Map<String, String> dummyEid = jsonMapper.readValue(file.toFile(), Map.class); + + // check minimum required attributes + ConfigurationProperties.MINIMUM_REQ_ATTRIBUTES.stream().forEach( + el -> { + if (!dummyEid.containsKey(el)) { + throw new RuntimeException("dummy-identity from file: " + file.getFileName() + " missing attribute: " + el); + + } + }); + + Logger.debug("Add dummy-identity from file: " + file.getFileName()); + availableIdentities.add(dummyEid); + + + } catch (Exception e) { + Logger.warn("Can NOT read dummy-identity from file: " + file.getFileName() + " Identity will be skipped", e); + + } + + } + + + private Set<Path> getAllFilesFromIdentityStore() throws IOException, EAAFConfigurationException { + String identityStorePath = config.getBasicConfiguration(ConfigurationProperties.PROP_MODULE_IDENTITY_STORE_PATH); + if (StringUtils.isEmpty(identityStorePath)) { + throw new EAAFConfigurationException("config.08", + new Object[] {ConfigurationProperties.PROP_MODULE_IDENTITY_STORE_PATH}); + + } + + String absIdentityStorePath = FileUtils.makeAbsoluteURL(identityStorePath, config.getConfigurationRootDirectory()); + if (absIdentityStorePath.startsWith("file:")) { + absIdentityStorePath = absIdentityStorePath.substring("file:".length()); + + } + + return Files.walk(Paths.get(absIdentityStorePath), FileVisitOption.FOLLOW_LINKS) + .filter(Files::isRegularFile) + .filter(Files::isReadable) + .collect(Collectors.toSet()); + + } + + + private void handleError(EAAFException e) throws EAAFException { + if (config.getBasicConfigurationBoolean(ConfigurationProperties.PROP_MODULE_ENABLED, false)) { + throw e; + + } else { + Logger.info("Dummy-Identity authentication is disabled. Ignore exception: " + e.getMessage()); + + } + + } + + +} diff --git a/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/task/InjectDummyIdentityInformationTask.java b/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/task/InjectDummyIdentityInformationTask.java new file mode 100644 index 000000000..5eb441bc9 --- /dev/null +++ b/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/task/InjectDummyIdentityInformationTask.java @@ -0,0 +1,140 @@ +/* + * Copyright 2021 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.auth.dummy.task; + +import java.util.Map; +import java.util.Map.Entry; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; + +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; +import at.gv.egiz.eaaf.core.exceptions.EAAFAuthenticationException; +import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException; +import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; +import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper; +import at.gv.egovernment.moa.id.auth.modules.auth.dummy.service.DummyIdentityService; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; +import at.gv.egovernment.moa.logging.Logger; + +/** + * @author tlenz + * + */ +@Component("InjectDummyIdentityInformationTask") +public class InjectDummyIdentityInformationTask extends AbstractAuthServletTask { + + @Autowired + IConfiguration moaAuthConfig; + @Autowired + DummyIdentityService service; + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask#execute(at.gv. + * egovernment.moa.id.process.api.ExecutionContext, + * javax.servlet.http.HttpServletRequest, + * javax.servlet.http.HttpServletResponse) + */ + @Override + public void execute(ExecutionContext executionContext, HttpServletRequest request, + HttpServletResponse response) + throws TaskExecutionException { + + try { + Logger.debug("Injecting user credentials for Dummy-Identity authentication ... "); + parseDemoValuesIntoMOASession(pendingReq); + + // set 'needConsent' to false, because user gives consent during authentication + pendingReq.setNeedUserConsent(false); + + // set 'authenticated' flag to true + pendingReq.setAuthenticated(true); + + // store MOASession into database + requestStoreage.storePendingRequest(pendingReq); + + } catch (final MOAIDException e) { + throw new TaskExecutionException(pendingReq, e.getMessage(), e); + + } catch (final Exception e) { + throw new TaskExecutionException(pendingReq, e.getMessage(), e); + + } + } + + /** + * @param pendingReq + * @param moaSession + * @throws MOAIDException + * @throws EAAFStorageException + * @throws EAAFAuthenticationException + */ + private void parseDemoValuesIntoMOASession(IRequest pendingReq) throws MOAIDException, EAAFStorageException, + EAAFAuthenticationException { + final AuthenticationSessionWrapper moaSession = pendingReq.getSessionData( + AuthenticationSessionWrapper.class); + moaSession.setForeigner(false); + moaSession.setQAALevel(PVPConstants.EIDAS_QAA_HIGH); + + final Map<String, String> rawIdentity = service.getIdentityRandomly(); + + // add attributes into session + for (final Entry<String, String> el : rawIdentity.entrySet()) { + moaSession.setGenericDataToSession(el.getKey(), el.getValue()); + Logger.debug("Add PVP-attribute " + el.getKey() + " into MOASession"); + + } + + // set BKU URL + if (rawIdentity.containsKey(PVPAttributeDefinitions.EID_CCS_URL_NAME)) { + moaSession.setBkuURL(rawIdentity.get(PVPAttributeDefinitions.EID_CCS_URL_NAME)); + + } else { + moaSession.setBkuURL("http://egiz.gv.at/dummy-authentication"); + + } + + // check if mandates are included + if (rawIdentity.containsKey(PVPAttributeDefinitions.MANDATE_TYPE_NAME) + || rawIdentity.containsKey(PVPAttributeDefinitions.MANDATE_TYPE_OID_NAME)) { + Logger.debug("Find Mandate-Attributes in E-ID response. Switch to mandate-mode ... "); + moaSession.setUseMandates(true); + + } else { + moaSession.setUseMandates(false); + + } + } + +} diff --git a/id/server/modules/moa-id-module-dummyAuth/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider b/id/server/modules/moa-id-module-dummyAuth/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider new file mode 100644 index 000000000..a60db29cb --- /dev/null +++ b/id/server/modules/moa-id-module-dummyAuth/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider @@ -0,0 +1 @@ +at.gv.egovernment.moa.id.auth.modules.auth.dummy.DummyIdentityAuthSpringResourceProvider
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-dummyAuth/src/main/resources/dummy_identity_auth.process.xml b/id/server/modules/moa-id-module-dummyAuth/src/main/resources/dummy_identity_auth.process.xml new file mode 100644 index 000000000..d7351fbbd --- /dev/null +++ b/id/server/modules/moa-id-module-dummyAuth/src/main/resources/dummy_identity_auth.process.xml @@ -0,0 +1,16 @@ +<?xml version="1.0" encoding="UTF-8"?> +<pd:ProcessDefinition id="dummyIdentityAuthentication" xmlns:pd="http://reference.e-government.gv.at/namespace/moa/process/definition/v1"> + + <pd:Task id="dummyAuth" class="InjectDummyIdentityInformationTask" /> + <pd:Task id="finalizeAuthentication" class="FinalizeAuthenticationTask" /> + + <!-- Process is triggered either by GenerateIFrameTemplateServlet (upon bku selection) or by AuthenticationManager (upon legacy authentication start using legacy parameters. --> + <pd:StartEvent id="start" /> + + <pd:Transition from="start" to="dummyAuth" /> + <pd:Transition from="dummyAuth" to="finalizeAuthentication" /> + <pd:Transition from="finalizeAuthentication" to="end" /> + + <pd:EndEvent id="end" /> + +</pd:ProcessDefinition> diff --git a/id/server/modules/moa-id-module-dummyAuth/src/main/resources/moaid_dummy_identity_auth.beans.xml b/id/server/modules/moa-id-module-dummyAuth/src/main/resources/moaid_dummy_identity_auth.beans.xml new file mode 100644 index 000000000..5c2ea1176 --- /dev/null +++ b/id/server/modules/moa-id-module-dummyAuth/src/main/resources/moaid_dummy_identity_auth.beans.xml @@ -0,0 +1,23 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:tx="http://www.springframework.org/schema/tx" + xmlns:aop="http://www.springframework.org/schema/aop" + xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + + <bean id="dummyIdentityAuthModule" class="at.gv.egovernment.moa.id.auth.modules.auth.dummy.DummyIdentityAuthModule"> + <property name="priority" value="4" /> + </bean> + + <bean id="dummyIdentityService" + class="at.gv.egovernment.moa.id.auth.modules.auth.dummy.service.DummyIdentityService" /> + + <bean id="InjectDummyIdentityInformationTask" + class="at.gv.egovernment.moa.id.auth.modules.auth.dummy.task.InjectDummyIdentityInformationTask" + scope="prototype"/> + +</beans>
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/BeanCreationTest.java b/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/BeanCreationTest.java new file mode 100644 index 000000000..7fa2eab93 --- /dev/null +++ b/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/BeanCreationTest.java @@ -0,0 +1,67 @@ +package at.gv.egovernment.moa.id.auth.modules.auth.dummy.test; + +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertNull; +import static org.junit.Assert.assertTrue; +import static org.junit.Assert.fail; + +import org.junit.Assert; +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.BeanCreationException; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.ApplicationContext; +import org.springframework.test.annotation.DirtiesContext; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + +import at.gv.egovernment.moa.id.auth.modules.auth.dummy.DummyIdentityAuthModule; +import at.gv.egovernment.moa.id.auth.modules.auth.dummy.service.DummyIdentityService; +import at.gv.egovernment.moa.id.auth.modules.auth.dummy.test.dummy.DummyAuthConfigMap; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/test_dummy_identity_auth_lazy.beans.xml" }) +public class BeanCreationTest { + + @Autowired DummyAuthConfigMap config; + @Autowired ApplicationContext context; + + @Before + public void initialize() { + // re-set config + config.putConfigValue("modules.dummyauth.enabled", String.valueOf(false)); + + } + + @Test + public void authModuleDeactivated() { + assertNotNull("AuthModule", context.getBean(DummyIdentityAuthModule.class)); + + } + + @Test + @DirtiesContext + public void dummyIdentityServiceDisabled() { + assertNotNull("IdentityService", context.getBean(DummyIdentityService.class)); + + } + + @Test + @DirtiesContext + public void dummyIdentityServiceEnabled() { + config.putConfigValue("modules.dummyauth.enabled", String.valueOf(true)); + + try { + context.getBean(DummyIdentityService.class); + fail("Wrong config not detected"); + + } catch (Exception e) { + assertTrue("wrong exception", e instanceof BeanCreationException); + + } + + } + +} diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/DummyIdentityAuthModuleTest.java b/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/DummyIdentityAuthModuleTest.java new file mode 100644 index 000000000..37bb0d9b4 --- /dev/null +++ b/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/DummyIdentityAuthModuleTest.java @@ -0,0 +1,117 @@ +package at.gv.egovernment.moa.id.auth.modules.auth.dummy.test; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertNull; + +import java.util.Arrays; +import java.util.HashMap; +import java.util.Map; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + +import at.gv.egiz.eaaf.core.api.data.EAAFConfigConstants; +import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration; +import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; +import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration; +import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; +import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; +import at.gv.egovernment.moa.id.auth.modules.auth.dummy.DummyIdentityAuthModule; +import at.gv.egovernment.moa.id.auth.modules.auth.dummy.test.dummy.DummyAuthConfigMap; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/test_dummy_identity_auth.beans.xml" }) +public class DummyIdentityAuthModuleTest { + + @Autowired DummyAuthConfigMap config; + @Autowired DummyIdentityAuthModule module; + + private ExecutionContext context; + private TestRequestImpl pendingReq; + private Map<String, String> spConfigMap; + + @Before + public void initialize() { + context = new ExecutionContextImpl(); + + spConfigMap = new HashMap<>(); + spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphanumeric(10)); + + ISPConfiguration spConfig = new DummySPConfiguration(spConfigMap, config); + pendingReq = new TestRequestImpl(); + pendingReq.setSpConfig(spConfig); + + // re-set config + config.putConfigValue("modules.dummyauth.enabled", String.valueOf(true)); + + } + + @Test + public void checkProcessDefinition() { + String[] def = module.getProcessDefinitions(); + + assertNotNull("no process definition", def); + Arrays.asList(def).stream().forEach( + el -> DummyIdentityAuthModuleTest.class.getResourceAsStream(el)); + + } + + + @Test + public void deactivated() { + config.putConfigValue("modules.dummyauth.enabled", String.valueOf(false)); + + assertNull("wrong authModule selected", module.selectProcess(context, pendingReq)); + + } + + @Test + public void unknownServiceProvider() { + assertNull("wrong authModule selected", module.selectProcess(context, pendingReq)); + + } + + @Test + public void allowedServiceProviderButNotRequested() { + spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, "yyasdfasfsa2323"); + + assertNull("wrong authModule selected", module.selectProcess(context, pendingReq)); + + } + + @Test + public void allowedServiceProviderButWrongRequested() { + spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, "yyasdfasfsa2323"); + context.put("dummyauth", 27); + + assertNull("wrong authModule selected", module.selectProcess(context, pendingReq)); + + } + + @Test + public void allowedServiceProviderButFalseRequested() { + spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, "yyasdfasfsa2323"); + context.put("dummyauth", "false"); + + assertNull("wrong authModule selected", module.selectProcess(context, pendingReq)); + + } + + @Test + public void allowedServiceProviderAndRequested() { + spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, "yyasdfasfsa2323"); + context.put("dummyauth", "true"); + + assertEquals("wrong authmethod identifier", "dummyIdentityAuthentication", + module.selectProcess(context, pendingReq)); + + } + +} diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/DummyIdentityAuthSpringResourceProviderTest.java b/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/DummyIdentityAuthSpringResourceProviderTest.java new file mode 100644 index 000000000..0e9da9fea --- /dev/null +++ b/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/DummyIdentityAuthSpringResourceProviderTest.java @@ -0,0 +1,55 @@ +package at.gv.egovernment.moa.id.auth.modules.auth.dummy.test; + +import java.io.IOException; +import java.io.InputStream; +import at.gv.egovernment.moa.id.auth.modules.auth.dummy.DummyIdentityAuthSpringResourceProvider; + +import org.apache.commons.io.IOUtils; +import org.junit.Assert; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.BlockJUnit4ClassRunner; +import org.springframework.core.io.Resource; + + + +@RunWith(BlockJUnit4ClassRunner.class) +public class DummyIdentityAuthSpringResourceProviderTest { + + @Test + public void testSpringConfig() { + final DummyIdentityAuthSpringResourceProvider test = + new DummyIdentityAuthSpringResourceProvider(); + for (final Resource el : test.getResourcesToLoad()) { + try { + IOUtils.toByteArray(el.getInputStream()); + + } catch (final IOException e) { + Assert.fail("Ressouce: " + el.getFilename() + " not found"); + } + + } + + Assert.assertNotNull("no Name", test.getName()); + Assert.assertNull("Find package definitions", test.getPackagesToScan()); + + } + + @Test + public void testSpILoaderConfig() { + final InputStream el = this.getClass().getResourceAsStream( + "/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider"); + try { + final String spiFile = IOUtils.toString(el, "UTF-8"); + + Assert.assertEquals("Wrong classpath in SPI file", + DummyIdentityAuthSpringResourceProvider.class.getName(), spiFile); + + + } catch (final IOException e) { + Assert.fail("Ressouce: '/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider' not found"); + + } + } + +} diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/DummyIdentityServiceTest.java b/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/DummyIdentityServiceTest.java new file mode 100644 index 000000000..19a9fc72e --- /dev/null +++ b/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/DummyIdentityServiceTest.java @@ -0,0 +1,48 @@ +package at.gv.egovernment.moa.id.auth.modules.auth.dummy.test; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertNotNull; + +import java.util.Map; + +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + +import at.gv.egiz.eaaf.core.exceptions.EAAFAuthenticationException; +import at.gv.egovernment.moa.id.auth.modules.auth.dummy.service.DummyIdentityService; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/test_dummy_identity_auth.beans.xml" }) +public class DummyIdentityServiceTest { + + @Autowired DummyIdentityService service; + + + @Test + public void numberOfLoadedIdentities() { + assertEquals("wrong number of identities in store", 3, service.getNumberOfLoadedIdentitySets()); + + } + + @Test + public void getRandomIdentity() throws EAAFAuthenticationException { + Map<String, String> idl = service.getIdentityRandomly(); + + assertNotNull("idl", idl); + assertEquals("wrong number of attributes", 4, idl.size()); + + } + + @Test + public void getManyRandomIdentity() throws EAAFAuthenticationException { + for(int i=0; i<50; i++) { + assertNotNull("idl", service.getIdentityRandomly()); + + } + } + +} diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/InjectDummyIdentityInformationTaskTest.java b/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/InjectDummyIdentityInformationTaskTest.java new file mode 100644 index 000000000..5d41496e2 --- /dev/null +++ b/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/InjectDummyIdentityInformationTaskTest.java @@ -0,0 +1,92 @@ +package at.gv.egovernment.moa.id.auth.modules.auth.dummy.test; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNotNull; + +import java.util.HashMap; +import java.util.Map; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.mock.web.MockHttpServletRequest; +import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; + +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.IRequestStorage; +import at.gv.egiz.eaaf.core.api.data.EAAFConfigConstants; +import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration; +import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; +import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException; +import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; +import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration; +import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; +import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper; +import at.gv.egovernment.moa.id.auth.modules.auth.dummy.task.InjectDummyIdentityInformationTask; +import at.gv.egovernment.moa.id.auth.modules.auth.dummy.test.dummy.DummyAuthConfigMap; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/test_dummy_identity_auth.beans.xml" }) +public class InjectDummyIdentityInformationTaskTest { + + @Autowired InjectDummyIdentityInformationTask task; + @Autowired DummyAuthConfigMap config; + @Autowired IRequestStorage storage; + + protected MockHttpServletRequest httpReq; + protected MockHttpServletResponse httpResp; + private ExecutionContext context; + private TestRequestImpl pendingReq; + private Map<String, String> spConfigMap; + + @Before + public void initialize() { + httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler"); + httpResp = new MockHttpServletResponse(); + RequestContextHolder.resetRequestAttributes(); + RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); + + context = new ExecutionContextImpl(); + + spConfigMap = new HashMap<>(); + spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphanumeric(10)); + + ISPConfiguration spConfig = new DummySPConfiguration(spConfigMap, config); + pendingReq = new TestRequestImpl(); + pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10)); + pendingReq.setSpConfig(spConfig); + + // re-set config + config.putConfigValue("modules.dummyauth.enabled", String.valueOf(true)); + + } + + @Test + public void injectIdentityData() throws TaskExecutionException, PendingReqIdValidationException { + + task.execute(pendingReq, context); + + // validate state + IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId()); + assertNotNull("pendingReq not stored", storedReq); + + final AuthenticationSessionWrapper moaSession = storedReq.getSessionData( + AuthenticationSessionWrapper.class); + + assertFalse("foreign", moaSession.isForeigner()); + assertFalse("mandate", moaSession.isMandateUsed()); + assertNotNull("bkuUrl", moaSession.getBkuURL()); + assertEquals("missing attributes", 4, moaSession.getGenericSessionDataStorage().size()); + + } + +} diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/dummy/DummyAuthConfigMap.java b/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/dummy/DummyAuthConfigMap.java new file mode 100644 index 000000000..3c0f9edf1 --- /dev/null +++ b/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/dummy/DummyAuthConfigMap.java @@ -0,0 +1,136 @@ +package at.gv.egovernment.moa.id.auth.modules.auth.dummy.test.dummy; + +import java.io.IOException; +import java.io.InputStream; +import java.net.URI; +import java.net.URL; +import java.util.HashMap; +import java.util.Map; +import java.util.Properties; + +import org.apache.commons.lang3.StringUtils; + +import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; +import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration; +import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException; +import at.gv.egiz.eaaf.core.exceptions.EAAFException; +import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; + +/** + * Dummy Application-configuration implementation for jUnit tests. + * + * @author tlenz + * + */ +public class DummyAuthConfigMap implements IConfigurationWithSP { + + private Map<String, String> config = new HashMap<>(); + + public DummyAuthConfigMap() { + + } + + /** + * Dummy Application-configuration. + * + * @param configIs Property based configuration + * @throws IOException In case of an configuration read error + */ + public DummyAuthConfigMap(final InputStream configIs) throws IOException { + + final Properties props = new Properties(); + props.load(configIs); + + config = KeyValueUtils.convertPropertiesToMap(props); + + } + + /** + * Dummy Application-configuration. + * + * @param path Path to property based configuration + * @throws IOException In case of an configuration read error + */ + public DummyAuthConfigMap(final String path) throws IOException { + + final Properties props = new Properties(); + props.load(this.getClass().getResourceAsStream(path)); + + config = KeyValueUtils.convertPropertiesToMap(props); + + } + + + @Override + public String getBasicConfiguration(final String key) { + return config.get(key); + + } + + @Override + public String getBasicConfiguration(final String key, final String defaultValue) { + final String value = getBasicConfiguration(key); + if (StringUtils.isEmpty(value)) { + return defaultValue; + } else { + return value; + } + + } + + @Override + public Boolean getBasicConfigurationBoolean(final String key) { + final String value = getBasicConfiguration(key); + if (StringUtils.isEmpty(value)) { + return false; + } else { + return Boolean.valueOf(value); + } + } + + @Override + public boolean getBasicConfigurationBoolean(final String key, final boolean defaultValue) { + return Boolean.parseBoolean(getBasicConfiguration(key, String.valueOf(defaultValue))); + + } + + @Override + public Map<String, String> getBasicConfigurationWithPrefix(final String prefix) { + return KeyValueUtils.getSubSetWithPrefix(config, prefix); + + } + + @Override + public ISPConfiguration getServiceProviderConfiguration(final String uniqueID) + throws EAAFConfigurationException { + return null; + } + + @Override + public <T> T getServiceProviderConfiguration(final String spIdentifier, final Class<T> decorator) + throws EAAFConfigurationException { + return null; + } + + @Override + public URI getConfigurationRootDirectory() { + return new java.io.File(".").toURI(); + + } + + @Override + public String validateIDPURL(final URL authReqUrl) throws EAAFException { + return null; + } + + public void putConfigValue(final String key, final String value) { + config.put(key, value); + } + + public void removeConfigValue(final String key) { + config.remove(key); + + } + + +} diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/config1.properties b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/config1.properties new file mode 100644 index 000000000..18bd21df1 --- /dev/null +++ b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/config1.properties @@ -0,0 +1,6 @@ +modules.dummyauth.enabled=true +modules.dummyauth.identity.store.path=src/test/resources/config/idlstore/ +modules.dummyauth.sp.1=aaabbccddeeffgg +modules.dummyauth.sp.2=yyasdfasfsa2323 +modules.dummyauth.sp.3= +modules.dummyauth.sp.4=435344534egewgegf diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/config2.properties b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/config2.properties new file mode 100644 index 000000000..d38ba692b --- /dev/null +++ b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/config2.properties @@ -0,0 +1,5 @@ +modules.dummyauth.enabled=false +modules.dummyauth.identity.store.path=notexit +modules.dummyauth.sp.1=aaabbccddeeffgg +modules.dummyauth.sp.2=yyasdfasfsa2323 +modules.dummyauth.sp.3=435344534egewgegf diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_1.json b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_1.json new file mode 100644 index 000000000..4d927b7ad --- /dev/null +++ b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_1.json @@ -0,0 +1,6 @@ +{ + "urn:oid:2.5.4.42": "Max", + "urn:oid:1.2.40.0.10.2.1.1.261.20": "Mustermann", + "urn:oid:1.2.40.0.10.2.1.1.55": "1940-01-01", + "urn:oid:1.2.40.0.10.2.1.1.149": "GH:aaabbccddeeffgg" +}
