aboutsummaryrefslogtreecommitdiff
path: root/id/server/stork2-saml-engine/src/test
diff options
context:
space:
mode:
authorFlorian Reimair <florian.reimair@iaik.tugraz.at>2014-03-20 11:43:22 +0100
committerFlorian Reimair <florian.reimair@iaik.tugraz.at>2014-03-20 11:48:44 +0100
commite6144cfe09bb148638911660eeb492fee7ab8079 (patch)
tree99046bf1100b922eae9265efcb0ca1065bba1638 /id/server/stork2-saml-engine/src/test
parent2b076809c0a021d13cac226a5b648af9577f5ab4 (diff)
downloadmoa-id-spss-e6144cfe09bb148638911660eeb492fee7ab8079.tar.gz
moa-id-spss-e6144cfe09bb148638911660eeb492fee7ab8079.tar.bz2
moa-id-spss-e6144cfe09bb148638911660eeb492fee7ab8079.zip
fixed serializable issues in stork2-commons
Diffstat (limited to 'id/server/stork2-saml-engine/src/test')
-rw-r--r--id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/SSETestUtils.java173
-rw-r--r--id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/SimpleBaseTest.java64
-rw-r--r--id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAttrQueryRequestTest.java864
-rw-r--r--id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAttrQueryResponseTest.java1085
-rw-r--r--id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAuthRequestTest.java968
-rw-r--r--id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkLogoutRequestTest.java89
-rw-r--r--id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkLogoutResponseTest.java142
-rw-r--r--id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkNewResponseTest.java533
-rw-r--r--id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkResponseTest.java935
-rw-r--r--id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/package-info.java20
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/SamlEngine.xml67
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/SignModule_Conf0.xml21
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/SignModule_Conf1.xml12
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/SignModule_Conf2.xml12
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/SignModule_Conf3.xml12
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/SignModule_P11.xml11
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf0.xml87
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf1.xml85
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf2.xml60
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf3.xml57
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequest.xml82
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestSdoc.xml15
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestTagDelete.xml66
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryResponse.xml124
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequest.xml72
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDelete.xml47
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDeleteEncoded.xml47
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/logback-test.xml21
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/p11Conf.cfg24
29 files changed, 5795 insertions, 0 deletions
diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/SSETestUtils.java b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/SSETestUtils.java
new file mode 100644
index 000000000..eb885eea9
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/SSETestUtils.java
@@ -0,0 +1,173 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.test.simple;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.StringWriter;
+
+import javax.xml.XMLConstants;
+import javax.xml.parsers.ParserConfigurationException;
+import javax.xml.transform.OutputKeys;
+import javax.xml.transform.Transformer;
+import javax.xml.transform.TransformerException;
+import javax.xml.transform.TransformerFactory;
+import javax.xml.transform.dom.DOMSource;
+import javax.xml.transform.stream.StreamResult;
+
+import org.apache.commons.io.IOUtils;
+import org.bouncycastle.util.encoders.Base64;
+import org.opensaml.Configuration;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.io.Marshaller;
+import org.opensaml.xml.io.MarshallerFactory;
+import org.opensaml.xml.io.MarshallingException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+
+/**
+ * The Class SSETestUtils.
+ */
+public final class SSETestUtils {
+
+
+ /** The Constant LOG. */
+ private static final Logger LOG = LoggerFactory
+ .getLogger(SSETestUtils.class.getName());
+
+ /**
+ * Instantiates a new sSE test utils.
+ */
+ private SSETestUtils() {
+ }
+
+ /**
+ * Prints the tree DOM.
+ *
+ * @param samlToken the SAML token
+ * @param isIndent the is indent
+ *
+ * @return the string
+ * @throws TransformerException the exception
+ */
+ public static String printTreeDOM(final Element samlToken, final boolean isIndent) throws TransformerException {
+ // set up a transformer
+ final TransformerFactory transfac = TransformerFactory.newInstance();
+ final Transformer trans = transfac.newTransformer();
+ trans.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes");
+ trans.setOutputProperty(OutputKeys.INDENT, String.valueOf(isIndent));
+
+ // create string from XML tree
+ final StringWriter stringWriter = new StringWriter();
+ final StreamResult result = new StreamResult(stringWriter);
+ final DOMSource source = new DOMSource(samlToken);
+ trans.transform(source, result);
+ final String xmlString = stringWriter.toString();
+
+ return xmlString;
+ }
+
+ /**
+ * Marshall.
+ *
+ * @param samlToken the SAML token
+ *
+ * @return the byte[]
+ *
+ * @throws MarshallingException the marshalling exception
+ * @throws ParserConfigurationException the parser configuration exception
+ * @throws TransformerException the transformer exception
+ */
+ public static byte[] marshall(final XMLObject samlToken)
+ throws MarshallingException, ParserConfigurationException,
+ TransformerException {
+
+ final javax.xml.parsers.DocumentBuilderFactory dbf = javax.xml.parsers.DocumentBuilderFactory
+ .newInstance();
+ dbf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
+ dbf.setNamespaceAware(true);
+ dbf.setIgnoringComments(true);
+ final javax.xml.parsers.DocumentBuilder docBuild = dbf
+ .newDocumentBuilder();
+
+ // Get the marshaller factory
+ final MarshallerFactory marshallerFactory = Configuration
+ .getMarshallerFactory();
+
+ // Get the Subject marshaller
+ final Marshaller marshaller = marshallerFactory
+ .getMarshaller(samlToken);
+
+ final Document doc = docBuild.newDocument();
+
+ // Marshall the SAML token
+ marshaller.marshall(samlToken, doc);
+
+ // Obtain a byte array representation of the marshalled SAML object
+ final DOMSource domSource = new DOMSource(doc);
+ final StringWriter writer = new StringWriter();
+ final StreamResult result = new StreamResult(writer);
+ final TransformerFactory transFact = TransformerFactory.newInstance();
+ final Transformer transformer = transFact.newTransformer();
+ transformer.transform(domSource, result);
+
+ return writer.toString().getBytes();
+ }
+
+ /**
+ * Encode SAML token.
+ *
+ * @param samlToken the SAML token
+ *
+ * @return the string
+ */
+ public static String encodeSAMLToken(final byte[] samlToken) {
+ return new String(Base64.encode(samlToken));
+ }
+
+ /**
+ * Read stork SAML from file.
+ *
+ * @param resource the resource
+ *
+ * @return the byte[]
+ * @throws IOException the exception
+ *
+ */
+ public static byte[] readStorkSamlFromFile(final String resource)
+ throws IOException {
+ InputStream inputStream = null;
+ byte[] bytes;
+
+ try {
+ inputStream = StorkAuthRequestTest.class
+ .getResourceAsStream(resource);
+
+ // Create the byte array to hold the data
+ bytes = new byte[(int) inputStream.available()];
+ inputStream.read(bytes);
+ } catch (IOException e) {
+ LOG.error("Error read from file: " + resource);
+ throw e;
+ } finally {
+ IOUtils.closeQuietly(inputStream);
+ }
+ return bytes;
+
+ }
+}
diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/SimpleBaseTest.java b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/SimpleBaseTest.java
new file mode 100644
index 000000000..c52b8a779
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/SimpleBaseTest.java
@@ -0,0 +1,64 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.test.simple;
+
+import org.junit.Test;
+
+import junit.framework.Assert;
+import junit.framework.TestCase;
+import eu.stork.peps.auth.engine.STORKSAMLEngine;
+
+/**
+ * The Class SimpleBaseTest. Defines a set of test the initialization of the
+ * SAML engine.
+ */
+@SuppressWarnings("deprecation")
+public class SimpleBaseTest extends TestCase {
+
+ /**
+ * Test SAML engine correct configuration name.
+ */
+
+ @Test
+ public final void testSamlEngineCorrectInit() {
+ Assert.assertNotNull(STORKSAMLEngine.getInstance("CONF1"));
+ }
+
+ /**
+ * Test SAML engine error configuration name.
+ */
+ @Test
+ public final void testSamlEngineErrorNameConf() {
+ Assert.assertNull(STORKSAMLEngine.getInstance("CONF_ERROR"));
+ }
+
+ /**
+ * Test SAML engine error name null.
+ */
+ @Test
+ public final void testSamlEngineErrorNameNull() {
+ Assert.assertNull(STORKSAMLEngine.getInstance(null));
+ }
+
+ /**
+ * Test SAML engine correct name configuration with spaces.
+ */
+ @Test
+ public final void testSamlEngineErrorNameSpaces() {
+ Assert.assertNotNull(STORKSAMLEngine.getInstance(" CONF1 "));
+ }
+
+}
diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAttrQueryRequestTest.java b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAttrQueryRequestTest.java
new file mode 100644
index 000000000..0eda1bfbf
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAttrQueryRequestTest.java
@@ -0,0 +1,864 @@
+package eu.stork.peps.test.simple;
+
+import static org.junit.Assert.*;
+
+import java.io.*;
+import java.util.ArrayList;
+import java.util.Arrays;
+
+import org.junit.Ignore;
+import org.junit.Test;
+import org.opensaml.xml.parse.BasicParserPool;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import eu.stork.peps.auth.commons.IPersonalAttributeList;
+import eu.stork.peps.auth.commons.PersonalAttribute;
+import eu.stork.peps.auth.commons.PersonalAttributeList;
+import eu.stork.peps.auth.commons.STORKAttrQueryRequest;
+import eu.stork.peps.auth.engine.STORKSAMLEngine;
+import eu.stork.peps.exceptions.STORKSAMLEngineException;
+
+public class StorkAttrQueryRequestTest {
+
+ /** The engines. */
+ private static STORKSAMLEngine engine = STORKSAMLEngine.getInstance("CONF1");
+ private static STORKSAMLEngine engine0 = STORKSAMLEngine.getInstance("CONF0");
+ private static STORKSAMLEngine engine2 = STORKSAMLEngine.getInstance("CONF2");
+ private static STORKSAMLEngine engine3 = STORKSAMLEngine.getInstance("CONF3");
+
+
+ /**
+ * Instantiates a new stork authentication request test.
+ */
+ public StorkAttrQueryRequestTest() {
+ pal = new PersonalAttributeList();
+
+ final PersonalAttribute isAgeOver = new PersonalAttribute();
+ isAgeOver.setName("isAgeOver");
+ isAgeOver.setIsRequired(true);
+ final ArrayList<String> ages = new ArrayList<String>();
+ ages.add("16");
+ ages.add("18");
+ isAgeOver.setValue(ages);
+ pal.add(isAgeOver);
+
+ final PersonalAttribute dateOfBirth = new PersonalAttribute();
+ dateOfBirth.setName("dateOfBirth");
+ dateOfBirth.setIsRequired(false);
+ pal.add(dateOfBirth);
+
+ final PersonalAttribute eIDNumber = new PersonalAttribute();
+ eIDNumber.setName("eIdentifier");
+ eIDNumber.setIsRequired(true);
+ eIDNumber.setValue(Arrays.asList("ES/IS/1234567890"));
+ pal.add(eIDNumber);
+
+ final PersonalAttribute givenName = new PersonalAttribute();
+ givenName.setName("givenName");
+ givenName.setIsRequired(true);
+ givenName.setValue(Arrays.asList("Sveinbjorn"));
+ pal.add(givenName);
+
+ destination = "http://A-PEPS.gov.xx/PEPS/AttributeColleagueRequest";
+ assertConsumerUrl = "http://S-PEPS.gov.xx/PEPS/ColleagueResponse";
+ //spName = "University of Oxford";
+ spSector = "EDU001";
+ spInstitution = "OXF001";
+ spApplication = "APP001";
+ spCountry = "IS";
+
+ spId = "EDU001-OXF001-APP001";
+
+ }
+
+ /** The destination. */
+ private String destination;
+
+ /** The service provider sector. */
+ private String spSector;
+
+ /** The service provider institution. */
+ private String spInstitution;
+
+ /** The service provider application. */
+ private String spApplication;
+
+ /** The service provider country. */
+ private String spCountry;
+
+ /** The service provider id. */
+ private String spId;
+
+ /** The assertion consumer URL. */
+ private String assertConsumerUrl;
+
+ /** The quality authentication assurance level. */
+ private static final int QAAL = 3;
+
+ /** The List of Personal Attributes. */
+ private IPersonalAttributeList pal;
+
+ /** The attribute query request. */
+ private static byte[] attrRequest;
+
+ /** The Constant LOG. */
+ private static final Logger LOG = LoggerFactory
+ .getLogger(StorkAttrQueryRequestTest.class.getName());
+
+ /** Parser manager used to parse XML. */
+ private static BasicParserPool parser;
+
+ static {
+ parser = new BasicParserPool();
+ parser.setNamespaceAware(true);
+ }
+
+ /**
+ * Test generate authentication request.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test
+ public final void testGenerateAttrQueryRequest() throws STORKSAMLEngineException {
+
+ final STORKAttrQueryRequest request = new STORKAttrQueryRequest();
+
+ request.setDestination(destination);
+ request.setQaa(QAAL);
+ request.setPersonalAttributeList(pal);
+
+ // new parameters
+ request.setEIDSectorShare(false);
+ request.setEIDCrossSectorShare(false);
+ request.setEIDCrossBorderShare(false);
+ request.setAssertionConsumerServiceURL(assertConsumerUrl);
+ request.setSpCountry(spCountry);
+
+ STORKAttrQueryRequest req1 = engine0.generateSTORKAttrQueryRequest(request);
+ byte[] reqByte = req1.getTokenSaml();
+ FileOutputStream output = null;
+
+ try {
+ output = new FileOutputStream(new File(System.getProperty("user.dir") + "/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequest.xml"));
+ } catch (FileNotFoundException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ try {
+ output.write(reqByte);
+ } catch (IOException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+
+ LOG.info("STORKAttrQueryRequest 1: " + SSETestUtils.encodeSAMLToken(engine.generateSTORKAttrQueryRequest(request).getTokenSaml()));
+
+ request.setCitizenCountryCode("IS");
+ LOG.info("STORKAttrQueryRequest 2: " + SSETestUtils.encodeSAMLToken(engine.generateSTORKAttrQueryRequest(request).getTokenSaml()));
+ }
+
+ /**
+ * Test generate authentication request error personal attribute name error.
+ */
+ @Test
+ public final void testGenerateAttrQueryRequestPALsErr1() {
+
+ final IPersonalAttributeList palWrong = new PersonalAttributeList();
+
+ final PersonalAttribute worngAttr = new PersonalAttribute();
+ worngAttr.setName("attrNotValid");
+ worngAttr.setIsRequired(true);
+
+ final STORKAttrQueryRequest request = new STORKAttrQueryRequest();
+
+ request.setDestination(destination);
+ request.setQaa(QAAL);
+ request.setPersonalAttributeList(palWrong);
+
+ // news parameters
+ request.setEIDSectorShare(false);
+ request.setEIDCrossSectorShare(false);
+ request.setEIDCrossBorderShare(false);
+ request.setSpCountry(spCountry);
+ request.setSPID(spId);
+ request.setCitizenCountryCode("IS");
+
+ try {
+ engine.generateSTORKAttrQueryRequest(request);
+ fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!");
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+
+
+ /**
+ * Test generate authentication request error personal attribute value error.
+ */
+ @Test
+ public final void testGenerateAttrQueryRequestPALsErr2() {
+
+ final IPersonalAttributeList palWrong = new PersonalAttributeList();
+
+ final PersonalAttribute attrNotValid = new PersonalAttribute();
+ attrNotValid.setName("attrNotValid");
+ attrNotValid.setIsRequired(true);
+ palWrong.add(attrNotValid);
+
+
+
+ final STORKAttrQueryRequest request = new STORKAttrQueryRequest();
+
+ request.setDestination(destination);
+ request.setQaa(QAAL);
+ request.setPersonalAttributeList(palWrong);
+
+ // news parameters
+ request.setSpSector(spSector);
+ request.setSpInstitution(spInstitution);
+ request.setSpApplication(spApplication);
+ request.setSpCountry(spCountry);
+ request.setSPID(spId);
+ request.setCitizenCountryCode("IS");
+
+ try {
+ engine.generateSTORKAttrQueryRequest(request);
+ fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!");
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+ /**
+ * Test generate authentication request authentication assurance level
+ * negative value.
+ */
+ @Test
+ public final void testGenerateAttrQueryRequestQaalErr1() {
+
+ final STORKAttrQueryRequest request = new STORKAttrQueryRequest();
+
+ request.setDestination(destination);
+ request.setQaa(-1);
+ request.setPersonalAttributeList(pal);
+
+ // news parameters
+ request.setSpSector(spSector);
+ request.setSpInstitution(spInstitution);
+ request.setSpApplication(spApplication);
+ request.setSpCountry(spCountry);
+ request.setSPID(spId);
+
+ try {
+ engine.generateSTORKAttrQueryRequest(request);
+ fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!");
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+ /**
+ * Test generate authentication request service provider sector null.
+ */
+ @Test
+ public final void testGenerateAttrQueryRequestSectorErr() {
+
+ final STORKAttrQueryRequest request = new STORKAttrQueryRequest();
+
+ request.setDestination(destination);
+ request.setQaa(QAAL);
+ request.setPersonalAttributeList(pal);
+ request.setAssertionConsumerServiceURL(assertConsumerUrl);
+
+ // news parameters
+ request.setSpSector(null);
+ request.setSpInstitution(spInstitution);
+ request.setSpApplication(spApplication);
+ request.setSpCountry(spCountry);
+ request.setSPID(spId);
+ request.setCitizenCountryCode("IS");
+
+ try {
+ engine.generateSTORKAttrQueryRequest(request);
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!");
+
+ }
+ }
+
+ /**
+ * Test generate authentication request service provider institution null.
+ */
+ @Test
+ public final void testGenerateAttrQueryRequestDestinationErr() {
+
+ final STORKAttrQueryRequest request = new STORKAttrQueryRequest();
+
+ request.setDestination(null);
+ request.setQaa(QAAL);
+ request.setPersonalAttributeList(pal);
+
+ // news parameters
+ request.setSpSector(spSector);
+ request.setSpInstitution(null);
+ request.setSpApplication(spApplication);
+ request.setSpCountry(spCountry);
+ request.setSPID(spId);
+ request.setCitizenCountryCode("IS");
+
+ try {
+ engine.generateSTORKAttrQueryRequest(request);
+ fail("generateSTORKAttrQueryRequest(...) should've thrown an STORKSAMLEngineException!");
+
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+ /**
+ * Test generate authentication request service provider application null.
+ */
+ @Test
+ public final void testGenerateAttrQueryRequestApplicationErr() {
+
+ final STORKAttrQueryRequest request = new STORKAttrQueryRequest();
+
+ request.setDestination(destination);
+ request.setQaa(QAAL);
+ request.setPersonalAttributeList(pal);
+ request.setAssertionConsumerServiceURL(assertConsumerUrl);
+
+ // news parameters
+ request.setSpSector(spSector);
+ request.setSpInstitution(spInstitution);
+ request.setSpApplication(null);
+ request.setSpCountry(spCountry);
+ request.setSPID(spId);
+ request.setCitizenCountryCode("IS");
+
+ try {
+ engine.generateSTORKAttrQueryRequest(request);
+
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!");
+ }
+ }
+
+ /**
+ * Test generate authentication request service provider country null.
+ */
+ @Test
+ public final void testGenerateAttrQueryRequestCountryErr() {
+
+ final STORKAttrQueryRequest request = new STORKAttrQueryRequest();
+
+ request.setDestination(destination);
+ request.setQaa(QAAL);
+ request.setPersonalAttributeList(pal);
+ request.setAssertionConsumerServiceURL(assertConsumerUrl);
+
+ // news parameters
+ request.setSpSector(spSector);
+ request.setSpInstitution(spInstitution);
+ request.setSpApplication(spApplication);
+ request.setSpCountry(null);
+ request.setSPID(spId);
+ request.setCitizenCountryCode("IS");
+
+ try {
+ engine.generateSTORKAttrQueryRequest(request);
+ fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!");
+
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+ /**
+ * Test generate authentication request error with quality authentication
+ * assurance level wrong.
+ */
+ @Test
+ public final void testGenerateAttrQueryRequestQaalErr2() {
+ final STORKAttrQueryRequest request = new STORKAttrQueryRequest();
+
+ request.setDestination(destination);
+ request.setQaa(0);
+ request.setPersonalAttributeList(pal);
+
+ // news parameters
+ request.setSpSector(spSector);
+ request.setSpInstitution(spInstitution);
+ request.setSpApplication(spApplication);
+ request.setSpCountry(spCountry);
+ request.setSPID(spId);
+ request.setCitizenCountryCode("IS");
+
+ try {
+ engine.generateSTORKAttrQueryRequest(request);
+ fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!");
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+ /**
+ * Test generate authentication request personal attribute list null value.
+ */
+ @Test
+ public final void testGenerateAttrQueryRequestPALErr1() {
+ final STORKAttrQueryRequest request = new STORKAttrQueryRequest();
+
+ request.setDestination(destination);
+ request.setQaa(QAAL);
+ request.setPersonalAttributeList(null);
+
+ // news parameters
+ request.setSpSector(spSector);
+ request.setSpInstitution(spInstitution);
+ request.setSpApplication(spApplication);
+ request.setSpCountry(spCountry);
+ request.setSPID(spId);
+ request.setCitizenCountryCode("IS");
+
+ try {
+ engine.generateSTORKAttrQueryRequest(request);
+ fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!");
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+ /**
+ * Test validate authentication request null parameter.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test
+ public final void testValidateAttrQueryRequestNullParam()
+ throws STORKSAMLEngineException {
+ try {
+ engine.validateSTORKAttrQueryRequest(null);
+ fail("validateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!");
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+ /**
+ * Test validate authentication request error bytes encode.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test
+ public final void testValidateAttrQueryRequestErrorEncode()
+ throws STORKSAMLEngineException {
+ try {
+ engine.validateSTORKAttrQueryRequest("messageError".getBytes());
+ fail("validateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!");
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+ /**
+ * Test validate authentication request.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test
+ public final void testValidateAttrQueryRequest() throws STORKSAMLEngineException {
+
+ final STORKAttrQueryRequest request = new STORKAttrQueryRequest();
+
+ request.setDestination(destination);
+ request.setQaa(QAAL);
+ request.setPersonalAttributeList(pal);
+
+ // news parameters
+ request.setSpSector(spSector);
+ request.setSpInstitution(spInstitution);
+ request.setSpApplication(spApplication);
+ request.setSpCountry(spCountry);
+ request.setSPID(spId);
+ request.setCitizenCountryCode("IS");
+ request.setAssertionConsumerServiceURL(assertConsumerUrl);
+
+ attrRequest = engine.generateSTORKAttrQueryRequest(request).getTokenSaml();
+
+ final STORKAttrQueryRequest validatedRequest = engine.validateSTORKAttrQueryRequest(attrRequest);
+
+ assertEquals("CrossBorderShare incorrect: ", validatedRequest.isEIDCrossBorderShare(), false);
+ assertEquals("CrossSectorShare incorrect: ", validatedRequest.isEIDCrossSectorShare(), false);
+ assertEquals("SectorShare incorrect: ", validatedRequest.isEIDSectorShare(), false);
+
+ }
+
+ /**
+ * Test validate data authenticate request. Verified parameters after
+ * validation.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test
+ public final void testValidateDataAttrQueryRequest() throws STORKSAMLEngineException {
+
+ final STORKAttrQueryRequest request = engine.validateSTORKAttrQueryRequest(attrRequest);
+
+ assertEquals("Sestination incorrect: ", request.getDestination(), destination);
+
+ assertEquals("CrossBorderShare incorrect: ", request.isEIDCrossBorderShare(), false);
+ assertEquals("CrossSectorShare incorrect: ", request.isEIDCrossSectorShare(), false);
+ assertEquals("SectorShare incorrect: ", request.isEIDSectorShare(), false);
+
+ assertEquals("QAAL incorrect: ", request.getQaa(), QAAL);
+ assertEquals("SPSector incorrect: ", request.getSpSector(), spSector);
+ assertEquals("SPInstitution incorrect: ", request.getSpInstitution(), null);
+ assertEquals("SPApplication incorrect: ", request.getSpApplication(), spApplication);
+ assertEquals("CitizenCountryCode incorrect: ", request.getCitizenCountryCode(), null);
+
+ }
+
+ /**
+ * Test validate file attribute query request. Validate from XML file.
+ *
+ * @throws Exception the exception
+ */
+ @Test
+ public final void testValidateFileAttrQueryRequest() throws Exception {
+
+ final byte[] bytes = SSETestUtils.readStorkSamlFromFile("/data/eu/stork/STORKSAMLEngine/AttrQueryRequest1.xml");
+
+ try {
+ engine.validateSTORKAttrQueryRequest(bytes);
+ fail("testValidateFileAttrQueryRequest(...) should've thrown an STORKSAMLEngineException!");
+ } catch (STORKSAMLEngineException e) {
+ LOG.error(e.getMessage());
+ }
+ }
+
+ /**
+ * Test validate file authentication request tag delete.
+ *
+ * @throws Exception the exception
+ */
+ @Test
+ public final void testValidateFileAttrRequestTagDelete() throws Exception {
+
+ final byte[] bytes = SSETestUtils.readStorkSamlFromFile("/data/eu/stork/STORKSAMLEngine/AttrQueryRequestTagDelete.xml");
+
+ try {
+ engine.validateSTORKAttrQueryRequest(bytes);
+ fail("validateSTORKAttrQueryRequest(...) should have thrown an STORKSAMLEngineException!");
+ } catch (STORKSAMLEngineException e) {
+ LOG.error(e.getMessage());
+
+ }
+ }
+
+ /**
+ * Test validate authentication request not trusted token.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test
+ public final void testValidateAttrQueryRequestNotTrustedErr1()
+ throws STORKSAMLEngineException {
+
+ try {
+ final STORKSAMLEngine engineNotTrusted = STORKSAMLEngine
+ .getInstance("CONF2");
+
+ final STORKAttrQueryRequest request = new STORKAttrQueryRequest();
+
+ request.setDestination(destination);
+ request.setQaa(QAAL);
+ request.setPersonalAttributeList(pal);
+ request.setAssertionConsumerServiceURL(assertConsumerUrl);
+
+ // news parameters
+ request.setSpSector(spSector);
+ request.setSpInstitution(spInstitution);
+ request.setSpApplication(spApplication);
+ request.setSpCountry(spCountry);
+
+ final byte[] authReqNotTrust = engineNotTrusted
+ .generateSTORKAttrQueryRequest(request).getTokenSaml();
+
+ engine.validateSTORKAttrQueryRequest(authReqNotTrust);
+ fail("validateSTORKAttrQueryRequestNotTrusted(...) should have thrown an STORKSAMLEngineException!");
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+ /**
+ * Test validate authentication request trusted.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test
+ public final void testValidateAttrQueryRequestTrusted()
+ throws STORKSAMLEngineException {
+
+ final STORKSAMLEngine engineTrusted = STORKSAMLEngine
+ .getInstance("CONF3");
+
+ final STORKAttrQueryRequest request = new STORKAttrQueryRequest();
+
+ request.setDestination(destination);
+ request.setQaa(QAAL);
+ request.setPersonalAttributeList(pal);
+
+ // news parameters
+ request.setSpSector(spSector);
+ request.setSpInstitution(spInstitution);
+ request.setSpApplication(spApplication);
+ request.setSpCountry(spCountry);
+ request.setAssertionConsumerServiceURL(assertConsumerUrl);
+
+ final byte[] authReqNotTrust = engineTrusted.generateSTORKAttrQueryRequest(
+ request).getTokenSaml();
+
+ // engine ("CONF1") no have trust certificate from "CONF2"
+ engine.validateSTORKAttrQueryRequest(authReqNotTrust);
+
+ }
+
+
+
+
+ /**
+ * Test generate authentication request service provider application null.
+ */
+ @Test
+ public final void testGenerateAttrQueryRequestNADA() {
+
+ final STORKAttrQueryRequest request = new STORKAttrQueryRequest();
+
+ request.setDestination(destination);
+ request.setQaa(QAAL);
+ request.setPersonalAttributeList(pal);
+
+ // news parameters
+ request.setSpSector(null);
+ request.setSpInstitution(null);
+ request.setSpApplication(null);
+ request.setSpCountry(null);
+
+ try {
+
+ engine.validateSTORKAttrQueryRequest(attrRequest);
+
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!");
+ }
+ }
+
+ /**
+ * Test validate authentication request with unknown elements.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test
+ public final void testValidateAttrQueryRequestWithUnknownElements() throws STORKSAMLEngineException {
+
+ final STORKAttrQueryRequest request = new STORKAttrQueryRequest();
+
+ request.setDestination(destination);
+ request.setQaa(QAAL);
+ request.setPersonalAttributeList(pal);
+
+ IPersonalAttributeList pAttList = new PersonalAttributeList();
+
+ final PersonalAttribute unknown = new PersonalAttribute();
+ unknown.setName("unknown");
+ unknown.setIsRequired(true);
+ pAttList.add(unknown);
+
+ final PersonalAttribute eIdentifier = new PersonalAttribute();
+ eIdentifier.setName("eIdentifier");
+ eIdentifier.setIsRequired(true);
+ pAttList.add(eIdentifier);
+
+ request.setPersonalAttributeList(pAttList);
+
+ // new parameters
+ request.setSpSector(spSector);
+ request.setSpInstitution(spInstitution);
+ request.setSpApplication(spApplication);
+ request.setSpCountry(spCountry);
+ request.setSPID(spId);
+ request.setCitizenCountryCode("IS");
+ request.setAssertionConsumerServiceURL(assertConsumerUrl);
+
+ STORKAttrQueryRequest req = new STORKAttrQueryRequest();
+
+ req = engine3.generateSTORKAttrQueryRequest(request);
+
+ req = engine.validateSTORKAttrQueryRequest(req.getTokenSaml());
+
+ assertNull("The value shouldn't exist", req.getPersonalAttributeList().get("unknown"));
+ assertNotNull("The value should exist", req.getPersonalAttributeList().get("eIdentifier"));
+
+ }
+
+ /**
+ * Test generate Request with required elements by default
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test
+ public final void testGenerateAttrQueryRequestWithIsRequiredElementsByDefault() throws STORKSAMLEngineException {
+
+ final STORKAttrQueryRequest request = new STORKAttrQueryRequest();
+
+ request.setDestination(destination);
+ request.setQaa(QAAL);
+ request.setPersonalAttributeList(pal);
+
+ IPersonalAttributeList pAttList = new PersonalAttributeList();
+
+ final PersonalAttribute eIdentifier = new PersonalAttribute();
+ eIdentifier.setName("eIdentifier");
+ eIdentifier.setIsRequired(true);
+ pAttList.add(eIdentifier);
+
+ request.setPersonalAttributeList(pAttList);
+
+ // new parameters
+ request.setSpSector(spSector);
+ request.setSpInstitution(spInstitution);
+ request.setSpApplication(spApplication);
+ request.setSpCountry(spCountry);
+ request.setSPID(spId);
+ request.setCitizenCountryCode("IS");
+ request.setAssertionConsumerServiceURL(assertConsumerUrl);
+
+ STORKAttrQueryRequest req = new STORKAttrQueryRequest();
+ STORKAttrQueryRequest reqTrue = new STORKAttrQueryRequest();
+ STORKAttrQueryRequest reqFalse = new STORKAttrQueryRequest();
+
+ reqTrue = engine.generateSTORKAttrQueryRequest(request);
+ reqFalse = engine2.generateSTORKAttrQueryRequest(request);
+ req = engine3.generateSTORKAttrQueryRequest(request);
+
+
+ String token = new String(req.getTokenSaml());
+ String reqTrueToken = new String(reqTrue.getTokenSaml());
+ String reqFalseToken = new String(reqFalse.getTokenSaml());
+
+ assertTrue("The token must contain the chain 'isRequired'", token.contains("isRequired"));
+ assertTrue("The token must contain the chain 'isRequired'", reqTrueToken.contains("isRequired"));
+ assertFalse("The token must contain the chain 'isRequired'", reqFalseToken.contains("isRequired"));
+
+ }
+
+ /**
+ * Test validating attribute query and getting alias used to save
+ * the saml trusted certificate into trustore
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ /*@Test
+ public final void testValidateAtrrQueryRequestGettingItsAlias() throws STORKSAMLEngineException {
+
+ final STORKAttrQueryRequest request = new STORKAttrQueryRequest();
+
+ request.setDestination(destination);
+ request.setQaa(QAAL);
+ request.setPersonalAttributeList(pal);
+
+ IPersonalAttributeList pAttList = new PersonalAttributeList();
+
+ final PersonalAttribute eIdentifier = new PersonalAttribute();
+ eIdentifier.setName("eIdentifier");
+ eIdentifier.setIsRequired(true);
+ pAttList.add(eIdentifier);
+
+ request.setPersonalAttributeList(pAttList);
+
+ // new parameters
+ request.setSpSector(spSector);
+ request.setSpInstitution(spInstitution);
+ request.setSpApplication(spApplication);
+ request.setSpCountry(spCountry);
+ request.setSPID(spId);
+ request.setCitizenCountryCode("IS");
+ request.setAssertionConsumerServiceURL(assertConsumerUrl);
+
+ STORKAttrQueryRequest req = new STORKAttrQueryRequest();
+
+ req = engine3.generateSTORKAttrQueryRequest(request);
+ req = engine.validateSTORKAttrQueryRequest(req.getTokenSaml());
+ String prufa = req.getAlias();
+ assertTrue("The alias should match this value", req.getAlias().equals("local-demo"));
+
+ req = engine2.generateSTORKAttrQueryRequest(request);
+ req = engine2.validateSTORKAttrQueryRequest(req.getTokenSaml());
+ assertTrue("The alias should match this value", req.getAlias().equals("local-demo2"));
+ }*/
+
+ @Test
+ public final void testGenerateAttrQueryRequestSignDoc() throws STORKSAMLEngineException {
+
+ final STORKAttrQueryRequest request = new STORKAttrQueryRequest();
+
+ request.setDestination(destination);
+ request.setQaa(QAAL);
+ PersonalAttributeList pal0 = new PersonalAttributeList();
+
+ final PersonalAttribute signDoc = new PersonalAttribute();
+ signDoc.setName("docRequest");
+ signDoc.setIsRequired(true);
+ signDoc.setValue(Arrays.asList("IS/IS/fbea6e68-0393-401b-b616-f767fff9418c"));
+ pal0.add(signDoc);
+
+ request.setPersonalAttributeList(pal0);
+
+ // new parameters
+ /*request.setEIDSectorShare(false);
+ request.setEIDCrossSectorShare(false);
+ request.setEIDCrossBorderShare(false);*/
+ request.setAssertionConsumerServiceURL(assertConsumerUrl);
+ request.setSpCountry(spCountry);
+
+ STORKAttrQueryRequest req1 = engine0.generateSTORKAttrQueryRequest(request);
+ byte[] reqByte = req1.getTokenSaml();
+ FileOutputStream output = null;
+
+ STORKAttrQueryRequest req2 = engine0.validateSTORKAttrQueryRequest(reqByte);
+ //reqByte = req2.getTokenSaml();
+
+ try {
+ //output = new FileOutputStream(new File(System.getProperty("user.dir") + "/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestSdoc.xml"));
+ FileOutputStream fos;
+ File outputDir = new File(System.getProperty("user.dir") + "/src/test/resources/data/eu/stork/STORKSAMLEngine");
+ File saveFile = new File(outputDir, "AttrQueryRequestSdoc.xml");
+ fos = new FileOutputStream(saveFile);
+ fos.write(reqByte);
+ fos.flush();
+ fos.close();
+ } catch (Exception e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ try {
+ output.write(reqByte);
+ } catch (IOException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+
+ LOG.info("STORKAttrQueryRequest 1: " + SSETestUtils.encodeSAMLToken(engine.generateSTORKAttrQueryRequest(request).getTokenSaml()));
+
+ request.setCitizenCountryCode("IS");
+ LOG.info("STORKAttrQueryRequest 2: " + SSETestUtils.encodeSAMLToken(engine.generateSTORKAttrQueryRequest(request).getTokenSaml()));
+ }
+
+}
diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAttrQueryResponseTest.java b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAttrQueryResponseTest.java
new file mode 100644
index 000000000..a98d5b7c3
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAttrQueryResponseTest.java
@@ -0,0 +1,1085 @@
+package eu.stork.peps.test.simple;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
+
+import java.io.File;
+import java.io.FileNotFoundException;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+
+import org.junit.Ignore;
+import org.junit.Test;
+import org.opensaml.xml.parse.BasicParserPool;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import eu.stork.peps.auth.commons.IPersonalAttributeList;
+import eu.stork.peps.auth.commons.PEPSUtil;
+import eu.stork.peps.auth.commons.PersonalAttribute;
+import eu.stork.peps.auth.commons.PersonalAttributeList;
+import eu.stork.peps.auth.commons.STORKAttrQueryRequest;
+import eu.stork.peps.auth.commons.STORKAttrQueryResponse;
+import eu.stork.peps.auth.commons.STORKAuthnRequest;
+import eu.stork.peps.auth.commons.STORKAuthnResponse;
+import eu.stork.peps.auth.commons.STORKStatusCode;
+import eu.stork.peps.auth.commons.STORKSubStatusCode;
+import eu.stork.peps.auth.engine.STORKSAMLEngine;
+import eu.stork.peps.exceptions.STORKSAMLEngineException;
+
+public class StorkAttrQueryResponseTest {
+
+ /** The engine. */
+ private static STORKSAMLEngine engine = STORKSAMLEngine.getInstance("CONF1");
+
+ /**
+ * Gets the engine.
+ *
+ * @return the engine
+ */
+ public static STORKSAMLEngine getEngine() {
+ return engine;
+ }
+
+ /**
+ * Sets the engine.
+ *
+ * @param newEngine the new engine
+ */
+ public static void setEngine(final STORKSAMLEngine newEngine) {
+ StorkAttrQueryResponseTest.engine = newEngine;
+ }
+
+ /** The destination. */
+ private static String destination;
+
+ /** The service provider sector. */
+ private static String spSector;
+
+ /** The service provider institution. */
+ private static String spInstitution;
+
+ /** The service provider application. */
+ private static String spApplication;
+
+ /** The service provider country. */
+ private static String spCountry;
+
+ /** The service provider id. */
+ private static String spId;
+
+ /** The quality authentication assurance level. */
+ private static final int QAAL = 3;
+
+ /** The state. */
+ private static String state = "IS";
+
+ /** The town. */
+ private static String town = "Reykjavik";
+
+ /** The postal code. */
+ private static String postalCode = "105";
+
+ /** The street name. */
+ private static String streetName = "Gudrunartun";
+
+ /** The street number. */
+ private static String streetNumber = "10";
+
+ /** The List of Personal Attributes. */
+ private static IPersonalAttributeList pal;
+
+ /** The assertion consumer URL. */
+ private static String assertConsumerUrl;
+
+ /** The attribute query request. */
+ private static byte[] attrQueryRequest;
+
+ /** The attribute query response. */
+ private static byte[] attrQueryResponse;
+
+ /** The attribute query request. */
+ private static STORKAttrQueryRequest attrQueryenRequest;
+
+ /** The attribute query response. */
+ private static STORKAttrQueryResponse attrQeuryenResponse;
+
+ /** The Constant LOG. */
+ private static final Logger LOG = LoggerFactory
+ .getLogger(StorkAttrQueryResponseTest.class.getName());
+
+ /**
+ * Instantiates a new stork response test.
+ */
+ public StorkAttrQueryResponseTest() {
+ super();
+ }
+
+ /** The IP address. */
+ private static String ipAddress;
+
+ /** The destination URL. */
+ private static String destinationUrl;
+
+ /** The is hashing. */
+ private final boolean isHashing = Boolean.TRUE;
+
+ /** The is not hashing. */
+ private final boolean isNotHashing = Boolean.FALSE;
+
+ /** The ERROR text. */
+ private static final String ERROR_TXT = "generateAttrQueryResponse(...) should've thrown an STORKSAMLEngineException!";
+
+
+ /** Parser manager used to parse XML. */
+ private static BasicParserPool parser;
+
+
+
+ static {
+ parser = new BasicParserPool();
+ parser.setNamespaceAware(true);
+
+ pal = new PersonalAttributeList();
+
+ PersonalAttribute isAgeOver = new PersonalAttribute();
+ isAgeOver.setName("isAgeOver");
+ isAgeOver.setIsRequired(false);
+ ArrayList<String> ages = new ArrayList<String>();
+ ages.add("16");
+ ages.add("18");
+ isAgeOver.setValue(ages);
+ pal.add(isAgeOver);
+
+ PersonalAttribute dateOfBirth = new PersonalAttribute();
+ dateOfBirth.setName("dateOfBirth");
+ dateOfBirth.setIsRequired(false);
+ pal.add(dateOfBirth);
+
+ PersonalAttribute eIDNumber = new PersonalAttribute();
+ eIDNumber.setName("eIdentifier");
+ List<String> eid = Arrays.asList("IS/IS/1234567890");
+ eIDNumber.setValue(eid);
+ eIDNumber.setIsRequired(true);
+ pal.add(eIDNumber);
+
+ final PersonalAttribute givenName = new PersonalAttribute();
+ givenName.setName("givenName");
+ givenName.setIsRequired(true);
+ pal.add(givenName);
+
+ PersonalAttribute canRessAddress = new PersonalAttribute();
+ canRessAddress.setName("canonicalResidenceAddress");
+ canRessAddress.setIsRequired(true);
+ pal.add(canRessAddress);
+
+ PersonalAttribute newAttribute = new PersonalAttribute();
+ newAttribute.setName("newAttribute2");
+ newAttribute.setIsRequired(true);
+ pal.add(newAttribute);
+
+ destination = "http://C-PEPS.gov.xx/PEPS/ColleagueRequest";
+ assertConsumerUrl = "http://S-PEPS.gov.xx/PEPS/ColleagueResponse";
+ spSector = "EDU001";
+ spInstitution = "OXF001";
+ spApplication = "APP001";
+ spCountry = "EN";
+
+ spId = "EDU001-APP001-APP001";
+
+ final STORKAttrQueryRequest request = new STORKAttrQueryRequest();
+ request.setDestination(destination);
+ //request.setProviderName(spName);
+ request.setQaa(QAAL);
+ request.setPersonalAttributeList(pal);
+ request.setAssertionConsumerServiceURL(assertConsumerUrl);
+
+ // new parameters
+ request.setSpSector(spSector);
+ request.setSpInstitution(spInstitution);
+ request.setSpApplication(spApplication);
+ request.setSpCountry(spCountry);
+ request.setSPID(spId);
+ request.setCitizenCountryCode("IS");
+
+ try {
+ attrQueryRequest = getEngine().generateSTORKAttrQueryRequest(request)
+ .getTokenSaml();
+
+ attrQueryenRequest = getEngine().validateSTORKAttrQueryRequest(attrQueryRequest);
+
+ } catch (STORKSAMLEngineException e) {
+ fail("Error create STORKAuthnRequest");
+ }
+
+ ipAddress = "111.222.333.444";
+
+ destinationUrl = "http://C-PEPS.gov.xx/PEPS/ColleagueRequest";
+
+ pal = new PersonalAttributeList();
+
+ isAgeOver = new PersonalAttribute();
+ isAgeOver.setName("isAgeOver");
+ isAgeOver.setIsRequired(true);
+ ages = new ArrayList<String>();
+
+ ages.add("16");
+ ages.add("18");
+
+ isAgeOver.setValue(ages);
+ isAgeOver.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString());
+ pal.add(isAgeOver);
+
+ dateOfBirth = new PersonalAttribute();
+ dateOfBirth.setName("dateOfBirth");
+ dateOfBirth.setIsRequired(false);
+ final ArrayList<String> date = new ArrayList<String>();
+ date.add("16/12/2008");
+ dateOfBirth.setValue(date);
+ dateOfBirth.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString());
+ pal.add(dateOfBirth);
+
+ eIDNumber = new PersonalAttribute();
+ eIDNumber.setName("eIdentifier");
+ eIDNumber.setIsRequired(true);
+ final ArrayList<String> idNumber = new ArrayList<String>();
+ idNumber.add("123456789IS");
+ eIDNumber.setValue(idNumber);
+ eIDNumber.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString());
+ pal.add(eIDNumber);
+
+ canRessAddress = new PersonalAttribute();
+ canRessAddress.setName("canonicalResidenceAddress");
+ canRessAddress.setIsRequired(true);
+ canRessAddress.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString());
+ final HashMap<String, String> address = new HashMap<String, String>();
+
+ address.put("state", state);
+ address.put("town", town);
+ address.put("postalCode", postalCode);
+ address.put("streetName", streetName);
+ address.put("streetNumber", streetNumber);
+
+ canRessAddress.setComplexValue(address);
+ pal.add(canRessAddress);
+
+ newAttribute = new PersonalAttribute();
+ newAttribute.setName("newAttribute2");
+ newAttribute.setIsRequired(true);
+ newAttribute.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString());
+ final HashMap<String, String> values = new HashMap<String, String>();
+
+ values.put("value1", "value1");
+ values.put("value2", "value2");
+ values.put("value3", "value3");
+ values.put("value4", "value4");
+
+ newAttribute.setComplexValue(values);
+ pal.add(newAttribute);
+
+ }
+
+ /**
+ * Test generate attribute query request without errors.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test
+ public final void testGenerateAttrQueryResponse() throws STORKSAMLEngineException {
+
+ final STORKAttrQueryResponse response = new STORKAttrQueryResponse();
+ response.setPersonalAttributeList(pal);
+
+ final STORKAttrQueryResponse storkResponse = getEngine()
+ .generateSTORKAttrQueryResponse(attrQueryenRequest, response, ipAddress,
+ destinationUrl, isNotHashing);
+
+ attrQueryResponse = storkResponse.getTokenSaml();
+
+ FileOutputStream output = null;
+
+ try {
+ output = new FileOutputStream(new File(System.getProperty("user.dir") + "/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryResponse.xml"));
+ } catch (FileNotFoundException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ try {
+ output.write(attrQueryResponse);
+ } catch (IOException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+
+ LOG.info("RESPONSE: " + SSETestUtils.encodeSAMLToken(attrQueryResponse));
+
+
+ }
+
+ /**
+ * Test validation id parameter mandatory.
+ */
+ @Test
+ public final void testResponseMandatoryId() {
+ final String identifier = attrQueryenRequest.getSamlId();
+ attrQueryenRequest.setSamlId(null);
+
+ final STORKAttrQueryResponse response = new STORKAttrQueryResponse();
+ response.setPersonalAttributeList(pal);
+
+ try {
+ getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, response,
+ ipAddress, destinationUrl, isHashing);
+ fail(ERROR_TXT);
+ } catch (STORKSAMLEngineException e) {
+ attrQueryenRequest.setSamlId(identifier);
+ LOG.error("Error");
+ }
+ }
+
+ /**
+ * Test generate attribute query response in response to err1.
+ */
+ @Test
+ public final void testResponseMandatoryIssuer() {
+
+ final String issuer = attrQueryenRequest.getIssuer();
+ attrQueryenRequest.setIssuer(null);
+
+ final STORKAttrQueryResponse response = new STORKAttrQueryResponse();
+ response.setPersonalAttributeList(pal);
+
+ try {
+ getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, response,
+ ipAddress, destinationUrl, isHashing);
+ fail(ERROR_TXT);
+ } catch (STORKSAMLEngineException e) {
+ attrQueryenRequest.setIssuer(issuer);
+ LOG.error("Error");
+ }
+ }
+
+
+ /**
+ * Test generate attribute query response assertion consumer null.
+ */
+ /*@Test
+ public final void testResponseMandatoryAssertionConsumerServiceURL() {
+ final String asserConsumerUrl = attrQueryenRequest
+ .getAssertionConsumerServiceURL();
+ attrQueryenRequest.setAssertionConsumerServiceURL(null);
+
+ final STORKAuthnResponse response = new STORKAuthnResponse();
+ response.setPersonalAttributeList(pal);
+ try {
+ getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, response,
+ ipAddress, isHashing);
+ fail("generateAuthnResponse(...) should've thrown an STORKSAMLEngineException!");
+ } catch (STORKSAMLEngineException e) {
+ attrQueryenRequest.setAssertionConsumerServiceURL(asserConsumerUrl);
+ LOG.error("Error");
+ }
+ }
+
+ /**
+ * Test generate attribute query response IP address null.