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_2.json b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_2.json new file mode 100644 index 000000000..1cffdd696 --- /dev/null +++ b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_2.json @@ -0,0 +1,6 @@ +{ + "urn:oid:2.5.4.42": "Susi", + "urn:oid:1.2.40.0.10.2.1.1.261.20": "Musterfrau", + "urn:oid:1.2.40.0.10.2.1.1.55": "1950-02-02", + "urn:oid:1.2.40.0.10.2.1.1.149": "GH:zzyyxx99887dd" +} diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_invalid_json_1.json b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_invalid_json_1.json new file mode 100644 index 000000000..ec1a4ba49 --- /dev/null +++ b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_invalid_json_1.json @@ -0,0 +1,6 @@ +{ + "urn:oid:2.5.4.42": "Max" + "urn:oid:1.2.40.0.10.2.1.1.261.20": "Mustermann", + "urn:oid:1.2.40.0.10.2.1.1.55": "1940-01-01", + "urn:oid:1.2.40.0.10.2.1.1.149": "GH:aaabbccddeeffgg" +} diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_invalid_json_2.json b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_invalid_json_2.json new file mode 100644 index 000000000..71c2f654e --- /dev/null +++ b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_invalid_json_2.json @@ -0,0 +1,7 @@ +{ + "urn:oid:2.5.4.42": { + "urn:oid:1.2.40.0.10.2.1.1.261.20": "Mustermann" + }, + "urn:oid:1.2.40.0.10.2.1.1.55": "1940-01-01", + "urn:oid:1.2.40.0.10.2.1.1.149": "GH:aaabbccddeeffgg" +} diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_invalid_json_3.json b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_invalid_json_3.json new file mode 100644 index 000000000..29a245ca4 --- /dev/null +++ b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_invalid_json_3.json @@ -0,0 +1,8 @@ +{ + "urn:oid:2.5.4.42": { + "urn:oid:1.2.40.0.10.2.1.1.261.20": "Mustermann" + }, + "urn:oid:1.2.40.0.10.2.1.1.261.20": "Mustermann", + "urn:oid:1.2.40.0.10.2.1.1.55": "1940-01-01", + "urn:oid:1.2.40.0.10.2.1.1.149": "GH:aaabbccddeeffgg" +} diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_missing_attr.json b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_missing_attr.json new file mode 100644 index 000000000..2f241c291 --- /dev/null +++ b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_missing_attr.json @@ -0,0 +1,5 @@ +{ + "urn:oid:2.5.4.42": "Max", + "urn:oid:1.2.40.0.10.2.1.1.55": "1940-01-01", + "urn:oid:1.2.40.0.10.2.1.1.149": "GH:aaabbccddeeffgg" +} diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_wrong_extension.txt b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_wrong_extension.txt new file mode 100644 index 000000000..4d927b7ad --- /dev/null +++ b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_wrong_extension.txt @@ -0,0 +1,6 @@ +{ + "urn:oid:2.5.4.42": "Max", + "urn:oid:1.2.40.0.10.2.1.1.261.20": "Mustermann", + "urn:oid:1.2.40.0.10.2.1.1.55": "1940-01-01", + "urn:oid:1.2.40.0.10.2.1.1.149": "GH:aaabbccddeeffgg" +}
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/resources/test_dummy_identity_auth.beans.xml b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/test_dummy_identity_auth.beans.xml new file mode 100644 index 000000000..cca27822e --- /dev/null +++ b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/test_dummy_identity_auth.beans.xml @@ -0,0 +1,20 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:tx="http://www.springframework.org/schema/tx" + xmlns:aop="http://www.springframework.org/schema/aop" + xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + + <import resource="classpath:/SpringTest-context_authManager.xml" /> + <import resource="classpath:/moaid_dummy_identity_auth.beans.xml" /> + + <bean id="dummyConfig" class="at.gv.egovernment.moa.id.auth.modules.auth.dummy.test.dummy.DummyAuthConfigMap"> + <constructor-arg name="path" value="/config/config1.properties" /> + </bean> + + +</beans>
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/resources/test_dummy_identity_auth_lazy.beans.xml b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/test_dummy_identity_auth_lazy.beans.xml new file mode 100644 index 000000000..e818bd29c --- /dev/null +++ b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/test_dummy_identity_auth_lazy.beans.xml @@ -0,0 +1,27 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:tx="http://www.springframework.org/schema/tx" + xmlns:aop="http://www.springframework.org/schema/aop" + xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + + <import resource="classpath:/SpringTest-context_authManager.xml" /> + + <bean id="dummyConfig" class="at.gv.egovernment.moa.id.auth.modules.auth.dummy.test.dummy.DummyAuthConfigMap"> + <constructor-arg name="path" value="/config/config2.properties" /> + </bean> + + <beans default-lazy-init="true"> + <bean id="dummyIdentityAuthModule" class="at.gv.egovernment.moa.id.auth.modules.auth.dummy.DummyIdentityAuthModule"> + <property name="priority" value="4" /> + </bean> + + <bean id="dummyIdentityService" + class="at.gv.egovernment.moa.id.auth.modules.auth.dummy.service.DummyIdentityService" /> + </beans> + +</beans>
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-eIDAS/pom.xml b/id/server/modules/moa-id-module-eIDAS/pom.xml index 45fd97508..fc73206a7 100644 --- a/id/server/modules/moa-id-module-eIDAS/pom.xml +++ b/id/server/modules/moa-id-module-eIDAS/pom.xml @@ -3,7 +3,7 @@ <parent> <groupId>MOA.id.server.modules</groupId> <artifactId>moa-id-modules</artifactId> - <version>4.1.5</version> + <version>4.2.0</version> </parent> <artifactId>moa-id-module-eIDAS</artifactId> <name>MOA-ID eIDAS Module</name> @@ -237,14 +237,14 @@ <dependency> <groupId>org.bouncycastle</groupId> <artifactId>bcprov-jdk15on</artifactId> - <version>1.52</version> + <version>1.70</version> <!-- <scope>provided</scope> --> </dependency> <dependency> <groupId>com.ibm.icu</groupId> <artifactId>icu4j</artifactId> - <version>58.2</version> + <version>70.1</version> </dependency> diff --git a/id/server/modules/moa-id-module-ehvd_integration/pom.xml b/id/server/modules/moa-id-module-ehvd_integration/pom.xml new file mode 100644 index 000000000..15edb681e --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/pom.xml @@ -0,0 +1,145 @@ +<?xml version="1.0" encoding="UTF-8"?> +<project xmlns="http://maven.apache.org/POM/4.0.0" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> + <modelVersion>4.0.0</modelVersion> + <parent> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-modules</artifactId> + <version>4.2.0</version> + </parent> + <artifactId>moa-id-module-ehvd_integration</artifactId> + <version>${moa-id-ehvd_integration.version}</version> + <description>Module to integrate information from EHVD into MOA-ID response</description> + + <dependencies> + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-modul-citizencard_authentication</artifactId> + <exclusions> + <exclusion> + <groupId>*</groupId> + </exclusion> + </exclusions> + </dependency> + + <dependency> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-lib</artifactId> + <scope>provided</scope> + </dependency> + + <dependency> + <groupId>javax.servlet</groupId> + <artifactId>javax.servlet-api</artifactId> + <scope>provided</scope> + </dependency> + + <dependency> + <groupId>org.apache.cxf</groupId> + <artifactId>cxf-rt-frontend-jaxws</artifactId> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>org.apache.cxf</groupId> + <artifactId>cxf-rt-transports-http</artifactId> + <scope>provided</scope> + </dependency> + + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-test</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>at.gv.egiz.eaaf</groupId> + <artifactId>eaaf_core_utils</artifactId> + <scope>test</scope> + <type>test-jar</type> + </dependency> + <dependency> + <groupId>at.gv.egiz.eaaf</groupId> + <artifactId>eaaf-core</artifactId> + <scope>test</scope> + <type>test-jar</type> + </dependency> + <dependency> + <groupId>com.github.skjolber</groupId> + <artifactId>mockito-soap-cxf</artifactId> + <version>1.2.0</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.apache.cxf</groupId> + <artifactId>cxf-rt-transports-http-jetty</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.apache.cxf</groupId> + <artifactId>cxf-rt-rs-extension-providers</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.apache.tomcat</groupId> + <artifactId>tomcat-servlet-api</artifactId> + <version>9.0.56</version> + <scope>test</scope> + </dependency> + </dependencies> + + <build> + <plugins> + <plugin> + <groupId>org.apache.cxf</groupId> + <artifactId>cxf-codegen-plugin</artifactId> + <version>3.3.12</version> + <dependencies> + <dependency> + <groupId>xerces</groupId> + <artifactId>xercesImpl</artifactId> + <version>2.8.1</version> + </dependency> + <dependency> + <groupId>com.sun.xml.bind</groupId> + <artifactId>jaxb-impl</artifactId> + <version>2.2.5</version> + </dependency> + <dependency> + <groupId>com.sun.xml.bind</groupId> + <artifactId>jaxb-xjc</artifactId> + <version>2.2.5</version> + </dependency> + </dependencies> + <executions> + <execution> + <id>generate-sources</id> + <phase>generate-sources</phase> + <configuration> + <sourceRoot>${project.build.directory}/generated/cxf</sourceRoot> + <wsdlOptions> + <wsdlOption> + <wsdl>${basedir}/src/main/resources/wsdl/eHVD.wsdl</wsdl> + <packagenames> + <packagename>eHVD=at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl</packagename> + </packagenames> + <extraargs> + <extraarg>-verbose </extraarg> + </extraargs> + </wsdlOption> + </wsdlOptions> + </configuration> + <goals> + <goal>wsdl2java</goal> + </goals> + </execution> + </executions> + </plugin> + </plugins> + </build> + +</project> diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java new file mode 100644 index 000000000..6cb9c08e3 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java @@ -0,0 +1,61 @@ +/* + * Copyright 2021 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.ehvd; + +import at.gv.egiz.eaaf.core.api.data.EAAFConstants; + +public class ConfigurationProperties { + + // configuration properties + private static final String MODULE_PREFIX = "modules.ehvd."; + + public static final String PROP_MODULE_ENABLED = MODULE_PREFIX + "enabled"; + public static final String PROP_MODULE_SP_PREFIX = MODULE_PREFIX + "sp"; + + public static final String PROP_MODULE_SERVICE_TARGET = MODULE_PREFIX + "service.bpk.target"; + public static final String PROP_MODULE_SERVICE_ENDPOINT = MODULE_PREFIX + "service.url"; + public static final String PROP_MODULE_EHVD_ROLE_REGEX = MODULE_PREFIX + "service.role.regex"; + public static final String PROP_MODULE_EHVD_OTHERID_PREFIX = MODULE_PREFIX + "service.otherid.prefix"; + + public static final String PROP_MODULE_PVP_ROLE = MODULE_PREFIX + "role.pvp"; + + public static final String PROP_MODULE_PROXY_SOCKS_PORT = MODULE_PREFIX + "proxy.socks.port"; + + public static final String DEFAULT_EHVD_SERVICE_TARGET = EAAFConstants.URN_PREFIX_CDID + "GH"; + + + //TODO: define custom EHVD SAML2 attributes + public static final String ATTRIBUTE_URN_EHVD_PREFIX = "urn:brzgvat:attributes.ehvd."; + public static final String ATTRIBUTE_URN_EHVD_TITLE = ATTRIBUTE_URN_EHVD_PREFIX + "title"; + public static final String ATTRIBUTE_URN_EHVD_FIRSTNAME = ATTRIBUTE_URN_EHVD_PREFIX + "firstname"; + public static final String ATTRIBUTE_URN_EHVD_SURNAME = ATTRIBUTE_URN_EHVD_PREFIX + "surname"; + public static final String ATTRIBUTE_URN_EHVD_ZIPCODE = ATTRIBUTE_URN_EHVD_PREFIX + "zip"; + public static final String ATTRIBUTE_URN_EHVD_STATE = ATTRIBUTE_URN_EHVD_PREFIX + "state"; + public static final String ATTRIBUTE_URN_EHVD_ID = ATTRIBUTE_URN_EHVD_PREFIX + "id"; + public static final String ATTRIBUTE_URN_EHVD_OTHERID = ATTRIBUTE_URN_EHVD_PREFIX + "otherid"; + + + private ConfigurationProperties() { + // hide constructor or static class + } +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthModule.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthModule.java new file mode 100644 index 000000000..d087b9fe2 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthModule.java @@ -0,0 +1,147 @@ +/* + * Copyright 2021 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.ehvd; + +import java.util.Collection; +import java.util.Collections; +import java.util.stream.Collectors; + +import javax.annotation.PostConstruct; + +import org.apache.commons.lang3.StringUtils; +import org.springframework.beans.factory.annotation.Autowired; + +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; +import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; +import at.gv.egovernment.moa.id.auth.modules.internal.DefaultCitizenCardAuthModuleImpl; +import at.gv.egovernment.moa.logging.Logger; + +/** + * @author tlenz + * + */ +public class EhvdServiceAuthModule extends DefaultCitizenCardAuthModuleImpl { + + private int priority = 2; + + @Autowired(required = true) + protected IConfigurationWithSP authConfig; + + private Collection<String> uniqueIDsEnabled; + + /* + * (non-Javadoc) + * + * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getPriority() + */ + @Override + public int getPriority() { + return priority; + + } + + /** + * Sets the priority of this module. Default value is {@code 0}. + * + * @param priority The priority. + */ + public void setPriority(int priority) { + this.priority = priority; + + } + + @PostConstruct + private void initialDummyAuthWhiteList() { + if (authConfig.getBasicConfigurationBoolean(ConfigurationProperties.PROP_MODULE_ENABLED, false)) { + Logger.info("AuthModule for 'EHVD injection' is enabled"); + + // load allowed service-provider Id's + uniqueIDsEnabled = authConfig.getBasicConfigurationWithPrefix( + ConfigurationProperties.PROP_MODULE_SP_PREFIX).values().stream() + .filter(el -> StringUtils.isNotEmpty(el)) + .collect(Collectors.toSet()); + + if (!uniqueIDsEnabled.isEmpty()) { + Logger.info("EHVD communication is enabled for ...."); + uniqueIDsEnabled.forEach(el -> Logger.info(" EntityID: " + el)); + + } + + } else { + uniqueIDsEnabled = Collections.emptySet(); + Logger.info("AuthModule for 'EHVD injection' is disabled"); + + } + + } + + /* + * (non-Javadoc) + * + * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv. + * egovernment.moa.id.process.api.ExecutionContext) + */ + @Override + public String selectProcess(ExecutionContext context, IRequest pendingReq) { + + if (authConfig.getBasicConfigurationBoolean(ConfigurationProperties.PROP_MODULE_ENABLED, false)) { + final String spEntityID = pendingReq.getServiceProviderConfiguration().getUniqueIdentifier(); + Logger.trace("Checking EHVD communication for SP: " + spEntityID + " ...."); + final boolean ccAuthRequested = StringUtils.isNotEmpty(super.selectProcess(context, pendingReq)); + if (uniqueIDsEnabled.contains(spEntityID) && ccAuthRequested) { + Logger.debug("EHVD communication is allowed for SP: " + spEntityID); + return "DefaultAuthenticationWithEHVDInteraction"; + + } else { + if (Logger.isDebugEnabled()) { + if (ccAuthRequested) { + Logger.debug("Unique SP-Id: " + spEntityID + " is not in whitelist for EHVD communication."); + + } else { + Logger.trace("No CititzenCard authentication requested. EHVD communication skipped too"); + + } + } + } + + } else { + Logger.trace("'EHVD injection' authentication is disabled"); + + } + + return null; + + } + + /* + * (non-Javadoc) + * + * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getProcessDefinitions() + */ + @Override + public String[] getProcessDefinitions() { + return new String[] { "classpath:/DefaultAuth_with_ehvd_interaction.process.xml" }; + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthSpringResourceProvider.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthSpringResourceProvider.java new file mode 100644 index 000000000..589a316fe --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthSpringResourceProvider.java @@ -0,0 +1,71 @@ +/* + * Copyright 2021 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.ehvd; + +import org.springframework.core.io.ClassPathResource; +import org.springframework.core.io.Resource; + +import at.gv.egiz.components.spring.api.SpringResourceProvider; + +/** + * @author tlenz + * + */ +public class EhvdServiceAuthSpringResourceProvider implements SpringResourceProvider { + + /* + * (non-Javadoc) + * + * @see + * at.gv.egiz.components.spring.api.SpringResourceProvider#getResourcesToLoad() + */ + @Override + public Resource[] getResourcesToLoad() { + final ClassPathResource authConfig = new ClassPathResource("/moaid_ehvd_service_auth.beans.xml", + EhvdServiceAuthSpringResourceProvider.class); + return new Resource[] { authConfig }; + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egiz.components.spring.api.SpringResourceProvider#getPackagesToScan() + */ + @Override + public String[] getPackagesToScan() { + // TODO Auto-generated method stub + return null; + } + + /* + * (non-Javadoc) + * + * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getName() + */ + @Override + public String getName() { + return "Module for 'Dummy Authentication'"; + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/AbstractEhvdAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/AbstractEhvdAttributeBuilder.java new file mode 100644 index 000000000..af413ffc3 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/AbstractEhvdAttributeBuilder.java @@ -0,0 +1,51 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes; + +import org.apache.commons.lang3.StringUtils; + +import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; +import at.gv.egiz.eaaf.core.api.idp.IAuthData; +import at.gv.egiz.eaaf.core.api.idp.IPVPAttributeBuilder; +import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration; +import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; +import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; +import at.gv.egovernment.moa.logging.Logger; + +public abstract class AbstractEhvdAttributeBuilder implements IPVPAttributeBuilder { + + @Override + public <ATT> ATT build(ISPConfiguration spConfig, IAuthData authData, IAttributeGenerator<ATT> g) + throws AttributeBuilderException { + try { + GdaDescriptor fullGdaInfo = + authData.getGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, GdaDescriptor.class); + + if (fullGdaInfo != null) { + String attrValue = generateAttributeValue(fullGdaInfo); + Logger.debug(StringUtils.isEmpty(attrValue) ? "Skip" : "Build" + + "attribute: " + getName()); + return g.buildStringAttribute(getName(), getName(), + StringUtils.isNotEmpty(attrValue) ? attrValue : null); + + } else { + Logger.trace("Skipping attr: " + getName() + " because no GDA info available"); + return null; + + } + + } catch (ClassCastException e) { + Logger.trace("Skipping attr: " + getName() + " because no GDA info available"); + return null; + + } + } + + @Override + public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) { + return g.buildEmptyAttribute(getName(), getName()); + + } + + protected abstract String generateAttributeValue(GdaDescriptor fullGdaInfo); + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdAddressStateAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdAddressStateAttributeBuilder.java new file mode 100644 index 000000000..7056c3099 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdAddressStateAttributeBuilder.java @@ -0,0 +1,28 @@ +//package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes; +// +//import java.util.stream.Collectors; +// +//import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; +// +//@PVPMETADATA +//public class EhvdAddressStateAttributeBuilder extends AbstractEhvdAttributeBuilder { +// +// private static final String ATTR_VALUE_DELIMITER = "|"; +// +// @Override +// public String getName() { +// return ConfigurationProperties.ATTRIBUTE_URN_EHVD_STATE; +// +// } +// +// @Override +// protected String generateAttributeValue(GdaDescriptor fullGdaInfo) { +// return fullGdaInfo.getAddress().stream() +// .map(el -> el.getState() != null ? el.getState() : "") +// .collect(Collectors.joining(ATTR_VALUE_DELIMITER)); +// +// } +// +//} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdAddressZipcodeAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdAddressZipcodeAttributeBuilder.java new file mode 100644 index 000000000..98a0567f2 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdAddressZipcodeAttributeBuilder.java @@ -0,0 +1,28 @@ +//package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes; +// +//import java.util.stream.Collectors; +// +//import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; +// +//@PVPMETADATA +//public class EhvdAddressZipcodeAttributeBuilder extends AbstractEhvdAttributeBuilder { +// +// private static final String ATTR_VALUE_DELIMITER = "|"; +// +// @Override +// public String getName() { +// return ConfigurationProperties.ATTRIBUTE_URN_EHVD_ZIPCODE; +// +// } +// +// @Override +// protected String generateAttributeValue(GdaDescriptor fullGdaInfo) { +// return fullGdaInfo.getAddress().stream() +// .map(el -> el.getZip() != null ? el.getZip() : "") +// .collect(Collectors.joining(ATTR_VALUE_DELIMITER)); +// +// } +// +//} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdFirstnameAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdFirstnameAttributeBuilder.java new file mode 100644 index 000000000..1bb923cf4 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdFirstnameAttributeBuilder.java @@ -0,0 +1,22 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes; + +import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA; +import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; + +@PVPMETADATA +public class EhvdFirstnameAttributeBuilder extends AbstractEhvdAttributeBuilder { + + @Override + public String getName() { + return ConfigurationProperties.ATTRIBUTE_URN_EHVD_FIRSTNAME; + + } + + @Override + protected String generateAttributeValue(GdaDescriptor fullGdaInfo) { + return fullGdaInfo.getFirstname(); + + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdIdAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdIdAttributeBuilder.java new file mode 100644 index 000000000..918b02c2e --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdIdAttributeBuilder.java @@ -0,0 +1,22 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes; + +import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA; +import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; + +@PVPMETADATA +public class EhvdIdAttributeBuilder extends AbstractEhvdAttributeBuilder { + + @Override + public String getName() { + return ConfigurationProperties.ATTRIBUTE_URN_EHVD_ID; + + } + + @Override + protected String generateAttributeValue(GdaDescriptor fullGdaInfo) { + return fullGdaInfo.getId() != null ? fullGdaInfo.getId().getId() : null; + + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdOtherIdAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdOtherIdAttributeBuilder.java new file mode 100644 index 000000000..2d0e20c9c --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdOtherIdAttributeBuilder.java @@ -0,0 +1,54 @@ +//package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes; +// +//import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; +//import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +//import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; +//import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +//import at.gv.egovernment.moa.logging.Logger; +// +//@PVPMETADATA +//public class EhvdOtherIdAttributeBuilder extends AbstractEhvdAttributeBuilder { +// +// private static final String DEFAULT_ID_PREFIX = "1.2.40.0.34.4.18:"; +// +// private String idPrefix; +// +// public EhvdOtherIdAttributeBuilder() { +// try { +// AuthConfiguration config = AuthConfigurationProviderFactory.getInstance(); +// if (config != null) { +// idPrefix = config.getBasicConfiguration( +// ConfigurationProperties.PROP_MODULE_EHVD_OTHERID_PREFIX, DEFAULT_ID_PREFIX); +// +// } else { +// idPrefix = DEFAULT_ID_PREFIX; +// +// } +// } catch (ConfigurationException e) { +// idPrefix = DEFAULT_ID_PREFIX; +// +// } +// +// Logger.info(" Set-up " + getName() + " with otherId prefix: " + idPrefix); +// +// } +// +// @Override +// public String getName() { +// return ConfigurationProperties.ATTRIBUTE_URN_EHVD_OTHERID; +// +// } +// +// @Override +// protected String generateAttributeValue(GdaDescriptor fullGdaInfo) { +// return fullGdaInfo.getOtherID().stream() +// .filter(el -> el.startsWith(idPrefix)) +// .findFirst() +// .map(el -> el.substring(idPrefix.length())) +// .orElse(null); +// +// } +// +//} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdSurnameAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdSurnameAttributeBuilder.java new file mode 100644 index 000000000..db8de397b --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdSurnameAttributeBuilder.java @@ -0,0 +1,22 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes; + +import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA; +import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; + +@PVPMETADATA +public class EhvdSurnameAttributeBuilder extends AbstractEhvdAttributeBuilder { + + @Override + public String getName() { + return ConfigurationProperties.ATTRIBUTE_URN_EHVD_SURNAME; + + } + + @Override + protected String generateAttributeValue(GdaDescriptor fullGdaInfo) { + return fullGdaInfo.getSurname(); + + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdTitelAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdTitelAttributeBuilder.java new file mode 100644 index 000000000..c978d4dd2 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdTitelAttributeBuilder.java @@ -0,0 +1,22 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes; + +import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA; +import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; + +@PVPMETADATA +public class EhvdTitelAttributeBuilder extends AbstractEhvdAttributeBuilder { + + @Override + public String getName() { + return ConfigurationProperties.ATTRIBUTE_URN_EHVD_TITLE; + + } + + @Override + protected String generateAttributeValue(GdaDescriptor fullGdaInfo) { + return fullGdaInfo.getTitle(); + + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/PvpRoleAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/PvpRoleAttributeBuilder.java new file mode 100644 index 000000000..a79aa86dd --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/PvpRoleAttributeBuilder.java @@ -0,0 +1,57 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes; + +import java.util.stream.Collectors; + +import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; +import at.gv.egiz.eaaf.core.api.idp.IAuthData; +import at.gv.egiz.eaaf.core.api.idp.IPVPAttributeBuilder; +import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration; +import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; +import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA; +import at.gv.egovernment.moa.id.data.IMOAAuthData; +import at.gv.egovernment.moa.logging.Logger; + +@PVPMETADATA +public class PvpRoleAttributeBuilder implements IPVPAttributeBuilder { + + private static final String ROLE_NAME_DELIMITER = ";"; + + @Override + public <ATT> ATT build(ISPConfiguration oaParam, IAuthData authData, + IAttributeGenerator<ATT> g) throws AttributeBuilderException { + if (authData instanceof IMOAAuthData) { + final IMOAAuthData moaAuthData = (IMOAAuthData) authData; + if (moaAuthData.getAuthenticationRoles() != null + && !moaAuthData.getAuthenticationRoles().isEmpty()) { + return g.buildStringAttribute(ROLES_FRIENDLY_NAME, ROLES_NAME, + moaAuthData.getAuthenticationRoles().stream() + .map(el -> el.getRawRoleString()) + .collect(Collectors.joining(ROLE_NAME_DELIMITER))); + + } else { + Logger.trace("No PVP roles available. Skipping attribute: " + ROLES_FRIENDLY_NAME); + + } + + } else { + Logger.info("Attribute: " + ROLES_FRIENDLY_NAME + " is only available in MOA-ID context"); + + } + + return null; + + } + + @Override + public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) { + return g.buildEmptyAttribute(ROLES_FRIENDLY_NAME, ROLES_NAME); + + } + + @Override + public String getName() { + return ROLES_NAME; + + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/exception/EhvdException.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/exception/EhvdException.java new file mode 100644 index 000000000..f621d1bb4 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/exception/EhvdException.java @@ -0,0 +1,19 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.exception; + +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; + +public class EhvdException extends AuthenticationException { + + private static final long serialVersionUID = 380654627005502948L; + + public EhvdException(String messageId, Object[] parameters) { + super(messageId, parameters); + + } + + public EhvdException(String messageId, Object[] parameters, Throwable e) { + super(messageId, parameters, e); + + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java new file mode 100644 index 000000000..b165d05e2 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java @@ -0,0 +1,321 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.service; + +import java.net.URL; +import java.util.ArrayList; +import java.util.List; +import java.util.Map; +import java.util.Optional; +import java.util.Set; +import java.util.regex.Matcher; +import java.util.regex.Pattern; + +import javax.annotation.Nonnull; +import javax.annotation.PostConstruct; +import javax.xml.ws.BindingProvider; +import javax.xml.ws.handler.Handler; +import javax.xml.ws.soap.SOAPFaultException; + +import org.apache.commons.lang3.StringUtils; +import org.apache.cxf.endpoint.Client; +import org.apache.cxf.frontend.ClientProxy; +import org.apache.cxf.transport.http.HTTPConduit; +import org.apache.cxf.transports.http.configuration.ProxyServerType; +import org.springframework.beans.factory.annotation.Autowired; + +import com.google.common.collect.Sets; + +import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink; +import at.gv.egiz.eaaf.core.exceptions.EAAFBuilderException; +import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException; +import at.gv.egiz.eaaf.core.impl.data.Pair; +import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BPKBuilder; +import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.EHVD; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.EHVDService; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaIndexResponse; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GetGdaDescriptors; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.InstanceIdentifier; +import at.gv.egovernment.moa.id.auth.modules.ehvd.exception.EhvdException; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.util.LoggingHandler; + +/** + * Implement interaction with EHVD service to get GDA information. + * + * @author tlenz + * + */ +public class EhvdCommunicationService implements IEhvdCommunication { + + private static final String GDA_RESP_STATUS_ACTIVE = "Aktiv"; + + private static final String ERROR_EHVD_00 = "ehvd.00"; + private static final String ERROR_EHVD_01 = "ehvd.01"; + private static final String ERROR_EHVD_02 = "ehvd.02"; + private static final String ERROR_EHVD_03 = "ehvd.03"; + private static final String ERROR_EHVD_04 = "ehvd.04"; + private static final String ERROR_CONFIG_05 = "config.05"; + + private static final Set<String> SERVICE_ERRORS_LOG_INFO = Sets.newHashSet("6002"); + + @Autowired + IConfiguration config; + + private String ehvdBpkTarget; + + private EHVD ehvdClient; + private Pattern ehvdRolePattern; + + private List<String> ehvhPvpRoleList; + + /** + * Get user's GDA roles from EHVD Service. + * + * @param identityLink IdentityLink of the user + * @return {@link List} of Roles that are received from EHVD + * @throws AuthenticationException In case of an EHVD communication error + * @throws EAAFBuilderException In case of a bPK generation error + */ + @Override + @Nonnull + public EhvdResponseHolder getRoles(IIdentityLink identityLink) throws AuthenticationException, + EAAFBuilderException { + + // get bPK for EHVD request + final Pair<String, String> ehvdBpk = BPKBuilder.generateAreaSpecificPersonIdentifier( + identityLink.getIdentificationValue(), + identityLink.getIdentificationType(), + ehvdBpkTarget); + + // request EHVD and handle errors + final GdaIndexResponse gdaResp = requestingGda(ehvdBpk.getFirst()); + + // parse roles from response + return EhvdResponseHolder.getInstance(gdaResp.getGda(), parseGdaResponse(gdaResp)); + + } + + @Nonnull + private GdaIndexResponse requestingGda(String bpk) throws EhvdException { + try { + final GetGdaDescriptors gdaReq = buildGdaRequest(bpk); + Logger.debug("Requesting EHVD to get GDA status ... "); + final GdaIndexResponse gdaResp = ehvdClient.getGDA(gdaReq); + Logger.debug("Receive GDA status. Starting response validation ... "); + return gdaResp; + + } catch (final SOAPFaultException e) { + throw handleSoapFaultError(e); + + } catch (final Exception e) { + Logger.error("EHVD communication failed with generic error: " + e.getMessage(), e); + throw new EhvdException(ERROR_EHVD_01, new Object[] {}, e); + + } + + } + + private EhvdException handleSoapFaultError(SOAPFaultException e) { + // extract reason for this error + final String errorMsg = e.getFault() != null + ? StringUtils.isNotEmpty(e.getFault().getFaultString()) ? e.getFault().getFaultString() + : e.getMessage() + : e.getMessage(); + + if (SERVICE_ERRORS_LOG_INFO.stream() + .filter(el -> errorMsg.contains(el)) + .findFirst() + .isPresent()) { + Logger.info("EHVD communication failed with SOAP response: " + errorMsg); + return new EhvdException(ERROR_EHVD_03, new Object[] { errorMsg }); + + } else { + Logger.warn("EHVD communication failed with SOAP response: " + errorMsg, e); + return new EhvdException(ERROR_EHVD_02, new Object[] { errorMsg }); + + } + + + + } + + private List<String> parseGdaResponse(GdaIndexResponse ehvdResp) throws EhvdException { + if (ehvdResp.getGda() != null) { + final GdaDescriptor gdaInfo = ehvdResp.getGda(); + if (GDA_RESP_STATUS_ACTIVE.equals(gdaInfo.getStatus().getEhvdstatus())) { + Logger.debug("Find #" + gdaInfo.getRoles().getRole().size() + " roles"); + + // match roles with regex from configuration + final Optional<String> validGdaRole = gdaInfo.getRoles().getRole().stream() + .filter(el -> matchGdaRole(el)) + .findFirst(); + + if (validGdaRole.isPresent()) { + Logger.info("Find valid GDA role: " + validGdaRole.get() + " Set PVP Role: " + + StringUtils.join(ehvhPvpRoleList, ",") + " into Session"); + + // set role into response + return ehvhPvpRoleList; + + } else { + Logger.info("No valid GDA role in EHVD response"); + throw new EhvdException(ERROR_EHVD_04, null); + + } + + } else { + Logger.info("GDA is marked as 'inactive'. Stopping process with an error ... "); + throw new EhvdException(ERROR_EHVD_00, null); + + } + + } else { + Logger.info("Receive empty GDA response"); + throw new EhvdException(ERROR_EHVD_03, new Object[] {}); + + } + } + + private boolean matchGdaRole(String role) { + final Matcher matcher = ehvdRolePattern.matcher(role); + final boolean matches = matcher.matches(); + Logger.trace(matches ? "EHVD role: " + role + " matches" + : "EHVD role: " + role + " does not matche to pattern: " + matcher.toString()); + return matches; + + } + + private GetGdaDescriptors buildGdaRequest(String bPK) { + final GetGdaDescriptors req = new GetGdaDescriptors(); + final InstanceIdentifier gdaIdentifier = new InstanceIdentifier(); + gdaIdentifier.setOidIssuingAuthority(PVPAttributeDefinitions.BPK_OID); + gdaIdentifier.setId(bPK); + req.setHcIdentifier(gdaIdentifier); + return req; + + } + + @PostConstruct + private void initialize() throws EAAFConfigurationException { + if (config.getBasicConfigurationBoolean(ConfigurationProperties.PROP_MODULE_ENABLED, false)) { + initializeEhvdClient(); + + // load EHVD bPK target + ehvdBpkTarget = config.getBasicConfiguration( + ConfigurationProperties.PROP_MODULE_SERVICE_TARGET, + ConfigurationProperties.DEFAULT_EHVD_SERVICE_TARGET); + Logger.info("Set-up EHVD Client with bPK target: " + ehvdBpkTarget); + + // load Regex to match EHVD Roles to PVP Roles + final String ehvdRoleRegex = config.getBasicConfiguration( + ConfigurationProperties.PROP_MODULE_EHVD_ROLE_REGEX); + checkConfigPropertyNotNull(ehvdRoleRegex, ConfigurationProperties.PROP_MODULE_EHVD_ROLE_REGEX); + ehvdRolePattern = Pattern.compile(ehvdRoleRegex); + + Logger.info("Set-up EHVD Client with Role regex: " + ehvdRolePattern.toString()); + + // load PVP Roles for EHVD integration + final String ehvdPvpRole = config.getBasicConfiguration( + ConfigurationProperties.PROP_MODULE_PVP_ROLE); + checkConfigPropertyNotNull(ehvdPvpRole, ConfigurationProperties.PROP_MODULE_PVP_ROLE); + ehvhPvpRoleList = KeyValueUtils.getListOfCSVValues(ehvdPvpRole); + Logger.info("Set-up EHVD module with PVP Role: " + StringUtils.join(ehvhPvpRoleList, ",")); + + } else { + Logger.info("Skipping EHVD client because it's not active"); + + } + } + + private void checkConfigPropertyNotNull(String valueToCheck, String configPropName) + throws EAAFConfigurationException { + if (StringUtils.isEmpty(valueToCheck)) { + Logger.error("Missing configuration for EHVD module. " + + "(Property: " + configPropName + ")"); + throw new EAAFConfigurationException(ERROR_CONFIG_05, + new Object[] { configPropName }); + + } + + } + + private void initializeEhvdClient() throws EAAFConfigurationException { + Logger.debug("Initializing EHVD client ... "); + final URL url = EhvdCommunicationService.class.getResource("/wsdl/eHVD.wsdl"); + final EHVDService service = new EHVDService(url); + ehvdClient = service.getEHVDPort12(); + + // load service end-point URL from configuration + final String ehvdEndpointUrl = config.getBasicConfiguration( + ConfigurationProperties.PROP_MODULE_SERVICE_ENDPOINT); + if (StringUtils.isEmpty(ehvdEndpointUrl)) { + Logger.error("Missing configuration for EHVD WebService endpoint. " + + "(Property: " + ConfigurationProperties.PROP_MODULE_SERVICE_ENDPOINT + ")"); + throw new EAAFConfigurationException(ERROR_CONFIG_05, + new Object[] { ConfigurationProperties.PROP_MODULE_SERVICE_ENDPOINT }); + + } + + // inject service end-point URL + final Map<String, Object> requestContext = ((BindingProvider) ehvdClient).getRequestContext(); + requestContext.put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, ehvdEndpointUrl); + + // inject Logging handler + List<Handler> handlerList = ((BindingProvider) ehvdClient).getBinding().getHandlerChain(); + if (handlerList == null) { + handlerList = new ArrayList<>(); + + } + + handlerList.add(new LoggingHandler()); + ((BindingProvider) ehvdClient).getBinding().setHandlerChain(handlerList); + + Logger.info("Initialize EHVD Client with service end-point: " + ehvdEndpointUrl); + + // these code is only for local testing + final String socksPort = config.getBasicConfiguration( + ConfigurationProperties.PROP_MODULE_PROXY_SOCKS_PORT); + if (StringUtils.isNotEmpty(socksPort)) { + Logger.warn("Injecting SOCKS5 Proxy for service communication!"); + final Client client = ClientProxy.getClient(ehvdClient); + final HTTPConduit http = (HTTPConduit) client.getConduit(); + http.getClient().setProxyServerType(ProxyServerType.SOCKS); + http.getClient().setProxyServer("127.0.0.1"); + http.getClient().setProxyServerPort(Integer.valueOf(socksPort)); + + } + } + + public static class EhvdResponseHolder { + final List<String> roles; + final GdaDescriptor fullGdaResponse; + + + public static EhvdResponseHolder getInstance(GdaDescriptor gdaInfo, List<String> processedRoles) { + return new EhvdResponseHolder(gdaInfo, processedRoles); + + } + + private EhvdResponseHolder(GdaDescriptor gdaInfo, List<String> processedRoles) { + this.roles = processedRoles; + this.fullGdaResponse = gdaInfo; + + } + + public List<String> getRoles() { + return roles; + } + + public GdaDescriptor getFullGdaResponse() { + return fullGdaResponse; + } + + + + } +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/IEhvdCommunication.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/IEhvdCommunication.java new file mode 100644 index 000000000..6b7c7e2f5 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/IEhvdCommunication.java @@ -0,0 +1,20 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.service; + +import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink; +import at.gv.egiz.eaaf.core.exceptions.EAAFBuilderException; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.modules.ehvd.service.EhvdCommunicationService.EhvdResponseHolder; + +public interface IEhvdCommunication { + + /** + * Get user's GDA roles from EHVD Service. + * + * @param identityLink IdentityLink of the user + * @return {@link EhvdResponseHolder} that contains the Roles received from EHVD and the full GDA response + * @throws AuthenticationException In case of an EHVD communication error + * @throws EAAFBuilderException In case of a bPK generation error + */ + EhvdResponseHolder getRoles(IIdentityLink identityLink) throws AuthenticationException, EAAFBuilderException; + +}
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/task/InjectEhvdInformationTask.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/task/InjectEhvdInformationTask.java new file mode 100644 index 000000000..ee5dbb2fd --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/task/InjectEhvdInformationTask.java @@ -0,0 +1,109 @@ +/* + * Copyright 2021 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.ehvd.task; + +import java.util.List; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.lang3.StringUtils; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; + +import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; +import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; +import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +import at.gv.egovernment.moa.id.auth.modules.ehvd.service.EhvdCommunicationService.EhvdResponseHolder; +import at.gv.egovernment.moa.id.auth.modules.ehvd.service.IEhvdCommunication; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.logging.Logger; + +/** + * @author tlenz + * + */ +@Component("InjectEhvdInformationTask") +public class InjectEhvdInformationTask extends AbstractAuthServletTask { + + @Autowired + IEhvdCommunication ehvdService; + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask#execute(at.gv. + * egovernment.moa.id.process.api.ExecutionContext, + * javax.servlet.http.HttpServletRequest, + * javax.servlet.http.HttpServletResponse) + */ + @Override + public void execute(ExecutionContext executionContext, HttpServletRequest request, + HttpServletResponse response) + throws TaskExecutionException { + try { + final AuthenticationSessionWrapper session = pendingReq.getSessionData( + AuthenticationSessionWrapper.class); + + // validate internal state + validateInternalState(session); + + // requesting roles from EHVD + final EhvdResponseHolder ehvdResponse = ehvdService.getRoles(session.getIdentityLink()); + + // inject EHVD roles + session.setGenericDataToSession(PVPAttributeDefinitions.ROLES_NAME, + StringUtils.join(ehvdResponse.getRoles(), ";")); + + // inject full EHVD response + session.setGenericDataToSession(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, + ehvdResponse.getFullGdaResponse()); + + // store MOASession into database + requestStoreage.storePendingRequest(pendingReq); + + } catch (final MOAIDException e) { + throw new TaskExecutionException(pendingReq, e.getMessage(), e); + + } catch (final Exception e) { + throw new TaskExecutionException(pendingReq, e.getMessage(), e); + + } + } + + private void validateInternalState(AuthenticationSessionWrapper session) throws AuthenticationException { + // check if identityLink is available + if (session.getIdentityLink() == null) { + Logger.error("No IdentityLink in session. There is an internal error in process definition"); + throw new AuthenticationException("process.04", null); + + } + + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/DefaultAuth_with_ehvd_interaction.process.xml b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/DefaultAuth_with_ehvd_interaction.process.xml new file mode 100644 index 000000000..2ff0d552f --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/DefaultAuth_with_ehvd_interaction.process.xml @@ -0,0 +1,32 @@ +<?xml version="1.0" encoding="UTF-8"?> +<pd:ProcessDefinition id="DefaultAuthenticationWithEHVDInteraction" xmlns:pd="http://reference.e-government.gv.at/namespace/moa/process/definition/v1"> + + <!-- Tasks involved in this authentication flow --> + <pd:Task id="initializeBKUAuthentication" class="InitializeBKUAuthenticationTask" /> + <pd:Task id="createIdentityLinkForm" class="CreateIdentityLinkFormTask" /> + <pd:Task id="verifyIdentityLink" class="VerifyIdentityLinkTask" async="true" /> + <pd:Task id="prepareAuthBlockSignature" class="PrepareAuthBlockSignatureTask" /> + <pd:Task id="verifyAuthBlock" class="VerifyAuthenticationBlockTask" async="true" /> + + <pd:Task id="injectEhvdInformation" class="InjectEhvdInformationTask" /> + <pd:Task id="userRestrictionTask" class="UserRestrictionTask" /> + + <pd:Task id="finalizeAuthentication" class="FinalizeAuthenticationTask" /> + + + <!-- definition of the authentication flow --> + <pd:StartEvent id="start" /> + + <pd:Transition from="start" to="initializeBKUAuthentication" /> + <pd:Transition from="initializeBKUAuthentication" to="createIdentityLinkForm" /> + <pd:Transition from="createIdentityLinkForm" to="verifyIdentityLink" /> + <pd:Transition from="verifyIdentityLink" to="prepareAuthBlockSignature" /> + <pd:Transition from="prepareAuthBlockSignature" to="verifyAuthBlock" /> + <pd:Transition from="verifyAuthBlock" to="userRestrictionTask" /> + <pd:Transition from="userRestrictionTask" to="injectEhvdInformation" /> + <pd:Transition from="injectEhvdInformation" to="finalizeAuthentication" /> + <pd:Transition from="finalizeAuthentication" to="end" /> + + <pd:EndEvent id="end" /> + +</pd:ProcessDefinition> diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider new file mode 100644 index 000000000..6985f2b7d --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider @@ -0,0 +1 @@ +at.gv.egovernment.moa.id.auth.modules.ehvd.EhvdServiceAuthSpringResourceProvider
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder new file mode 100644 index 000000000..44f8d26cf --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder @@ -0,0 +1,5 @@ +at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.PvpRoleAttributeBuilder +at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder +at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdFirstnameAttributeBuilder +at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdSurnameAttributeBuilder +at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdIdAttributeBuilder diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/moaid_ehvd_service_auth.beans.xml b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/moaid_ehvd_service_auth.beans.xml new file mode 100644 index 000000000..4ef523ec8 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/moaid_ehvd_service_auth.beans.xml @@ -0,0 +1,23 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:tx="http://www.springframework.org/schema/tx" + xmlns:aop="http://www.springframework.org/schema/aop" + xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + + <bean id="ehvdServiceAuthModule" class="at.gv.egovernment.moa.id.auth.modules.ehvd.EhvdServiceAuthModule"> + <property name="priority" value="4" /> + </bean> + + <bean id="ehvdCommunicationService" + class="at.gv.egovernment.moa.id.auth.modules.ehvd.service.EhvdCommunicationService"/> + + <bean id="InjectEhvdInformationTask" + class="at.gv.egovernment.moa.id.auth.modules.ehvd.task.InjectEhvdInformationTask" + scope="prototype"/> + +</beans>
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/id_messages.properties b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/id_messages.properties new file mode 100644 index 000000000..b4a752a2d --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/id_messages.properties @@ -0,0 +1,7 @@ +ehvd.00=Für den abgefragtem GDA liegt keine Berechtigung vor +ehvd.01=Technischer Fehler bei der Abfrage von GDA Informationen. Ursache: {0} +ehvd.02=Fehler bei der Abfrage von GDA Informationen. Ursache: {0} +ehvd.03=Antwort des EHVD Service beinhaltet keine GDA Informationen +ehvd.04=Keine gültige EHVD Role gefunden + +ehvd.99=Allgemeiner Fehler bei der Abfrage des EHVD Service diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/protocol_response_statuscodes.properties b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/protocol_response_statuscodes.properties new file mode 100644 index 000000000..d3ba65c11 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/protocol_response_statuscodes.properties @@ -0,0 +1,9 @@ +test.01=aabbccdd +test.02=zzzyyyxxx + +ehvd.00=7000 +ehvd.01=7001 +ehvd.02=7001 +ehvd.03=7003 +ehvd.04=7002 +ehvd.99=7099