+ */
+ @Test
+ public final void testResponseValidationIP() {
+ final STORKAttrQueryResponse response = new STORKAttrQueryResponse();
+ response.setPersonalAttributeList(pal);
+
+ try {
+ getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, response, null,
+ destinationUrl, isHashing);
+ fail("generateAuthnResponse(...) should've thrown an STORKSAMLEngineException!");
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+ /**
+ * Test generate attribute query response with personal attribute list null.
+ */
+ @Test
+ public final void testResponseMandatoryPersonalAttributeList() {
+ final STORKAttrQueryResponse response = new STORKAttrQueryResponse();
+ response.setPersonalAttributeList(null);
+
+
+ try {
+ getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, response,
+ ipAddress, destinationUrl, isHashing);
+ fail("generateAuthnResponse(...) should've thrown an STORKSAMLEngineException!");
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+ /**
+ * Test validate attribute query response token null.
+ */
+ @Test
+ public final void testResponseInvalidParametersToken() {
+ try {
+ getEngine().validateSTORKAttrQueryResponse(null, ipAddress);
+ fail(ERROR_TXT);
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+ /**
+ * Test validate attribute query response IP null.
+ */
+ @Test
+ public final void STORKAttrQueryResponse() {
+ final STORKAttrQueryResponse response = new STORKAttrQueryResponse();
+ response.setPersonalAttributeList(pal);
+ try {
+ attrQueryResponse = getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest,
+ response, ipAddress, destinationUrl, isNotHashing).getTokenSaml();
+ // In Conf1 ipValidate is false
+ getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, null);
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+
+ /**
+ * Test validate attribute query response parameter name wrong.
+ */
+ @Test
+ public final void testResponseInvalidParametersAttr() {
+ final STORKAttrQueryResponse response = new STORKAttrQueryResponse();
+ final IPersonalAttributeList wrongList = new PersonalAttributeList();
+
+ final PersonalAttribute worngAttr = new PersonalAttribute();
+ worngAttr.setName("AttrWrong");
+ wrongList.add(worngAttr);
+
+
+ response.setPersonalAttributeList(wrongList);
+ try {
+ attrQueryResponse = getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest,
+ response, ipAddress, destinationUrl, isNotHashing).getTokenSaml();
+ // In Conf1 ipValidate is false
+ getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, null);
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+
+ /**
+ * Test validate attribute query response set null value into attribute.
+ */
+ @Test
+ public final void testResponseInvalidParametersAttrSimpleValue() {
+ final STORKAttrQueryResponse response = new STORKAttrQueryResponse();
+ final IPersonalAttributeList wrongList = new PersonalAttributeList();
+
+ final PersonalAttribute worngAttr = new PersonalAttribute();
+ worngAttr.setName("isAgeOver");
+ worngAttr.setValue(null);
+ wrongList.add(worngAttr);
+
+ response.setPersonalAttributeList(wrongList);
+ try {
+ attrQueryResponse = getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest,
+ response, ipAddress, destinationUrl, isNotHashing).getTokenSaml();
+ // In Conf1 ipValidate is false
+ getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, null);
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+
+ /**
+ * Test validate attribute query response set null value into attribute.
+ */
+ @Test
+ public final void testResponseInvalidParametersAttrNoValue() {
+ final STORKAttrQueryResponse response = new STORKAttrQueryResponse();
+ final IPersonalAttributeList wrongList = new PersonalAttributeList();
+
+ final PersonalAttribute worngAttr = new PersonalAttribute();
+ worngAttr.setName("isAgeOver");
+ wrongList.add(worngAttr);
+
+ response.setPersonalAttributeList(wrongList);
+ try {
+ attrQueryResponse = getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest,
+ response, ipAddress, destinationUrl, isNotHashing).getTokenSaml();
+ // In Conf1 ipValidate is false
+ getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, null);
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+
+ /**
+ * Test validate attribute query response set null value into attribute.
+ */
+ @Test
+ public final void testResponseInvalidParametersAttrNoName() {
+ final STORKAttrQueryResponse response = new STORKAttrQueryResponse();
+ final IPersonalAttributeList wrongList = new PersonalAttributeList();
+
+ final PersonalAttribute worngAttr = new PersonalAttribute();
+ wrongList.add(worngAttr);
+
+ response.setPersonalAttributeList(wrongList);
+ try {
+ attrQueryResponse = getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest,
+ response, ipAddress, destinationUrl, isNotHashing).getTokenSaml();
+ // In Conf1 ipValidate is false
+ getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, null);
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+
+ /**
+ * Test validate attribute query response set null complex value into attribute.
+ */
+ @Test
+ public final void testResponseInvalidParametersAttrComplexValue() {
+ final STORKAttrQueryResponse response = new STORKAttrQueryResponse();
+ final IPersonalAttributeList wrongList = new PersonalAttributeList();
+
+ final PersonalAttribute worngAttr = new PersonalAttribute();
+ worngAttr.setName("isAgeOver");
+ worngAttr.setComplexValue(null);
+ wrongList.add(worngAttr);
+
+ response.setPersonalAttributeList(wrongList);
+ try {
+ attrQueryResponse = getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest,
+ response, ipAddress, destinationUrl, isNotHashing).getTokenSaml();
+ // In Conf1 ipValidate is false
+ getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, null);
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+
+
+
+ /**
+ * Test validate attribute query response IP distinct and disabled validation
+ * IP.
+ */
+ @Test
+ public final void testResponseInvalidParametersIPDistinct() {
+ try {
+ // ipAddress origin "111.222.333.444"
+ // ipAddrValidation = false
+ // Subject Confirmation Bearer.
+
+ getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, "127.0.0.1");
+ } catch (STORKSAMLEngineException e) {
+ fail("validateAttributeQueryResponse(...) should've thrown an STORKSAMLEngineException!");
+ LOG.error("Error");
+ }
+ }
+
+ /**
+ * Test response invalid parameters invalid token.
+ */
+ @Test
+ public final void testResponseInvalidParametersTokenMsg() {
+ try {
+ // ipAddress origin "111.222.333.444"
+ // Subject Confirmation Bearer.
+ getEngine().validateSTORKAttrQueryResponse("errorMessage".getBytes(),
+ ipAddress);
+ fail("validateAuthenticationResponse(...) should've thrown an STORKSAMLEngineException!");
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+ /**
+ * Test validate attribute query response is fail.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ /*@Test
+ public final void testValidateAuthenticationResponseIsFail()
+ throws STORKSAMLEngineException {
+ attrQeuryenResponse = getEngine().validateSTORKAttrQueryResponse(attrQueryResponse,
+ ipAddress);
+
+ assertFalse("Generate incorrect response: ", attrQeuryenResponse.isFail());
+ }
+
+ /**
+ * Test validate attribute query response destination.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test
+ public final void testValidateAuthenticationResponseDestination()
+ throws STORKSAMLEngineException {
+ attrQeuryenResponse = getEngine().validateSTORKAttrQueryResponse(attrQueryResponse,
+ ipAddress);
+
+ assertEquals("Destination incorrect: ",
+ attrQeuryenResponse.getInResponseTo(), attrQueryenRequest.getSamlId());
+ }
+
+ /**
+ * Test validate attribute query response values.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test
+ public final void testValidateAuthenticationResponseValuesComplex()
+ throws STORKSAMLEngineException {
+ attrQeuryenResponse = getEngine().validateSTORKAttrQueryResponse(attrQueryResponse,
+ ipAddress);
+
+ assertEquals("Country incorrect:", attrQeuryenResponse.getCountry(), "ES");
+
+ final Iterator<PersonalAttribute> iterator = attrQeuryenResponse
+ .getPersonalAttributeList().iterator();
+
+ while (iterator.hasNext()) {
+ final PersonalAttribute attribute = iterator.next();
+ if (attribute.getName().equalsIgnoreCase(
+ "canonicalResidenceAddress")) {
+ assertEquals("State incorrect: ", state, attribute
+ .getComplexValue().get("state"));
+ assertEquals("Town incorrect: ", town, attribute
+ .getComplexValue().get("town"));
+ assertEquals("Postal code incorrect: ", postalCode, attribute
+ .getComplexValue().get("postalCode"));
+ assertEquals("Street name incorrect: ", streetName, attribute
+ .getComplexValue().get("streetName"));
+ assertEquals("Street number incorrect: ", streetNumber,
+ attribute.getComplexValue().get("streetNumber"));
+ }
+ }
+ }
+
+ /**
+ * Test generate attribute query response fail in response to it's null.
+ * @throws STORKSAMLEngineException
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test //( expected=STORKSAMLEngineException.class)
+ public final void testGenerateAttrQueryResponseFailInResponseToNull() throws STORKSAMLEngineException {
+ final String identifier = attrQueryenRequest.getSamlId();
+ attrQueryenRequest.setSamlId(null);
+
+ final STORKAttrQueryResponse response = new STORKAttrQueryResponse();
+ response.setStatusCode(STORKStatusCode.REQUESTER_URI.toString());
+ response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString());
+ response.setMessage("");
+
+ try {
+ attrQueryResponse = getEngine().generateSTORKAttrQueryResponseFail(attrQueryenRequest,
+ response, ipAddress, destinationUrl, isNotHashing).getTokenSaml();
+ fail(ERROR_TXT);
+ } catch (STORKSAMLEngineException e) {
+ attrQueryenRequest.setSamlId(identifier);
+ LOG.error("Error");
+ //throw new STORKSAMLEngineException(e);
+ }
+ }
+
+ /**
+ * Test generate attribute query response fail assertion consumer URL err1.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ /*@Test
+ public final void testGenerateAuthnResponseFailAssertionConsumerUrlNull()
+ throws STORKSAMLEngineException {
+
+ final String assertConsumerUrl = attrQueryenRequest
+ .getAssertionConsumerServiceURL();
+ attrQueryenRequest.setAssertionConsumerServiceURL(null);
+
+ final STORKAuthnResponse response = new STORKAuthnResponse();
+ response.setStatusCode(STORKStatusCode.REQUESTER_URI.toString());
+ response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString());
+ response.setMessage("");
+
+ try {
+ attrQueryResponse = getEngine().generateSTORKAuthnResponseFail(attrQueryenRequest,
+ response, ipAddress, isNotHashing).getTokenSaml();
+ fail("generateAuthnResponseFail(...) should've thrown an STORKSAMLEngineException!");
+ } catch (STORKSAMLEngineException e) {
+ attrQueryenRequest.setAssertionConsumerServiceURL(assertConsumerUrl);
+ LOG.error("Error");
+ }
+ }
+
+ /**
+ * Test generate attribute query response fail code error err1.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test
+ public final void testGenerateAttrQueryResponseFailCodeErrorNull()
+ throws STORKSAMLEngineException {
+ final STORKAttrQueryResponse response = new STORKAttrQueryResponse();
+ response.setStatusCode(null);
+ response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString());
+ response.setMessage("");
+
+ try {
+ attrQueryResponse = getEngine().generateSTORKAttrQueryResponseFail(attrQueryenRequest,
+ response, ipAddress, destinationUrl, isNotHashing).getTokenSaml();
+ fail("generateAttrQueryResponseFail(...) should've thrown an STORKSAMLEngineException!");
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+
+
+
+ /**
+ * Test generate attribute query request without errors.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test
+ public final void testValidateAttrQueryResponse() throws STORKSAMLEngineException {
+
+ IPersonalAttributeList palist = new PersonalAttributeList();
+
+ PersonalAttribute isAgeOver = new PersonalAttribute();
+ isAgeOver.setName("isAgeOver");
+ isAgeOver.setIsRequired(true);
+ ArrayList<String> ages = new ArrayList<String>();
+ ages.add("16");
+ ages.add("18");
+ isAgeOver.setValue(ages);
+ isAgeOver.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString());
+ palist.add(isAgeOver);
+
+ PersonalAttribute dateOfBirth = new PersonalAttribute();
+ dateOfBirth.setName("dateOfBirth");
+ dateOfBirth.setIsRequired(false);
+ final ArrayList<String> date = new ArrayList<String>();
+ date.add("16/12/2008");
+ dateOfBirth.setValue(date);
+ dateOfBirth.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString());
+ palist.add(dateOfBirth);
+
+
+ PersonalAttribute eIDNumber = new PersonalAttribute();
+ eIDNumber.setName("eIdentifier");
+ eIDNumber.setIsRequired(true);
+
+ final ArrayList<String> idNumber = new ArrayList<String>();
+ idNumber.add("123456789PÑ");
+
+ final HashMap<String, String> complex = new HashMap<String, String>();
+ complex.put("one", "two");
+
+ //eIDNumber.setValue(null);
+ //eIDNumber.setValue(idNumber);
+ //eIDNumber.setComplexValue(complex);
+
+ eIDNumber.setStatus(STORKStatusCode.STATUS_NOT_AVAILABLE.toString());
+ palist.add(eIDNumber);
+
+ PersonalAttribute canRessAddress = new PersonalAttribute();
+ canRessAddress.setName("canonicalResidenceAddress");
+ canRessAddress.setIsRequired(true);
+ canRessAddress.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString());
+ final HashMap<String, String> address = new HashMap<String, String>();
+
+ address.put("state", state);
+ address.put("town", town);
+ address.put("postalCode", postalCode);
+ address.put("streetName", streetName);
+ address.put("streetNumber", streetNumber);
+
+ canRessAddress.setComplexValue(address);
+ palist.add(canRessAddress);
+
+
+ final STORKAttrQueryResponse response = new STORKAttrQueryResponse();
+
+ response.setPersonalAttributeList(palist);
+
+ final STORKAttrQueryResponse storkResponse = getEngine()
+ .generateSTORKAttrQueryResponse(attrQueryenRequest, response, ipAddress,
+ destinationUrl, isNotHashing);
+
+ attrQueryResponse = storkResponse.getTokenSaml();
+ LOG.info("Request id: " + attrQueryenRequest.getSamlId());
+
+ LOG.info("RESPONSE: " + SSETestUtils.encodeSAMLToken(attrQueryResponse));
+
+
+ attrQeuryenResponse = getEngine().validateSTORKAttrQueryResponse(attrQueryResponse,
+ ipAddress);
+
+ LOG.info("RESPONSE ID: " + attrQeuryenResponse.getSamlId());
+ LOG.info("RESPONSE IN_RESPONSE_TO: " + attrQeuryenResponse.getInResponseTo());
+ LOG.info("RESPONSE COUNTRY: " + attrQeuryenResponse.getCountry());
+
+ }
+
+
+
+
+
+ /**
+ * Test validate attribute query response fail is fail.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test
+ public final void testValidateAttrQueryResponseFailIsFail()
+ throws STORKSAMLEngineException {
+
+ final STORKAttrQueryResponse response = new STORKAttrQueryResponse();
+ response.setStatusCode(STORKStatusCode.REQUESTER_URI.toString());
+ response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString());
+ response.setMessage("message");
+
+ attrQueryResponse = getEngine().generateSTORKAttrQueryResponseFail(attrQueryenRequest,
+ response, ipAddress, destinationUrl, isNotHashing).getTokenSaml();
+
+ LOG.error("ERROR_FAIL: " + PEPSUtil.encodeSAMLToken(attrQueryResponse));
+
+ attrQeuryenResponse = getEngine().validateSTORKAttrQueryResponse(attrQueryResponse,
+ ipAddress);
+
+ LOG.info("COUNTRY: " + attrQeuryenResponse.getCountry());
+ assertTrue("Generate incorrect response: ", attrQeuryenResponse.isFail());
+ }
+
+ /**
+ * Test generate/validate response with signedDoc
+ *
+ * @throws STORKSAMLEngineException
+ * the STORKSAML engine exception
+ */
+ @Test
+ public final void testGenerateAttrQueryResponseWithSignedDoc()
+ throws STORKSAMLEngineException {
+
+ String signedDocResponse = "<dss:SignResponse xmlns:dss=\"urn:oasis:names:tc:dss:1.0:core:schema\" RequestID=\"123456\"> <dss:Result> <dss:ResultMajor>urn:oasis:names:tc:dss:1.0:resultmajor:Success</dss:ResultMajor> </dss:Result> <dss:SignatureObject> <dss:Base64Signature Type=\"urn:ietf:rfc:3275\">PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48ZHM6U2lnbmF0dXJlIHhtbG5zOmRzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIiBJZD0iU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1TaWduYXR1cmUiPjxkczpTaWduZWRJbmZvPjxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvVFIvMjAwMS9SRUMteG1sLWMxNG4tMjAwMTAzMTUiLz48ZHM6U2lnbmF0dXJlTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3JzYS1zaGExIi8+PGRzOlJlZmVyZW5jZSBJZD0iUmVmZXJlbmNlLWJhYmE0ZDFhLWExN2UtNDJjNi05N2QyLWJlZWUxMzUwOTUwMyIgVHlwZT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI09iamVjdCIgVVJJPSIjT2JqZWN0LTk4NzMzY2RlLThiY2MtNDhhMC05Yjc3LTBlOTk5N2JkZDA1OCI+PGRzOlRyYW5zZm9ybXM+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNiYXNlNjQiLz48L2RzOlRyYW5zZm9ybXM+PGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzOkRpZ2VzdFZhbHVlPkNrMVZxTmQ0NVFJdnEzQVpkOFhZUUx2RWh0QT08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjxkczpSZWZlcmVuY2UgVHlwZT0iaHR0cDovL3VyaS5ldHNpLm9yZy8wMTkwMyNTaWduZWRQcm9wZXJ0aWVzIiBVUkk9IiNTaWduYXR1cmUtOGVhYmQwYTUtNjYwZC00YWZkLTk5MDUtMGFiYzc1NTNkMTkyLVNpZ25lZFByb3BlcnRpZXMiPjxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSIvPjxkczpEaWdlc3RWYWx1ZT5BNVk5MW40cXBMZ3l0VFc3ZnhqWENVZVJ2NTQ9PC9kczpEaWdlc3RWYWx1ZT48L2RzOlJlZmVyZW5jZT48ZHM6UmVmZXJlbmNlIFVSST0iI1NpZ25hdHVyZS04ZWFiZDBhNS02NjBkLTRhZmQtOTkwNS0wYWJjNzU1M2QxOTItS2V5SW5mbyI+PGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzOkRpZ2VzdFZhbHVlPlZQWDRuS0Z5UzZyRitGNmNSUjBQck5aZHc2Zz08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjwvZHM6U2lnbmVkSW5mbz48ZHM6U2lnbmF0dXJlVmFsdWUgSWQ9IlNpZ25hdHVyZS04ZWFiZDBhNS02NjBkLTRhZmQtOTkwNS0wYWJjNzU1M2QxOTItU2lnbmF0dXJlVmFsdWUiPkxiS04vL0M3WGt5eFR0WVRpQ1VScjhuWnp4QW1zdGNNZDBDZ0VBQ3JLMWR5Z1JIcUdjSzR4dHMrV0NVOFB5RXFXclJJVFl6SXV3LzcNClY0Wno5VFQ2MHA0S1RNZXd1UUw2NHNrRVN4MllnMkVkaWtTTyt0S3hXa2hyYVVzbVZiR2JQbW1jbUR2OTd0SER3ODg3NDdlRnE1RjUNCnYrYVZTeUF6MDNpVUttdVNlSDg9PC9kczpTaWduYXR1cmVWYWx1ZT48ZHM6S2V5SW5mbyBJZD0iU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1LZXlJbmZvIj48ZHM6S2V5VmFsdWU+PGRzOlJTQUtleVZhbHVlPjxkczpNb2R1bHVzPnd1Y21qOXRJV3J2d2JTVFVEZndLbCtKdERNTUVSMGNMZDZEa0JTcjc5MHQrckdOakVTcVlqUndFSWVCbktvUUhQeDVIb1JlRjg4L3QNCnFZOStDaEVYcExITHM5cDVhWDdTREp1YnBRTWZwMXRERlgzNHl3Z3hTUXZjZWVKUVdCWGppZXVJbWZDMjFzNGJPY2dKYlYxaGJpZ1MNCnpPS1RRS3IxVHpkR1IrdVJ5MDA9PC9kczpNb2R1bHVzPjxkczpFeHBvbmVudD5BUUFCPC9kczpFeHBvbmVudD48L2RzOlJTQUtleVZhbHVlPjwvZHM6S2V5VmFsdWU+PGRzOlg1MDlEYXRhPjxkczpYNTA5Q2VydGlmaWNhdGU+TUlJSW1UQ0NCNEdnQXdJQkFnSURBWFVVTUEwR0NTcUdTSWIzRFFFQkJRVUFNSUlCT3pFTE1Ba0dBMVVFQmhNQ1JWTXhPekE1QmdOVg0KQkFvVE1rRm5aVzVqYVdFZ1EyRjBZV3hoYm1FZ1pHVWdRMlZ5ZEdsbWFXTmhZMmx2SUNoT1NVWWdVUzB3T0RBeE1UYzJMVWtwTVRRdw0KTWdZRFZRUUhFeXRRWVhOellYUm5aU0JrWlNCc1lTQkRiMjVqWlhCamFXOGdNVEVnTURnd01EZ2dRbUZ5WTJWc2IyNWhNUzR3TEFZRA0KVlFRTEV5VlRaWEoyWldseklGQjFZbXhwWTNNZ1pHVWdRMlZ5ZEdsbWFXTmhZMmx2SUVWRFZpMHlNVFV3TXdZRFZRUUxFeXhXWldkbA0KZFNCb2RIUndjem92TDNkM2R5NWpZWFJqWlhKMExtNWxkQzkyWlhKRFNVTXRNaUFvWXlrd016RTFNRE1HQTFVRUN4TXNSVzUwYVhSaA0KZENCd2RXSnNhV05oSUdSbElHTmxjblJwWm1sallXTnBieUJrWlNCamFYVjBZV1JoYm5NeEd6QVpCZ05WQkFNVEVsQlNSVkJTVDBSVg0KUTBOSlR5QkpSRU5oZERBZUZ3MHhNREF5TVRFeE9ESXlNRFJhRncweE5EQXlNVEF4T0RJeU1EUmFNSUd3TVFzd0NRWURWUVFHRXdKRg0KVXpFMU1ETUdBMVVFQ3hNc1ZtVm5aWFVnYUhSMGNITTZMeTkzZDNjdVkyRjBZMlZ5ZEM1dVpYUXZkbVZ5U1VSRFlYUWdLR01wTURNeA0KRmpBVUJnTlZCQVFURFVKRlVreEJUa2RCSUZOUFZFOHhGekFWQmdOVkJDb1REazFCVWtsQklFVk9SMUpCUTBsQk1SSXdFQVlEVlFRRg0KRXdreE1EQXdNRGswTkZNeEpUQWpCZ05WQkFNVEhFMUJVa2xCSUVWT1IxSkJRMGxCSUVKRlVreEJUa2RCSUZOUFZFOHdnWjh3RFFZSg0KS29aSWh2Y05BUUVCQlFBRGdZMEFNSUdKQW9HQkFNTG5Kby9iU0ZxNzhHMGsxQTM4Q3BmaWJRekRCRWRIQzNlZzVBVXErL2RMZnF4ag0KWXhFcW1JMGNCQ0hnWnlxRUJ6OGVSNkVYaGZQUDdhbVBmZ29SRjZTeHk3UGFlV2wrMGd5Ym02VURINmRiUXhWOStNc0lNVWtMM0huaQ0KVUZnVjQ0bnJpSm53dHRiT0d6bklDVzFkWVc0b0VzemlrMENxOVU4M1JrZnJrY3ROQWdNQkFBR2pnZ1N3TUlJRXJEQU1CZ05WSFJNQg0KQWY4RUFqQUFNQTRHQTFVZER3RUIvd1FFQXdJRm9EQ0J6QVlEVlIwUkJJSEVNSUhCZ1E5aWMyOTBiMEJuYldGcGJDNWpiMjJrZ1lVdw0KZ1lJeEN6QUpCZ05WQkFZVEFrVlRNU3N3S1FZRFZRUUtGQ0pCWjhPb2JtTnBZU0JEWVhSaGJHRnVZU0JrWlNCRFpYSjBhV1pwWTJGag0KYWNPek1RNHdEQVlEVlFRTEV3VkpSRU5CVkRFUE1BMEdBMVVFQlJNR01ERTNOVEUwTVNVd0l3WURWUVFERXh4TlFWSkpRU0JGVGtkUw0KUVVOSlFTQkNSVkpNUVU1SFFTQlRUMVJQb0JBR0Npc0dBUVFCOVhnQkFRR2dBZ3dBb0JRR0RsWUVBQUVEQmdFRUFmVjRBUUVDb0FJTQ0KQURBZkJnTlZIUklFR0RBV2dSUmxZMTlwWkdOaGRFQmpZWFJqWlhKMExtNWxkREFkQmdOVkhRNEVGZ1FVQUZYanVOc2tCMk1seXZVQg0KaDdwOFRKMHVKMHd3Z2dGSUJnTlZIU01FZ2dFL01JSUJPNEFVUkt2Y2tVaE4xNGg0Q24vZ2RPRG42NzIzS1Z5aGdnRVBwSUlCQ3pDQw0KQVFjeEN6QUpCZ05WQkFZVEFrVlRNVHN3T1FZRFZRUUtFekpCWjJWdVkybGhJRU5oZEdGc1lXNWhJR1JsSUVObGNuUnBabWxqWVdOcA0KYnlBb1RrbEdJRkV0TURnd01URTNOaTFKS1RFb01DWUdBMVVFQ3hNZlUyVnlkbVZwY3lCUWRXSnNhV056SUdSbElFTmxjblJwWm1sag0KWVdOcGJ6RThNRG9HQTFVRUN4TXpWbVZuWlhVZ2FIUjBjSE02THk5M2QzY3VZMkYwWTJWeWRDNXVaWFF2ZG1WeWNISmxjSEp2WkhWag0KWTJsdklDaGpLVEF6TVRVd013WURWUVFMRXl4S1pYSmhjbkYxYVdFZ1JXNTBhWFJoZEhNZ1pHVWdRMlZ5ZEdsbWFXTmhZMmx2SUVOaA0KZEdGc1lXNWxjekVjTUJvR0ExVUVBeE1UVUZKRlVGSlBSRlZEUTBsUElFVkRMVUZEUTRJUWR3S1R0TTFFRVU5RkVQWFVZSGdnaERBZA0KQmdOVkhTVUVGakFVQmdnckJnRUZCUWNEQWdZSUt3WUJCUVVIQXdRd0VRWUpZSVpJQVliNFFnRUJCQVFEQWdXZ01EUUdDQ3NHQVFVRg0KQndFQkJDZ3dKakFrQmdnckJnRUZCUWN3QVlZWWFIUjBjSE02THk5dlkzTndMbU5oZEdObGNuUXVibVYwTUJnR0NDc0dBUVVGQndFRA0KQkF3d0NqQUlCZ1lFQUk1R0FRRXdnWVlHQTFVZEh3Ui9NSDB3UEtBNm9EaUdObWgwZEhBNkx5OWxjSE5qWkM1allYUmpaWEowTG01bA0KZEM5amNtd3ZjSEpsY0hKdlpIVmpZMmx2WDJWakxXbGtZMkYwTG1OeWJEQTlvRHVnT1lZM2FIUjBjRG92TDJWd2MyTmtNaTVqWVhSag0KWlhKMExtNWxkQzlqY213dmNISmxjSEp2WkhWalkybHZYMlZqTFdsa1kyRjBMbU55YkRDQjlnWURWUjBnQklIdU1JSHJNSUhvQmd3cg0KQmdFRUFmVjRBUU1CVmdFd2dkY3dMQVlJS3dZQkJRVUhBZ0VXSUdoMGRIQnpPaTh2ZDNkM0xtTmhkR05sY25RdWJtVjBMM1psY2tsRQ0KUTJGME1JR21CZ2dyQmdFRkJRY0NBakNCbVJxQmxrRnhkV1Z6ZENEdnY3MXpJSFZ1SUdObGNuUnBabWxqWVhRZ2NHVnljMjl1WVd3Zw0KU1VSRFFWUXNJSEpsWTI5dVpXZDFkQ0JrSjJsa1pXNTBhV1pwWTJGajc3KzlMQ0J6YVdkdVlYUjFjbUVnYVNCNGFXWnlZWFFnWkdVZw0KWTJ4aGMzTmxJRElnYVc1a2FYWnBaSFZoYkM0Z1ZtVm5aWFVnYUhSMGNITTZMeTkzZDNjdVkyRjBZMlZ5ZEM1dVpYUXZkbVZ5UkVOaA0KZERBdEJnTlZIUWtFSmpBa01CQUdDQ3NHQVFVRkJ3a0VNUVFUQWtWVE1CQUdDQ3NHQVFVRkJ3a0ZNUVFUQWtWVE1BMEdDU3FHU0liMw0KRFFFQkJRVUFBNElCQVFDcTc3ODBSR1FNTEIxZ2tkTk1mTFhuZ3FNb1JIR0taYnZ6a3JxSUFtVDhXQWQxRThyQXBoUjkveExKVXRwNQ0KbGJnMmZScjVibDJqOE9WREJLMlltRzQxaDhBRG40U1RJL0FwZU5JTlNmalpzNk5Sc25XekZ5ZlhYbVBDSFlGQi9YV3p5aW1DRXhndg0KdnR1SCszUUF3Y3dobjUwUExFdWh3NUM1dmxYN0x5NUs2ckxMTUZOVVVNYldWeTFoWmVsSy9DQlRjQWpJTzM4TlkrdllSQU1LU2Y0TQ0KL2daUXo0cUJlRlZKYTUyUjdOY0FxQ2ZyZkxmYVhwYkRTZzk4eG9CZU5zMmluR3p4OFVTZ0VyTFpqS0pzZG4vS2pURDlnUy9zVGRRNg0KUTdpZHFsZDJMRlZsTzIvYjk0Wk5aQmNTLzc4RU9EWGdkV2ZreVBDN1J3OHJlOW5JMy9qVDwvZHM6WDUwOUNlcnRpZmljYXRlPjwvZHM6WDUwOURhdGE+PC9kczpLZXlJbmZvPjxkczpPYmplY3QgRW5jb2Rpbmc9ImJhc2U2NCIgSWQ9Ik9iamVjdC05ODczM2NkZS04YmNjLTQ4YTAtOWI3Ny0wZTk5OTdiZGQwNTgiIE1pbWVUeXBlPSJhcHBsaWNhdGlvbi9vY3RldC1zdHJlYW0iPlNHVnNiRzhnVjI5eWJHUT08L2RzOk9iamVjdD48ZHM6T2JqZWN0Pjx4YWRlczpRdWFsaWZ5aW5nUHJvcGVydGllcyB4bWxuczp4YWRlcz0iaHR0cDovL3VyaS5ldHNpLm9yZy8wMTkwMy92MS4zLjIjIiBJZD0iU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1RdWFsaWZ5aW5nUHJvcGVydGllcyIgVGFyZ2V0PSIjU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1TaWduYXR1cmUiPjx4YWRlczpTaWduZWRQcm9wZXJ0aWVzIElkPSJTaWduYXR1cmUtOGVhYmQwYTUtNjYwZC00YWZkLTk5MDUtMGFiYzc1NTNkMTkyLVNpZ25lZFByb3BlcnRpZXMiPjx4YWRlczpTaWduZWRTaWduYXR1cmVQcm9wZXJ0aWVzPjx4YWRlczpTaWduaW5nVGltZT4yMDExLTAzLTIxVDExOjQ0OjQyKzAxOjAwPC94YWRlczpTaWduaW5nVGltZT48eGFkZXM6U2lnbmluZ0NlcnRpZmljYXRlPjx4YWRlczpDZXJ0Pjx4YWRlczpDZXJ0RGlnZXN0PjxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSIvPjxkczpEaWdlc3RWYWx1ZT4zbTZ3OTlUb3lTZDlKcEJsMWdCazhEei9iYlU9PC9kczpEaWdlc3RWYWx1ZT48L3hhZGVzOkNlcnREaWdlc3Q+PHhhZGVzOklzc3VlclNlcmlhbD48ZHM6WDUwOUlzc3Vlck5hbWU+Q049UFJFUFJPRFVDQ0lPIElEQ2F0LCBPVT1FbnRpdGF0IHB1YmxpY2EgZGUgY2VydGlmaWNhY2lvIGRlIGNpdXRhZGFucywgT1U9VmVnZXUgaHR0cHM6Ly93d3cuY2F0Y2VydC5uZXQvdmVyQ0lDLTIgKGMpMDMsIE9VPVNlcnZlaXMgUHVibGljcyBkZSBDZXJ0aWZpY2FjaW8gRUNWLTIsIEw9UGFzc2F0Z2UgZGUgbGEgQ29uY2VwY2lvIDExIDA4MDA4IEJhcmNlbG9uYSwgTz1BZ2VuY2lhIENhdGFsYW5hIGRlIENlcnRpZmljYWNpbyAoTklGIFEtMDgwMTE3Ni1JKSwgQz1FUzwvZHM6WDUwOUlzc3Vlck5hbWU+PGRzOlg1MDlTZXJpYWxOdW1iZXI+OTU1MDg8L2RzOlg1MDlTZXJpYWxOdW1iZXI+PC94YWRlczpJc3N1ZXJTZXJpYWw+PC94YWRlczpDZXJ0PjwveGFkZXM6U2lnbmluZ0NlcnRpZmljYXRlPjwveGFkZXM6U2lnbmVkU2lnbmF0dXJlUHJvcGVydGllcz48eGFkZXM6U2lnbmVkRGF0YU9iamVjdFByb3BlcnRpZXM+PHhhZGVzOkRhdGFPYmplY3RGb3JtYXQgT2JqZWN0UmVmZXJlbmNlPSIjUmVmZXJlbmNlLWJhYmE0ZDFhLWExN2UtNDJjNi05N2QyLWJlZWUxMzUwOTUwMyI+PHhhZGVzOk1pbWVUeXBlPmFwcGxpY2F0aW9uL29jdGV0LXN0cmVhbTwveGFkZXM6TWltZVR5cGU+PHhhZGVzOkVuY29kaW5nPmJhc2U2NDwveGFkZXM6RW5jb2Rpbmc+PC94YWRlczpEYXRhT2JqZWN0Rm9ybWF0PjwveGFkZXM6U2lnbmVkRGF0YU9iamVjdFByb3BlcnRpZXM+PC94YWRlczpTaWduZWRQcm9wZXJ0aWVzPjwveGFkZXM6UXVhbGlmeWluZ1Byb3BlcnRpZXM+PC9kczpPYmplY3Q+PC9kczpTaWduYXR1cmU+</dss:Base64Signature> </dss:SignatureObject> </dss:SignResponse>";
+
+ IPersonalAttributeList palist = new PersonalAttributeList();
+
+ PersonalAttribute signedDoc = new PersonalAttribute();
+ signedDoc.setName("signedDoc");
+ signedDoc.setIsRequired(false);
+ ArrayList<String> signed = new ArrayList<String>();
+ signed.add(signedDocResponse);
+ signedDoc.setValue(signed);
+ palist.add(signedDoc);
+
+ PersonalAttribute isAgeOver = new PersonalAttribute();
+ isAgeOver.setName("isAgeOver");
+ isAgeOver.setIsRequired(false);
+ ArrayList<String> ages = new ArrayList<String>();
+ ages.add("16");
+ ages.add("18");
+ isAgeOver.setValue(ages);
+ palist.add(isAgeOver);
+
+ attrQueryenRequest.setPersonalAttributeList(palist);
+
+ final STORKAttrQueryResponse response = new STORKAttrQueryResponse();
+
+ response.setPersonalAttributeList(palist);
+
+ final STORKAttrQueryResponse storkResponse = getEngine()
+ .generateSTORKAttrQueryResponse(attrQueryenRequest, response, ipAddress,
+ destinationUrl, isNotHashing);
+
+ attrQueryResponse = storkResponse.getTokenSaml();
+ attrQeuryenResponse = getEngine().validateSTORKAttrQueryResponse(attrQueryResponse,
+ ipAddress);
+
+ assertTrue("SignedDoc response should be the same: ", attrQeuryenResponse
+ .getPersonalAttributeList().get("signedDoc").getValue().get(0)
+ .equals(signedDocResponse));
+
+ }
+
+ @Test
+ public final void testEncodeDecode() {
+ STORKAttrQueryRequest attrRequest = new STORKAttrQueryRequest();
+ STORKAttrQueryRequest request;
+ IPersonalAttributeList list = null;
+ boolean outcome = false;
+
+ try {
+ //STEP 1: Create the STORKAttrQueryRequest and get the SAML bytes
+ attrRequest.setSpSector("NOT AVAILABLE");
+ attrRequest.setSpInstitution("NOT AVAILABLE");
+ attrRequest.setSpApplication("NOT AVAILABLE");
+ attrRequest.setSpCountry("NOT AVAILABLE");
+
+ attrRequest.setIssuer("123");
+ attrRequest.setDestination("456");
+ attrRequest.setAssertionConsumerServiceURL("789");
+ attrRequest.setQaa(2);
+ attrRequest.setPersonalAttributeList(pal);
+
+ System.out.println("Original PAL:");
+ System.out.println(pal.toString());
+
+ attrRequest = engine.generateSTORKAttrQueryRequest(attrRequest);
+
+ byte[] saml = attrRequest.getTokenSaml();
+
+ //STEP 2: RE-Create the STORKAttrQueryRequest from the SAML bytes
+ request = engine.validateSTORKAttrQueryRequest(saml);
+
+ System.out.println("STORKAttrQueryRequest Issuer: " + request.getIssuer());
+ System.out.println("STORKAttrQueryRequest Destination: " + request.getDestination());
+ System.out.println("STORKAttrQueryRequest ServiceURL: " + request.getAssertionConsumerServiceURL());
+ System.out.println("STORKAttrQueryRequest Attributes: " + request.getPersonalAttributeList().toString());
+ System.out.println("STORKAttrQueryRequest QAA: " + request.getQaa());
+ //------------------------------
+ list = request.getPersonalAttributeList();
+
+ List<String> values = new ArrayList<String>();
+ values.add("test1");
+ values.add("test2");
+ values.add("test3");
+ list.get("newAttribute2").setValue(values);
+
+ System.out.println("Values added in newAttribute2 PAL:");
+ System.out.println(list.toString());
+
+ //////////////////////////////////////////////////////////////////////////
+ final STORKAttrQueryResponse response = new STORKAttrQueryResponse();
+ response.setPersonalAttributeList(list);
+
+ final STORKAttrQueryResponse storkResponse =
+ engine.generateSTORKAttrQueryResponse(request, response, "127.0.0.1",
+ request.getAssertionConsumerServiceURL(), false);
+
+ byte[] samlBytes = storkResponse.getTokenSaml();
+
+ //STEP 3: RE-Create the STORKAttrQueryResponse from the SAML bytes
+ STORKAttrQueryResponse attrResponse = null;
+ attrResponse =
+ engine.validateSTORKAttrQueryResponse(samlBytes, "127.0.0.1");
+
+ System.out.println("Response decoded PAL:");
+ System.out.println(attrResponse.getPersonalAttributeList().toString());
+
+ values = attrResponse.getPersonalAttributeList().get("newAttribute2").getValue();
+ if ( values.contains("test1") && values.contains("test2") && values.contains("test3") )
+ outcome = true;
+ } catch (final STORKSAMLEngineException e) {
+ LOG.error("Errror genereating SAML Token for Authentication Request", e);
+ }
+
+ assertTrue(outcome);
+ }
+
+ @Test
+ public final void testGenerateAttrRequestWithMultipleAssertions()
+ throws STORKSAMLEngineException {
+ STORKAttrQueryRequest req = null;
+ STORKAttrQueryResponse res0 = null;
+ STORKAttrQueryResponse res1 = null;
+ STORKAttrQueryResponse res2 = null;
+ STORKAttrQueryResponse res = null;
+ STORKAttrQueryResponse restotal = null;
+
+ try {
+ req = getEngine().validateSTORKAttrQueryRequest(attrQueryRequest);
+
+ attrQueryenRequest = getEngine().validateSTORKAttrQueryRequest(attrQueryRequest);
+
+ } catch (STORKSAMLEngineException e) {
+ fail("Error validating STORKAuthnRequest");
+ }
+
+ IPersonalAttributeList pList = req.getPersonalAttributeList();
+ for (int i =0; i < pList.size(); i++)
+ {
+ PersonalAttribute attr = pList.get("dateOfBirth");
+ attr.setValue(Arrays.asList("19820919"));
+ pList.remove("dateOfBirth");
+ pList.add(attr);
+ PersonalAttribute attr1 = pList.get("givenName");
+ attr1.setValue(Arrays.asList("Sveinborn Oskarsson"));
+ pList.remove("givenName");
+ pList.add(attr1);
+ PersonalAttribute attr2 = pList.get("isAgeOver");
+ attr2.setValue(Arrays.asList("true"));
+ pList.remove("isAgeOver");
+ pList.add(attr2);
+ }
+
+ res = new STORKAttrQueryResponse();
+ res.setPersonalAttributeList(pList);
+
+ STORKAttrQueryResponse storkResponse = getEngine()
+ .generateSTORKAttrQueryResponse(req, res, ipAddress,
+ destinationUrl, isNotHashing);
+
+ res0 = getEngine().validateSTORKAttrQueryResponse(storkResponse.getTokenSaml(), ipAddress);
+
+ storkResponse = getEngine()
+ .generateSTORKAttrQueryResponse(req, res, ipAddress,
+ destinationUrl, isNotHashing);
+ res1 = getEngine().validateSTORKAttrQueryResponse(storkResponse.getTokenSaml(), ipAddress);
+
+ storkResponse = getEngine()
+ .generateSTORKAttrQueryResponse(req, res, ipAddress,
+ destinationUrl, isNotHashing);
+ res2 = getEngine().validateSTORKAttrQueryResponse(storkResponse.getTokenSaml(), ipAddress);
+
+ List<STORKAttrQueryResponse> responses = new ArrayList();
+ responses.add(res0);
+ responses.add(res1);
+ responses.add(res2);
+
+ STORKAttrQueryResponse resfinal = new STORKAttrQueryResponse();
+ storkResponse = getEngine().generateSTORKAttrQueryResponseWithAssertions(req, resfinal, responses,
+ ipAddress, destinationUrl, isNotHashing);
+
+ attrQueryResponse = storkResponse.getTokenSaml();
+ FileOutputStream output = null;
+ try {
+ output = new FileOutputStream(new File(System.getProperty("user.dir") + "/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryMultiAssertResponse.xml"));
+ } catch (FileNotFoundException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ try {
+ output.write(attrQueryResponse);
+ } catch (IOException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+
+ res = null;
+ res = getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, ipAddress);
+ System.out.println(res.getTotalPersonalAttributeList().toString());
+ assertNotNull(res);
+ }
+}
diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAuthRequestTest.java b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAuthRequestTest.java
new file mode 100644
index 000000000..02a8a6fab
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAuthRequestTest.java
@@ -0,0 +1,968 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.test.simple;
+
+import static org.junit.Assert.*;
+
+import java.util.ArrayList;
+
+import org.junit.Ignore;
+import org.junit.Test;
+
+import org.opensaml.xml.parse.BasicParserPool;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import eu.stork.peps.auth.commons.IPersonalAttributeList;
+import eu.stork.peps.auth.commons.PersonalAttribute;
+import eu.stork.peps.auth.commons.PersonalAttributeList;
+import eu.stork.peps.auth.commons.STORKAuthnRequest;
+import eu.stork.peps.auth.engine.STORKSAMLEngine;
+import eu.stork.peps.exceptions.STORKSAMLEngineException;
+
+/**
+ * The Class StorkAuthRequestTest defines a class to .
+ */
+public class StorkAuthRequestTest {
+
+ /** The engines. */
+ private static STORKSAMLEngine engine = STORKSAMLEngine.getInstance("CONF1");
+ private static STORKSAMLEngine engine2 = STORKSAMLEngine.getInstance("CONF2");
+ private static STORKSAMLEngine engine3 = STORKSAMLEngine.getInstance("CONF3");
+
+
+ /**
+ * Instantiates a new stork authentication request test.
+ */
+ public StorkAuthRequestTest() {
+ pal = new PersonalAttributeList();
+
+ final PersonalAttribute isAgeOver = new PersonalAttribute();
+ isAgeOver.setName("isAgeOver");
+ isAgeOver.setIsRequired(true);
+ final ArrayList<String> ages = new ArrayList<String>();
+ ages.add("16");
+ ages.add("18");
+ isAgeOver.setValue(ages);
+ pal.add(isAgeOver);
+
+ final PersonalAttribute dateOfBirth = new PersonalAttribute();
+ dateOfBirth.setName("dateOfBirth");
+ dateOfBirth.setIsRequired(false);
+ pal.add(dateOfBirth);
+
+ final PersonalAttribute eIDNumber = new PersonalAttribute();
+ eIDNumber.setName("eIdentifier");
+ eIDNumber.setIsRequired(true);
+ pal.add(eIDNumber);
+
+ destination = "http://C-PEPS.gov.xx/PEPS/ColleagueRequest";
+ assertConsumerUrl = "http://S-PEPS.gov.xx/PEPS/ColleagueResponse";
+
+ spName = "University of Oxford";
+ spSector = "EDU001";
+ spInstitution = "OXF001";
+ spApplication = "APP001";
+ spCountry = "EN";
+
+ spId = "EDU001-OXF001-APP001";
+
+ }
+
+ /** The destination. */
+ private String destination;
+
+ /** The service provider name. */
+ private String spName;
+
+ /** The service provider sector. */
+ private String spSector;
+
+ /** The service provider institution. */
+ private String spInstitution;
+
+ /** The service provider application. */
+ private String spApplication;
+
+ /** The service provider country. */
+ private String spCountry;
+
+ /** The service provider id. */
+ private String spId;
+
+ /** The quality authentication assurance level. */
+ private static final int QAAL = 3;
+
+ /** The List of Personal Attributes. */
+ private IPersonalAttributeList pal;
+
+ /** The assertion consumer URL. */
+ private String assertConsumerUrl;
+
+ /** The authentication request. */
+ private static byte[] authRequest;
+
+ /** The Constant LOG. */
+ private static final Logger LOG = LoggerFactory
+ .getLogger(StorkAuthRequestTest.class.getName());
+
+ /** Parser manager used to parse XML. */
+ private static BasicParserPool parser;
+
+ static {
+ parser = new BasicParserPool();
+ parser.setNamespaceAware(true);
+ }
+
+ /**
+ * Test generate authentication request.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test
+ public final void testGenerateAuthnRequest() throws STORKSAMLEngineException {
+
+ final STORKAuthnRequest request = new STORKAuthnRequest();
+
+ request.setDestination(destination);
+ request.setProviderName(spName);
+ request.setQaa(QAAL);
+ request.setPersonalAttributeList(pal);
+ request.setAssertionConsumerServiceURL(assertConsumerUrl);
+
+ // new parameters
+ request.setSpSector(spSector);
+ request.setSpInstitution(spInstitution);
+ request.setSpApplication(spApplication);
+ request.setSpCountry(spCountry);
+ request.setSPID(spId);
+ request.setCitizenCountryCode("ES");
+
+ //engine.generateSTORKAuthnRequest(request);
+
+ LOG.info("STORKAuthnRequest 1: " + SSETestUtils.encodeSAMLToken(engine.generateSTORKAuthnRequest(request).getTokenSaml()));
+ request.setCitizenCountryCode("ES");
+ LOG.info("STORKAuthnRequest 2: " + SSETestUtils.encodeSAMLToken(engine.generateSTORKAuthnRequest(request).getTokenSaml()));
+ }
+
+
+ /**
+ * Test generate authentication request error personal attribute name error.
+ */
+ @Test
+ public final void testGenerateAuthnRequestPALsErr1() {
+
+ final IPersonalAttributeList palWrong = new PersonalAttributeList();
+
+ final PersonalAttribute worngAttr = new PersonalAttribute();
+ worngAttr.setName("attrNotValid");
+ worngAttr.setIsRequired(true);
+
+ final STORKAuthnRequest request = new STORKAuthnRequest();
+
+ request.setDestination(destination);
+ request.setProviderName(spName);
+ request.setQaa(QAAL);
+ request.setPersonalAttributeList(palWrong);
+ request.setAssertionConsumerServiceURL(assertConsumerUrl);
+
+ // news parameters
+ request.setSpSector(spSector);
+ request.setSpInstitution(spInstitution);
+ request.setSpApplication(spApplication);
+ request.setSpCountry(spCountry);
+ request.setSPID(spId);
+ request.setCitizenCountryCode("ES");
+
+ try {
+ engine.generateSTORKAuthnRequest(request);
+ fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!");
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+
+
+ /**
+ * Test generate authentication request error personal attribute value error.