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/wsdl/eHVD.wsdl b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/wsdl/eHVD.wsdl new file mode 100644 index 000000000..a1138f068 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/wsdl/eHVD.wsdl @@ -0,0 +1,220 @@ +<?xml version="1.0" encoding="UTF-8"?><wsdl:definitions xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:tns="eHVD" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:mime="http://www.w3.org/2003/01/wsdl/mime" targetNamespace="eHVD"> + + <wsdl:documentation> + Service: eHVD + Version: 2 + Owner: BRZ + </wsdl:documentation> + + <wsdl:types> + <xs:schema xmlns:ehvd="eHVD" xmlns:jaxb="http://java.sun.com/xml/ns/jaxb" xmlns:xjc="http://java.sun.com/xml/ns/jaxb/xjc" xmlns:xs="http://www.w3.org/2001/XMLSchema" jaxb:extensionBindingPrefixes="xjc" jaxb:version="2.0" elementFormDefault="qualified" targetNamespace="eHVD" version="1.0"> + <xs:annotation> + <xs:appinfo> + <jaxb:globalBindings> + <jaxb:serializable uid="1"/> + </jaxb:globalBindings> + </xs:appinfo> + </xs:annotation> + + <xs:complexType name="InstanceIdentifier"> + <xs:sequence> + <xs:element maxOccurs="1" minOccurs="0" name="oidIssuingAuthority" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="1" name="id" type="xs:string"/> + </xs:sequence> + </xs:complexType> + + <xs:complexType name="InstanceIdentifierSearch"> + <xs:sequence> + <xs:element maxOccurs="1" minOccurs="0" name="firstname" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="1" name="surname" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="0" name="rolecode" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="0" name="postcode" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="0" name="streetNumber" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="0" name="streetName" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="0" name="city" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="0" name="state" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="1" name="maxResults" type="xs:integer"/> + <xs:element maxOccurs="1" minOccurs="0" name="ehvdstatus" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="0" name="elgastatus" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="0" name="description" type="xs:string"/> + </xs:sequence> + </xs:complexType> + + <xs:complexType name="GDAStatus"> + <xs:sequence> + <xs:element maxOccurs="1" minOccurs="1" name="ehvdstatus" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="1" name="elgastatus" type="xs:string"/> + </xs:sequence> + </xs:complexType> + + <xs:complexType name="GDARoles"> + <xs:sequence> + <xs:element maxOccurs="unbounded" minOccurs="0" name="role" type="xs:string"/> + <xs:element maxOccurs="unbounded" minOccurs="0" name="elgaRole" type="xs:string"/> + <xs:element maxOccurs="unbounded" minOccurs="0" name="specialisation" type="xs:string"/> + </xs:sequence> + </xs:complexType> + + <xs:complexType name="GdaAddress"> + <xs:sequence> + <xs:element maxOccurs="1" minOccurs="0" name="streetNumber" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="0" name="streetName" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="0" name="city" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="0" name="state" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="0" name="zip" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="0" name="country" type="xs:string"/> + </xs:sequence> + </xs:complexType> + + <xs:complexType name="GDARelationship"> + <xs:sequence> + <xs:element maxOccurs="unbounded" minOccurs="0" name="memberof" type="xs:string"/> + <xs:element maxOccurs="unbounded" minOccurs="0" name="ownerof" type="xs:string"/> + </xs:sequence> + </xs:complexType> + + <xs:complexType name="GDADBTimestamps"> + <xs:sequence> + <xs:element maxOccurs="1" minOccurs="0" name="add" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="0" name="modify" type="xs:string"/> + </xs:sequence> + </xs:complexType> + + <xs:complexType name="GdaDescriptor"> + <xs:sequence> + <xs:element maxOccurs="1" minOccurs="1" name="id" type="ehvd:InstanceIdentifier"/> + <xs:element maxOccurs="unbounded" minOccurs="0" name="otherID" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="1" name="status" type="ehvd:GDAStatus"/> + <xs:element maxOccurs="1" minOccurs="0" name="firstname" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="1" name="surname" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="0" name="gender" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="0" name="title" type="xs:string"/> + <xs:element maxOccurs="unbounded" minOccurs="0" name="knownname" type="xs:string"/> + <xs:element maxOccurs="unbounded" minOccurs="0" name="address" type="ehvd:GdaAddress"/> + <xs:element maxOccurs="unbounded" minOccurs="1" name="description" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="1" name="roles" type="ehvd:GDARoles"/> + <xs:element maxOccurs="1" minOccurs="0" name="relations" type="ehvd:GDARelationship"/> + <xs:element maxOccurs="1" minOccurs="0" name="tel" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="0" name="fax" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="0" name="web" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="0" name="mail" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="1" name="timestamps" type="ehvd:GDADBTimestamps"/> + </xs:sequence> + </xs:complexType> + + <xs:element name="GetGdaSearch"> + <xs:complexType> + <xs:sequence> + <xs:element maxOccurs="1" minOccurs="1" name="hcIdentifierSearch" type="ehvd:InstanceIdentifierSearch"/> + </xs:sequence> + </xs:complexType> + </xs:element> + + <xs:element name="GetGdaDescriptors"> + <xs:complexType> + <xs:sequence> + <xs:element maxOccurs="1" minOccurs="1" name="hcIdentifier" type="ehvd:InstanceIdentifier"/> + </xs:sequence> + </xs:complexType> + </xs:element> + + <xs:element name="GdaIndexResponse"> + <xs:complexType> + <xs:sequence> + <xs:element maxOccurs="1" minOccurs="0" name="gda" type="ehvd:GdaDescriptor"/> + </xs:sequence> + </xs:complexType> + </xs:element> + + <xs:element name="GdaIndexResponseList"> + <xs:complexType> + <xs:sequence> + <xs:element maxOccurs="unbounded" minOccurs="0" name="gda" type="ehvd:GdaDescriptor"/> + </xs:sequence> + </xs:complexType> + </xs:element> + + </xs:schema> + </wsdl:types> + + <wsdl:message name="GetGdaDescriptors"> + <wsdl:part element="tns:GetGdaDescriptors" name="GetGdaDescriptors"> + </wsdl:part> + </wsdl:message> + + <wsdl:message name="GetGdaSearch"> + <wsdl:part element="tns:GetGdaSearch" name="GetGdaSearch"> + </wsdl:part> + </wsdl:message> + + + <wsdl:message name="GdaIndexResponse"> + <wsdl:part element="tns:GdaIndexResponse" name="GdaIndexResponse"> + </wsdl:part> + </wsdl:message> + + <wsdl:message name="GdaIndexResponseList"> + <wsdl:part element="tns:GdaIndexResponseList" name="GdaIndexResponseList"> + </wsdl:part> + </wsdl:message> + + <wsdl:portType name="eHVD"> + + <wsdl:documentation>eHVD Service Interfaces + </wsdl:documentation> + + <wsdl:operation name="GetGDA"> + <wsdl:input message="tns:GetGdaDescriptors" name="GetGdaDescriptors"> + </wsdl:input> + <wsdl:output message="tns:GdaIndexResponse" name="GdaIndexResponse"> + </wsdl:output> + </wsdl:operation> + + <wsdl:operation name="GdaSearch"> + <wsdl:input message="tns:GetGdaSearch" name="GetGdaSearch"> + </wsdl:input> + <wsdl:output message="tns:GdaIndexResponseList" name="GdaIndexResponseList"> + </wsdl:output> + </wsdl:operation> + + </wsdl:portType> + + <wsdl:binding name="eHVDSOAPBinding12" type="tns:eHVD"> + <wsdl:documentation>SOAP 1.2 Binding</wsdl:documentation> + + <soap12:binding transport="http://schemas.xmlsoap.org/soap/http" style="document"/> + + <wsdl:operation name="GetGDA"> + <soap12:operation soapAction="eHVD/GetGDA"/> + <wsdl:input name="GetGdaDescriptors"> + <mime:content type="application/soap+xml"/> + <soap12:body use="literal"/> + </wsdl:input> + <wsdl:output name="GdaIndexResponse"> + <soap12:body use="literal"/> + </wsdl:output> + </wsdl:operation> + + <wsdl:operation name="GdaSearch"> + <soap12:operation soapAction="eHVD/GdaSearch"/> + <wsdl:input name="GetGdaSearch"> + <mime:content type="application/soap+xml"/> + <soap12:body use="literal"/> + </wsdl:input> + <wsdl:output name="GdaIndexResponseList"> + <soap12:body use="literal"/> + </wsdl:output> + </wsdl:operation> + + </wsdl:binding> + + <wsdl:service name="eHVDService"> + <wsdl:documentation>eHVD Service</wsdl:documentation> + + <wsdl:port name="eHVDPort12" binding="tns:eHVDSOAPBinding12"> + <soap12:address location="https://ehvdws.gesundheit.gv.at"/> + </wsdl:port> + + </wsdl:service> + +</wsdl:definitions>
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/BeanCreationTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/BeanCreationTest.java new file mode 100644 index 000000000..91bf67b2d --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/BeanCreationTest.java @@ -0,0 +1,39 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.test; + +import static org.junit.Assert.assertNotNull; + +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.ApplicationContext; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + +import at.gv.egovernment.moa.id.auth.modules.ehvd.EhvdServiceAuthModule; +import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/test_ehvd_service_auth_lazy.beans.xml" }) +public class BeanCreationTest { + + @Autowired + DummyAuthConfigMap config; + @Autowired + ApplicationContext context; + + @Before + public void initialize() { + // re-set config + config.putConfigValue("modules.ehvd.enabled", String.valueOf(false)); + + } + + @Test + public void authModuleDeactivated() { + assertNotNull("AuthModule", context.getBean(EhvdServiceAuthModule.class)); + + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthModuleTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthModuleTest.java new file mode 100644 index 000000000..4a7c98803 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthModuleTest.java @@ -0,0 +1,101 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.test; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertNull; + +import java.util.Arrays; +import java.util.HashMap; +import java.util.Map; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + +import at.gv.egiz.eaaf.core.api.data.EAAFConfigConstants; +import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration; +import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; +import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration; +import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; +import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; +import at.gv.egovernment.moa.id.auth.modules.ehvd.EhvdServiceAuthModule; +import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/test_ehvd_service_auth.beans.xml" }) +public class EhvdServiceAuthModuleTest { + + @Autowired DummyAuthConfigMap config; + @Autowired EhvdServiceAuthModule module; + + private ExecutionContext context; + private TestRequestImpl pendingReq; + private Map<String, String> spConfigMap; + + @Before + public void initialize() { + context = new ExecutionContextImpl(); + + spConfigMap = new HashMap<>(); + spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphanumeric(10)); + + ISPConfiguration spConfig = new DummySPConfiguration(spConfigMap, config); + pendingReq = new TestRequestImpl(); + pendingReq.setSpConfig(spConfig); + + // re-set config + config.putConfigValue("modules.ehvd.enabled", String.valueOf(true)); + + context.put(MOAIDAuthConstants.PROCESSCONTEXT_PERFORM_BKUSELECTION, String.valueOf(false)); + context.put(MOAIDAuthConstants.PARAM_BKU, RandomStringUtils.randomAlphabetic(5)); + + } + + @Test + public void checkProcessDefinition() { + String[] def = module.getProcessDefinitions(); + + assertNotNull("no process definition", def); + Arrays.asList(def).stream().forEach( + el -> EhvdServiceAuthModuleTest.class.getResourceAsStream(el)); + + } + + @Test + public void bkuSelectionActiv() { + context.put(MOAIDAuthConstants.PROCESSCONTEXT_PERFORM_BKUSELECTION, String.valueOf(true)); + + assertNull("wrong authModule selected", module.selectProcess(context, pendingReq)); + + } + + @Test + public void deactivated() { + config.putConfigValue("modules.ehvd.enabled", String.valueOf(false)); + + assertNull("wrong authModule selected", module.selectProcess(context, pendingReq)); + + } + + @Test + public void unknownServiceProvider() { + assertNull("wrong authModule selected", module.selectProcess(context, pendingReq)); + + } + + @Test + public void allowedServiceProviderAndRequested() { + spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, "yyasdfasfsa2323"); + + assertEquals("wrong authmethod identifier", "DefaultAuthenticationWithEHVDInteraction", + module.selectProcess(context, pendingReq)); + + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthSpringResourceProviderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthSpringResourceProviderTest.java new file mode 100644 index 000000000..b584e8753 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthSpringResourceProviderTest.java @@ -0,0 +1,56 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.test; + +import java.io.IOException; +import java.io.InputStream; + +import org.apache.commons.io.IOUtils; +import org.junit.Assert; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.BlockJUnit4ClassRunner; +import org.springframework.core.io.Resource; + +import at.gv.egovernment.moa.id.auth.modules.ehvd.EhvdServiceAuthSpringResourceProvider; + + + +@RunWith(BlockJUnit4ClassRunner.class) +public class EhvdServiceAuthSpringResourceProviderTest { + + @Test + public void testSpringConfig() { + final EhvdServiceAuthSpringResourceProvider test = + new EhvdServiceAuthSpringResourceProvider(); + for (final Resource el : test.getResourcesToLoad()) { + try { + IOUtils.toByteArray(el.getInputStream()); + + } catch (final IOException e) { + Assert.fail("Ressouce: " + el.getFilename() + " not found"); + } + + } + + Assert.assertNotNull("no Name", test.getName()); + Assert.assertNull("Find package definitions", test.getPackagesToScan()); + + } + + @Test + public void testSpILoaderConfig() { + final InputStream el = this.getClass().getResourceAsStream( + "/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider"); + try { + final String spiFile = IOUtils.toString(el, "UTF-8"); + + Assert.assertEquals("Wrong classpath in SPI file", + EhvdServiceAuthSpringResourceProvider.class.getName(), spiFile); + + + } catch (final IOException e) { + Assert.fail("Ressouce: '/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider' not found"); + + } + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/AbstractEhvdAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/AbstractEhvdAttributeBuilderTest.java new file mode 100644 index 000000000..b1ac7d99a --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/AbstractEhvdAttributeBuilderTest.java @@ -0,0 +1,97 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertNull; + +import java.util.Collections; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Before; +import org.junit.Test; +import org.springframework.beans.factory.annotation.Autowired; + +import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder; +import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; +import at.gv.egiz.eaaf.core.api.idp.IAuthData; +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; +import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException; +import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData; +import at.gv.egiz.eaaf.core.impl.idp.builder.SimpleStringAttributeGenerator; +import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration; +import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PVPAttributeBuilder; +import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaAddress; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; + +public abstract class AbstractEhvdAttributeBuilderTest { + + @Autowired + protected IConfiguration basicConfig; + + protected DummySPConfiguration oaParam; + protected AuthenticationData authData; + protected IAttributeGenerator<String> g = new SimpleStringAttributeGenerator(); + + protected abstract String expectedAttrName(); + protected abstract IAttributeBuilder getAttributeBuilderUnderTest(); + + protected GdaAddress generateAddress(String zip, String state) { + GdaAddress addr = new GdaAddress(); + addr.setZip(zip); + addr.setState(state); + return addr; + + } + + @Before + public void initialize() { + oaParam = new DummySPConfiguration(Collections.emptyMap(), basicConfig); + authData = new AuthenticationData(); + + } + + @Test + public void checkAttributeRegistration() { + assertNotNull("Attribute: " + expectedAttrName() + " not registrated", + PVPAttributeBuilder.getAttributeBuilder(expectedAttrName())); + + } + + @Test + public void checkName() { + assertEquals("wrong attr. name", expectedAttrName(), getAttributeBuilderUnderTest().getName()); + + } + + @Test + public void checkEmptyAttribute() { + assertNull("wrong empty attr.", getAttributeBuilderUnderTest().buildEmpty(g)); + + } + + @Test + public void noGdaInfos() throws AttributeBuilderException { + IAuthData authData = new AuthenticationData(); + assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g)); + + } + + @Test + public void wrongGdaInfos() throws AttributeBuilderException, EAAFStorageException { + AuthenticationData authData = new AuthenticationData(); + authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, RandomStringUtils.randomAlphabetic(10)); + assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g)); + + } + + @Test + public void emptyGdaInfos() throws AttributeBuilderException, EAAFStorageException { + AuthenticationData authData = new AuthenticationData(); + authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, new GdaDescriptor()); + assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g)); + + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdAddressStateAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdAddressStateAttributeBuilderTest.java new file mode 100644 index 000000000..d342d331b --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdAddressStateAttributeBuilderTest.java @@ -0,0 +1,106 @@ +//package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes; +// +//import static org.junit.Assert.assertEquals; +//import static org.junit.Assert.assertNull; +// +//import org.apache.commons.lang3.RandomStringUtils; +//import org.junit.Test; +//import org.junit.runner.RunWith; +//import org.springframework.test.context.ContextConfiguration; +//import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +// +//import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder; +//import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; +//import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdAddressStateAttributeBuilder; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdAddressZipcodeAttributeBuilder; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdFirstnameAttributeBuilder; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdOtherIdAttributeBuilder; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdSurnameAttributeBuilder; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaAddress; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.InstanceIdentifier; +// +//@RunWith(SpringJUnit4ClassRunner.class) +//@ContextConfiguration({ +// "/test_ehvd_service_auth.beans.xml" }) +//public class EhvdAddressStateAttributeBuilderTest extends AbstractEhvdAttributeBuilderTest { +// +// @Override +// protected String expectedAttrName() { +// return "urn:brzgvat:attributes.ehvd.state"; +// +// } +// +// @Override +// protected IAttributeBuilder getAttributeBuilderUnderTest() { +// return new EhvdAddressStateAttributeBuilder(); +// +// } +// +// @Test +// public void checkMissing() throws EAAFStorageException, AttributeBuilderException { +// final GdaDescriptor gdaInfo = new GdaDescriptor(); +// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo); +// assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g)); +// +// } +// +// @Test +// public void singleAddress() throws EAAFStorageException, AttributeBuilderException { +// String state = RandomStringUtils.randomAlphabetic(5); +// final GdaDescriptor gdaInfo = new GdaDescriptor(); +// gdaInfo.getAddress().add(generateAddress(RandomStringUtils.randomNumeric(5), state)); +// +// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo); +// assertEquals("wrong empty attr.", state, +// getAttributeBuilderUnderTest().build(oaParam, authData, g)); +// +// } +// +// @Test +// public void multiAddress() throws EAAFStorageException, AttributeBuilderException { +// String state1 = RandomStringUtils.randomAlphabetic(4); +// String state2 = RandomStringUtils.randomAlphabetic(4); +// final GdaDescriptor gdaInfo = new GdaDescriptor(); +// gdaInfo.getAddress().add(generateAddress(RandomStringUtils.randomNumeric(4), state1)); +// gdaInfo.getAddress().add(generateAddress(RandomStringUtils.randomNumeric(4), state2)); +// +// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo); +// assertEquals("wrong empty attr.", state1 + "|" + state2, +// getAttributeBuilderUnderTest().build(oaParam, authData, g)); +// +// } +// +// @Test +// public void multiAddressNullBefore() throws EAAFStorageException, AttributeBuilderException { +// String state1 = null; +// String state2 = RandomStringUtils.randomAlphabetic(4); +// final GdaDescriptor gdaInfo = new GdaDescriptor(); +// gdaInfo.getAddress().add(generateAddress(RandomStringUtils.randomNumeric(4), state1)); +// gdaInfo.getAddress().add(generateAddress(RandomStringUtils.randomNumeric(4), state2)); +// +// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo); +// assertEquals("wrong empty attr.", "|" + state2, +// getAttributeBuilderUnderTest().build(oaParam, authData, g)); +// +// } +// +// @Test +// public void multiAddressNullAfter() throws EAAFStorageException, AttributeBuilderException { +// String state1 = RandomStringUtils.randomAlphabetic(4); +// String state2 = null; +// final GdaDescriptor gdaInfo = new GdaDescriptor(); +// gdaInfo.getAddress().add(generateAddress(RandomStringUtils.randomNumeric(4), state1)); +// gdaInfo.getAddress().add(generateAddress(RandomStringUtils.randomNumeric(4), state2)); +// +// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo); +// assertEquals("wrong empty attr.", state1 + "|", +// getAttributeBuilderUnderTest().build(oaParam, authData, g)); +// +// } +// +// +//} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdAddressZipAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdAddressZipAttributeBuilderTest.java new file mode 100644 index 000000000..69d17f8c3 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdAddressZipAttributeBuilderTest.java @@ -0,0 +1,107 @@ +//package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes; +// +//import static org.junit.Assert.assertEquals; +//import static org.junit.Assert.assertNull; +// +//import org.apache.commons.lang3.RandomStringUtils; +//import org.junit.Test; +//import org.junit.runner.RunWith; +//import org.springframework.test.context.ContextConfiguration; +//import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +// +//import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder; +//import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; +//import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdAddressZipcodeAttributeBuilder; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdFirstnameAttributeBuilder; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdOtherIdAttributeBuilder; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdSurnameAttributeBuilder; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaAddress; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.InstanceIdentifier; +// +//@RunWith(SpringJUnit4ClassRunner.class) +//@ContextConfiguration({ +// "/test_ehvd_service_auth.beans.xml" }) +//public class EhvdAddressZipAttributeBuilderTest extends AbstractEhvdAttributeBuilderTest { +// +// @Override +// protected String expectedAttrName() { +// return "urn:brzgvat:attributes.ehvd.zip"; +// +// } +// +// @Override +// protected IAttributeBuilder getAttributeBuilderUnderTest() { +// return new EhvdAddressZipcodeAttributeBuilder(); +// +// } +// +// @Test +// public void checkMissing() throws EAAFStorageException, AttributeBuilderException { +// final GdaDescriptor gdaInfo = new GdaDescriptor(); +// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo); +// assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g)); +// +// } +// +// @Test +// public void singleAddress() throws EAAFStorageException, AttributeBuilderException { +// String zip = RandomStringUtils.randomNumeric(4); +// final GdaDescriptor gdaInfo = new GdaDescriptor(); +// gdaInfo.getAddress().add(generateAddress( +// zip, +// RandomStringUtils.randomAlphabetic(5))); +// +// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo); +// assertEquals("wrong empty attr.", zip, +// getAttributeBuilderUnderTest().build(oaParam, authData, g)); +// +// } +// +// @Test +// public void multiAddress() throws EAAFStorageException, AttributeBuilderException { +// String zip1 = RandomStringUtils.randomNumeric(4); +// String zip2 = RandomStringUtils.randomNumeric(4); +// final