+ */
+ @Test
+ public final void testGenerateAuthnRequestPALsErr2() {
+
+ final IPersonalAttributeList palWrong = new PersonalAttributeList();
+
+ final PersonalAttribute attrNotValid = new PersonalAttribute();
+ attrNotValid.setName("attrNotValid");
+ attrNotValid.setIsRequired(true);
+ palWrong.add(attrNotValid);
+
+
+
+ final STORKAuthnRequest request = new STORKAuthnRequest();
+
+ request.setDestination(destination);
+ request.setProviderName(spName);
+ request.setQaa(QAAL);
+ request.setPersonalAttributeList(palWrong);
+ request.setAssertionConsumerServiceURL(assertConsumerUrl);
+
+ // news parameters
+ request.setSpSector(spSector);
+ request.setSpInstitution(spInstitution);
+ request.setSpApplication(spApplication);
+ request.setSpCountry(spCountry);
+ request.setSPID(spId);
+ request.setCitizenCountryCode("ES");
+
+ try {
+ engine.generateSTORKAuthnRequest(request);
+ fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!");
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+ /**
+ * Test generate authentication request error provider name null.
+ */
+ @Test
+ public final void testGenerateAuthnRequestSPNAmeErr1() {
+
+
+
+ final STORKAuthnRequest request = new STORKAuthnRequest();
+
+ request.setDestination(destination);
+ request.setProviderName(null);
+ request.setQaa(QAAL);
+ request.setPersonalAttributeList(pal);
+ request.setAssertionConsumerServiceURL(assertConsumerUrl);
+
+ // news parameters
+ request.setSpSector(spSector);
+ request.setSpInstitution(spInstitution);
+ request.setSpApplication(spApplication);
+ request.setSpCountry(spCountry);
+ request.setSPID(spId);
+ request.setCitizenCountryCode("ES");
+
+ try
+ {
+ engine.generateSTORKAuthnRequest(request);
+ fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!");
+ }
+ catch (STORKSAMLEngineException e)
+ {
+ LOG.error("Error");
+ }
+ }
+
+ /**
+ * Test generate authentication request authentication assurance level
+ * negative value.
+ */
+ @Test
+ public final void testGenerateAuthnRequestQaalErr1() {
+
+ final STORKAuthnRequest request = new STORKAuthnRequest();
+
+ request.setDestination(destination);
+ request.setProviderName(spName);
+ request.setQaa(-1);
+ request.setPersonalAttributeList(pal);
+ request.setAssertionConsumerServiceURL(assertConsumerUrl);
+
+ // news parameters
+ request.setSpSector(spSector);
+ request.setSpInstitution(spInstitution);
+ request.setSpApplication(spApplication);
+ request.setSpCountry(spCountry);
+ request.setSPID(spId);
+
+ try {
+ engine.generateSTORKAuthnRequest(request);
+ fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!");
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+ /**
+ * Test generate authentication request service provider sector null.
+ */
+ @Test
+ public final void testGenerateAuthnRequestSectorErr() {
+
+ final STORKAuthnRequest request = new STORKAuthnRequest();
+
+ request.setDestination(destination);
+ request.setProviderName(spName);
+ request.setQaa(QAAL);
+ request.setPersonalAttributeList(pal);
+ request.setAssertionConsumerServiceURL(assertConsumerUrl);
+
+ // news parameters
+ request.setSpSector(null);
+ request.setSpInstitution(spInstitution);
+ request.setSpApplication(spApplication);
+ request.setSpCountry(spCountry);
+ request.setSPID(spId);
+ request.setCitizenCountryCode("ES");
+
+ try {
+ engine.generateSTORKAuthnRequest(request);
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!");
+
+ }
+ }
+
+ /**
+ * Test generate authentication request service provider institution null.
+ */
+ @Test
+ public final void testGenerateAuthnRequestInstitutionrErr() {
+
+ final STORKAuthnRequest request = new STORKAuthnRequest();
+
+ request.setDestination(destination);
+ request.setProviderName(spName);
+ request.setQaa(QAAL);
+ request.setPersonalAttributeList(pal);
+ request.setAssertionConsumerServiceURL(assertConsumerUrl);
+
+ // news parameters
+ request.setSpSector(spSector);
+ request.setSpInstitution(null);
+ request.setSpApplication(spApplication);
+ request.setSpCountry(spCountry);
+ request.setSPID(spId);
+ request.setCitizenCountryCode("ES");
+
+ try {
+ engine.generateSTORKAuthnRequest(request);
+
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!");
+ }
+ }
+
+ /**
+ * Test generate authentication request service provider application null.
+ */
+ @Test
+ public final void testGenerateAuthnRequestApplicationErr() {
+
+ final STORKAuthnRequest request = new STORKAuthnRequest();
+
+ request.setDestination(destination);
+ request.setProviderName(spName);
+ request.setQaa(QAAL);
+ request.setPersonalAttributeList(pal);
+ request.setAssertionConsumerServiceURL(assertConsumerUrl);
+
+ // news parameters
+ request.setSpSector(spSector);
+ request.setSpInstitution(spInstitution);
+ request.setSpApplication(null);
+ request.setSpCountry(spCountry);
+ request.setSPID(spId);
+ request.setCitizenCountryCode("ES");
+
+ try {
+ engine.generateSTORKAuthnRequest(request);
+
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!");
+ }
+ }
+
+ /**
+ * Test generate authentication request service provider country null.
+ */
+ @Test
+ public final void testGenerateAuthnRequestCountryErr() {
+
+ final STORKAuthnRequest request = new STORKAuthnRequest();
+
+ request.setDestination(destination);
+ request.setProviderName(spName);
+ request.setQaa(QAAL);
+ request.setPersonalAttributeList(pal);
+ request.setAssertionConsumerServiceURL(assertConsumerUrl);
+
+ // news parameters
+ request.setSpSector(spSector);
+ request.setSpInstitution(spInstitution);
+ request.setSpApplication(spApplication);
+ request.setSpCountry(null);
+ request.setSPID(spId);
+ request.setCitizenCountryCode("ES");
+
+ try {
+ engine.generateSTORKAuthnRequest(request);
+ LOG.error("Error");
+ fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!");
+
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+ /**
+ * Test generate authentication request error with quality authentication
+ * assurance level wrong.
+ */
+ @Test
+ public final void testGenerateAuthnRequestQaalErr2() {
+ final STORKAuthnRequest request = new STORKAuthnRequest();
+
+ request.setDestination(destination);
+ request.setProviderName(spName);
+ request.setQaa(0);
+ request.setPersonalAttributeList(pal);
+ request.setAssertionConsumerServiceURL(assertConsumerUrl);
+
+ // news parameters
+ request.setSpSector(spSector);
+ request.setSpInstitution(spInstitution);
+ request.setSpApplication(spApplication);
+ request.setSpCountry(spCountry);
+ request.setSPID(spId);
+ request.setCitizenCountryCode("ES");
+
+ try {
+ engine.generateSTORKAuthnRequest(request);
+ fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!");
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+ /**
+ * Test generate authentication request personal attribute list null value.
+ */
+ @Test
+ public final void testGenerateAuthnRequestPALErr1() {
+ final STORKAuthnRequest request = new STORKAuthnRequest();
+
+ request.setDestination(destination);
+ request.setProviderName(spName);
+ request.setQaa(QAAL);
+ request.setPersonalAttributeList(null);
+ request.setAssertionConsumerServiceURL(assertConsumerUrl);
+
+ // news parameters
+ request.setSpSector(spSector);
+ request.setSpInstitution(spInstitution);
+ request.setSpApplication(spApplication);
+ request.setSpCountry(spCountry);
+ request.setSPID(spId);
+ request.setCitizenCountryCode("ES");
+
+ try {
+ engine.generateSTORKAuthnRequest(request);
+ fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!");
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+ /**
+ * Test generate authentication request error with assertion consumer URL
+ * null.
+ */
+ @Test
+ public final void testGenerateAuthnRequestAssertionConsumerErr1() {
+ final STORKAuthnRequest request = new STORKAuthnRequest();
+
+ request.setDestination(destination);
+ request.setProviderName(spName);
+ request.setQaa(QAAL);
+ request.setPersonalAttributeList(pal);
+ request.setAssertionConsumerServiceURL(null);
+
+ // news parameters
+ request.setSpSector(spSector);
+ request.setSpInstitution(spInstitution);
+ request.setSpApplication(spApplication);
+ request.setSpCountry(spCountry);
+ request.setSPID(spId);
+ request.setCitizenCountryCode("ES");
+
+ try {
+ engine.generateSTORKAuthnRequest(request);
+ fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!");
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+ /**
+ * Test validate authentication request null parameter.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test
+ public final void testValidateAuthnRequestNullParam()
+ throws STORKSAMLEngineException {
+ try {
+ engine.validateSTORKAuthnRequest(null);
+ fail("validateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!");
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+ /**
+ * Test validate authentication request error bytes encode.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test
+ public final void testValidateAuthnRequestErrorEncode()
+ throws STORKSAMLEngineException {
+ try {
+ engine.validateSTORKAuthnRequest("messageError".getBytes());
+ fail("validateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!");
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+ /**
+ * Test validate authentication request.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test
+ public final void testValidateAuthnRequest() throws STORKSAMLEngineException {
+
+ final STORKAuthnRequest request = new STORKAuthnRequest();
+
+ request.setDestination(destination);
+ request.setProviderName(spName);
+ request.setQaa(QAAL);
+ request.setPersonalAttributeList(pal);
+ request.setAssertionConsumerServiceURL(assertConsumerUrl);
+
+ // news parameters
+ request.setSpSector(spSector);
+ request.setSpInstitution(spInstitution);
+ request.setSpApplication(spApplication);
+ request.setSpCountry(spCountry);
+ request.setSPID(spId);
+ request.setCitizenCountryCode("ES");
+
+ authRequest = engine.generateSTORKAuthnRequest(request).getTokenSaml();
+
+ final STORKAuthnRequest validatedRequest = engine.validateSTORKAuthnRequest(authRequest);
+
+ assertEquals("CrossBorderShare incorrect: ", validatedRequest.isEIDCrossBorderShare(), false);
+ assertEquals("CrossSectorShare incorrect: ", validatedRequest.isEIDCrossSectorShare(), false);
+ assertEquals("SectorShare incorrect: ", validatedRequest.isEIDSectorShare(), false);
+
+ }
+
+ /**
+ * Test validate data authenticate request. Verified parameters after
+ * validation.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test
+ public final void testValidateDataAuthnRequest() throws STORKSAMLEngineException {
+
+ final STORKAuthnRequest request = engine.validateSTORKAuthnRequest(authRequest);
+
+ assertEquals("Sestination incorrect: ", request.getDestination(), destination);
+
+ assertEquals("CrossBorderShare incorrect: ", request.isEIDCrossBorderShare(), false);
+ assertEquals("CrossSectorShare incorrect: ", request.isEIDCrossSectorShare(), false);
+ assertEquals("SectorShare incorrect: ", request.isEIDSectorShare(), false);
+
+ assertEquals("Service provider incorrect: ", request.getProviderName(), spName);
+ assertEquals("QAAL incorrect: ", request.getQaa(), QAAL);
+ assertEquals("SPSector incorrect: ", request.getSpSector(), spSector);
+ assertEquals("SPInstitution incorrect: ", request.getSpInstitution(), null);
+ assertEquals("SPApplication incorrect: ", request.getSpApplication(), spApplication);
+ assertEquals("Asserition consumer URL incorrect: ", request.getAssertionConsumerServiceURL(), assertConsumerUrl);
+
+ assertEquals("SP Country incorrect: ", request.getSpCountry(), spCountry);
+ assertEquals("SP Id incorrect: ", request.getSPID(), spId);
+ assertEquals("CitizenCountryCode incorrect: ", request.getCitizenCountryCode(), "ES");
+
+ }
+
+ /**
+ * Test validate file authentication request. Validate from XML file.
+ *
+ * @throws Exception the exception
+ */
+ @Test
+ public final void testValidateFileAuthnRequest() throws Exception {
+
+ final byte[] bytes = SSETestUtils.readStorkSamlFromFile("/data/eu/stork/STORKSAMLEngine/AuthnRequest.xml");
+
+ try {
+ engine.validateSTORKAuthnRequest(bytes);
+ fail("testValidateFileAuthnRequest(...) should've thrown an STORKSAMLEngineException!");
+ } catch (STORKSAMLEngineException e) {
+ LOG.error(e.getMessage());
+ }
+ }
+
+ /**
+ * Test validate file authentication request tag delete.
+ *
+ * @throws Exception the exception
+ */
+ @Test
+ public final void testValidateFileAuthnRequestTagDelete() throws Exception {
+
+ final byte[] bytes = SSETestUtils.readStorkSamlFromFile("/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDelete.xml");
+
+ try {
+ engine.validateSTORKAuthnRequest(bytes);
+ fail("validateSTORKAuthnRequest(...) should have thrown an STORKSAMLEngineException!");
+ } catch (STORKSAMLEngineException e) {
+ LOG.error(e.getMessage());
+
+ }
+ }
+
+ /**
+ * Test validate authentication request not trusted token.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test
+ public final void testValidateAuthnRequestNotTrustedErr1()
+ throws STORKSAMLEngineException {
+
+ try {
+ final STORKSAMLEngine engineNotTrusted = STORKSAMLEngine
+ .getInstance("CONF2");
+
+ final STORKAuthnRequest request = new STORKAuthnRequest();
+
+ request.setDestination(destination);
+ request.setProviderName(spName);
+ request.setQaa(QAAL);
+ request.setPersonalAttributeList(pal);
+ request.setAssertionConsumerServiceURL(assertConsumerUrl);
+
+ // news parameters
+ request.setSpSector(spSector);
+ request.setSpInstitution(spInstitution);
+ request.setSpApplication(spApplication);
+ request.setSpCountry(spCountry);
+
+ final byte[] authReqNotTrust = engineNotTrusted
+ .generateSTORKAuthnRequest(request).getTokenSaml();
+
+ engine.validateSTORKAuthnRequest(authReqNotTrust);
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ fail("validateSTORKAuthnRequestNotTrusted(...) should not have thrown an STORKSAMLEngineException!");
+ }
+ }
+
+ /**
+ * Test validate authentication request trusted.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test
+ public final void testValidateAuthnRequestTrusted()
+ throws STORKSAMLEngineException {
+
+ final STORKSAMLEngine engineTrusted = STORKSAMLEngine
+ .getInstance("CONF3");
+
+ final STORKAuthnRequest request = new STORKAuthnRequest();
+
+ request.setDestination(destination);
+ request.setProviderName(spName);
+ request.setQaa(QAAL);
+ request.setPersonalAttributeList(pal);
+ request.setAssertionConsumerServiceURL(assertConsumerUrl);
+
+ // news parameters
+ request.setSpSector(spSector);
+ request.setSpInstitution(spInstitution);
+ request.setSpApplication(spApplication);
+ request.setSpCountry(spCountry);
+
+ final byte[] authReqNotTrust = engineTrusted.generateSTORKAuthnRequest(
+ request).getTokenSaml();
+
+ // engine ("CONF1") no have trust certificate from "CONF2"
+ engine.validateSTORKAuthnRequest(authReqNotTrust);
+
+ }
+
+
+
+
+ /**
+ * Test generate authentication request service provider application null.
+ */
+ @Test
+ public final void testGenerateAuthnRequestNADA() {
+
+ final STORKAuthnRequest request = new STORKAuthnRequest();
+
+ request.setDestination(destination);
+ request.setProviderName(spName);
+ request.setQaa(QAAL);
+ request.setPersonalAttributeList(pal);
+ request.setAssertionConsumerServiceURL(assertConsumerUrl);
+
+ // news parameters
+ request.setSpSector(null);
+ request.setSpInstitution(null);
+ request.setSpApplication(null);
+ request.setSpCountry(null);
+
+ try {
+
+ engine.validateSTORKAuthnRequest(authRequest);
+
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!");
+ }
+ }
+
+ /**
+ * Test validate authentication request with unknown elements.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test
+ public final void testValidateAuthnRequestWithUnknownElements() throws STORKSAMLEngineException {
+
+ final STORKAuthnRequest request = new STORKAuthnRequest();
+
+ request.setDestination(destination);
+ request.setProviderName(spName);
+ request.setQaa(QAAL);
+ request.setPersonalAttributeList(pal);
+ request.setAssertionConsumerServiceURL(assertConsumerUrl);
+
+ IPersonalAttributeList pAttList = new PersonalAttributeList();
+
+ final PersonalAttribute unknown = new PersonalAttribute();
+ unknown.setName("unknown");
+ unknown.setIsRequired(true);
+ pAttList.add(unknown);
+
+ final PersonalAttribute eIdentifier = new PersonalAttribute();
+ eIdentifier.setName("eIdentifier");
+ eIdentifier.setIsRequired(true);
+ pAttList.add(eIdentifier);
+
+ request.setPersonalAttributeList(pAttList);
+
+ // new parameters
+ request.setSpSector(spSector);
+ request.setSpInstitution(spInstitution);
+ request.setSpApplication(spApplication);
+ request.setSpCountry(spCountry);
+ request.setSPID(spId);
+ request.setCitizenCountryCode("ES");
+
+ STORKAuthnRequest req = new STORKAuthnRequest();
+
+ req = engine3.generateSTORKAuthnRequest(request);
+
+ req = engine.validateSTORKAuthnRequest(req.getTokenSaml());
+
+ assertNull("The value shouldn't exist", req.getPersonalAttributeList().get("unknown"));
+ assertNotNull("The value should exist", req.getPersonalAttributeList().get("eIdentifier"));
+
+ }
+
+ /**
+ * Test generate Request with required elements by default
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test
+ public final void testGenerateAuthnRequestWithIsRequiredElementsByDefault() throws STORKSAMLEngineException {
+
+ final STORKAuthnRequest request = new STORKAuthnRequest();
+
+ request.setDestination(destination);
+ request.setProviderName(spName);
+ request.setQaa(QAAL);
+ request.setPersonalAttributeList(pal);
+ request.setAssertionConsumerServiceURL(assertConsumerUrl);
+
+ IPersonalAttributeList pAttList = new PersonalAttributeList();
+
+ final PersonalAttribute eIdentifier = new PersonalAttribute();
+ eIdentifier.setName("eIdentifier");
+ eIdentifier.setIsRequired(true);
+ pAttList.add(eIdentifier);
+
+ request.setPersonalAttributeList(pAttList);
+
+ // new parameters
+ request.setSpSector(spSector);
+ request.setSpInstitution(spInstitution);
+ request.setSpApplication(spApplication);
+ request.setSpCountry(spCountry);
+ request.setSPID(spId);
+ request.setCitizenCountryCode("ES");
+
+ STORKAuthnRequest req = new STORKAuthnRequest();
+ STORKAuthnRequest reqTrue = new STORKAuthnRequest();
+ STORKAuthnRequest reqFalse = new STORKAuthnRequest();
+
+ reqTrue = engine.generateSTORKAuthnRequest(request);
+ reqFalse = engine2.generateSTORKAuthnRequest(request);
+ req = engine3.generateSTORKAuthnRequest(request);
+
+
+ String token = new String(req.getTokenSaml());
+ String reqTrueToken = new String(reqTrue.getTokenSaml());
+ String reqFalseToken = new String(reqFalse.getTokenSaml());
+
+ assertTrue("The token must contain the chain 'isRequired'", token.contains("isRequired"));
+ assertTrue("The token must contain the chain 'isRequired'", reqTrueToken.contains("isRequired"));
+ assertFalse("The token must contain the chain 'isRequired'", reqFalseToken.contains("isRequired"));
+
+ }
+
+ /**
+ * Test validating request and getting alias used to save
+ * the saml trusted certificate into trustore
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test
+ public final void testValidateAuthnRequestGettingItsAlias() throws STORKSAMLEngineException {
+
+ final STORKAuthnRequest request = new STORKAuthnRequest();
+
+ request.setDestination(destination);
+ request.setProviderName(spName);
+ request.setQaa(QAAL);
+ request.setPersonalAttributeList(pal);
+ request.setAssertionConsumerServiceURL(assertConsumerUrl);
+
+ IPersonalAttributeList pAttList = new PersonalAttributeList();
+
+ final PersonalAttribute eIdentifier = new PersonalAttribute();
+ eIdentifier.setName("eIdentifier");
+ eIdentifier.setIsRequired(true);
+ pAttList.add(eIdentifier);
+
+ request.setPersonalAttributeList(pAttList);
+
+ // new parameters
+ request.setSpSector(spSector);
+ request.setSpInstitution(spInstitution);
+ request.setSpApplication(spApplication);
+ request.setSpCountry(spCountry);
+ request.setSPID(spId);
+ request.setCitizenCountryCode("ES");
+
+ STORKAuthnRequest req = new STORKAuthnRequest();
+
+ req = engine3.generateSTORKAuthnRequest(request);
+ req = engine.validateSTORKAuthnRequest(req.getTokenSaml());
+ assertTrue("The alias should match this value", req.getAlias().equals("local-demo-cert"));
+
+ req = engine2.generateSTORKAuthnRequest(request);
+ req = engine2.validateSTORKAuthnRequest(req.getTokenSaml());
+ assertTrue("The alias should match this value", req.getAlias().equals("local-demo-cert"));
+
+
+
+ }
+
+ /**
+ * Test generating/validating request with signedDoc
+ *
+ * @throws STORKSAMLEngineException
+ * the STORKSAML engine exception
+ */
+ @Test
+ public final void testGenerateAuthnRequestWithSignedDoc()
+ throws STORKSAMLEngineException {
+
+ String signedDocRequest = "<dss:SignRequest xmlns:dss=\"urn:oasis:names:tc:dss:1.0:core:schema\" RequestID=\"_d96b62a87d18f1095170c1f44c90b5fd\"><dss:InputDocuments><dss:Document><dss:Base64Data MimeType=\"text/plain\">VGVzdCB0ZXh0</dss:Base64Data></dss:Document></dss:InputDocuments></dss:SignRequest>";
+
+ final STORKAuthnRequest request = new STORKAuthnRequest();
+
+ PersonalAttributeList paler = new PersonalAttributeList();
+
+ final PersonalAttribute eIDNumber = new PersonalAttribute();
+ eIDNumber.setName("eIdentifier");
+ eIDNumber.setIsRequired(true);
+ paler.add(eIDNumber);
+
+ final PersonalAttribute isAgeOver = new PersonalAttribute();
+ isAgeOver.setName("isAgeOver");
+ isAgeOver.setIsRequired(true);
+ final ArrayList<String> ages = new ArrayList<String>();
+ ages.add("16");
+ ages.add("18");
+ isAgeOver.setValue(ages);
+ paler.add(isAgeOver);
+
+ final PersonalAttribute signedDoc = new PersonalAttribute();
+ signedDoc.setName("signedDoc");
+ final ArrayList<String> signedDocs = new ArrayList<String>();
+ signedDocs.add(signedDocRequest);
+ signedDoc.setValue(signedDocs);
+ signedDoc.setIsRequired(false);
+ paler.add(signedDoc);
+
+ request.setDestination(destination);
+ request.setProviderName(spName);
+ request.setQaa(QAAL);
+ request.setPersonalAttributeList(paler);
+ request.setAssertionConsumerServiceURL(assertConsumerUrl);
+
+ // new parameters
+ request.setSpSector(spSector);
+ request.setSpInstitution(spInstitution);
+ request.setSpApplication(spApplication);
+ request.setSpCountry(spCountry);
+ request.setSPID(spId);
+ request.setCitizenCountryCode("ES");
+
+ STORKAuthnRequest req = new STORKAuthnRequest();
+
+ req = engine.generateSTORKAuthnRequest(request);
+ req = engine.validateSTORKAuthnRequest(req.getTokenSaml());
+
+ assertTrue("SignedDoc request should be the same: ", req
+ .getPersonalAttributeList().get("signedDoc").getValue().get(0)
+ .equals(signedDocRequest));
+
+
+ }
+
+}
diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkLogoutRequestTest.java b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkLogoutRequestTest.java
new file mode 100644
index 000000000..46904788f
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkLogoutRequestTest.java
@@ -0,0 +1,89 @@
+package eu.stork.peps.test.simple;
+
+import java.io.File;
+import java.io.FileNotFoundException;
+import java.io.FileOutputStream;
+import java.io.IOException;
+
+import org.junit.Test;
+import org.opensaml.xml.parse.BasicParserPool;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import eu.stork.peps.auth.commons.IPersonalAttributeList;
+import eu.stork.peps.auth.commons.STORKLogoutRequest;
+import eu.stork.peps.auth.engine.STORKSAMLEngine;
+import eu.stork.peps.exceptions.STORKSAMLEngineException;
+
+
+public class StorkLogoutRequestTest {
+
+ /** The engines. */
+ private static STORKSAMLEngine engine = STORKSAMLEngine.getInstance("CONF1");
+ private static STORKSAMLEngine engine0 = STORKSAMLEngine.getInstance("CONF0");
+ private static STORKSAMLEngine engine2 = STORKSAMLEngine.getInstance("CONF2");
+ private static STORKSAMLEngine engine3 = STORKSAMLEngine.getInstance("CONF3");
+
+ public StorkLogoutRequestTest() {
+ destination = "http://C-PEPS.gov.xx/PEPS/ColleagueRequest";
+ spUserId = "IS/IS/1234567890";
+ }
+
+ /** The destination. */
+ private String destination;
+
+ /** The user id. */
+ private String spUserId;
+
+ /** The logout request. */
+ private static byte[] logoutRequest;
+
+ /** The Constant LOG. */
+ private static final Logger LOG = LoggerFactory
+ .getLogger(StorkLogoutRequestTest.class.getName());
+
+ /** Parser manager used to parse XML. */
+ private static BasicParserPool parser;
+
+ static {
+ parser = new BasicParserPool();
+ parser.setNamespaceAware(true);
+ }
+
+ /**
+ * Test generate authentication request.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test
+ public final void testGenerateLogoutRequest() throws STORKSAMLEngineException {
+
+ final STORKLogoutRequest request = new STORKLogoutRequest();
+
+ request.setDestination(destination);
+
+ request.setSpProvidedId(spUserId);
+
+ STORKLogoutRequest req1 = engine0.generateSTORKLogoutRequest(request);
+ byte[] reqByte = req1.getTokenSaml();
+ FileOutputStream output = null;
+
+ try {
+ output = new FileOutputStream(new File(System.getProperty("user.dir") + "/src/test/resources/data/eu/stork/STORKSAMLEngine/LogoutRequest.xml"));
+ } catch (FileNotFoundException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ try {
+ output.write(reqByte);
+ } catch (IOException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+
+ LOG.info("STORKAttrQueryRequest 1: " + SSETestUtils.encodeSAMLToken(engine.generateSTORKLogoutRequest(request).getTokenSaml()));
+
+ LOG.info("STORKAttrQueryRequest 2: " + SSETestUtils.encodeSAMLToken(engine.generateSTORKLogoutRequest(request).getTokenSaml()));
+ }
+
+}
diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkLogoutResponseTest.java b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkLogoutResponseTest.java
new file mode 100644
index 000000000..2d05e04aa
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkLogoutResponseTest.java
@@ -0,0 +1,142 @@
+package eu.stork.peps.test.simple;
+
+import static org.junit.Assert.*;
+
+import java.io.File;
+import java.io.FileNotFoundException;
+import java.io.FileOutputStream;
+import java.io.IOException;
+
+import junit.framework.Assert;
+
+import org.junit.Test;
+import org.opensaml.xml.parse.BasicParserPool;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import eu.stork.peps.auth.commons.STORKLogoutRequest;
+import eu.stork.peps.auth.commons.STORKLogoutResponse;
+import eu.stork.peps.auth.engine.STORKSAMLEngine;
+import eu.stork.peps.exceptions.STORKSAMLEngineException;
+
+
+public class StorkLogoutResponseTest {
+
+ /** The engines. */
+ private static STORKSAMLEngine engine = STORKSAMLEngine.getInstance("CONF1");
+ private static STORKSAMLEngine engine0 = STORKSAMLEngine.getInstance("CONF0");
+ private static STORKSAMLEngine engine2 = STORKSAMLEngine.getInstance("CONF2");
+ private static STORKSAMLEngine engine3 = STORKSAMLEngine.getInstance("CONF3");
+
+ public StorkLogoutResponseTest() {
+ destination = "http://C-PEPS.gov.xx/PEPS/ColleagueRequest";
+ spUserId = "IS/IS/1234567890";
+ }
+
+ /** The destination. */
+ private String destination;
+
+ /** The user id. */
+ private String spUserId;
+
+ /** The logout request. */
+ private static byte[] logoutRequest;
+
+ /** The logout response. */
+ private static byte[] logoutResponse;
+
+ /** The Constant LOG. */
+ private static final Logger LOG = LoggerFactory
+ .getLogger(StorkLogoutResponseTest.class.getName());
+
+ /** Parser manager used to parse XML. */
+ private static BasicParserPool parser;
+
+ static {
+ parser = new BasicParserPool();
+ parser.setNamespaceAware(true);
+ }
+
+ /**
+ * Test generate authentication request.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test
+ public final void testGenerateLogoutRequest() throws STORKSAMLEngineException {
+
+ final STORKLogoutRequest request = new STORKLogoutRequest();
+
+ final STORKLogoutResponse response = new STORKLogoutResponse();
+
+ request.setDestination(destination);
+ response.setDestination(destination);
+
+ request.setSpProvidedId(spUserId);
+
+ STORKLogoutRequest req1 = engine0.generateSTORKLogoutRequest(request);
+
+ STORKLogoutResponse res = engine0.generateSTORKLogoutResponse(req1, response);
+
+ byte[] reqByte = res.getTokenSaml();
+ FileOutputStream output = null;
+
+ try {
+ output = new FileOutputStream(new File(System.getProperty("user.dir") + "/src/test/resources/data/eu/stork/STORKSAMLEngine/LogoutResponse.xml"));
+ } catch (FileNotFoundException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ try {
+ output.write(reqByte);
+ } catch (IOException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+
+
+ assertNotNull(reqByte);
+ }
+
+ /**
+ * Test generate authentication request.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test
+ public final void testGenerateLogoutRequestFail() throws STORKSAMLEngineException {
+
+ final STORKLogoutRequest request = new STORKLogoutRequest();
+
+ final STORKLogoutResponse response = new STORKLogoutResponse();
+
+ request.setDestination(destination);
+ response.setDestination(destination);
+ response.setStatusMessage("User not found.");
+ response.setStatusCode("1234");
+ request.setSpProvidedId(spUserId);
+
+ STORKLogoutRequest req1 = engine0.generateSTORKLogoutRequest(request);
+
+ STORKLogoutResponse res = engine0.generateSTORKLogoutResponseFail(req1, response);
+
+ byte[] reqByte = res.getTokenSaml();
+ FileOutputStream output = null;
+
+ try {
+ output = new FileOutputStream(new File(System.getProperty("user.dir") + "/src/test/resources/data/eu/stork/STORKSAMLEngine/LogoutResponseFail.xml"));
+ } catch (FileNotFoundException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ try {
+ output.write(reqByte);
+ } catch (IOException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+
+ assertNotNull(reqByte);
+ }
+
+}
diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkNewResponseTest.java b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkNewResponseTest.java
new file mode 100644
index 000000000..62e9cfb18
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkNewResponseTest.java
@@ -0,0 +1,533 @@
+package eu.stork.peps.test.simple;
+
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.fail;
+
+import java.io.File;
+import java.io.FileNotFoundException;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+
+import org.junit.Test;
+import org.opensaml.xml.parse.BasicParserPool;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import eu.stork.peps.auth.commons.IPersonalAttributeList;
+import eu.stork.peps.auth.commons.PersonalAttribute;
+import eu.stork.peps.auth.commons.PersonalAttributeList;
+import eu.stork.peps.auth.commons.STORKAttrQueryRequest;
+import eu.stork.peps.auth.commons.STORKAttrQueryResponse;
+import eu.stork.peps.auth.commons.STORKAuthnRequest;
+import eu.stork.peps.auth.commons.STORKAuthnResponse;
+import eu.stork.peps.auth.commons.STORKStatusCode;
+import eu.stork.peps.auth.engine.STORKSAMLEngine;
+import eu.stork.peps.exceptions.STORKSAMLEngineException;
+
+
+public class StorkNewResponseTest {
+ /** The engine. */
+ private static STORKSAMLEngine engine = STORKSAMLEngine.getInstance("CONF1");
+ private static STORKSAMLEngine engine0 = STORKSAMLEngine.getInstance("CONF0");
+
+ /**
+ * Gets the engine.
+ *
+ * @return the engine
+ */
+ public static STORKSAMLEngine getEngine() {
+ return engine;
+ }
+
+ public static STORKSAMLEngine getEngine2() {
+ return engine0;
+ }
+
+ /**
+ * Sets the engine.
+ *
+ * @param newEngine the new engine
+ */
+ public static void setEngine(final STORKSAMLEngine newEngine) {
+ StorkNewResponseTest.engine = newEngine;
+ }
+
+ /** The destination. */
+ private static String destination;
+
+ /** The service provider name. */
+ private static String spName;
+
+ /** The service provider sector. */
+ private static String spSector;
+
+ /** The service provider institution. */
+ private static String spInstitution;
+
+ /** The service provider application. */
+ private static String spApplication;
+
+ /** The service provider country. */
+ private static String spCountry;
+
+ /** The service provider id. */
+ private static String spId;
+
+ /** The quality authentication assurance level. */
+ private static final int QAAL = 3;
+
+ /** The state. */
+ private static String state = "ES";
+
+ /** The town. */
+ private static String town = "Madrid";
+
+ /** The municipality code. */
+ private static String municipalityCode = "MA001";
+
+ /** The postal code. */
+ private static String postalCode = "28038";
+
+ /** The street name. */
+ private static String streetName = "Marchamalo";
+
+ /** The street number. */
+ private static String streetNumber = "3";
+
+ /** The apartament number. */
+ private static String apartamentNumber = "5º E";
+
+ /** The List of Personal Attributes. */
+ private static IPersonalAttributeList pal;
+
+ /** The List of Personal Attributes. */
+ private static IPersonalAttributeList pal2;
+
+ /** The assertion consumer URL. */
+ private static String assertConsumerUrl;
+
+ /** The authentication request. */
+ private static byte[] authRequest;
+
+ /** The authentication response. */
+ private static byte[] authResponse;
+
+ /** The authentication request. */
+ private static STORKAuthnRequest authenRequest;
+
+ /** The authentication response. */
+ private static STORKAuthnResponse authnResponse;
+
+ /** The Constant LOG. */
+ private static final Logger LOG = LoggerFactory
+ .getLogger(StorkResponseTest.class.getName());
+
+ /**
+ * Instantiates a new stork response test.
+ */
+ public StorkNewResponseTest() {
+ super();
+ }
+
+ /** The IP address. */
+ private static String ipAddress;
+
+ /** The is hashing. */
+ private final boolean isHashing = Boolean.TRUE;
+
+ /** The is not hashing. */
+ private final boolean isNotHashing = Boolean.FALSE;
+
+ /** The ERROR text. */
+ private static final String ERROR_TXT = "generateAuthnResponse(...) should've thrown an STORKSAMLEngineException!";
+
+
+ /** Parser manager used to parse XML. */
+ private static BasicParserPool parser;
+
+ /** The attribute query request. */
+ private static STORKAttrQueryRequest attrQueryenRequest;
+
+ /** The attribute query response. */
+ private static STORKAttrQueryResponse attrQeuryenResponse;
+
+ /** The attribute query request. */
+ private static byte[] attrQueryRequest;
+
+ /** The attribute query response. */
+ private static byte[] attrQueryResponse;
+
+
+
+ static {
+ parser = new BasicParserPool();
+ parser.setNamespaceAware(true);
+
+ pal = new PersonalAttributeList();
+ pal2 = new PersonalAttributeList();
+
+ PersonalAttribute isAgeOver = new PersonalAttribute();
+ isAgeOver.setName("isAgeOver");
+ isAgeOver.setIsRequired(false);
+ ArrayList<String> ages = new ArrayList<String>();
+ ages.add("16");
+ ages.add("18");
+ isAgeOver.setValue(ages);
+ pal.add(isAgeOver);
+
+ PersonalAttribute dateOfBirth = new PersonalAttribute();
+ dateOfBirth.setName("dateOfBirth");
+ dateOfBirth.setIsRequired(false);
+ pal.add(dateOfBirth);
+
+ PersonalAttribute eIDNumber = new PersonalAttribute();
+ eIDNumber.setName("eIdentifier");
+ eIDNumber.setIsRequired(true);
+ pal.add(eIDNumber);
+
+ final PersonalAttribute givenName = new PersonalAttribute();
+ givenName.setName("givenName");
+ givenName.setIsRequired(true);
+ pal.add(givenName);
+
+ PersonalAttribute canRessAddress = new PersonalAttribute();
+ canRessAddress.setName("canonicalResidenceAddress");
+ canRessAddress.setIsRequired(true);
+ pal.add(canRessAddress);
+
+ PersonalAttribute newAttribute = new PersonalAttribute();
+ newAttribute.setName("newAttribute2");
+ newAttribute.setIsRequired(true);
+ pal.add(newAttribute);
+
+ PersonalAttribute hasDegree = new PersonalAttribute();
+ hasDegree.setName("hasDegree");
+ List<String> vals = new ArrayList<String>();
+ vals.add("Engineering");
+ vals.add("Computer Science");
+ hasDegree.setValue(vals);
+ pal2.add(hasDegree);
+
+ PersonalAttribute mandate = new PersonalAttribute();
+ mandate.setName("mandateContent");
+ List<String> manvalues = new ArrayList<String>();
+ manvalues.add("Powers");
+ mandate.setValue(manvalues);
+ pal2.add(mandate);
+
+ destination = "http://C-PEPS.gov.xx/PEPS/ColleagueRequest";
+ assertConsumerUrl = "http://S-PEPS.gov.xx/PEPS/ColleagueResponse";
+ spName = "University Oxford";
+
+ spName = "University of Oxford";
+ spSector = "EDU001";
+ spInstitution = "OXF001";
+ spApplication = "APP001";
+ spCountry = "EN";
+
+ spId = "EDU001-APP001-APP001";
+
+ final STORKAuthnRequest request = new STORKAuthnRequest();
+ request.setDestination(destination);
+ request.setProviderName(spName);
+ request.setQaa(QAAL);
+ request.setPersonalAttributeList(pal);
+ request.setAssertionConsumerServiceURL(assertConsumerUrl);
+
+ // news parameters
+ request.setSpSector(spSector);
+ request.setSpInstitution(spInstitution);
+ request.setSpApplication(spApplication);
+ request.setSpCountry(spCountry);
+ request.setSPID(spId);
+ request.setCitizenCountryCode("ES");
+
+ try {
+ authRequest = getEngine().generateSTORKAuthnRequest(request)
+ .getTokenSaml();
+
+ authenRequest = getEngine().validateSTORKAuthnRequest(authRequest);
+
+ } catch (STORKSAMLEngineException e) {
+ fail("Error create STORKAuthnRequest");
+ }
+
+ ipAddress = "111.222.333.444";
+
+ pal = new PersonalAttributeList();
+
+ isAgeOver = new PersonalAttribute();
+ isAgeOver.setName("isAgeOver");
+ isAgeOver.setIsRequired(true);
+ ages = new ArrayList<String>();
+
+ ages.add("16");
+ ages.add("18");
+
+ isAgeOver.setValue(ages);
+ isAgeOver.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString());
+ pal.add(isAgeOver);
+
+ dateOfBirth = new PersonalAttribute();
+ dateOfBirth.setName("dateOfBirth");
+ dateOfBirth.setIsRequired(false);
+ final ArrayList<String> date = new ArrayList<String>();
+ date.add("16/12/2008");
+ dateOfBirth.setValue(date);
+ dateOfBirth.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString());
+ pal.add(dateOfBirth);
+
+ eIDNumber = new PersonalAttribute();
+ eIDNumber.setName("eIdentifier");
+ eIDNumber.setIsRequired(true);
+ final ArrayList<String> idNumber = new ArrayList<String>();
+ idNumber.add("123456789PA");
+ eIDNumber.setValue(idNumber);
+ eIDNumber.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString());
+ pal.add(eIDNumber);
+
+ canRessAddress = new PersonalAttribute();
+ canRessAddress.setName("canonicalResidenceAddress");
+ canRessAddress.setIsRequired(true);
+ canRessAddress.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString());
+ final HashMap<String, String> address = new HashMap<String, String>();
+
+ address.put("state", state);
+ address.put("municipalityCode", municipalityCode);
+ address.put("town", town);
+ address.put("postalCode", postalCode);
+ address.put("streetName", streetName);
+ address.put("streetNumber", streetNumber);
+ address.put("apartamentNumber", apartamentNumber);
+
+ canRessAddress.setComplexValue(address);
+ pal.add(canRessAddress);
+
+ newAttribute = new PersonalAttribute();
+ newAttribute.setName("newAttribute2");
+ newAttribute.setIsRequired(true);
+ newAttribute.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString());
+ final HashMap<String, String> values = new HashMap<String, String>();
+
+ values.put("value1", "value1");
+ values.put("value2", "value2");
+ values.put("value3", "value3");
+ values.put("value4", "value4");
+
+ newAttribute.setComplexValue(values);
+ pal.add(newAttribute);
+
+ final STORKAttrQueryRequest arequest = new STORKAttrQueryRequest();
+ arequest.setDestination(destination);
+ //request.setProviderName(spName);
+ arequest.setQaa(QAAL);
+ arequest.setPersonalAttributeList(pal2);
+ request.setAssertionConsumerServiceURL(assertConsumerUrl);
+
+ // news parameters
+ arequest.setSpSector(spSector);
+ arequest.setSpInstitution(spInstitution);
+ arequest.setSpApplication(spApplication);
+ arequest.setSpCountry(spCountry);
+ arequest.setSPID(spId);
+ arequest.setCitizenCountryCode("IS");
+ arequest.setAssertionConsumerServiceURL(assertConsumerUrl);
+
+ try {
+ attrQueryRequest = getEngine().generateSTORKAttrQueryRequest(arequest)
+ .getTokenSaml();
+
+ attrQueryenRequest = getEngine().validateSTORKAttrQueryRequest(attrQueryRequest);
+
+ } catch (STORKSAMLEngineException e) {
+ fail("Error create STORKAuthnRequest");
+ }
+
+ }
+
+ /**
+ * Test generate authentication request without errors.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test
+ public final void testGenerateAuthnResponseWithSimpleRes() throws STORKSAMLEngineException {
+
+ //Create the response holding pal
+ final STORKAuthnResponse response = new STORKAuthnResponse();
+ response.setPersonalAttributeList(pal);
+
+ //List of query responses
+ List<STORKAttrQueryResponse> resList = new ArrayList<STORKAttrQueryResponse>();
+
+ final STORKAttrQueryResponse aResponse1 = new STORKAttrQueryResponse();
+ aResponse1.setPersonalAttributeList(pal2);
+
+ final STORKAttrQueryResponse aStorkResponse1 = getEngine2()
+ .generateSTORKAttrQueryResponse(attrQueryenRequest, aResponse1, ipAddress,
+ destination, isNotHashing);
+
+ attrQueryResponse = aStorkResponse1.getTokenSaml();
+
+ resList.add(getEngine2().validateSTORKAttrQueryResponse(attrQueryResponse, ipAddress));
+
+ final STORKAttrQueryResponse aResponse2 = new STORKAttrQueryResponse();
+ aResponse2.setPersonalAttributeList(pal2);
+
+ final STORKAttrQueryResponse aStorkResponse2 = getEngine()
+ .generateSTORKAttrQueryResponse(attrQueryenRequest, aResponse2, ipAddress,
+ destination, isNotHashing);
+
+ attrQueryResponse = aStorkResponse2.getTokenSaml();
+
+ resList.add(getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, ipAddress));
+
+ //Create the final response containing query responses
+ final STORKAuthnResponse storkResponse = getEngine()
+ .generateSTORKAuthnResponseAfterQuery(authenRequest, response, ipAddress,
+ isNotHashing, resList);
+
+ authResponse = storkResponse.getTokenSaml();
+
+ //Validate, write out and print out the attribute lists a
+ STORKAuthnResponse finalResponse = getEngine().validateSTORKAuthnResponseWithQuery(authResponse, ipAddress);
+ System.out.println("The original pal: " + finalResponse.getPersonalAttributeList().toString());
+ for (int i = 0; i < finalResponse.getPersonalAttributeLists().size(); i++)
+ {
+ System.out.println("Pal "+ Integer.toString(i) + ": " + finalResponse.getPersonalAttributeLists().get(i).toString());
+ }
+ System.out.println("The total pal: " + finalResponse.getTotalPersonalAttributeList().toString());
+
+ FileOutputStream output = null;
+
+ try {
+ output = new FileOutputStream(new File(System.getProperty("user.dir") + "/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthAttrQResponse.xml"));
+ } catch (FileNotFoundException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ try {
+ output.write(authResponse);
+ } catch (IOException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
+
+ /**
+ * Test generate authentication request without errors.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test
+ public final void testGenerateAuthnResponseWithComplexRes() throws STORKSAMLEngineException {
+
+ //Create the response holding pal
+ final STORKAuthnResponse response = new STORKAuthnResponse();
+ response.setPersonalAttributeList(pal);
+
+ //Create a list for the attribute query responses we have
+ List<STORKAttrQueryResponse> resList = new ArrayList<STORKAttrQueryResponse>();
+
+ //Create the first attribute query response
+ final STORKAttrQueryResponse aResponse1 = new STORKAttrQueryResponse();
+ aResponse1.setPersonalAttributeList(pal2);
+
+ //Generate the first response
+ final STORKAttrQueryResponse aStorkResponse1 = getEngine2()
+ .generateSTORKAttrQueryResponse(attrQueryenRequest, aResponse1, ipAddress,
+ destination, isNotHashing);
+
+ attrQueryResponse = aStorkResponse1.getTokenSaml();
+
+ //Validate it and add to the response list
+ resList.add(getEngine2().validateSTORKAttrQueryResponse(attrQueryResponse, ipAddress));
+
+ //Create a second response like the first
+ final STORKAttrQueryResponse aResponse2 = new STORKAttrQueryResponse();
+ aResponse2.setPersonalAttributeList(pal2);
+
+ final STORKAttrQueryResponse aStorkResponse2 = getEngine()
+ .generateSTORKAttrQueryResponse(attrQueryenRequest, aResponse2, ipAddress,
+ destination, isNotHashing);
+
+ attrQueryResponse = aStorkResponse2.getTokenSaml();
+
+ resList.add(getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, ipAddress));
+
+ //Create a attribute query response which contains multiple assertions from an AP
+ final STORKAttrQueryResponse aResponseMulti = new STORKAttrQueryResponse();
+ aResponseMulti.setPersonalAttributeList(pal2);
+
+ //Create a list for the responses which the multiple assertion response will hold
+ List<STORKAttrQueryResponse> multiResponses = new ArrayList();
+
+ //Create two more simple responses which the multi assertion response will hold
+ final STORKAttrQueryResponse aResponse3 = new STORKAttrQueryResponse();
+ aResponse3.setPersonalAttributeList(pal2);
+
+ final STORKAttrQueryResponse aStorkResponse3 = getEngine2()
+ .generateSTORKAttrQueryResponse(attrQueryenRequest, aResponse3, ipAddress,
+ destination, isNotHashing);
+
+ attrQueryResponse = aStorkResponse3.getTokenSaml();
+ //Validate and add to the multi response
+ multiResponses.add(getEngine2().validateSTORKAttrQueryResponse(attrQueryResponse, ipAddress));
+
+ final STORKAttrQueryResponse aResponse4 = new STORKAttrQueryResponse();
+ aResponse4.setPersonalAttributeList(pal2);
+
+ final STORKAttrQueryResponse aStorkResponse4 = getEngine()
+ .generateSTORKAttrQueryResponse(attrQueryenRequest, aResponse4, ipAddress,
+ destination, isNotHashing);
+
+ attrQueryResponse = aStorkResponse4.getTokenSaml();
+
+ multiResponses.add(getEngine2().validateSTORKAttrQueryResponse(attrQueryResponse, ipAddress));
+
+ //Generate the multi assertion query response
+ final STORKAttrQueryResponse aStorkResponseMulti = getEngine()
+ .generateSTORKAttrQueryResponseWithAssertions(attrQueryenRequest, aResponseMulti, multiResponses,
+ ipAddress, destination, isNotHashing);
+
+ attrQueryResponse = aStorkResponseMulti.getTokenSaml();
+
+ //Add to the list of query responses
+ resList.add(getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, ipAddress));
+
+ //Generate the stork response with all the query responses
+ final STORKAuthnResponse storkResponse = getEngine()
+ .generateSTORKAuthnResponseAfterQuery(authenRequest, response, ipAddress,
+ isNotHashing, resList);
+
+ authResponse = storkResponse.getTokenSaml();
+
+ //Validate it, write out and print out the personal attribute lists
+ STORKAuthnResponse finalResponse = getEngine().validateSTORKAuthnResponseWithQuery(authResponse, ipAddress);
+ System.out.println("The original pal: " + finalResponse.getPersonalAttributeList().toString());
+ for (int i = 0; i < finalResponse.getPersonalAttributeLists().size(); i++)
+ {
+ System.out.println("Pal "+ Integer.toString(i) + ": " + finalResponse.getPersonalAttributeLists().get(i).toString());
+ }
+ System.out.println("The total pal: " + finalResponse.getTotalPersonalAttributeList().toString());
+
+ FileOutputStream output = null;
+
+ try {
+ output = new FileOutputStream(new File(System.getProperty("user.dir") + "/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthAttrQMultiAssertResponse.xml"));
+ } catch (FileNotFoundException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ try {
+ output.write(authResponse);
+ } catch (IOException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ assertNotNull(finalResponse);
+ }
+}
diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkResponseTest.java b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkResponseTest.java
new file mode 100644
index 000000000..fe6fcd4f6
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkResponseTest.java
@@ -0,0 +1,935 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+package eu.stork.peps.test.simple;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+
+import org.junit.Ignore;
+import org.junit.Test;
+import org.opensaml.xml.parse.BasicParserPool;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import eu.stork.peps.auth.commons.IPersonalAttributeList;
+import eu.stork.peps.auth.commons.PEPSUtil;
+import eu.stork.peps.auth.commons.PersonalAttribute;
+import eu.stork.peps.auth.commons.PersonalAttributeList;
+import eu.stork.peps.auth.commons.STORKAttrQueryRequest;
+import eu.stork.peps.auth.commons.STORKAttrQueryResponse;
+import eu.stork.peps.auth.commons.STORKAuthnRequest;
+import eu.stork.peps.auth.commons.STORKAuthnResponse;
+import eu.stork.peps.auth.commons.STORKStatusCode;
+import eu.stork.peps.auth.commons.STORKSubStatusCode;
+import eu.stork.peps.auth.engine.STORKSAMLEngine;
+import eu.stork.peps.exceptions.STORKSAMLEngineException;
+
+/**
+ * The Class AuthRequestTest.