GdaDescriptor gdaInfo = new GdaDescriptor(); +// gdaInfo.getAddress().add(generateAddress(zip1, RandomStringUtils.randomAlphabetic(5))); +// gdaInfo.getAddress().add(generateAddress(zip2, RandomStringUtils.randomAlphabetic(5))); +// +// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo); +// assertEquals("wrong empty attr.", zip1 + "|" + zip2, +// getAttributeBuilderUnderTest().build(oaParam, authData, g)); +// +// } +// +// @Test +// public void multiAddressNullBefore() throws EAAFStorageException, AttributeBuilderException { +// String zip1 = null; +// String zip2 = RandomStringUtils.randomNumeric(4); +// final GdaDescriptor gdaInfo = new GdaDescriptor(); +// gdaInfo.getAddress().add(generateAddress(zip1, RandomStringUtils.randomAlphabetic(5))); +// gdaInfo.getAddress().add(generateAddress(zip2, RandomStringUtils.randomAlphabetic(5))); +// +// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo); +// assertEquals("wrong empty attr.", "|" + zip2, +// getAttributeBuilderUnderTest().build(oaParam, authData, g)); +// +// } +// +// @Test +// public void multiAddressNullAfter() throws EAAFStorageException, AttributeBuilderException { +// String zip1 = RandomStringUtils.randomNumeric(4); +// String zip2 = null; +// final GdaDescriptor gdaInfo = new GdaDescriptor(); +// gdaInfo.getAddress().add(generateAddress(zip1, RandomStringUtils.randomAlphabetic(5))); +// gdaInfo.getAddress().add(generateAddress(zip2, RandomStringUtils.randomAlphabetic(5))); +// +// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo); +// assertEquals("wrong empty attr.", zip1 + "|", +// getAttributeBuilderUnderTest().build(oaParam, authData, g)); +// +// } +// +// +//} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdFirstnameAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdFirstnameAttributeBuilderTest.java new file mode 100644 index 000000000..66f1b5028 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdFirstnameAttributeBuilderTest.java @@ -0,0 +1,47 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes; + +import static org.junit.Assert.assertEquals; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + +import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder; +import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; +import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException; +import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdFirstnameAttributeBuilder; +import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/test_ehvd_service_auth.beans.xml" }) +public class EhvdFirstnameAttributeBuilderTest extends AbstractEhvdAttributeBuilderTest { + + @Override + protected String expectedAttrName() { + return "urn:brzgvat:attributes.ehvd.firstname"; + + } + + @Override + protected IAttributeBuilder getAttributeBuilderUnderTest() { + return new EhvdFirstnameAttributeBuilder(); + + } + + @Test + public void checkValid() throws EAAFStorageException, AttributeBuilderException { + final GdaDescriptor gdaInfo = new GdaDescriptor(); + gdaInfo.setFirstname(RandomStringUtils.randomAlphabetic(5)); + + authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo); + assertEquals("wrong empty attr.", gdaInfo.getFirstname(), + getAttributeBuilderUnderTest().build(oaParam, authData, g)); + + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdIdAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdIdAttributeBuilderTest.java new file mode 100644 index 000000000..db73f9191 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdIdAttributeBuilderTest.java @@ -0,0 +1,64 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertNull; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + +import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder; +import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; +import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException; +import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdFirstnameAttributeBuilder; +import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdIdAttributeBuilder; +import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdSurnameAttributeBuilder; +import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.InstanceIdentifier; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/test_ehvd_service_auth.beans.xml" }) +public class EhvdIdAttributeBuilderTest extends AbstractEhvdAttributeBuilderTest { + + @Override + protected String expectedAttrName() { + return "urn:brzgvat:attributes.ehvd.id"; + + } + + @Override + protected IAttributeBuilder getAttributeBuilderUnderTest() { + return new EhvdIdAttributeBuilder(); + + } + + @Test + public void checkMissingId() throws EAAFStorageException, AttributeBuilderException { + final GdaDescriptor gdaInfo = new GdaDescriptor(); + InstanceIdentifier id = new InstanceIdentifier(); + gdaInfo.setId(id ); + + authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo); + assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g)); + + } + + @Test + public void checkValid() throws EAAFStorageException, AttributeBuilderException { + final GdaDescriptor gdaInfo = new GdaDescriptor(); + InstanceIdentifier id = new InstanceIdentifier(); + id.setId(RandomStringUtils.randomAlphabetic(5)); + gdaInfo.setId(id ); + + authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo); + assertEquals("wrong empty attr.", id.getId(), + getAttributeBuilderUnderTest().build(oaParam, authData, g)); + + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdOtherIdAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdOtherIdAttributeBuilderTest.java new file mode 100644 index 000000000..bce8924d9 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdOtherIdAttributeBuilderTest.java @@ -0,0 +1,86 @@ +//package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes; +// +//import static org.junit.Assert.assertEquals; +//import static org.junit.Assert.assertNull; +// +//import org.apache.commons.lang3.RandomStringUtils; +//import org.junit.Test; +//import org.junit.runner.RunWith; +//import org.springframework.test.context.ContextConfiguration; +//import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +// +//import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder; +//import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; +//import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdFirstnameAttributeBuilder; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdOtherIdAttributeBuilder; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdSurnameAttributeBuilder; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.InstanceIdentifier; +// +//@RunWith(SpringJUnit4ClassRunner.class) +//@ContextConfiguration({ +// "/test_ehvd_service_auth.beans.xml" }) +//public class EhvdOtherIdAttributeBuilderTest extends AbstractEhvdAttributeBuilderTest { +// +// @Override +// protected String expectedAttrName() { +// return "urn:brzgvat:attributes.ehvd.otherid"; +// +// } +// +// @Override +// protected IAttributeBuilder getAttributeBuilderUnderTest() { +// return new EhvdOtherIdAttributeBuilder(); +// +// } +// +// @Test +// public void checkMissingId() throws EAAFStorageException, AttributeBuilderException { +// final GdaDescriptor gdaInfo = new GdaDescriptor(); +// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo); +// assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g)); +// +// } +// +// @Test +// public void checkWrongId() throws EAAFStorageException, AttributeBuilderException { +// final GdaDescriptor gdaInfo = new GdaDescriptor(); +// gdaInfo.getOtherID().add(RandomStringUtils.randomAlphabetic(10)); +// +// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo); +// assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g)); +// +// } +// +// @Test +// public void checkValidRandom() throws EAAFStorageException, AttributeBuilderException { +// String value = RandomStringUtils.randomAlphabetic(5); +// final GdaDescriptor gdaInfo = new GdaDescriptor(); +// gdaInfo.getOtherID().add(RandomStringUtils.randomAlphabetic(10)); +// gdaInfo.getOtherID().add("1.2.40.0.34.4.18:" + value); +// +// +// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo); +// assertEquals("wrong empty attr.", value, +// getAttributeBuilderUnderTest().build(oaParam, authData, g)); +// +// } +// +// @Test +// public void checkValidBrzReal() throws EAAFStorageException, AttributeBuilderException { +// final GdaDescriptor gdaInfo = new GdaDescriptor(); +// gdaInfo.getOtherID().add(RandomStringUtils.randomAlphabetic(10)); +// gdaInfo.getOtherID().add("1.2.40.0.34.4.18:1234-12"); +// gdaInfo.getOtherID().add("1.2.40.0.34.4.17:aabbccdd"); +// +// +// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo); +// assertEquals("wrong empty attr.", "1234-12", +// getAttributeBuilderUnderTest().build(oaParam, authData, g)); +// +// } +// +//} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdSurnameAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdSurnameAttributeBuilderTest.java new file mode 100644 index 000000000..af9e60cb7 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdSurnameAttributeBuilderTest.java @@ -0,0 +1,48 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes; + +import static org.junit.Assert.assertEquals; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + +import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder; +import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; +import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException; +import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdFirstnameAttributeBuilder; +import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdSurnameAttributeBuilder; +import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/test_ehvd_service_auth.beans.xml" }) +public class EhvdSurnameAttributeBuilderTest extends AbstractEhvdAttributeBuilderTest { + + @Override + protected String expectedAttrName() { + return "urn:brzgvat:attributes.ehvd.surname"; + + } + + @Override + protected IAttributeBuilder getAttributeBuilderUnderTest() { + return new EhvdSurnameAttributeBuilder(); + + } + + @Test + public void checkValid() throws EAAFStorageException, AttributeBuilderException { + final GdaDescriptor gdaInfo = new GdaDescriptor(); + gdaInfo.setSurname(RandomStringUtils.randomAlphabetic(5)); + + authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo); + assertEquals("wrong empty attr.", gdaInfo.getSurname(), + getAttributeBuilderUnderTest().build(oaParam, authData, g)); + + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdTitelAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdTitelAttributeBuilderTest.java new file mode 100644 index 000000000..2863c3508 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdTitelAttributeBuilderTest.java @@ -0,0 +1,46 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes; + +import static org.junit.Assert.assertEquals; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + +import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder; +import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; +import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException; +import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/test_ehvd_service_auth.beans.xml" }) +public class EhvdTitelAttributeBuilderTest extends AbstractEhvdAttributeBuilderTest { + + @Override + protected String expectedAttrName() { + return "urn:brzgvat:attributes.ehvd.title"; + + } + + @Override + protected IAttributeBuilder getAttributeBuilderUnderTest() { + return new EhvdTitelAttributeBuilder(); + + } + + @Test + public void checkTitelValid() throws EAAFStorageException, AttributeBuilderException { + final GdaDescriptor gdaInfo = new GdaDescriptor(); + gdaInfo.setTitle(RandomStringUtils.randomAlphabetic(5)); + + authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo); + assertEquals("wrong empty attr.", gdaInfo.getTitle(), + getAttributeBuilderUnderTest().build(oaParam, authData, g)); + + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/PvpRoleAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/PvpRoleAttributeBuilderTest.java new file mode 100644 index 000000000..624abff5f --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/PvpRoleAttributeBuilderTest.java @@ -0,0 +1,159 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertNull; + +import java.util.Arrays; +import java.util.Collections; +import java.util.List; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.BlockJUnit4ClassRunner; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + +import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; +import at.gv.egiz.eaaf.core.api.idp.IAuthData; +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration; +import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; +import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData; +import at.gv.egiz.eaaf.core.impl.idp.builder.SimpleStringAttributeGenerator; +import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration; +import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PVPAttributeBuilder; +import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.PvpRoleAttributeBuilder; +import at.gv.egovernment.moa.id.data.AuthenticationRole; +import at.gv.egovernment.moa.id.data.AuthenticationRoleFactory; +import at.gv.egovernment.moa.id.data.MOAAuthenticationData; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/test_ehvd_service_auth.beans.xml" }) +public class PvpRoleAttributeBuilderTest { + + @Autowired + private IConfiguration basicConfig; + + private PvpRoleAttributeBuilder toTest = new PvpRoleAttributeBuilder(); + private IAttributeGenerator<String> g = new SimpleStringAttributeGenerator(); + private ISPConfiguration oaParam; + + + @Before + public void initialize() { + oaParam = new DummySPConfiguration(Collections.emptyMap(), basicConfig); + + } + + @Test + public void checkAttributeRegistration() { + assertNotNull("Attribute: urn:oid:1.2.40.0.10.2.1.1.261.30 not registrated", + PVPAttributeBuilder.getAttributeBuilder("urn:oid:1.2.40.0.10.2.1.1.261.30")); + + } + + @Test + public void checkName() { + assertEquals("wrong attr. name", "urn:oid:1.2.40.0.10.2.1.1.261.30", toTest.getName()); + + } + + @Test + public void checkEmptyAttribute() { + assertNull("wrong empty attr.", toTest.buildEmpty(g)); + + } + + @Test + public void wrongAuthData() throws AttributeBuilderException { + IAuthData authData = new AuthenticationData(); + assertNull("wrong attr. value", toTest.build(oaParam, authData, g)); + + } + + @Test + public void noRoles() throws AttributeBuilderException { + IAuthData authData = generateAuthData(null); + assertNull("wrong attr. value", toTest.build(oaParam, authData, g)); + + } + + @Test + public void emptyRoles() throws AttributeBuilderException { + IAuthData authData = generateAuthData(Collections.emptyList()); + assertNull("wrong attr. value", toTest.build(oaParam, authData, g)); + + } + + @Test + public void randomRoles() throws AttributeBuilderException { + String role1 = RandomStringUtils.randomAlphabetic(5); + String role2 = RandomStringUtils.randomAlphabetic(5); + String role3 = RandomStringUtils.randomAlphabetic(5); + String role4 = RandomStringUtils.randomAlphabetic(5); + + IAuthData authData = generateAuthData(Arrays.asList( + new AuthenticationRole(role1, role1), + new AuthenticationRole(role2, role2), + new AuthenticationRole(role3, role3 + "()"), + new AuthenticationRole(role4, role4 + "(\"aaa\"=\"bbb\")") + )); + + // perform test + String attrValue = toTest.build(oaParam, authData, g); + + // validate state + assertNotNull("wrong attr. value", attrValue); + assertFalse("List delimiter after last element" ,attrValue.endsWith(";")); + + + String[] el = attrValue.split(";"); + assertEquals("wrong role count", 4, el.length); + assertEquals("wrong 1. role", role1, el[0]); + assertEquals("wrong 2. role", role2, el[1]); + assertEquals("wrong 3. role", role3 + "()", el[2]); + assertEquals("wrong 4. role", role4 + "(\"aaa\"=\"bbb\")", el[3]); + + + } + + @Test + public void brzProductionRole() throws AttributeBuilderException { + + IAuthData authData = generateAuthData(Arrays.asList( + AuthenticationRoleFactory.buildFormPVPole("EPI-GDA()"))); + + // perform test + String attrValue = toTest.build(oaParam, authData, g); + + // validate state + assertNotNull("wrong attr. value", attrValue); + assertFalse("List delimiter after last element" ,attrValue.endsWith(";")); + + + String[] el = attrValue.split(";"); + assertEquals("wrong role count", 1, el.length); + assertEquals("wrong 1. role", "EPI-GDA()", el[0]); + + assertEquals("wrong role attr. value", "EPI-GDA()", attrValue); + + } + + private IAuthData generateAuthData(List<AuthenticationRole> roles) { + MOAAuthenticationData authData = new MOAAuthenticationData(null); + if (roles != null) { + roles.forEach(el -> authData.addAuthenticationRole(el)); + + } + + return authData; + + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/DummyAuthConfigMap.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/DummyAuthConfigMap.java new file mode 100644 index 000000000..865cf7157 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/DummyAuthConfigMap.java @@ -0,0 +1,136 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy; + +import java.io.IOException; +import java.io.InputStream; +import java.net.URI; +import java.net.URL; +import java.util.HashMap; +import java.util.Map; +import java.util.Properties; + +import org.apache.commons.lang3.StringUtils; + +import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; +import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration; +import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException; +import at.gv.egiz.eaaf.core.exceptions.EAAFException; +import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; + +/** + * Dummy Application-configuration implementation for jUnit tests. + * + * @author tlenz + * + */ +public class DummyAuthConfigMap implements IConfigurationWithSP { + + private Map<String, String> config = new HashMap<>(); + + public DummyAuthConfigMap() { + + } + + /** + * Dummy Application-configuration. + * + * @param configIs Property based configuration + * @throws IOException In case of an configuration read error + */ + public DummyAuthConfigMap(final InputStream configIs) throws IOException { + + final Properties props = new Properties(); + props.load(configIs); + + config = KeyValueUtils.convertPropertiesToMap(props); + + } + + /** + * Dummy Application-configuration. + * + * @param path Path to property based configuration + * @throws IOException In case of an configuration read error + */ + public DummyAuthConfigMap(final String path) throws IOException { + + final Properties props = new Properties(); + props.load(this.getClass().getResourceAsStream(path)); + + config = KeyValueUtils.convertPropertiesToMap(props); + + } + + + @Override + public String getBasicConfiguration(final String key) { + return config.get(key); + + } + + @Override + public String getBasicConfiguration(final String key, final String defaultValue) { + final String value = getBasicConfiguration(key); + if (StringUtils.isEmpty(value)) { + return defaultValue; + } else { + return value; + } + + } + + @Override + public Boolean getBasicConfigurationBoolean(final String key) { + final String value = getBasicConfiguration(key); + if (StringUtils.isEmpty(value)) { + return false; + } else { + return Boolean.valueOf(value); + } + } + + @Override + public boolean getBasicConfigurationBoolean(final String key, final boolean defaultValue) { + return Boolean.parseBoolean(getBasicConfiguration(key, String.valueOf(defaultValue))); + + } + + @Override + public Map<String, String> getBasicConfigurationWithPrefix(final String prefix) { + return KeyValueUtils.getSubSetWithPrefix(config, prefix); + + } + + @Override + public ISPConfiguration getServiceProviderConfiguration(final String uniqueID) + throws EAAFConfigurationException { + return null; + } + + @Override + public <T> T getServiceProviderConfiguration(final String spIdentifier, final Class<T> decorator) + throws EAAFConfigurationException { + return null; + } + + @Override + public URI getConfigurationRootDirectory() { + return new java.io.File(".").toURI(); + + } + + @Override + public String validateIDPURL(final URL authReqUrl) throws EAAFException { + return null; + } + + public void putConfigValue(final String key, final String value) { + config.put(key, value); + } + + public void removeConfigValue(final String key) { + config.remove(key); + + } + + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/TestUtils.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/TestUtils.java new file mode 100644 index 000000000..9ab52a27e --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/TestUtils.java @@ -0,0 +1,150 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy; + +import java.io.IOException; +import java.security.PublicKey; + +import javax.xml.transform.TransformerException; + +import org.w3c.dom.Element; + +import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink; + +public class TestUtils { + + public static IIdentityLink generateDummyIdl(String baseId, String baseIdType) { + return new IIdentityLink() { + + @Override + public void setSamlAssertion(Element samlAssertion) throws TransformerException, IOException { + // TODO Auto-generated method stub + + } + + @Override + public void setPublicKey(PublicKey[] publicKey) { + // TODO Auto-generated method stub + + } + + @Override + public void setPrPerson(Element prPerson) { + // TODO Auto-generated method stub + + } + + @Override + public void setIssueInstant(String issueInstant) { + // TODO Auto-generated method stub + + } + + @Override + public void setIdentificationValue(String identificationValue) { + // TODO Auto-generated method stub + + } + + @Override + public void setIdentificationType(String identificationType) { + // TODO Auto-generated method stub + + } + + @Override + public void setGivenName(String givenName) { + // TODO Auto-generated method stub + + } + + @Override + public void setFamilyName(String familyName) { + // TODO Auto-generated method stub + + } + + @Override + public void setDsigReferenceTransforms(Element[] dsigReferenceTransforms) { + // TODO Auto-generated method stub + + } + + @Override + public void setDateOfBirth(String dateOfBirth) { + // TODO Auto-generated method stub + + } + + @Override + public String getSerializedSamlAssertion() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Element getSamlAssertion() { + // TODO Auto-generated method stub + return null; + } + + @Override + public PublicKey[] getPublicKey() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Element getPrPerson() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getName() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getIssueInstant() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getIdentificationValue() { + return baseId; + + } + + @Override + public String getIdentificationType() { + return baseIdType; + + } + + @Override + public String getGivenName() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getFamilyName() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Element[] getDsigReferenceTransforms() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getDateOfBirth() { + // TODO Auto-generated method stub + return null; + } + }; + } +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java new file mode 100644 index 000000000..8bccefc8d --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java @@ -0,0 +1,171 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.test.tasks; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.fail; +import static org.mockito.ArgumentMatchers.any; +import static org.mockito.Mockito.when; + +import java.net.SocketTimeoutException; +import java.util.Arrays; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; +import java.util.Locale; +import java.util.Map; + +import javax.xml.namespace.QName; +import javax.xml.soap.Detail; +import javax.xml.soap.Name; +import javax.xml.soap.SOAPElement; +import javax.xml.soap.SOAPException; +import javax.xml.soap.SOAPFault; +import javax.xml.ws.soap.SOAPFaultException; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Rule; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.mock.web.MockHttpServletRequest; +import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.test.annotation.IfProfileValue; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.util.Assert; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; +import org.w3c.dom.Attr; +import org.w3c.dom.DOMException; +import org.w3c.dom.Document; +import org.w3c.dom.NamedNodeMap; +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; +import org.w3c.dom.TypeInfo; +import org.w3c.dom.UserDataHandler; + +import com.github.skjolber.mockito.soap.Soap12EndpointRule; + +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.IRequestStorage; +import at.gv.egiz.eaaf.core.api.data.EAAFConfigConstants; +import at.gv.egiz.eaaf.core.api.data.EAAFConstants; +import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration; +import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; +import at.gv.egiz.eaaf.core.exceptions.EAAFException; +import at.gv.egiz.eaaf.core.exceptions.EAAFParserException; +import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException; +import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; +import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration; +import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; +import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.EHVD; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GDARoles; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GDAStatus; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaIndexResponse; +import at.gv.egovernment.moa.id.auth.modules.ehvd.task.InjectEhvdInformationTask; +import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap; +import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.TestUtils; +import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/test_ehvd_qs_service_auth.beans.xml" }) +@IfProfileValue(name = "spring.profiles.active", value = "devEnvironment") +public class InjectEhvdIdentityInformationQsSystemTest { + + @Autowired + InjectEhvdInformationTask task; + @Autowired + DummyAuthConfigMap config; + @Autowired + IRequestStorage storage; + + protected MockHttpServletRequest httpReq; + protected MockHttpServletResponse httpResp; + private ExecutionContext context; + private TestRequestImpl pendingReq; + private Map<String, String> spConfigMap; + + @BeforeClass + public static void classInitializer() { + System.setProperty( + "https.cipherSuites", + //high secure RSA bases ciphers + "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384" + + ",TLS_DHE_RSA_WITH_AES_128_GCM_SHA256" + + ",TLS_DHE_RSA_WITH_AES_256_CBC_SHA256" + + ",TLS_DHE_RSA_WITH_AES_128_CBC_SHA256" + + + //high secure ECC bases ciphers + ",TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384" + + ",TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384" + + ",TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256" + + ",TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256" + + ",TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384" + + ",TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384" + + ",TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256" + + ",TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256" + + + //secure backup chipers + ",TLS_DHE_RSA_WITH_AES_256_CBC_SHA" + + ",TLS_DHE_RSA_WITH_AES_128_CBC_SHA" + + ",TLS_RSA_WITH_AES_128_CBC_SHA" + + ",TLS_RSA_WITH_AES_256_CBC_SHA" + ); + + } + + @Before + public void initialize() throws EAAFParserException { + httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler"); + httpResp = new MockHttpServletResponse(); + RequestContextHolder.resetRequestAttributes(); + RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); + + context = new ExecutionContextImpl(); + + spConfigMap = new HashMap<>(); + spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphanumeric(10)); + + final ISPConfiguration spConfig = new DummySPConfiguration(spConfigMap, config); + pendingReq = new TestRequestImpl(); + pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10)); + pendingReq.setSpConfig(spConfig); + + // re-set config + config.putConfigValue("modules.dummyauth.enabled", String.valueOf(true)); + + } + + @Test + public void validateState() throws TaskExecutionException, PendingReqIdValidationException { + // inject identityLink + final AuthenticationSessionWrapper moaSession = pendingReq.getSessionData( + AuthenticationSessionWrapper.class); + moaSession.setIdentityLink(TestUtils.generateDummyIdl( + "SUTFhJ/FXHmLGfTFchYnnWG/e3A=", + EAAFConstants.URN_PREFIX_CDID + "GH")); + + task.execute(pendingReq, context); + + // validate state + final IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId()); + assertNotNull("pendingReq not stored", storedReq); + + final AuthenticationSessionWrapper moaSessionStored = storedReq.getSessionData( + AuthenticationSessionWrapper.class); + + assertFalse("foreign", moaSessionStored.isForeigner()); + assertFalse("mandate", moaSessionStored.isMandateUsed()); + assertEquals("missing attributes", 1, moaSessionStored.getGenericSessionDataStorage().size()); + assertNotNull("no Role attr", moaSessionStored.getGenericDataFromSession(PVPConstants.ROLES_NAME)); + + } +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationTaskTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationTaskTest.java new file mode 100644 index 000000000..818a2c34b --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationTaskTest.java @@ -0,0 +1,1086 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.test.tasks; + +import static org.hamcrest.CoreMatchers.instanceOf; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertTrue; +import static org.junit.Assert.fail; +import static org.mockito.ArgumentMatchers.any; +import static org.mockito.Mockito.when; + +import java.util.Arrays; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; +import java.util.Locale; +import java.util.Map; + +import javax.xml.namespace.QName; +import javax.xml.soap.Detail; +import javax.xml.soap.Name; +import javax.xml.soap.SOAPElement; +import javax.xml.soap.SOAPException; +import javax.xml.soap.SOAPFault; +import javax.xml.ws.soap.SOAPFaultException; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Before; +import org.junit.Rule; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.mock.web.MockHttpServletRequest; +import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.util.Assert; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; +import org.w3c.dom.Attr; +import org.w3c.dom.DOMException; +import org.w3c.dom.Document; +import org.w3c.dom.NamedNodeMap; +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; +import org.w3c.dom.TypeInfo; +import org.w3c.dom.UserDataHandler; + +import com.github.skjolber.mockito.soap.Soap12EndpointRule; + +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.IRequestStorage; +import at.gv.egiz.eaaf.core.api.data.EAAFConfigConstants; +import at.gv.egiz.eaaf.core.api.data.EAAFConstants; +import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration; +import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; +import at.gv.egiz.eaaf.core.exceptions.EAAFException; +import at.gv.egiz.eaaf.core.exceptions.EAAFParserException; +import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException; +import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; +import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration; +import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; +import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.EHVD; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GDARoles; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GDAStatus; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaAddress; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaIndexResponse; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.InstanceIdentifier; +import at.gv.egovernment.moa.id.auth.modules.ehvd.task.InjectEhvdInformationTask; +import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap; +import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.TestUtils; +import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/test_ehvd_service_auth.beans.xml" }) +public class InjectEhvdIdentityInformationTaskTest { + + @Autowired + InjectEhvdInformationTask task; + @Autowired + DummyAuthConfigMap config; + @Autowired + IRequestStorage storage; + + @Rule + public final Soap12EndpointRule soap = Soap12EndpointRule.newInstance(); + + protected MockHttpServletRequest httpReq; + protected MockHttpServletResponse httpResp; + private ExecutionContext context; + private TestRequestImpl pendingReq; + private Map<String, String> spConfigMap; + + private EHVD ehvdService; + + @Before + public void initialize() throws EAAFParserException { + httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler"); + httpResp = new MockHttpServletResponse(); + RequestContextHolder.resetRequestAttributes(); + RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); + + context = new ExecutionContextImpl(); + + spConfigMap = new HashMap<>(); + spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphanumeric(10)); + + final ISPConfiguration spConfig = new DummySPConfiguration(spConfigMap, config); + pendingReq = new TestRequestImpl(); + pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10)); + pendingReq.setSpConfig(spConfig); + + // re-set config + config.putConfigValue("modules.dummyauth.enabled", String.valueOf(true)); + + // inject identityLink + final AuthenticationSessionWrapper moaSession = pendingReq.getSessionData( + AuthenticationSessionWrapper.class); + moaSession.setIdentityLink(TestUtils.generateDummyIdl( + RandomStringUtils.randomAlphanumeric(10), + EAAFConstants.URN_PREFIX_BASEID)); + + // mock EHVD service + ehvdService = soap.mock(EHVD.class, "http://localhost:1234/ehvd"); + + } + + @Test + public void noIdentityLinkInSession() { + final AuthenticationSessionWrapper moaSession = pendingReq.getSessionData( + AuthenticationSessionWrapper.class); + moaSession.setIdentityLink(null); + + try { + task.execute(pendingReq, context); + fail("wrong state not detected"); + + } catch (final TaskExecutionException e) { + Assert.isInstanceOf(AuthenticationException.class, e.getOriginalException(), "wrong execpetion"); + assertEquals("wrong errorCode", "process.04", ((EAAFException) e.getOriginalException()).getErrorId()); + + } + } + + @Test + public void noActiveGda() throws TaskExecutionException, PendingReqIdValidationException { + // set-up EHVD response + String role1 = RandomStringUtils.randomAlphabetic(10); + when(ehvdService.getGDA(any())).thenReturn(generateGdaResponse(false, Arrays.asList(role1))); + + try { + task.execute(pendingReq, context); + fail("wrong state not detected"); + + } catch (final TaskExecutionException e) { + Assert.isInstanceOf(AuthenticationException.class, e.getOriginalException(), "wrong execpetion"); + assertEquals("wrong errorCode", "ehvd.00", ((EAAFException) e.getOriginalException()).getErrorId()); + + } + } + + @Test + public void gdaGenericServiceError() throws TaskExecutionException, PendingReqIdValidationException { + // set-up EHVD response + when(ehvdService.getGDA(any())).thenThrow(new RuntimeException("No anwser from Service")); + + try { + task.execute(pendingReq, context); + fail("wrong state not detected"); + + } catch (final TaskExecutionException e) { + Assert.isInstanceOf(AuthenticationException.class, e.getOriginalException(), "wrong execpetion"); + assertEquals("wrong errorCode", "ehvd.02", ((EAAFException) e.getOriginalException()).getErrorId()); + + } + } + + @Test + public void gdaServiceError() throws TaskExecutionException, PendingReqIdValidationException { + // set-up EHVD response + String msg = RandomStringUtils.randomAlphabetic(10); + SOAPFault fault = generateSoaFault(msg); + SOAPFaultException error = new SOAPFaultException(fault ); + when(ehvdService.getGDA(any())).thenThrow(error); + + try { + task.execute(pendingReq, context); + fail("wrong state not detected"); + + } catch (final TaskExecutionException e) { + Assert.isInstanceOf(AuthenticationException.class, e.getOriginalException(), "wrong execpetion"); + assertEquals("wrong errorCode", "ehvd.02", ((EAAFException) e.getOriginalException()).getErrorId()); + + } + } + + @Test + public void noGdaInfosInResponse() throws TaskExecutionException, PendingReqIdValidationException { + // set-up EHVD response + GdaIndexResponse gdaResponse = new GdaIndexResponse(); + when(ehvdService.getGDA(any())).thenReturn(gdaResponse); + + try { + task.execute(pendingReq, context); + fail("wrong state not detected"); + + } catch (final TaskExecutionException e) { + Assert.isInstanceOf(AuthenticationException.class, e.getOriginalException(), "wrong execpetion"); + assertEquals("wrong errorCode", "ehvd.03", ((EAAFException) e.getOriginalException()).getErrorId()); + + } + } + + + @Test + public void noValidGdaRole() throws TaskExecutionException, PendingReqIdValidationException { + // set-up EHVD response + String role1 = RandomStringUtils.randomAlphabetic(10); + String role2 = RandomStringUtils.randomAlphabetic(10); + when(ehvdService.getGDA(any())).thenReturn(generateGdaResponse(true, Arrays.asList(role1, role2))); + + try { + task.execute(pendingReq, context); + fail("wrong state not detected"); + + } catch (final TaskExecutionException e) { + Assert.isInstanceOf(AuthenticationException.class, e.getOriginalException(), "wrong execpetion"); + assertEquals("wrong errorCode", "ehvd.04", ((EAAFException) e.getOriginalException()).getErrorId()); + + } + } + + + @Test + public void validateStateWithRandomData() throws TaskExecutionException, PendingReqIdValidationException { + // set-up EHVD response + String role1 = RandomStringUtils.randomAlphabetic(10); + String role2 = "1.2.40.0.34.5.2:101"; + String role3 = RandomStringUtils.randomAlphabetic(10); + when(ehvdService.getGDA(any())).thenReturn(generateGdaResponse(true, Arrays.asList(role1, role2, role3))); + + task.execute(pendingReq, context); + + // validate state + final IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId()); + assertNotNull("pendingReq not stored", storedReq); + + final AuthenticationSessionWrapper moaSession = storedReq.getSessionData( + AuthenticationSessionWrapper.class); + + assertFalse("foreign", moaSession.isForeigner()); + assertFalse("mandate", moaSession.isMandateUsed()); + assertEquals("missing attributes", 2, moaSession.getGenericSessionDataStorage().size()); + assertNotNull("no Role attr", moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME)); + assertEquals("wrong role attr", + "EPI-GDA()", + moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME, String.class)); + + } + + @Test + public void validateState() throws TaskExecutionException, PendingReqIdValidationException { + // set-up EHVD response + String role1 = "1.2.40.0.33.5.2.101"; + String role2 = "1.2.40.0.34.5.2:100"; + String role3 = RandomStringUtils.randomAlphabetic(10); + when(ehvdService.getGDA(any())).thenReturn(generateGdaResponse(true, Arrays.asList(role1, role2, role3))); + + task.execute(pendingReq, context); + + // validate state + final IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId()); + assertNotNull("pendingReq not stored", storedReq); + + final AuthenticationSessionWrapper moaSession = storedReq.getSessionData( + AuthenticationSessionWrapper.class); + + assertFalse("foreign", moaSession.isForeigner()); + assertFalse("mandate", moaSession.isMandateUsed()); + assertEquals("missing attributes", 2, moaSession.getGenericSessionDataStorage().size()); + assertNotNull("no Role attr", moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME)); + assertEquals("wrong role attr", + "EPI-GDA()", + moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME, String.class)); + + } + + @Test + public void validateStateSecondOid() throws TaskExecutionException, PendingReqIdValidationException { + // set-up EHVD response + String role1 = "1.2.40.0.33.5.2.101"; + String role2 = "1.2.40.0.34.5.2:158"; + String role3 = RandomStringUtils.randomAlphabetic(10); + GdaIndexResponse gdaResponse = generateGdaResponse(true, Arrays.asList(role1, role2, role3)); + when(ehvdService.getGDA(any())).thenReturn(gdaResponse); + + task.execute(pendingReq, context); + + // validate state + final IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId()); + assertNotNull("pendingReq not stored", storedReq); + + final AuthenticationSessionWrapper moaSession = storedReq.getSessionData( + AuthenticationSessionWrapper.class); + + assertFalse("foreign", moaSession.isForeigner()); + assertFalse("mandate", moaSession.isMandateUsed()); + assertEquals("missing attributes", 2, moaSession.getGenericSessionDataStorage().size()); + assertNotNull("no Role attr", moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME)); + assertEquals("wrong role attr", + "EPI-GDA()", + moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME, String.class)); + + assertNotNull("no full GDA response", + moaSession.getGenericDataFromSession(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX)); + assertTrue("wrong GDA response type", + moaSession.getGenericDataFromSession(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX) instanceof GdaDescriptor); + + + } + + private GdaIndexResponse generateGdaResponse(boolean isActive, List<String> roles) { + GdaIndexResponse resp = new GdaIndexResponse(); + GdaDescriptor gda = new GdaDescriptor(); + resp.setGda(gda); + + GDAStatus status = new GDAStatus(); + gda.setStatus(status); + status.setEhvdstatus(isActive ? "Aktiv" : "Inaktiv"); + + gda.setFirstname(RandomStringUtils.randomAlphabetic(5)); + gda.setSurname(RandomStringUtils.randomAlphabetic(5)); + gda.setTitle(RandomStringUtils.randomAlphabetic(5)); + + InstanceIdentifier id = new InstanceIdentifier(); + id.setId(RandomStringUtils.randomAlphabetic(5)); + gda.setId(id); + + gda.getOtherID().add(RandomStringUtils.randomAlphabetic(5)); + gda.getOtherID().add(RandomStringUtils.randomAlphabetic(5)); + + gda.getAddress().add(generateAddress()); + gda.getAddress().add(generateAddress()); + + GDARoles gdaRoles = new GDARoles(); + gda.setRoles(gdaRoles); + gdaRoles.getRole().addAll(roles); + + return resp; + } + + private GdaAddress generateAddress() { + GdaAddress address = new GdaAddress(); + address.setZip(RandomStringUtils.randomNumeric(4)); + address.setState(RandomStringUtils.randomAlphabetic(10)); + return address; + + } + + private SOAPFault generateSoaFault(String msg) { + return new SOAPFault() { + + @Override + public void setIdAttributeNode(Attr idAttr, boolean isId) throws DOMException { + // TODO Auto-generated method stub + + } + + @Override + public void setIdAttributeNS(String namespaceURI, String localName, boolean isId) throws DOMException { + // TODO Auto-generated method stub + + } + + @Override + public void setIdAttribute(String name, boolean isId) throws DOMException { + // TODO Auto-generated method stub + + } + + @Override + public Attr setAttributeNodeNS(Attr newAttr) throws DOMException { + // TODO Auto-generated method stub + return null; + } + + @Override + public Attr setAttributeNode(Attr newAttr) throws DOMException { + // TODO Auto-generated method stub + return null; + } + + @Override + public void setAttributeNS(String namespaceURI, String qualifiedName, String value) throws DOMException { + // TODO Auto-generated method stub + + } + + @Override + public void setAttribute(String name, String value) throws DOMException { + // TODO Auto-generated method stub + + } + + @Override + public Attr removeAttributeNode(Attr oldAttr) throws DOMException { + // TODO Auto-generated method stub + return null; + } + + @Override + public void removeAttributeNS(String namespaceURI, String localName) throws DOMException { + // TODO Auto-generated method stub + + } + + @Override + public void removeAttribute(String name) throws DOMException { + // TODO Auto-generated method stub + + } + + @Override + public boolean hasAttributeNS(String namespaceURI, String localName) throws DOMException { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean hasAttribute(String name) { + // TODO Auto-generated method stub + return false; + } + + @Override + public String getTagName() { + // TODO Auto-generated method stub + return null; + } + + @Override + public TypeInfo getSchemaTypeInfo() { + // TODO Auto-generated method stub + return null; + } + + @Override + public NodeList getElementsByTagNameNS(String namespaceURI, String localName) throws DOMException { + // TODO Auto-generated method stub + return null; + } + + @Override + public NodeList getElementsByTagName(String name) { + // TODO Auto-generated method stub + return null; + } + + @Override + public Attr getAttributeNodeNS(String namespaceURI, String localName) throws DOMException { + // TODO Auto-generated method stub + return null; + } + + @Override + public Attr getAttributeNode(String name) { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getAttributeNS(String namespaceURI, String localName) throws DOMException { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getAttribute(String name) { + // TODO Auto-generated method stub + return null; + } + + @Override + public Object setUserData(String key, Object data, UserDataHandler handler) { + // TODO Auto-generated method stub + return null; + } + + @Override + public void setTextContent(String textContent) throws DOMException { + // TODO Auto-generated method stub + + } + + @Override + public void setPrefix(String prefix) throws DOMException { + // TODO Auto-generated method stub + + } + + @Override + public void setNodeValue(String nodeValue) throws DOMException { + // TODO Auto-generated method stub + + } + + @Override + public Node replaceChild(Node newChild, Node oldChild) throws DOMException { + // TODO Auto-generated method stub + return null; + } + + @Override + public Node removeChild(Node oldChild) throws DOMException { + // TODO Auto-generated method stub + return null; + } + + @Override + public void normalize() { + // TODO Auto-generated method stub + + } + + @Override + public String lookupPrefix(String namespaceURI) { + // TODO Auto-generated method stub + return null; + } + + @Override + public String lookupNamespaceURI(String prefix) { + // TODO Auto-generated method stub + return null; + } + + @Override + public boolean isSupported(String feature, String version) { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean isSameNode(Node other) { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean isEqualNode(Node arg) { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean isDefaultNamespace(String namespaceURI) { + // TODO Auto-generated method stub + return false; + } + + @Override + public Node insertBefore(Node newChild, Node refChild) throws DOMException { + // TODO Auto-generated method stub + return null; + } + + @Override + public boolean hasChildNodes() { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean hasAttributes() { + // TODO Auto-generated method stub + return false; + } + + @Override + public Object getUserData(String key) { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getTextContent() throws DOMException { + // TODO Auto-generated method stub + return null; + } + + @Override + public Node getPreviousSibling() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getPrefix() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Node getParentNode() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Document getOwnerDocument() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getNodeValue() throws DOMException { + // TODO Auto-generated method stub + return null; + } + + @Override + public short getNodeType() { + // TODO Auto-generated method stub + return 0; + } + + @Override + public String getNodeName() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Node getNextSibling() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getNamespaceURI() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getLocalName() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Node getLastChild() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Node getFirstChild() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Object getFeature(String feature, String version) { + // TODO Auto-generated method stub + return null; + } + + @Override + public NodeList getChildNodes() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getBaseURI() { + // TODO Auto-generated method stub + return null; + } + + @Override + public NamedNodeMap getAttributes() { + // TODO Auto-generated method stub + return null; + } + + @Override + public short compareDocumentPosition(Node other) throws DOMException { + // TODO Auto-generated method stub + return 0; + } + + @Override + public Node cloneNode(boolean deep) { + // TODO Auto-generated method stub + return null; + } + + @Override + public Node appendChild(Node newChild) throws DOMException { + // TODO Auto-generated method stub + return null; + } + + @Override + public void setValue(String value) { + // TODO Auto-generated method stub + + } + + @Override + public void setParentElement(SOAPElement parent) throws SOAPException { + // TODO Auto-generated method stub + + } + + @Override + public void recycleNode() { + // TODO Auto-generated method stub + + } + + @Override + public String getValue() { + // TODO Auto-generated method stub + return null; + } + + @Override + public SOAPElement getParentElement() { + // TODO Auto-generated method stub + return null; + } + + @Override + public void detachNode() { + // TODO Auto-generated method stub + + } + + @Override + public void setEncodingStyle(String encodingStyle) throws SOAPException { + // TODO Auto-generated method stub + + } + + @Override + public SOAPElement setElementQName(QName newName) throws SOAPException { + // TODO Auto-generated method stub + return null; + } + + @Override + public boolean removeNamespaceDeclaration(String prefix) { + // TODO Auto-generated method stub + return false; + } + + @Override + public void removeContents() { + // TODO