+ */
+public class StorkResponseTest {
+
+ /** The engine. */
+ private static STORKSAMLEngine engine = STORKSAMLEngine.getInstance("CONF1");
+
+ /**
+ * Gets the engine.
+ *
+ * @return the engine
+ */
+ public static STORKSAMLEngine getEngine() {
+ return engine;
+ }
+
+ /**
+ * Sets the engine.
+ *
+ * @param newEngine the new engine
+ */
+ public static void setEngine(final STORKSAMLEngine newEngine) {
+ StorkResponseTest.engine = newEngine;
+ }
+
+ /** The destination. */
+ private static String destination;
+
+ /** The service provider name. */
+ private static String spName;
+
+ /** The service provider sector. */
+ private static String spSector;
+
+ /** The service provider institution. */
+ private static String spInstitution;
+
+ /** The service provider application. */
+ private static String spApplication;
+
+ /** The service provider country. */
+ private static String spCountry;
+
+ /** The service provider id. */
+ private static String spId;
+
+ /** The quality authentication assurance level. */
+ private static final int QAAL = 3;
+
+ /** The state. */
+ private static String state = "ES";
+
+ /** The town. */
+ private static String town = "Madrid";
+
+ /** The municipality code. */
+ private static String municipalityCode = "MA001";
+
+ /** The postal code. */
+ private static String postalCode = "28038";
+
+ /** The street name. */
+ private static String streetName = "Marchamalo";
+
+ /** The street number. */
+ private static String streetNumber = "3";
+
+ /** The apartament number. */
+ private static String apartamentNumber = "5º E";
+
+ /** The List of Personal Attributes. */
+ private static IPersonalAttributeList pal;
+
+ /** The assertion consumer URL. */
+ private static String assertConsumerUrl;
+
+ /** The authentication request. */
+ private static byte[] authRequest;
+
+ /** The authentication response. */
+ private static byte[] authResponse;
+
+ /** The authentication request. */
+ private static STORKAuthnRequest authenRequest;
+
+ /** The authentication response. */
+ private static STORKAuthnResponse authnResponse;
+
+ /** The Constant LOG. */
+ private static final Logger LOG = LoggerFactory
+ .getLogger(StorkResponseTest.class.getName());
+
+ /**
+ * Instantiates a new stork response test.
+ */
+ public StorkResponseTest() {
+ super();
+ }
+
+ /** The IP address. */
+ private static String ipAddress;
+
+ /** The is hashing. */
+ private final boolean isHashing = Boolean.TRUE;
+
+ /** The is not hashing. */
+ private final boolean isNotHashing = Boolean.FALSE;
+
+ /** The ERROR text. */
+ private static final String ERROR_TXT = "generateAuthnResponse(...) should've thrown an STORKSAMLEngineException!";
+
+
+ /** Parser manager used to parse XML. */
+ private static BasicParserPool parser;
+
+ static {
+ parser = new BasicParserPool();
+ parser.setNamespaceAware(true);
+
+ pal = new PersonalAttributeList();
+
+ PersonalAttribute isAgeOver = new PersonalAttribute();
+ isAgeOver.setName("isAgeOver");
+ isAgeOver.setIsRequired(false);
+ ArrayList<String> ages = new ArrayList<String>();
+ ages.add("16");
+ ages.add("18");
+ isAgeOver.setValue(ages);
+ pal.add(isAgeOver);
+
+ PersonalAttribute dateOfBirth = new PersonalAttribute();
+ dateOfBirth.setName("dateOfBirth");
+ dateOfBirth.setIsRequired(false);
+ pal.add(dateOfBirth);
+
+ PersonalAttribute eIDNumber = new PersonalAttribute();
+ eIDNumber.setName("eIdentifier");
+ eIDNumber.setIsRequired(true);
+ pal.add(eIDNumber);
+
+ final PersonalAttribute givenName = new PersonalAttribute();
+ givenName.setName("givenName");
+ givenName.setIsRequired(true);
+ pal.add(givenName);
+
+ PersonalAttribute canRessAddress = new PersonalAttribute();
+ canRessAddress.setName("canonicalResidenceAddress");
+ canRessAddress.setIsRequired(true);
+ pal.add(canRessAddress);
+
+ PersonalAttribute newAttribute = new PersonalAttribute();
+ newAttribute.setName("newAttribute2");
+ newAttribute.setIsRequired(true);
+ pal.add(newAttribute);
+
+ destination = "http://C-PEPS.gov.xx/PEPS/ColleagueRequest";
+ assertConsumerUrl = "http://S-PEPS.gov.xx/PEPS/ColleagueResponse";
+ spName = "University Oxford";
+
+ spName = "University of Oxford";
+ spSector = "EDU001";
+ spInstitution = "OXF001";
+ spApplication = "APP001";
+ spCountry = "EN";
+
+ spId = "EDU001-APP001-APP001";
+
+ final STORKAuthnRequest request = new STORKAuthnRequest();
+ request.setDestination(destination);
+ request.setProviderName(spName);
+ request.setQaa(QAAL);
+ request.setPersonalAttributeList(pal);
+ request.setAssertionConsumerServiceURL(assertConsumerUrl);
+
+ // news parameters
+ request.setSpSector(spSector);
+ request.setSpInstitution(spInstitution);
+ request.setSpApplication(spApplication);
+ request.setSpCountry(spCountry);
+ request.setSPID(spId);
+ request.setCitizenCountryCode("ES");
+
+ try {
+ authRequest = getEngine().generateSTORKAuthnRequest(request)
+ .getTokenSaml();
+
+ authenRequest = getEngine().validateSTORKAuthnRequest(authRequest);
+
+ } catch (STORKSAMLEngineException e) {
+ fail("Error create STORKAuthnRequest");
+ }
+
+ ipAddress = "111.222.333.444";
+
+ pal = new PersonalAttributeList();
+
+ isAgeOver = new PersonalAttribute();
+ isAgeOver.setName("isAgeOver");
+ isAgeOver.setIsRequired(true);
+ ages = new ArrayList<String>();
+
+ ages.add("16");
+ ages.add("18");
+
+ isAgeOver.setValue(ages);
+ isAgeOver.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString());
+ pal.add(isAgeOver);
+
+ dateOfBirth = new PersonalAttribute();
+ dateOfBirth.setName("dateOfBirth");
+ dateOfBirth.setIsRequired(false);
+ final ArrayList<String> date = new ArrayList<String>();
+ date.add("16/12/2008");
+ dateOfBirth.setValue(date);
+ dateOfBirth.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString());
+ pal.add(dateOfBirth);
+
+ eIDNumber = new PersonalAttribute();
+ eIDNumber.setName("eIdentifier");
+ eIDNumber.setIsRequired(true);
+ final ArrayList<String> idNumber = new ArrayList<String>();
+ idNumber.add("123456789PÑ");
+ eIDNumber.setValue(idNumber);
+ eIDNumber.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString());
+ pal.add(eIDNumber);
+
+ canRessAddress = new PersonalAttribute();
+ canRessAddress.setName("canonicalResidenceAddress");
+ canRessAddress.setIsRequired(true);
+ canRessAddress.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString());
+ final HashMap<String, String> address = new HashMap<String, String>();
+
+ address.put("state", state);
+ address.put("municipalityCode", municipalityCode);
+ address.put("town", town);
+ address.put("postalCode", postalCode);
+ address.put("streetName", streetName);
+ address.put("streetNumber", streetNumber);
+ address.put("apartamentNumber", apartamentNumber);
+
+ canRessAddress.setComplexValue(address);
+ pal.add(canRessAddress);
+
+ newAttribute = new PersonalAttribute();
+ newAttribute.setName("newAttribute2");
+ newAttribute.setIsRequired(true);
+ newAttribute.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString());
+ final HashMap<String, String> values = new HashMap<String, String>();
+
+ values.put("value1", "value1");
+ values.put("value2", "value2");
+ values.put("value3", "value3");
+ values.put("value4", "value4");
+
+ newAttribute.setComplexValue(values);
+ pal.add(newAttribute);
+
+ }
+
+ /**
+ * Test generate authentication request without errors.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test
+ public final void testGenerateAuthnResponse() throws STORKSAMLEngineException {
+
+ final STORKAuthnResponse response = new STORKAuthnResponse();
+ response.setPersonalAttributeList(pal);
+
+ final STORKAuthnResponse storkResponse = getEngine()
+ .generateSTORKAuthnResponse(authenRequest, response, ipAddress,
+ isNotHashing);
+
+ authResponse = storkResponse.getTokenSaml();
+
+ LOG.info("RESPONSE: " + SSETestUtils.encodeSAMLToken(authResponse));
+
+
+ }
+
+ /**
+ * Test validation id parameter mandatory.
+ */
+ @Test
+ public final void testResponseMandatoryId() {
+ final String identifier = authenRequest.getSamlId();
+ authenRequest.setSamlId(null);
+
+ final STORKAuthnResponse response = new STORKAuthnResponse();
+ response.setPersonalAttributeList(pal);
+
+ try {
+ getEngine().generateSTORKAuthnResponse(authenRequest, response,
+ ipAddress, isHashing);
+ fail(ERROR_TXT);
+ } catch (STORKSAMLEngineException e) {
+ authenRequest.setSamlId(identifier);
+ LOG.error("Error");
+ }
+ }
+
+ /**
+ * Test generate authentication response in response to err1.
+ */
+ @Test
+ public final void testResponseMandatoryIssuer() {
+
+ final String issuer = authenRequest.getIssuer();
+ authenRequest.setIssuer(null);
+
+ final STORKAuthnResponse response = new STORKAuthnResponse();
+ response.setPersonalAttributeList(pal);
+
+ try {
+ getEngine().generateSTORKAuthnResponse(authenRequest, response,
+ ipAddress, isHashing);
+ fail(ERROR_TXT);
+ } catch (STORKSAMLEngineException e) {
+ authenRequest.setIssuer(issuer);
+ LOG.error("Error");
+ }
+ }
+
+ /**
+ * Test generate authentication response assertion consumer null.
+ */
+ @Test
+ public final void testResponseMandatoryAssertionConsumerServiceURL() {
+ final String asserConsumerUrl = authenRequest
+ .getAssertionConsumerServiceURL();
+ authenRequest.setAssertionConsumerServiceURL(null);
+
+ final STORKAuthnResponse response = new STORKAuthnResponse();
+ response.setPersonalAttributeList(pal);
+ try {
+ getEngine().generateSTORKAuthnResponse(authenRequest, response,
+ ipAddress, isHashing);
+ fail("generateAuthnResponse(...) should've thrown an STORKSAMLEngineException!");
+ } catch (STORKSAMLEngineException e) {
+ authenRequest.setAssertionConsumerServiceURL(asserConsumerUrl);
+ LOG.error("Error");
+ }
+ }
+
+ /**
+ * Test generate authentication response IP address null.
+ */
+ @Test
+ public final void testResponseValidationIP() {
+ final STORKAuthnResponse response = new STORKAuthnResponse();
+ response.setPersonalAttributeList(pal);
+
+ try {
+ getEngine().generateSTORKAuthnResponse(authenRequest, response, null,
+ isHashing);
+ fail("generateAuthnResponse(...) should've thrown an STORKSAMLEngineException!");
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+ /**
+ * Test generate authentication response with personal attribute list null.
+ */
+ @Test
+ public final void testResponseMandatoryPersonalAttributeList() {
+ final STORKAuthnResponse response = new STORKAuthnResponse();
+ response.setPersonalAttributeList(null);
+
+
+ try {
+ getEngine().generateSTORKAuthnResponse(authenRequest, response,
+ ipAddress, isHashing);
+ fail("generateAuthnResponse(...) should've thrown an STORKSAMLEngineException!");
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+ /**
+ * Test validate authentication response token null.
+ */
+ @Test
+ public final void testResponseInvalidParametersToken() {
+ try {
+ getEngine().validateSTORKAuthnResponse(null, ipAddress);
+ fail(ERROR_TXT);
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+ /**
+ * Test validate authentication response IP null.
+ */
+ @Test
+ public final void testResponseInvalidParametersIP() {
+ final STORKAuthnResponse response = new STORKAuthnResponse();
+ response.setPersonalAttributeList(pal);
+ try {
+ authResponse = getEngine().generateSTORKAuthnResponse(authenRequest,
+ response, ipAddress, isNotHashing).getTokenSaml();
+ // In Conf1 ipValidate is false
+ getEngine().validateSTORKAuthnResponse(authResponse, null);
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+
+ /**
+ * Test validate authentication response parameter name wrong.
+ */
+ @Test
+ public final void testResponseInvalidParametersAttr() {
+ final STORKAuthnResponse response = new STORKAuthnResponse();
+ final IPersonalAttributeList wrongList = new PersonalAttributeList();
+
+ final PersonalAttribute worngAttr = new PersonalAttribute();
+ worngAttr.setName("AttrWrong");
+ wrongList.add(worngAttr);
+
+
+ response.setPersonalAttributeList(wrongList);
+ try {
+ authResponse = getEngine().generateSTORKAuthnResponse(authenRequest,
+ response, ipAddress, isNotHashing).getTokenSaml();
+ // In Conf1 ipValidate is false
+ getEngine().validateSTORKAuthnResponse(authResponse, null);
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+
+ /**
+ * Test validate authentication response set null value into attribute.
+ */
+ @Test
+ public final void testResponseInvalidParametersAttrSimpleValue() {
+ final STORKAuthnResponse response = new STORKAuthnResponse();
+ final IPersonalAttributeList wrongList = new PersonalAttributeList();
+
+ final PersonalAttribute worngAttr = new PersonalAttribute();
+ worngAttr.setName("isAgeOver");
+ worngAttr.setValue(null);
+ wrongList.add(worngAttr);
+
+ response.setPersonalAttributeList(wrongList);
+ try {
+ authResponse = getEngine().generateSTORKAuthnResponse(authenRequest,
+ response, ipAddress, isNotHashing).getTokenSaml();
+ // In Conf1 ipValidate is false
+ getEngine().validateSTORKAuthnResponse(authResponse, null);
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+
+ /**
+ * Test validate authentication response set null value into attribute.
+ */
+ @Test
+ public final void testResponseInvalidParametersAttrNoValue() {
+ final STORKAuthnResponse response = new STORKAuthnResponse();
+ final IPersonalAttributeList wrongList = new PersonalAttributeList();
+
+ final PersonalAttribute worngAttr = new PersonalAttribute();
+ worngAttr.setName("isAgeOver");
+ wrongList.add(worngAttr);
+
+ response.setPersonalAttributeList(wrongList);
+ try {
+ authResponse = getEngine().generateSTORKAuthnResponse(authenRequest,
+ response, ipAddress, isNotHashing).getTokenSaml();
+ // In Conf1 ipValidate is false
+ getEngine().validateSTORKAuthnResponse(authResponse, null);
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+
+ /**
+ * Test validate authentication response set null value into attribute.
+ */
+ @Test
+ public final void testResponseInvalidParametersAttrNoName() {
+ final STORKAuthnResponse response = new STORKAuthnResponse();
+ final IPersonalAttributeList wrongList = new PersonalAttributeList();
+
+ final PersonalAttribute worngAttr = new PersonalAttribute();
+ wrongList.add(worngAttr);
+
+ response.setPersonalAttributeList(wrongList);
+ try {
+ authResponse = getEngine().generateSTORKAuthnResponse(authenRequest,
+ response, ipAddress, isNotHashing).getTokenSaml();
+ // In Conf1 ipValidate is false
+ getEngine().validateSTORKAuthnResponse(authResponse, null);
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+
+ /**
+ * Test validate authentication response set null complex value into attribute.
+ */
+ @Test
+ public final void testResponseInvalidParametersAttrComplexValue() {
+ final STORKAuthnResponse response = new STORKAuthnResponse();
+ final IPersonalAttributeList wrongList = new PersonalAttributeList();
+
+ final PersonalAttribute worngAttr = new PersonalAttribute();
+ worngAttr.setName("isAgeOver");
+ worngAttr.setComplexValue(null);
+ wrongList.add(worngAttr);
+
+ response.setPersonalAttributeList(wrongList);
+ try {
+ authResponse = getEngine().generateSTORKAuthnResponse(authenRequest,
+ response, ipAddress, isNotHashing).getTokenSaml();
+ // In Conf1 ipValidate is false
+ getEngine().validateSTORKAuthnResponse(authResponse, null);
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+
+
+
+ /**
+ * Test validate authentication response IP distinct and disabled validation
+ * IP.
+ */
+ @Test
+ public final void testResponseInvalidParametersIPDistinct() {
+ try {
+ // ipAddress origin "111.222.333.444"
+ // ipAddrValidation = false
+ // Subject Confirmation Bearer.
+
+ getEngine().validateSTORKAuthnResponse(authResponse, "127.0.0.1");
+ fail("validateAuthenticationResponse(...) should've thrown an STORKSAMLEngineException!");
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+ /**
+ * Test response invalid parameters invalid token.
+ */
+ @Test
+ public final void testResponseInvalidParametersTokenMsg() {
+ try {
+ // ipAddress origin "111.222.333.444"
+ // Subject Confirmation Bearer.
+ getEngine().validateSTORKAuthnResponse("errorMessage".getBytes(),
+ ipAddress);
+ fail("validateAuthenticationResponse(...) should've thrown an STORKSAMLEngineException!");
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+ /**
+ * Test validate authentication response is fail.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test
+ public final void testValidateAuthenticationResponseIsFail()
+ throws STORKSAMLEngineException {
+ if (authResponse == null)
+ testGenerateAuthnResponse();
+
+ authnResponse = getEngine().validateSTORKAuthnResponse(authResponse,
+ ipAddress);
+
+ assertFalse("Generate incorrect response: ", authnResponse.isFail());
+ }
+
+ /**
+ * Test validate authentication response destination.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test
+ public final void testValidateAuthenticationResponseDestination()
+ throws STORKSAMLEngineException {
+ authnResponse = getEngine().validateSTORKAuthnResponse(authResponse,
+ ipAddress);
+
+ assertEquals("Destination incorrect: ",
+ authnResponse.getInResponseTo(), authenRequest.getSamlId());
+ }
+
+ /**
+ * Test validate authentication response values.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ public final void testValidateAuthenticationResponseValuesComplex()
+ throws STORKSAMLEngineException {
+ authnResponse = getEngine().validateSTORKAuthnResponse(authResponse,
+ ipAddress);
+
+ assertEquals("Country incorrect:", authnResponse.getCountry(), "EN");
+
+ final Iterator<PersonalAttribute> iterator = authnResponse
+ .getPersonalAttributeList().iterator();
+
+ while (iterator.hasNext()) {
+ final PersonalAttribute attribute = iterator.next();
+ if (attribute.getName().equalsIgnoreCase(
+ "canonicalResidenceAddress")) {
+ assertEquals("State incorrect: ", state, attribute
+ .getComplexValue().get("state"));
+ assertEquals("Municipality Code incorrect: ", municipalityCode,
+ attribute.getComplexValue().get("municipalityCode"));
+ assertEquals("Town incorrect: ", town, attribute
+ .getComplexValue().get("town"));
+ assertEquals("Postal code incorrect: ", postalCode, attribute
+ .getComplexValue().get("postalCode"));
+ assertEquals("Street name incorrect: ", streetName, attribute
+ .getComplexValue().get("streetName"));
+ assertEquals("Street number incorrect: ", streetNumber,
+ attribute.getComplexValue().get("streetNumber"));
+ assertEquals("Apartament number incorrect: ", apartamentNumber,
+ attribute.getComplexValue().get("apartamentNumber"));
+ }
+ }
+ }
+
+ /**
+ * Test generate authenticate response fail in response to it's null.