Auto-generated method stub + + } + + @Override + public boolean removeAttribute(QName qname) { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean removeAttribute(Name name) { + // TODO Auto-generated method stub + return false; + } + + @Override + public Iterator getVisibleNamespacePrefixes() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getNamespaceURI(String prefix) { + // TODO Auto-generated method stub + return null; + } + + @Override + public Iterator getNamespacePrefixes() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getEncodingStyle() { + // TODO Auto-generated method stub + return null; + } + + @Override + public QName getElementQName() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Name getElementName() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Iterator getChildElements(QName qname) { + // TODO Auto-generated method stub + return null; + } + + @Override + public Iterator getChildElements(Name name) { + // TODO Auto-generated method stub + return null; + } + + @Override + public Iterator getChildElements() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getAttributeValue(QName qname) { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getAttributeValue(Name name) { + // TODO Auto-generated method stub + return null; + } + + @Override + public Iterator getAllAttributesAsQNames() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Iterator getAllAttributes() { + // TODO Auto-generated method stub + return null; + } + + @Override + public QName createQName(String localName, String prefix) throws SOAPException { + // TODO Auto-generated method stub + return null; + } + + @Override + public SOAPElement addTextNode(String text) throws SOAPException { + // TODO Auto-generated method stub + return null; + } + + @Override + public SOAPElement addNamespaceDeclaration(String prefix, String uri) throws SOAPException { + // TODO Auto-generated method stub + return null; + } + + @Override + public SOAPElement addChildElement(String localName, String prefix, String uri) throws SOAPException { + // TODO Auto-generated method stub + return null; + } + + @Override + public SOAPElement addChildElement(String localName, String prefix) throws SOAPException { + // TODO Auto-generated method stub + return null; + } + + @Override + public SOAPElement addChildElement(SOAPElement element) throws SOAPException { + // TODO Auto-generated method stub + return null; + } + + @Override + public SOAPElement addChildElement(String localName) throws SOAPException { + // TODO Auto-generated method stub + return null; + } + + @Override + public SOAPElement addChildElement(QName qname) throws SOAPException { + // TODO Auto-generated method stub + return null; + } + + @Override + public SOAPElement addChildElement(Name name) throws SOAPException { + // TODO Auto-generated method stub + return null; + } + + @Override + public SOAPElement addAttribute(QName qname, String value) throws SOAPException { + // TODO Auto-generated method stub + return null; + } + + @Override + public SOAPElement addAttribute(Name name, String value) throws SOAPException { + // TODO Auto-generated method stub + return null; + } + + @Override + public void setFaultString(String faultString, Locale locale) throws SOAPException { + // TODO Auto-generated method stub + + } + + @Override + public void setFaultString(String faultString) throws SOAPException { + // TODO Auto-generated method stub + + } + + @Override + public void setFaultRole(String uri) throws SOAPException { + // TODO Auto-generated method stub + + } + + @Override + public void setFaultNode(String uri) throws SOAPException { + // TODO Auto-generated method stub + + } + + @Override + public void setFaultCode(String faultCode) throws SOAPException { + // TODO Auto-generated method stub + + } + + @Override + public void setFaultCode(QName faultCodeQName) throws SOAPException { + // TODO Auto-generated method stub + + } + + @Override + public void setFaultCode(Name faultCodeQName) throws SOAPException { + // TODO Auto-generated method stub + + } + + @Override + public void setFaultActor(String faultActor) throws SOAPException { + // TODO Auto-generated method stub + + } + + @Override + public void removeAllFaultSubcodes() { + // TODO Auto-generated method stub + + } + + @Override + public boolean hasDetail() { + // TODO Auto-generated method stub + return false; + } + + @Override + public Iterator getFaultSubcodes() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Locale getFaultStringLocale() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getFaultString() { + return msg; + + } + + @Override + public String getFaultRole() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Iterator getFaultReasonTexts() throws SOAPException { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getFaultReasonText(Locale locale) throws SOAPException { + // TODO Auto-generated method stub + return null; + } + + @Override + public Iterator getFaultReasonLocales() throws SOAPException { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getFaultNode() { + // TODO Auto-generated method stub + return null; + } + + @Override + public QName getFaultCodeAsQName() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Name getFaultCodeAsName() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getFaultCode() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getFaultActor() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Detail getDetail() { + // TODO Auto-generated method stub + return null; + } + + @Override + public void appendFaultSubcode(QName subcode) throws SOAPException { + // TODO Auto-generated method stub + + } + + @Override + public void addFaultReasonText(String text, Locale locale) throws SOAPException { + // TODO Auto-generated method stub + + } + + @Override + public Detail addDetail() throws SOAPException { + // TODO Auto-generated method stub + return null; + } + }; + + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AttributeBuilderRegistrationTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AttributeBuilderRegistrationTest.java new file mode 100644 index 000000000..5ff8ffba7 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AttributeBuilderRegistrationTest.java @@ -0,0 +1,41 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.test.utils; + +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; + +import java.util.List; + +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.BlockJUnit4ClassRunner; +import org.opensaml.saml2.core.Attribute; +import org.opensaml.xml.ConfigurationException; + +import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions; +import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PVPAttributeBuilder; +import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EAAFDefaultSAML2Bootstrap; + +@RunWith(BlockJUnit4ClassRunner.class) +public class AttributeBuilderRegistrationTest { + + @BeforeClass + public static void classInitializer() throws ConfigurationException { + EAAFDefaultSAML2Bootstrap.bootstrap(); + + } + + @Test + public void checkRegistratedAttributeBuilder() { + + List<Attribute> supportedAttributes = PVPAttributeBuilder.buildSupportedEmptyAttributes(); + + assertFalse("Registered Attribute-Builder is empty", supportedAttributes.isEmpty()); + assertTrue("No role attribute registrated", supportedAttributes.stream() + .filter(el -> PVPAttributeDefinitions.ROLES_NAME.equals(el.getName())) + .findFirst() + .isPresent()); + + } +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AuthenticationRoleFactoryTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AuthenticationRoleFactoryTest.java new file mode 100644 index 000000000..6d39b926e --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AuthenticationRoleFactoryTest.java @@ -0,0 +1,65 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.test.utils; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertNull; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.BlockJUnit4ClassRunner; + +import at.gv.egovernment.moa.id.data.AuthenticationRole; +import at.gv.egovernment.moa.id.data.AuthenticationRoleFactory; + +@RunWith(BlockJUnit4ClassRunner.class) +public class AuthenticationRoleFactoryTest { + + @Test + public void simpleRole() { + String role = RandomStringUtils.randomAlphabetic(5); + + AuthenticationRole toCheck = AuthenticationRoleFactory.buildFormPVPole(role); + + assertEquals("wrong role name", role, toCheck.getRoleName()); + assertEquals("wrong raw role", role, toCheck.getRawRoleString()); + assertNull("wrong role attr", toCheck.getParams()); + + } + + @Test + public void complexeRoleEmptyParams() { + String role = RandomStringUtils.randomAlphabetic(5); + String fullRole = role + "()"; + + AuthenticationRole toCheck = AuthenticationRoleFactory.buildFormPVPole(fullRole); + + assertEquals("wrong role name", role, toCheck.getRoleName()); + assertEquals("wrong raw role", fullRole, toCheck.getRawRoleString()); + assertNull("wrong role attr", toCheck.getParams()); + + } + + @Test + public void complexeRoleWithParams() { + String p1 = RandomStringUtils.randomAlphabetic(5); + String v1 = RandomStringUtils.randomAlphabetic(5); + String p2 = RandomStringUtils.randomAlphabetic(5); + String v2 = RandomStringUtils.randomAlphabetic(5); + + String role = RandomStringUtils.randomAlphabetic(5); + String fullRole = role + "(\"" + + p1 + "\"=\"" + v1 + "\"," + + p2 + "\"=\"" + v2 + "\"" + +")"; + + AuthenticationRole toCheck = AuthenticationRoleFactory.buildFormPVPole(fullRole); + + assertEquals("wrong role name", role, toCheck.getRoleName()); + assertEquals("wrong raw role", fullRole, toCheck.getRawRoleString()); + assertNotNull("wrong role attr", toCheck.getParams()); + assertEquals("wrong param size", 2, toCheck.getParams().size()); + + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/MoaStatusMessagerTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/MoaStatusMessagerTest.java new file mode 100644 index 000000000..387aca540 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/MoaStatusMessagerTest.java @@ -0,0 +1,55 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.test.utils; + +import static org.junit.Assert.assertEquals; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + +import at.gv.egiz.eaaf.core.api.IStatusMessenger; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({"/test_ehvd_service_messager_auth.beans.xml"}) +public class MoaStatusMessagerTest { + + @Autowired IStatusMessenger messager; + + + @Test + public void checkErrorCodeMapper() { + assertEquals("default errorcode", "9199", + messager.getResponseErrorCode(new NullPointerException())); + + + assertEquals("new errorCode file", "aabbccdd", + messager.mapInternalErrorToExternalError("test.01")); + assertEquals("new errorCode file", "zzzyyyxxx", + messager.mapInternalErrorToExternalError("test.02")); + + assertEquals("existing errorCode file", "4401", + messager.mapInternalErrorToExternalError("auth.34")); + assertEquals("existing errorCode file", "1101", + messager.mapInternalErrorToExternalError("parser.07")); + + } + + @Test + public void checkErrorMessages() { + assertEquals("new error msg", + "Für den abgefragtem GDA liegt keine Berechtigung vor", messager.getMessage("ehvd.00", null)); + assertEquals("new error msg", + "Allgemeiner Fehler bei der Abfrage des EHVD Service", messager.getMessage("ehvd.99", null)); + + + assertEquals("existing error msg", + "Zertifikat konnte nicht ausgelesen werden.", messager.getMessage("auth.14", null)); + assertEquals("existing error msg", + "\"Issuer\" im AUTH-Block nicht vorhanden.", messager.getMessage("validator.32", null)); + + } + + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/com/github/skjolber/mockito/soap/Soap12EndpointRule.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/com/github/skjolber/mockito/soap/Soap12EndpointRule.java new file mode 100644 index 000000000..547401cc3 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/com/github/skjolber/mockito/soap/Soap12EndpointRule.java @@ -0,0 +1,195 @@ +package com.github.skjolber.mockito.soap; + +import java.io.IOException; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import javax.xml.ws.soap.SOAPBinding; +import javax.xml.ws.spi.Provider; + +import org.apache.cxf.Bus; +import org.apache.cxf.endpoint.EndpointException; +import org.apache.cxf.endpoint.ServerImpl; +import org.apache.cxf.jaxws.EndpointImpl; +import org.apache.cxf.jaxws.JaxWsServerFactoryBean; +import org.apache.cxf.jaxws.support.JaxWsServiceFactoryBean; +import org.apache.cxf.service.ServiceImpl; +import org.apache.cxf.service.model.EndpointInfo; +import org.apache.cxf.transport.ChainInitiationObserver; +import org.apache.cxf.transport.Destination; +import org.apache.cxf.transport.DestinationFactory; +import org.apache.cxf.transport.DestinationFactoryManager; + + +/** + * Fork of {@link SoapEndpointRule} that set <i>endpoint.setBindingUri(SOAPBinding.SOAP12HTTP_BINDING)</i> + * into {@link EndpointImpl}. + * + * @author tlenz + * + */ +public class Soap12EndpointRule extends SoapServerRule { + private static final int PORT_RANGE_START = 1024 + 1; + private static final int PORT_RANGE_END = PortManager.PORT_RANGE_MAX; + + public static Soap12EndpointRule newInstance() { + return new Soap12EndpointRule(); + } + + private final Map<String, EndpointImpl> endpoints = new HashMap<>(); + + private PortManager<Destination> portManager; + + public Soap12EndpointRule() { + this(PORT_RANGE_START, PORT_RANGE_END); + } + + public Soap12EndpointRule(String... portNames) { + this(PORT_RANGE_START, PORT_RANGE_END, portNames); + } + + public Soap12EndpointRule(int portRangeStart, int portRangeEnd, String... portNames) { + portManager = new PortManager<Destination>(portRangeStart, portRangeEnd) { + @Override + public Destination reserve(int port) throws Exception { + return createDestination(port); + } + + @Override + public void release(Destination destination) { + destination.shutdown(); + } + }; + + portManager.add(portNames); + } + + /** + * Returns the port number that was reserved for the given name. + * + * @param portName port name + * @return a valid port number if the port has been reserved, -1 otherwise + */ + public int getPort(String portName) { + return portManager.getPort(portName); + } + + /** + * Returns all port names and respective port numbers. + * + * @return a map of port name and port value (a valid port number if the port + * has been reserved, or -1 otherwise) + */ + public Map<String, Integer> getPorts() { + return portManager.getPorts(); + } + + /** + * Attempt to reserve a port by starting a server. + * + * @param port port to reserve + * @return destination if successful + * @throws IOException + * @throws EndpointException + */ + private Destination createDestination(int port) throws IOException, EndpointException { + final JaxWsServiceFactoryBean jaxWsServiceFactoryBean = new JaxWsServiceFactoryBean(); + + final JaxWsServerFactoryBean serverFactoryBean = new JaxWsServerFactoryBean(jaxWsServiceFactoryBean); + final Bus bus = serverFactoryBean.getBus(); + + final String address = "http://localhost:" + port; + serverFactoryBean.setAddress(address); + + final DestinationFactory destinationFactory = bus.getExtension(DestinationFactoryManager.class) + .getDestinationFactoryForUri(address); + + final EndpointInfo ei = new EndpointInfo(null, Integer.toString(port)); + ei.setAddress(address); + + final Destination destination = destinationFactory.getDestination(ei, bus); + + final ServiceImpl serviceImpl = new ServiceImpl(); + + final org.apache.cxf.endpoint.Endpoint endpoint = new org.apache.cxf.endpoint.EndpointImpl(bus, + serviceImpl, ei); + destination.setMessageObserver(new ChainInitiationObserver(endpoint, bus)); + return destination; + } + + @Override + public <T> void proxy(T target, Class<T> port, String address, String wsdlLocation, + List<String> schemaLocations, Map<String, Object> properties) { + assertValidParams(target, port, address); + + if (endpoints.containsKey(address)) { + throw new IllegalArgumentException("Endpoint " + address + " already exists"); + } + + final T serviceInterface = SoapServiceProxy.newInstance(target); + + final EndpointImpl endpoint = (EndpointImpl) Provider.provider().createEndpoint(null, serviceInterface); + endpoint.setBindingUri(SOAPBinding.SOAP12HTTP_BINDING); + + if (wsdlLocation != null) { + endpoint.setWsdlLocation(wsdlLocation); + } + + if (schemaLocations != null) { + endpoint.setSchemaLocations(schemaLocations); + } + + endpoint.setProperties(processProperties(properties, wsdlLocation, schemaLocations)); + + final Destination destination = portManager.getData(parsePort(address)); + if (destination != null) { + final ServerImpl server = endpoint.getServer(); + server.setDestination(destination); + } + + endpoint.publish(address); + + endpoints.put(address, endpoint); + } + + @Override + protected void before() { + // reserve all ports + portManager.start(); + } + + @Override + protected void after() { + destroy(); + } + + /** + * Stop and remove endpoints, keeping port reservations. + */ + public void clear() { + endpoints.values().forEach(EndpointImpl::stop); + endpoints.clear(); + } + + @Override + public void destroy() { + endpoints.values().forEach(endpoint -> { + endpoint.stop(); + endpoint.getBus().shutdown(true); + }); + endpoints.clear(); + portManager.stop(); + } + + @Override + public void stop() { + endpoints.values().forEach(endpoint -> endpoint.getServer().stop()); + } + + @Override + public void start() { + // republish + endpoints.values().forEach(endpoint -> endpoint.getServer().start()); + } +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config1.properties b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config1.properties new file mode 100644 index 000000000..580af5559 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config1.properties @@ -0,0 +1,11 @@ +modules.ehvd.enabled=true +modules.ehvd.sp.1=aaabbccddeeffgg +modules.ehvd.sp.2=yyasdfasfsa2323 +modules.ehvd.sp.3= +modules.ehvd.sp.4=435344534egewgegf + +modules.ehvd.service.url=http://localhost:1234/ehvd +#modules.ehvd.service.url=https://ehvdwsqs.gesundheit.gv.at + +modules.ehvd.role.pvp=EPI-GDA() +modules.ehvd.service.role.regex=^1\.2\.40\.0\.34\.5\.2\:(100|101|158)$ diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config2.properties b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config2.properties new file mode 100644 index 000000000..4e666c204 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config2.properties @@ -0,0 +1,4 @@ +modules.ehvd.enabled=false +modules.ehvd.sp.1=aaabbccddeeffgg +modules.ehvd.sp.2=yyasdfasfsa2323 +modules.ehvd.sp.3=435344534egewgegf diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config_qs_service.properties b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config_qs_service.properties new file mode 100644 index 000000000..dc8fe54d5 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config_qs_service.properties @@ -0,0 +1,12 @@ +modules.ehvd.enabled=true +modules.ehvd.sp.1=aaabbccddeeffgg +modules.ehvd.sp.2=yyasdfasfsa2323 +modules.ehvd.sp.3= +modules.ehvd.sp.4=435344534egewgegf + +modules.ehvd.service.url=https://ehvdwsqs.gesundheit.gv.at +#modules.ehvd.service.bpk.target= +modules.ehvd.proxy.socks.port=12345 +modules.ehvd.role.pvp=EPI-GDA() +modules.ehvd.service.role.regex=^1\.2\.40\.0\.34\.5\.2\:(100|101|158)$ +#modules.ehvd.service.otherid.prefix=1.2.40.0.34.4.18:
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_qs_service_auth.beans.xml b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_qs_service_auth.beans.xml new file mode 100644 index 000000000..0595d4eb4 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_qs_service_auth.beans.xml @@ -0,0 +1,19 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:tx="http://www.springframework.org/schema/tx" + xmlns:aop="http://www.springframework.org/schema/aop" + xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + + <import resource="classpath:/SpringTest-context_authManager.xml" /> + <import resource="classpath:/moaid_ehvd_service_auth.beans.xml" /> + + <bean id="dummyConfig" class="at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap"> + <constructor-arg name="path" value="/config/config_qs_service.properties" /> + </bean> + +</beans>
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth.beans.xml b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth.beans.xml new file mode 100644 index 000000000..b499ad395 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth.beans.xml @@ -0,0 +1,19 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:tx="http://www.springframework.org/schema/tx" + xmlns:aop="http://www.springframework.org/schema/aop" + xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + + <import resource="classpath:/SpringTest-context_authManager.xml" /> + <import resource="classpath:/moaid_ehvd_service_auth.beans.xml" /> + + <bean id="dummyConfig" class="at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap"> + <constructor-arg name="path" value="/config/config1.properties" /> + </bean> + +</beans>
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth_lazy.beans.xml b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth_lazy.beans.xml new file mode 100644 index 000000000..7116034b7 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth_lazy.beans.xml @@ -0,0 +1,24 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:tx="http://www.springframework.org/schema/tx" + xmlns:aop="http://www.springframework.org/schema/aop" + xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + + <import resource="classpath:/SpringTest-context_authManager.xml" /> + + <bean id="dummyConfig" class="at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap"> + <constructor-arg name="path" value="/config/config2.properties" /> + </bean> + + <beans default-lazy-init="true"> + <bean id="ehvdServiceAuthModule" class="at.gv.egovernment.moa.id.auth.modules.ehvd.EhvdServiceAuthModule"> + <property name="priority" value="4" /> + </bean> + + </beans> +</beans>
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_messager_auth.beans.xml b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_messager_auth.beans.xml new file mode 100644 index 000000000..5d8e03fb5 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_messager_auth.beans.xml @@ -0,0 +1,15 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:tx="http://www.springframework.org/schema/tx" + xmlns:aop="http://www.springframework.org/schema/aop" + xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + + <bean id="testMsgProvider" + class="at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider"/> + +</beans>
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-elga_mandate_service/pom.xml b/id/server/modules/moa-id-module-elga_mandate_service/pom.xml index 46b645403..41da7ff51 100644 --- a/id/server/modules/moa-id-module-elga_mandate_service/pom.xml +++ b/id/server/modules/moa-id-module-elga_mandate_service/pom.xml @@ -3,7 +3,7 @@ <parent> <groupId>MOA.id.server.modules</groupId> <artifactId>moa-id-modules</artifactId> - <version>4.1.5</version> + <version>4.2.0</version> </parent> <artifactId>moa-id-module-elga_mandate_service</artifactId> <version>${moa-id-module-elga_mandate_client}</version> diff --git a/id/server/modules/moa-id-module-openID/pom.xml b/id/server/modules/moa-id-module-openID/pom.xml index 131ae455b..f9ff3333b 100644 --- a/id/server/modules/moa-id-module-openID/pom.xml +++ b/id/server/modules/moa-id-module-openID/pom.xml @@ -3,7 +3,7 @@ <parent> <groupId>MOA.id.server.modules</groupId> <artifactId>moa-id-modules</artifactId> - <version>4.1.5</version> + <version>4.2.0</version> </parent> <artifactId>moa-id-module-openID</artifactId> @@ -38,13 +38,13 @@ <dependency> <groupId>com.google.http-client</groupId> <artifactId>google-http-client-jackson2</artifactId> - <version>1.22.0</version> + <version>1.40.1</version> <scope>test</scope> </dependency> <dependency> <groupId>com.google.oauth-client</groupId> <artifactId>google-oauth-client-jetty</artifactId> - <version>1.22.0</version> + <version>1.32.1</version> <scope>test</scope> <exclusions> <exclusion> @@ -78,7 +78,6 @@ <dependency> <groupId>com.google.guava</groupId> <artifactId>guava</artifactId> - <version>19.0</version> </dependency> <!-- TestNG --> diff --git a/id/server/modules/moa-id-module-sl20_authentication/pom.xml b/id/server/modules/moa-id-module-sl20_authentication/pom.xml index 0dccba648..d3a2cc94e 100644 --- a/id/server/modules/moa-id-module-sl20_authentication/pom.xml +++ b/id/server/modules/moa-id-module-sl20_authentication/pom.xml @@ -5,7 +5,7 @@ <parent> <groupId>MOA.id.server.modules</groupId> <artifactId>moa-id-modules</artifactId> - <version>4.1.5</version> + <version>4.2.0</version> </parent> <artifactId>moa-id-module-sl20_authentication</artifactId> <name>moa-id-module-sl20_authentication</name> @@ -53,20 +53,19 @@ <dependency> <groupId>com.google.code.gson</groupId> <artifactId>gson</artifactId> - <version>2.8.2</version> + <version>2.8.9</version> </dependency> <dependency> <groupId>org.bitbucket.b_c</groupId> <artifactId>jose4j</artifactId> - <version>0.6.3</version> + <version>0.7.9</version> </dependency> - <dependency> - <groupId>org.bouncycastle</groupId> - <artifactId>bcprov-jdk15on</artifactId> - <version>1.52</version> - <!-- <scope>provided</scope> --> -</dependency> + <dependency> + <groupId>org.bouncycastle</groupId> + <artifactId>bcprov-jdk15on</artifactId> + <version>1.70</version> + </dependency> <!-- Dependencies for testing --> diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/SL20JSONExtractorUtils.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/SL20JSONExtractorUtils.java index 759d9c838..6bf297a4e 100644 --- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/SL20JSONExtractorUtils.java +++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/SL20JSONExtractorUtils.java @@ -13,7 +13,6 @@ import org.apache.http.Header; import org.apache.http.HttpEntity; import org.apache.http.HttpResponse; import org.apache.http.client.utils.URIBuilder; -import org.apache.log4j.Logger; import org.jose4j.base64url.Base64Url; import com.google.gson.JsonElement; @@ -23,328 +22,347 @@ import com.google.gson.JsonParser; import at.gv.egovernment.moa.id.auth.modules.sl20_auth.data.VerificationResult; import at.gv.egovernment.moa.id.auth.modules.sl20_auth.exceptions.SL20Exception; import at.gv.egovernment.moa.id.auth.modules.sl20_auth.exceptions.SLCommandoParserException; +import lombok.extern.slf4j.Slf4j; +@Slf4j public class SL20JSONExtractorUtils { - private static final Logger log = Logger.getLogger(SL20JSONExtractorUtils.class); - - /** - * Extract String value from JSON - * - * @param input - * @param keyID - * @param isRequired - * @return - * @throws SLCommandoParserException - */ - public static String getStringValue(JsonObject input, String keyID, boolean isRequired) throws SLCommandoParserException { - try { - JsonElement internal = getAndCheck(input, keyID, isRequired); - - if (internal != null) - return internal.getAsString(); - else - return null; - - } catch (SLCommandoParserException e) { - throw e; - - } catch (Exception e) { - throw new SLCommandoParserException("Can not extract String value with keyId: " + keyID, e); - - } - } - - /** - * Extract Boolean value from JSON - * - * @param input - * @param keyID - * @param isRequired - * @return - * @throws SLCommandoParserException - */ - public static boolean getBooleanValue(JsonObject input, String keyID, boolean isRequired, boolean defaultValue) throws SLCommandoParserException { - try { - JsonElement internal = getAndCheck(input, keyID, isRequired); - - if (internal != null) - return internal.getAsBoolean(); - else - return defaultValue; - - } catch (SLCommandoParserException e) { - throw e; - - } catch (Exception e) { - throw new SLCommandoParserException("Can not extract Boolean value with keyId: " + keyID, e); - - } - } - - /** - * Extract JSONObject value from JSON - * - * @param input - * @param keyID - * @param isRequired - * @return - * @throws SLCommandoParserException - */ - public static JsonObject getJSONObjectValue(JsonObject input, String keyID, boolean isRequired) throws SLCommandoParserException { - try { - JsonElement internal = getAndCheck(input, keyID, isRequired); - - if (internal != null) - return internal.getAsJsonObject(); - else - return null; - - } catch (SLCommandoParserException e) { - throw e; - - } catch (Exception e) { - throw new SLCommandoParserException("Can not extract Boolean value with keyId: " + keyID, e); - - } - } - - /** - * Extract a List of String elements from a JSON element - * - * @param input - * @return - * @throws SLCommandoParserException - */ - public static List<String> getListOfStringElements(JsonElement input) throws SLCommandoParserException { - List<String> result = new ArrayList<String>(); - if (input != null) { - if (input.isJsonArray()) { - Iterator<JsonElement> arrayIterator = input.getAsJsonArray().iterator(); - while(arrayIterator.hasNext()) { - JsonElement next = arrayIterator.next(); - if (next.isJsonPrimitive()) - result.add(next.getAsString()); - } - - } else if (input.isJsonPrimitive()) { - result.add(input.getAsString()); - - } else { - log.warn("JSON Element IS NOT a JSON array or a JSON Primitive"); - throw new SLCommandoParserException("JSON Element IS NOT a JSON array or a JSON Primitive"); - - } - } - - return result; - } - - /** - * Extract Map of Key/Value pairs from a JSON Element - * - * @param input parent JSON object - * @param keyID KeyId of the child that should be parsed - * @param isRequired - * @return - * @throws SLCommandoParserException - */ - public static Map<String, String> getMapOfStringElements(JsonObject input, String keyID, boolean isRequired) throws SLCommandoParserException { - JsonElement internal = getAndCheck(input, keyID, isRequired); - return getMapOfStringElements(internal); - - } - - /** - * Extract Map of Key/Value pairs from a JSON Element - * - * @param input - * @return - * @throws SLCommandoParserException - */ - public static Map<String, String> getMapOfStringElements(JsonElement input) throws SLCommandoParserException { - Map<String, String> result = new HashMap<String, String>(); - - if (input != null) { - if (input.isJsonArray()) { - Iterator<JsonElement> arrayIterator = input.getAsJsonArray().iterator(); - while(arrayIterator.hasNext()) { - JsonElement next = arrayIterator.next(); - Iterator<Entry<String, JsonElement>> entry = next.getAsJsonObject().entrySet().iterator(); - entitySetToMap(result, entry); - - } - - } else if (input.isJsonObject()) { - Iterator<Entry<String, JsonElement>> objectKeys = input.getAsJsonObject().entrySet().iterator(); - entitySetToMap(result, objectKeys); - - } else - throw new SLCommandoParserException("JSON Element IS NOT a JSON array or a JSON object"); - - } - - return result; - } - - private static void entitySetToMap(Map<String, String> result, Iterator<Entry<String, JsonElement>> entry) { - while (entry.hasNext()) { - Entry<String, JsonElement> el = entry.next(); - if (result.containsKey(el.getKey())) - log.info("Attr. Map already contains Element with Key: " + el.getKey() + ". Overwrite element ... "); - - result.put(el.getKey(), el.getValue().getAsString()); - - } - - } - - - public static JsonElement extractSL20Result(JsonObject command, IJOSETools decrypter, boolean mustBeEncrypted) throws SL20Exception { - JsonElement result = command.get(SL20Constants.SL20_COMMAND_CONTAINER_RESULT); - JsonElement encryptedResult = command.get(SL20Constants.SL20_COMMAND_CONTAINER_ENCRYPTEDRESULT); - - if (result == null && encryptedResult == null) - throw new SLCommandoParserException("NO result OR encryptedResult FOUND."); - - else if (encryptedResult == null && mustBeEncrypted) - throw new SLCommandoParserException("result MUST be signed."); - - else if (encryptedResult != null && encryptedResult.isJsonPrimitive()) { - try { - return decrypter.decryptPayload(encryptedResult.getAsString()); - - } catch (Exception e) { - log.info("Can NOT decrypt SL20 result. Reason:" + e.getMessage()); - if (!mustBeEncrypted) { - log.warn("Decrypted results are disabled by configuration. Parse result in plain if it is possible"); - - //dummy code - try { - String[] signedPayload = encryptedResult.toString().split("\\."); - JsonElement payLoad = new JsonParser().parse(new String(Base64.getUrlDecoder().decode(signedPayload[1]))); - return payLoad; - - } catch (Exception e1) { - log.debug("DummyCode FAILED, Reason: " + e1.getMessage() + " Ignore it ..."); - throw new SL20Exception(e.getMessage(), null, e); - - } - - } else - throw e; - - } - - } else if (result != null) { - return result; - - } else - throw new SLCommandoParserException("Internal build error"); - - - } - - /** - * Extract payLoad from generic transport container - * - * @param container - * @param joseTools - * @return - * @throws SLCommandoParserException - */ - public static VerificationResult extractSL20PayLoad(JsonObject container, IJOSETools joseTools, boolean mustBeSigned) throws SL20Exception { - - JsonElement sl20Payload = container.get(SL20Constants.SL20_PAYLOAD); - JsonElement sl20SignedPayload = container.get(SL20Constants.SL20_SIGNEDPAYLOAD); - - if (mustBeSigned && joseTools == null) - throw new SLCommandoParserException("'joseTools' MUST be set if 'mustBeSigned' is 'true'"); - - if (sl20Payload == null && sl20SignedPayload == null) - throw new SLCommandoParserException("NO payLoad OR signedPayload FOUND."); - - else if (sl20SignedPayload == null && mustBeSigned) - throw new SLCommandoParserException("payLoad MUST be signed."); - - else if (joseTools != null && sl20SignedPayload != null && sl20SignedPayload.isJsonPrimitive()) { - return joseTools.validateSignature(sl20SignedPayload.getAsString()); - - } else if (sl20Payload != null) - return new VerificationResult(sl20Payload.getAsJsonObject()); - - else - throw new SLCommandoParserException("Internal build error"); - - - } - - - /** - * Extract generic transport container from httpResponse - * - * @param httpResp - * @return - * @throws SLCommandoParserException - */ - public static JsonObject getSL20ContainerFromResponse(HttpResponse httpResp) throws SLCommandoParserException { - try { - JsonObject sl20Resp = null; - if (httpResp.getStatusLine().getStatusCode() == 307) { - Header[] locationHeader = httpResp.getHeaders("Location"); - if (locationHeader == null) - throw new SLCommandoParserException("Find Redirect statuscode but not Location header"); - - String sl20RespString = new URIBuilder(locationHeader[0].getValue()).getQueryParams().get(0).getValue(); - sl20Resp = new JsonParser().parse(Base64Url.encode((sl20RespString.getBytes()))).getAsJsonObject(); - - } else if (httpResp.getStatusLine().getStatusCode() == 200) { - if (!httpResp.getEntity().getContentType().getValue().startsWith("application/json")) - throw new SLCommandoParserException("SL20 response with a wrong ContentType: " + httpResp.getEntity().getContentType().getValue()); - sl20Resp = parseSL20ResultFromResponse(httpResp.getEntity()); - - } else if ( (httpResp.getStatusLine().getStatusCode() == 500) || - (httpResp.getStatusLine().getStatusCode() == 401) || - (httpResp.getStatusLine().getStatusCode() == 400) ) { - log.info("SL20 response with http-code: " + httpResp.getStatusLine().getStatusCode() - + ". Search for error message"); - sl20Resp = parseSL20ResultFromResponse(httpResp.getEntity()); - - - } else - throw new SLCommandoParserException("SL20 response with http-code: " + httpResp.getStatusLine().getStatusCode()); - - log.info("Find JSON object in http response"); - return sl20Resp; - - } catch (Exception e) { - throw new SLCommandoParserException("SL20 response parsing FAILED! Reason: " + e.getMessage(), e); - - } - } - - private static JsonObject parseSL20ResultFromResponse(HttpEntity resp) throws Exception { - if (resp != null && resp.getContent() != null) { - JsonElement sl20Resp = new JsonParser().parse(new InputStreamReader(resp.getContent())); - if (sl20Resp != null && sl20Resp.isJsonObject()) { - return sl20Resp.getAsJsonObject(); - - } else - throw new SLCommandoParserException("SL2.0 can NOT parse to a JSON object"); - - - } else - throw new SLCommandoParserException("Can NOT find content in http response"); - - } - - - private static JsonElement getAndCheck(JsonObject input, String keyID, boolean isRequired) throws SLCommandoParserException { - JsonElement internal = input.get(keyID); - - if (internal == null && isRequired) - throw new SLCommandoParserException("REQUIRED Element with keyId: " + keyID + " does not exist"); - - return internal; - - } + + /** + * Extract String value from JSON + * + * @param input + * @param keyID + * @param isRequired + * @return + * @throws SLCommandoParserException + */ + public static String getStringValue(JsonObject input, String keyID, boolean isRequired) + throws SLCommandoParserException { + try { + final JsonElement internal = getAndCheck(input, keyID, isRequired); + + if (internal != null) { + return internal.getAsString(); + } else { + return null; + } + + } catch (final SLCommandoParserException e) { + throw e; + + } catch (final Exception e) { + throw new SLCommandoParserException("Can not extract String value with keyId: " + keyID, e); + + } + } + + /** + * Extract Boolean value from JSON + * + * @param input + * @param keyID + * @param isRequired + * @return + * @throws SLCommandoParserException + */ + public static boolean getBooleanValue(JsonObject input, String keyID, boolean isRequired, + boolean defaultValue) throws SLCommandoParserException { + try { + final JsonElement internal = getAndCheck(input, keyID, isRequired); + + if (internal != null) { + return internal.getAsBoolean(); + } else { + return defaultValue; + } + + } catch (final SLCommandoParserException e) { + throw e; + + } catch (final Exception e) { + throw new SLCommandoParserException("Can not extract Boolean value with keyId: " + keyID, e); + + } + } + + /** + * Extract JSONObject value from JSON + * + * @param input + * @param keyID + * @param isRequired + * @return + * @throws SLCommandoParserException + */ + public static JsonObject getJSONObjectValue(JsonObject input, String keyID, boolean isRequired) + throws SLCommandoParserException { + try { + final JsonElement internal = getAndCheck(input, keyID, isRequired); + + if (internal != null) { + return internal.getAsJsonObject(); + } else { + return null; + } + + } catch (final SLCommandoParserException e) { + throw e; + + } catch (final Exception e) { + throw new SLCommandoParserException("Can not extract Boolean value with keyId: " + keyID, e); + + } + } + + /** + * Extract a List of String elements from a JSON element + * + * @param input + * @return + * @throws SLCommandoParserException + */ + public static List<String> getListOfStringElements(JsonElement input) throws SLCommandoParserException { + final List<String> result = new ArrayList<>(); + if (input != null) { + if (input.isJsonArray()) { + final Iterator<JsonElement> arrayIterator = input.getAsJsonArray().iterator(); + while (arrayIterator.hasNext()) { + final JsonElement next = arrayIterator.next(); + if (next.isJsonPrimitive()) { + result.add(next.getAsString()); + } + } + + } else if (input.isJsonPrimitive()) { + result.add(input.getAsString()); + + } else { + log.warn("JSON Element IS NOT a JSON array or a JSON Primitive"); + throw new SLCommandoParserException("JSON Element IS NOT a JSON array or a JSON Primitive"); + + } + } + + return result; + } + + /** + * Extract Map of Key/Value pairs from a JSON Element + * + * @param input parent JSON object + * @param keyID KeyId of the child that should be parsed + * @param isRequired + * @return + * @throws SLCommandoParserException + */ + public static Map<String, String> getMapOfStringElements(JsonObject input, String keyID, boolean isRequired) + throws SLCommandoParserException { + final JsonElement internal = getAndCheck(input, keyID, isRequired); + return getMapOfStringElements(internal); + + } + + /** + * Extract Map of Key/Value pairs from a JSON Element + * + * @param input + * @return + * @throws SLCommandoParserException + */ + public static Map<String, String> getMapOfStringElements(JsonElement input) + throws SLCommandoParserException { + final Map<String, String> result = new HashMap<>(); + + if (input != null) { + if (input.isJsonArray()) { + final Iterator<JsonElement> arrayIterator = input.getAsJsonArray().iterator(); + while (arrayIterator.hasNext()) { + final JsonElement next = arrayIterator.next(); + final Iterator<Entry<String, JsonElement>> entry = next.getAsJsonObject().entrySet().iterator(); + entitySetToMap(result, entry); + + } + + } else if (input.isJsonObject()) { + final Iterator<Entry<String, JsonElement>> objectKeys = input.getAsJsonObject().entrySet().iterator(); + entitySetToMap(result, objectKeys); + + } else { + throw new SLCommandoParserException("JSON Element IS NOT a JSON array or a JSON object"); + } + + } + + return result; + } + + private static void entitySetToMap(Map<String, String> result, Iterator<Entry<String, JsonElement>> entry) { + while (entry.hasNext()) { + final Entry<String, JsonElement> el = entry.next(); + if (result.containsKey(el.getKey())) { + log.info("Attr. Map already contains Element with Key: " + el.getKey() + ". Overwrite element ... "); + } + + result.put(el.getKey(), el.getValue().getAsString()); + + } + + } + + public static JsonElement extractSL20Result(JsonObject command, IJOSETools decrypter, + boolean mustBeEncrypted) throws SL20Exception { + final JsonElement result = command.get(SL20Constants.SL20_COMMAND_CONTAINER_RESULT); + final JsonElement encryptedResult = command.get(SL20Constants.SL20_COMMAND_CONTAINER_ENCRYPTEDRESULT); + + if (result == null && encryptedResult == null) { + throw new SLCommandoParserException("NO result OR encryptedResult FOUND."); + } else if (encryptedResult == null && mustBeEncrypted) { + throw new SLCommandoParserException("result MUST be signed."); + } else if (encryptedResult != null && encryptedResult.isJsonPrimitive()) { + try { + return decrypter.decryptPayload(encryptedResult.getAsString()); + + } catch (final Exception e) { + log.info("Can NOT decrypt SL20 result. Reason:" + e.getMessage()); + if (!mustBeEncrypted) { + log.warn( + "Decrypted results are disabled by configuration. Parse result in plain if it is possible"); + + // dummy code + try { + final String[] signedPayload = encryptedResult.toString().split("\\."); + final JsonElement payLoad = new JsonParser().parse(new String(Base64.getUrlDecoder().decode( + signedPayload[1]))); + return payLoad; + + } catch (final Exception e1) { + log.debug("DummyCode FAILED, Reason: " + e1.getMessage() + " Ignore it ..."); + throw new SL20Exception(e.getMessage(), null, e); + + } + + } else { + throw e; + } + + } + + } else if (result != null) { + return result; + + } else { + throw new SLCommandoParserException("Internal build error"); + } + + } + + /** + * Extract payLoad from generic transport container + * + * @param container + * @param joseTools + * @return + * @throws SLCommandoParserException + */ + public static VerificationResult extractSL20PayLoad(JsonObject container, IJOSETools joseTools, + boolean mustBeSigned) throws SL20Exception { + + final JsonElement sl20Payload = container.get(SL20Constants.SL20_PAYLOAD); + final JsonElement sl20SignedPayload = container.get(SL20Constants.SL20_SIGNEDPAYLOAD); + + if (mustBeSigned && joseTools == null) { + throw new SLCommandoParserException("'joseTools' MUST be set if 'mustBeSigned' is 'true'"); + } + + if (sl20Payload == null && sl20SignedPayload == null) { + throw new SLCommandoParserException("NO payLoad OR signedPayload FOUND."); + } else if (sl20SignedPayload == null && mustBeSigned) { + throw new SLCommandoParserException("payLoad MUST be signed."); + } else if (joseTools != null && sl20SignedPayload != null && sl20SignedPayload.isJsonPrimitive()) { + return joseTools.validateSignature(sl20SignedPayload.getAsString()); + + } else if (sl20Payload != null) { + return new VerificationResult(sl20Payload.getAsJsonObject()); + } else { + throw new SLCommandoParserException("Internal build error"); + } + + } + + /** + * Extract generic transport container from httpResponse + * + * @param httpResp + * @return + * @throws SLCommandoParserException + */ + public static JsonObject getSL20ContainerFromResponse(HttpResponse httpResp) + throws SLCommandoParserException { + try { + JsonObject sl20Resp = null; + if (httpResp.getStatusLine().getStatusCode() == 307) { + final Header[] locationHeader = httpResp.getHeaders("Location"); + if (locationHeader == null) { + throw new SLCommandoParserException("Find Redirect statuscode but not Location header"); + } + + final String sl20RespString = new URIBuilder(locationHeader[0].getValue()).getQueryParams().get(0) + .getValue(); + sl20Resp = new JsonParser().parse(Base64Url.encode(sl20RespString.getBytes())).getAsJsonObject(); + + } else if (httpResp.getStatusLine().getStatusCode() == 200) { + if (!httpResp.getEntity().getContentType().getValue().startsWith("application/json")) { + throw new SLCommandoParserException("SL20 response with a wrong ContentType: " + httpResp + .getEntity().getContentType().getValue()); + } + sl20Resp = parseSL20ResultFromResponse(httpResp.getEntity()); + + } else if (httpResp.getStatusLine().getStatusCode() == 500 || + httpResp.getStatusLine().getStatusCode() == 401 || + httpResp.getStatusLine().getStatusCode() == 400) { + log.info("SL20 response with http-code: " + httpResp.getStatusLine().getStatusCode() + + ". Search for error message"); + sl20Resp = parseSL20ResultFromResponse(httpResp.getEntity()); + + } else { + throw new SLCommandoParserException("SL20 response with http-code: " + httpResp.getStatusLine() + .getStatusCode()); + } + + log.info("Find JSON object in http response"); + return sl20Resp; + + } catch (final Exception e) { + throw new SLCommandoParserException("SL20 response parsing FAILED! Reason: " + e.getMessage(), e); + + } + } + + private static JsonObject parseSL20ResultFromResponse(HttpEntity resp) throws Exception { + if (resp != null && resp.getContent() != null) { + final JsonElement sl20Resp = new JsonParser().parse(new InputStreamReader(resp.getContent())); + if (sl20Resp != null && sl20Resp.isJsonObject()) { + return sl20Resp.getAsJsonObject(); + + } else { + throw new SLCommandoParserException("SL2.0 can NOT parse to a JSON object"); + } + + } else { + throw new SLCommandoParserException("Can NOT find content in http response"); + } + + } + + private static JsonElement getAndCheck(JsonObject input, String keyID, boolean isRequired) + throws SLCommandoParserException { + final JsonElement internal = input.get(keyID); + + if (internal == null && isRequired) { + throw new SLCommandoParserException("REQUIRED Element with keyId: " + keyID + " does not exist"); + } + + return internal; + + } } diff --git a/id/server/modules/moa-id-module-ssoTransfer/pom.xml b/id/server/modules/moa-id-module-ssoTransfer/pom.xml index d0869994b..70db729e1 100644 --- a/id/server/modules/moa-id-module-ssoTransfer/pom.xml +++ b/id/server/modules/moa-id-module-ssoTransfer/pom.xml @@ -3,7 +3,7 @@ <parent> <groupId>MOA.id.server.modules</groupId> <artifactId>moa-id-modules</artifactId> - <version>4.1.5</version> + <version>4.2.0</version> </parent> <artifactId>moa-id-module-ssoTransfer</artifactId> <name>MOA-ID_SSO_Transfer_modul</name> @@ -36,14 +36,14 @@ <dependency> <groupId>org.bouncycastle</groupId> <artifactId>bcprov-jdk15on</artifactId> - <version>1.52</version> + <version>1.70</version> <!-- <scope>provided</scope> --> </dependency> <dependency> <groupId>org.bouncycastle</groupId> <artifactId>bcpkix-jdk15on</artifactId> - <version>1.52</version> + <version>1.70</version> </dependency> <dependency> diff --git a/id/server/modules/moa-id-modules-federated_authentication/pom.xml b/id/server/modules/moa-id-modules-federated_authentication/pom.xml index 1148ab31c..4e72ede0c 100644 --- a/id/server/modules/moa-id-modules-federated_authentication/pom.xml +++ b/id/server/modules/moa-id-modules-federated_authentication/pom.xml @@ -3,7 +3,7 @@ <parent> <groupId>MOA.id.server.modules</groupId> <artifactId>moa-id-modules</artifactId> - <version>4.1.5</version> + <version>4.2.0</version> </parent> <artifactId>moa-id-modules-federated_authentication</artifactId> <description>PVP2 ServiceProvider implementation for federated authentication</description> diff --git a/id/server/modules/moa-id-modules-saml1/pom.xml b/id/server/modules/moa-id-modules-saml1/pom.xml index d2cd5686e..a05794be6 100644 --- a/id/server/modules/moa-id-modules-saml1/pom.xml +++ b/id/server/modules/moa-id-modules-saml1/pom.xml @@ -3,7 +3,7 @@ <parent> <groupId>MOA.id.server.modules</groupId> <artifactId>moa-id-modules</artifactId> - <version>4.1.5</version> + <version>4.2.0</version> </parent> <artifactId>moa-id-module-saml1</artifactId> diff --git a/id/server/modules/module-monitoring/pom.xml b/id/server/modules/module-monitoring/pom.xml index 5b19d44c0..cd9c1087e 100644 --- a/id/server/modules/module-monitoring/pom.xml +++ b/id/server/modules/module-monitoring/pom.xml @@ -5,7 +5,7 @@ <parent> <groupId>MOA.id.server.modules</groupId> <artifactId>moa-id-modules</artifactId> - <version>4.1.5</version> + <version>4.2.0</version> </parent> <artifactId>moa-id-module-monitoring</artifactId> diff --git a/id/server/modules/pom.xml b/id/server/modules/pom.xml index d2bce7b0d..7fd7107e9 100644 --- a/id/server/modules/pom.xml +++ b/id/server/modules/pom.xml @@ -5,7 +5,7 @@ <parent> <groupId>MOA.id</groupId> <artifactId>moa-id</artifactId> - <version>4.1.5</version> + <version>4.2.0</version> </parent> <groupId>MOA.id.server.modules</groupId> @@ -36,7 +36,10 @@ <module>moa-id-module-sl20_authentication</module> <module>moa-id-module-AT_eIDAS_connector</module> - <module>moa-id-module-E-ID_connector</module> + <module>moa-id-module-E-ID_connector</module> + <module>moa-id-module-dummyAuth</module> + <module>moa-id-module-ehvd_integration</module> + </modules> <dependencies> |