+ * @throws STORKSAMLEngineException
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test //( expected=STORKSAMLEngineException.class)
+ public final void testGenerateAuthnResponseFailInResponseToNull() throws STORKSAMLEngineException {
+ final String identifier = authenRequest.getSamlId();
+ authenRequest.setSamlId(null);
+
+ final STORKAuthnResponse response = new STORKAuthnResponse();
+ response.setStatusCode(STORKStatusCode.REQUESTER_URI.toString());
+ response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString());
+ response.setMessage("");
+
+ try {
+ authResponse = getEngine().generateSTORKAuthnResponseFail(authenRequest,
+ response, ipAddress, isNotHashing).getTokenSaml();
+ fail(ERROR_TXT);
+ } catch (STORKSAMLEngineException e) {
+ authenRequest.setSamlId(identifier);
+ LOG.error("Error");
+ //throw new STORKSAMLEngineException(e);
+ }
+ }
+
+ /**
+ * Test generate authenticate response fail assertion consumer URL err1.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test
+ public final void testGenerateAuthnResponseFailAssertionConsumerUrlNull()
+ throws STORKSAMLEngineException {
+
+ final String assertConsumerUrl = authenRequest
+ .getAssertionConsumerServiceURL();
+ authenRequest.setAssertionConsumerServiceURL(null);
+
+ final STORKAuthnResponse response = new STORKAuthnResponse();
+ response.setStatusCode(STORKStatusCode.REQUESTER_URI.toString());
+ response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString());
+ response.setMessage("");
+
+ try {
+ authResponse = getEngine().generateSTORKAuthnResponseFail(authenRequest,
+ response, ipAddress, isNotHashing).getTokenSaml();
+ fail("generateAuthnResponseFail(...) should've thrown an STORKSAMLEngineException!");
+ } catch (STORKSAMLEngineException e) {
+ authenRequest.setAssertionConsumerServiceURL(assertConsumerUrl);
+ LOG.error("Error");
+ }
+ }
+
+ /**
+ * Test generate authentication response fail code error err1.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test
+ public final void testGenerateAuthnResponseFailCodeErrorNull()
+ throws STORKSAMLEngineException {
+ final STORKAuthnResponse response = new STORKAuthnResponse();
+ response.setStatusCode(null);
+ response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString());
+ response.setMessage("");
+
+ try {
+ authResponse = getEngine().generateSTORKAuthnResponseFail(authenRequest,
+ response, ipAddress, isNotHashing).getTokenSaml();
+ fail("generateAuthnResponseFail(...) should've thrown an STORKSAMLEngineException!");
+ } catch (STORKSAMLEngineException e) {
+ LOG.error("Error");
+ }
+ }
+
+
+
+
+ /**
+ * Test generate authentication request without errors.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test
+ public final void testValidateAuthnResponse() throws STORKSAMLEngineException {
+
+ IPersonalAttributeList palist = new PersonalAttributeList();
+
+ PersonalAttribute isAgeOver = new PersonalAttribute();
+ isAgeOver.setName("isAgeOver");
+ isAgeOver.setIsRequired(true);
+ ArrayList<String> ages = new ArrayList<String>();
+ ages.add("16");
+ ages.add("18");
+ isAgeOver.setValue(ages);
+ isAgeOver.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString());
+ palist.add(isAgeOver);
+
+ PersonalAttribute dateOfBirth = new PersonalAttribute();
+ dateOfBirth.setName("dateOfBirth");
+ dateOfBirth.setIsRequired(false);
+ final ArrayList<String> date = new ArrayList<String>();
+ date.add("16/12/2008");
+ dateOfBirth.setValue(date);
+ dateOfBirth.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString());
+ palist.add(dateOfBirth);
+
+
+ PersonalAttribute eIDNumber = new PersonalAttribute();
+ eIDNumber.setName("eIdentifier");
+ eIDNumber.setIsRequired(true);
+
+ final ArrayList<String> idNumber = new ArrayList<String>();
+ idNumber.add("123456789PÑ");
+
+ final HashMap<String, String> complex = new HashMap<String, String>();
+ complex.put("one", "two");
+
+ //eIDNumber.setValue(null);
+ //eIDNumber.setValue(idNumber);
+ //eIDNumber.setComplexValue(complex);
+
+ eIDNumber.setStatus(STORKStatusCode.STATUS_NOT_AVAILABLE.toString());
+ palist.add(eIDNumber);
+
+ PersonalAttribute canRessAddress = new PersonalAttribute();
+ canRessAddress.setName("canonicalResidenceAddress");
+ canRessAddress.setIsRequired(true);
+ canRessAddress.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString());
+ final HashMap<String, String> address = new HashMap<String, String>();
+
+ address.put("state", state);
+ address.put("municipalityCode", municipalityCode);
+ address.put("town", town);
+ address.put("postalCode", postalCode);
+ address.put("streetName", streetName);
+ address.put("streetNumber", streetNumber);
+ address.put("apartamentNumber", apartamentNumber);
+
+ canRessAddress.setComplexValue(address);
+ palist.add(canRessAddress);
+
+
+ final STORKAuthnResponse response = new STORKAuthnResponse();
+
+ response.setPersonalAttributeList(palist);
+
+ final STORKAuthnResponse storkResponse = getEngine()
+ .generateSTORKAuthnResponse(authenRequest, response, ipAddress,
+ isNotHashing);
+
+ authResponse = storkResponse.getTokenSaml();
+ LOG.info("Request id: " + authenRequest.getSamlId());
+
+ LOG.info("RESPONSE: " + SSETestUtils.encodeSAMLToken(authResponse));
+
+
+ authnResponse = getEngine().validateSTORKAuthnResponse(authResponse,
+ ipAddress);
+
+ LOG.info("RESPONSE ID: " + authnResponse.getSamlId());
+ LOG.info("RESPONSE IN_RESPONSE_TO: " + authnResponse.getInResponseTo());
+ LOG.info("RESPONSE COUNTRY: " + authnResponse.getCountry());
+
+ }
+
+
+
+
+
+ /**
+ * Test validate authentication response fail is fail.
+ *
+ * @throws STORKSAMLEngineException the STORKSAML engine exception
+ */
+ @Test
+ public final void testValidateAuthenticationResponseFailIsFail()
+ throws STORKSAMLEngineException {
+
+ final STORKAuthnResponse response = new STORKAuthnResponse();
+ response.setStatusCode(STORKStatusCode.REQUESTER_URI.toString());
+ response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString());
+ response.setMessage("message");
+
+ authResponse = getEngine().generateSTORKAuthnResponseFail(authenRequest,
+ response, ipAddress, isNotHashing).getTokenSaml();
+
+ LOG.error("ERROR_FAIL: " + PEPSUtil.encodeSAMLToken(authResponse));
+
+ authnResponse = getEngine().validateSTORKAuthnResponse(authResponse,
+ ipAddress);
+
+ LOG.info("COUNTRY: " + authnResponse.getCountry());
+ assertTrue("Generate incorrect response: ", authnResponse.isFail());
+ }
+
+ /**
+ * Test generate/validate response with signedDoc
+ *
+ * @throws STORKSAMLEngineException
+ * the STORKSAML engine exception
+ */
+ @Test
+ public final void testGenerateAuthenResponseWithSignedDoc()
+ throws STORKSAMLEngineException {
+
+ String signedDocResponse = "<dss:SignResponse xmlns:dss=\"urn:oasis:names:tc:dss:1.0:core:schema\" RequestID=\"123456\"> <dss:Result> <dss:ResultMajor>urn:oasis:names:tc:dss:1.0:resultmajor:Success</dss:ResultMajor> </dss:Result> <dss:SignatureObject> <dss:Base64Signature Type=\"urn:ietf:rfc:3275\">PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48ZHM6U2lnbmF0dXJlIHhtbG5zOmRzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIiBJZD0iU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1TaWduYXR1cmUiPjxkczpTaWduZWRJbmZvPjxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvVFIvMjAwMS9SRUMteG1sLWMxNG4tMjAwMTAzMTUiLz48ZHM6U2lnbmF0dXJlTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3JzYS1zaGExIi8+PGRzOlJlZmVyZW5jZSBJZD0iUmVmZXJlbmNlLWJhYmE0ZDFhLWExN2UtNDJjNi05N2QyLWJlZWUxMzUwOTUwMyIgVHlwZT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI09iamVjdCIgVVJJPSIjT2JqZWN0LTk4NzMzY2RlLThiY2MtNDhhMC05Yjc3LTBlOTk5N2JkZDA1OCI+PGRzOlRyYW5zZm9ybXM+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNiYXNlNjQiLz48L2RzOlRyYW5zZm9ybXM+PGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzOkRpZ2VzdFZhbHVlPkNrMVZxTmQ0NVFJdnEzQVpkOFhZUUx2RWh0QT08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjxkczpSZWZlcmVuY2UgVHlwZT0iaHR0cDovL3VyaS5ldHNpLm9yZy8wMTkwMyNTaWduZWRQcm9wZXJ0aWVzIiBVUkk9IiNTaWduYXR1cmUtOGVhYmQwYTUtNjYwZC00YWZkLTk5MDUtMGFiYzc1NTNkMTkyLVNpZ25lZFByb3BlcnRpZXMiPjxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSIvPjxkczpEaWdlc3RWYWx1ZT5BNVk5MW40cXBMZ3l0VFc3ZnhqWENVZVJ2NTQ9PC9kczpEaWdlc3RWYWx1ZT48L2RzOlJlZmVyZW5jZT48ZHM6UmVmZXJlbmNlIFVSST0iI1NpZ25hdHVyZS04ZWFiZDBhNS02NjBkLTRhZmQtOTkwNS0wYWJjNzU1M2QxOTItS2V5SW5mbyI+PGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzOkRpZ2VzdFZhbHVlPlZQWDRuS0Z5UzZyRitGNmNSUjBQck5aZHc2Zz08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjwvZHM6U2lnbmVkSW5mbz48ZHM6U2lnbmF0dXJlVmFsdWUgSWQ9IlNpZ25hdHVyZS04ZWFiZDBhNS02NjBkLTRhZmQtOTkwNS0wYWJjNzU1M2QxOTItU2lnbmF0dXJlVmFsdWUiPkxiS04vL0M3WGt5eFR0WVRpQ1VScjhuWnp4QW1zdGNNZDBDZ0VBQ3JLMWR5Z1JIcUdjSzR4dHMrV0NVOFB5RXFXclJJVFl6SXV3LzcNClY0Wno5VFQ2MHA0S1RNZXd1UUw2NHNrRVN4MllnMkVkaWtTTyt0S3hXa2hyYVVzbVZiR2JQbW1jbUR2OTd0SER3ODg3NDdlRnE1RjUNCnYrYVZTeUF6MDNpVUttdVNlSDg9PC9kczpTaWduYXR1cmVWYWx1ZT48ZHM6S2V5SW5mbyBJZD0iU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1LZXlJbmZvIj48ZHM6S2V5VmFsdWU+PGRzOlJTQUtleVZhbHVlPjxkczpNb2R1bHVzPnd1Y21qOXRJV3J2d2JTVFVEZndLbCtKdERNTUVSMGNMZDZEa0JTcjc5MHQrckdOakVTcVlqUndFSWVCbktvUUhQeDVIb1JlRjg4L3QNCnFZOStDaEVYcExITHM5cDVhWDdTREp1YnBRTWZwMXRERlgzNHl3Z3hTUXZjZWVKUVdCWGppZXVJbWZDMjFzNGJPY2dKYlYxaGJpZ1MNCnpPS1RRS3IxVHpkR1IrdVJ5MDA9PC9kczpNb2R1bHVzPjxkczpFeHBvbmVudD5BUUFCPC9kczpFeHBvbmVudD48L2RzOlJTQUtleVZhbHVlPjwvZHM6S2V5VmFsdWU+PGRzOlg1MDlEYXRhPjxkczpYNTA5Q2VydGlmaWNhdGU+TUlJSW1UQ0NCNEdnQXdJQkFnSURBWFVVTUEwR0NTcUdTSWIzRFFFQkJRVUFNSUlCT3pFTE1Ba0dBMVVFQmhNQ1JWTXhPekE1QmdOVg0KQkFvVE1rRm5aVzVqYVdFZ1EyRjBZV3hoYm1FZ1pHVWdRMlZ5ZEdsbWFXTmhZMmx2SUNoT1NVWWdVUzB3T0RBeE1UYzJMVWtwTVRRdw0KTWdZRFZRUUhFeXRRWVhOellYUm5aU0JrWlNCc1lTQkRiMjVqWlhCamFXOGdNVEVnTURnd01EZ2dRbUZ5WTJWc2IyNWhNUzR3TEFZRA0KVlFRTEV5VlRaWEoyWldseklGQjFZbXhwWTNNZ1pHVWdRMlZ5ZEdsbWFXTmhZMmx2SUVWRFZpMHlNVFV3TXdZRFZRUUxFeXhXWldkbA0KZFNCb2RIUndjem92TDNkM2R5NWpZWFJqWlhKMExtNWxkQzkyWlhKRFNVTXRNaUFvWXlrd016RTFNRE1HQTFVRUN4TXNSVzUwYVhSaA0KZENCd2RXSnNhV05oSUdSbElHTmxjblJwWm1sallXTnBieUJrWlNCamFYVjBZV1JoYm5NeEd6QVpCZ05WQkFNVEVsQlNSVkJTVDBSVg0KUTBOSlR5QkpSRU5oZERBZUZ3MHhNREF5TVRFeE9ESXlNRFJhRncweE5EQXlNVEF4T0RJeU1EUmFNSUd3TVFzd0NRWURWUVFHRXdKRg0KVXpFMU1ETUdBMVVFQ3hNc1ZtVm5aWFVnYUhSMGNITTZMeTkzZDNjdVkyRjBZMlZ5ZEM1dVpYUXZkbVZ5U1VSRFlYUWdLR01wTURNeA0KRmpBVUJnTlZCQVFURFVKRlVreEJUa2RCSUZOUFZFOHhGekFWQmdOVkJDb1REazFCVWtsQklFVk9SMUpCUTBsQk1SSXdFQVlEVlFRRg0KRXdreE1EQXdNRGswTkZNeEpUQWpCZ05WQkFNVEhFMUJVa2xCSUVWT1IxSkJRMGxCSUVKRlVreEJUa2RCSUZOUFZFOHdnWjh3RFFZSg0KS29aSWh2Y05BUUVCQlFBRGdZMEFNSUdKQW9HQkFNTG5Kby9iU0ZxNzhHMGsxQTM4Q3BmaWJRekRCRWRIQzNlZzVBVXErL2RMZnF4ag0KWXhFcW1JMGNCQ0hnWnlxRUJ6OGVSNkVYaGZQUDdhbVBmZ29SRjZTeHk3UGFlV2wrMGd5Ym02VURINmRiUXhWOStNc0lNVWtMM0huaQ0KVUZnVjQ0bnJpSm53dHRiT0d6bklDVzFkWVc0b0VzemlrMENxOVU4M1JrZnJrY3ROQWdNQkFBR2pnZ1N3TUlJRXJEQU1CZ05WSFJNQg0KQWY4RUFqQUFNQTRHQTFVZER3RUIvd1FFQXdJRm9EQ0J6QVlEVlIwUkJJSEVNSUhCZ1E5aWMyOTBiMEJuYldGcGJDNWpiMjJrZ1lVdw0KZ1lJeEN6QUpCZ05WQkFZVEFrVlRNU3N3S1FZRFZRUUtGQ0pCWjhPb2JtTnBZU0JEWVhSaGJHRnVZU0JrWlNCRFpYSjBhV1pwWTJGag0KYWNPek1RNHdEQVlEVlFRTEV3VkpSRU5CVkRFUE1BMEdBMVVFQlJNR01ERTNOVEUwTVNVd0l3WURWUVFERXh4TlFWSkpRU0JGVGtkUw0KUVVOSlFTQkNSVkpNUVU1SFFTQlRUMVJQb0JBR0Npc0dBUVFCOVhnQkFRR2dBZ3dBb0JRR0RsWUVBQUVEQmdFRUFmVjRBUUVDb0FJTQ0KQURBZkJnTlZIUklFR0RBV2dSUmxZMTlwWkdOaGRFQmpZWFJqWlhKMExtNWxkREFkQmdOVkhRNEVGZ1FVQUZYanVOc2tCMk1seXZVQg0KaDdwOFRKMHVKMHd3Z2dGSUJnTlZIU01FZ2dFL01JSUJPNEFVUkt2Y2tVaE4xNGg0Q24vZ2RPRG42NzIzS1Z5aGdnRVBwSUlCQ3pDQw0KQVFjeEN6QUpCZ05WQkFZVEFrVlRNVHN3T1FZRFZRUUtFekpCWjJWdVkybGhJRU5oZEdGc1lXNWhJR1JsSUVObGNuUnBabWxqWVdOcA0KYnlBb1RrbEdJRkV0TURnd01URTNOaTFKS1RFb01DWUdBMVVFQ3hNZlUyVnlkbVZwY3lCUWRXSnNhV056SUdSbElFTmxjblJwWm1sag0KWVdOcGJ6RThNRG9HQTFVRUN4TXpWbVZuWlhVZ2FIUjBjSE02THk5M2QzY3VZMkYwWTJWeWRDNXVaWFF2ZG1WeWNISmxjSEp2WkhWag0KWTJsdklDaGpLVEF6TVRVd013WURWUVFMRXl4S1pYSmhjbkYxYVdFZ1JXNTBhWFJoZEhNZ1pHVWdRMlZ5ZEdsbWFXTmhZMmx2SUVOaA0KZEdGc1lXNWxjekVjTUJvR0ExVUVBeE1UVUZKRlVGSlBSRlZEUTBsUElFVkRMVUZEUTRJUWR3S1R0TTFFRVU5RkVQWFVZSGdnaERBZA0KQmdOVkhTVUVGakFVQmdnckJnRUZCUWNEQWdZSUt3WUJCUVVIQXdRd0VRWUpZSVpJQVliNFFnRUJCQVFEQWdXZ01EUUdDQ3NHQVFVRg0KQndFQkJDZ3dKakFrQmdnckJnRUZCUWN3QVlZWWFIUjBjSE02THk5dlkzTndMbU5oZEdObGNuUXVibVYwTUJnR0NDc0dBUVVGQndFRA0KQkF3d0NqQUlCZ1lFQUk1R0FRRXdnWVlHQTFVZEh3Ui9NSDB3UEtBNm9EaUdObWgwZEhBNkx5OWxjSE5qWkM1allYUmpaWEowTG01bA0KZEM5amNtd3ZjSEpsY0hKdlpIVmpZMmx2WDJWakxXbGtZMkYwTG1OeWJEQTlvRHVnT1lZM2FIUjBjRG92TDJWd2MyTmtNaTVqWVhSag0KWlhKMExtNWxkQzlqY213dmNISmxjSEp2WkhWalkybHZYMlZqTFdsa1kyRjBMbU55YkRDQjlnWURWUjBnQklIdU1JSHJNSUhvQmd3cg0KQmdFRUFmVjRBUU1CVmdFd2dkY3dMQVlJS3dZQkJRVUhBZ0VXSUdoMGRIQnpPaTh2ZDNkM0xtTmhkR05sY25RdWJtVjBMM1psY2tsRQ0KUTJGME1JR21CZ2dyQmdFRkJRY0NBakNCbVJxQmxrRnhkV1Z6ZENEdnY3MXpJSFZ1SUdObGNuUnBabWxqWVhRZ2NHVnljMjl1WVd3Zw0KU1VSRFFWUXNJSEpsWTI5dVpXZDFkQ0JrSjJsa1pXNTBhV1pwWTJGajc3KzlMQ0J6YVdkdVlYUjFjbUVnYVNCNGFXWnlZWFFnWkdVZw0KWTJ4aGMzTmxJRElnYVc1a2FYWnBaSFZoYkM0Z1ZtVm5aWFVnYUhSMGNITTZMeTkzZDNjdVkyRjBZMlZ5ZEM1dVpYUXZkbVZ5UkVOaA0KZERBdEJnTlZIUWtFSmpBa01CQUdDQ3NHQVFVRkJ3a0VNUVFUQWtWVE1CQUdDQ3NHQVFVRkJ3a0ZNUVFUQWtWVE1BMEdDU3FHU0liMw0KRFFFQkJRVUFBNElCQVFDcTc3ODBSR1FNTEIxZ2tkTk1mTFhuZ3FNb1JIR0taYnZ6a3JxSUFtVDhXQWQxRThyQXBoUjkveExKVXRwNQ0KbGJnMmZScjVibDJqOE9WREJLMlltRzQxaDhBRG40U1RJL0FwZU5JTlNmalpzNk5Sc25XekZ5ZlhYbVBDSFlGQi9YV3p5aW1DRXhndg0KdnR1SCszUUF3Y3dobjUwUExFdWh3NUM1dmxYN0x5NUs2ckxMTUZOVVVNYldWeTFoWmVsSy9DQlRjQWpJTzM4TlkrdllSQU1LU2Y0TQ0KL2daUXo0cUJlRlZKYTUyUjdOY0FxQ2ZyZkxmYVhwYkRTZzk4eG9CZU5zMmluR3p4OFVTZ0VyTFpqS0pzZG4vS2pURDlnUy9zVGRRNg0KUTdpZHFsZDJMRlZsTzIvYjk0Wk5aQmNTLzc4RU9EWGdkV2ZreVBDN1J3OHJlOW5JMy9qVDwvZHM6WDUwOUNlcnRpZmljYXRlPjwvZHM6WDUwOURhdGE+PC9kczpLZXlJbmZvPjxkczpPYmplY3QgRW5jb2Rpbmc9ImJhc2U2NCIgSWQ9Ik9iamVjdC05ODczM2NkZS04YmNjLTQ4YTAtOWI3Ny0wZTk5OTdiZGQwNTgiIE1pbWVUeXBlPSJhcHBsaWNhdGlvbi9vY3RldC1zdHJlYW0iPlNHVnNiRzhnVjI5eWJHUT08L2RzOk9iamVjdD48ZHM6T2JqZWN0Pjx4YWRlczpRdWFsaWZ5aW5nUHJvcGVydGllcyB4bWxuczp4YWRlcz0iaHR0cDovL3VyaS5ldHNpLm9yZy8wMTkwMy92MS4zLjIjIiBJZD0iU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1RdWFsaWZ5aW5nUHJvcGVydGllcyIgVGFyZ2V0PSIjU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1TaWduYXR1cmUiPjx4YWRlczpTaWduZWRQcm9wZXJ0aWVzIElkPSJTaWduYXR1cmUtOGVhYmQwYTUtNjYwZC00YWZkLTk5MDUtMGFiYzc1NTNkMTkyLVNpZ25lZFByb3BlcnRpZXMiPjx4YWRlczpTaWduZWRTaWduYXR1cmVQcm9wZXJ0aWVzPjx4YWRlczpTaWduaW5nVGltZT4yMDExLTAzLTIxVDExOjQ0OjQyKzAxOjAwPC94YWRlczpTaWduaW5nVGltZT48eGFkZXM6U2lnbmluZ0NlcnRpZmljYXRlPjx4YWRlczpDZXJ0Pjx4YWRlczpDZXJ0RGlnZXN0PjxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSIvPjxkczpEaWdlc3RWYWx1ZT4zbTZ3OTlUb3lTZDlKcEJsMWdCazhEei9iYlU9PC9kczpEaWdlc3RWYWx1ZT48L3hhZGVzOkNlcnREaWdlc3Q+PHhhZGVzOklzc3VlclNlcmlhbD48ZHM6WDUwOUlzc3Vlck5hbWU+Q049UFJFUFJPRFVDQ0lPIElEQ2F0LCBPVT1FbnRpdGF0IHB1YmxpY2EgZGUgY2VydGlmaWNhY2lvIGRlIGNpdXRhZGFucywgT1U9VmVnZXUgaHR0cHM6Ly93d3cuY2F0Y2VydC5uZXQvdmVyQ0lDLTIgKGMpMDMsIE9VPVNlcnZlaXMgUHVibGljcyBkZSBDZXJ0aWZpY2FjaW8gRUNWLTIsIEw9UGFzc2F0Z2UgZGUgbGEgQ29uY2VwY2lvIDExIDA4MDA4IEJhcmNlbG9uYSwgTz1BZ2VuY2lhIENhdGFsYW5hIGRlIENlcnRpZmljYWNpbyAoTklGIFEtMDgwMTE3Ni1JKSwgQz1FUzwvZHM6WDUwOUlzc3Vlck5hbWU+PGRzOlg1MDlTZXJpYWxOdW1iZXI+OTU1MDg8L2RzOlg1MDlTZXJpYWxOdW1iZXI+PC94YWRlczpJc3N1ZXJTZXJpYWw+PC94YWRlczpDZXJ0PjwveGFkZXM6U2lnbmluZ0NlcnRpZmljYXRlPjwveGFkZXM6U2lnbmVkU2lnbmF0dXJlUHJvcGVydGllcz48eGFkZXM6U2lnbmVkRGF0YU9iamVjdFByb3BlcnRpZXM+PHhhZGVzOkRhdGFPYmplY3RGb3JtYXQgT2JqZWN0UmVmZXJlbmNlPSIjUmVmZXJlbmNlLWJhYmE0ZDFhLWExN2UtNDJjNi05N2QyLWJlZWUxMzUwOTUwMyI+PHhhZGVzOk1pbWVUeXBlPmFwcGxpY2F0aW9uL29jdGV0LXN0cmVhbTwveGFkZXM6TWltZVR5cGU+PHhhZGVzOkVuY29kaW5nPmJhc2U2NDwveGFkZXM6RW5jb2Rpbmc+PC94YWRlczpEYXRhT2JqZWN0Rm9ybWF0PjwveGFkZXM6U2lnbmVkRGF0YU9iamVjdFByb3BlcnRpZXM+PC94YWRlczpTaWduZWRQcm9wZXJ0aWVzPjwveGFkZXM6UXVhbGlmeWluZ1Byb3BlcnRpZXM+PC9kczpPYmplY3Q+PC9kczpTaWduYXR1cmU+</dss:Base64Signature> </dss:SignatureObject> </dss:SignResponse>";
+
+ IPersonalAttributeList palist = new PersonalAttributeList();
+
+ PersonalAttribute signedDoc = new PersonalAttribute();
+ signedDoc.setName("signedDoc");
+ signedDoc.setIsRequired(false);
+ ArrayList<String> signed = new ArrayList<String>();
+ signed.add(signedDocResponse);
+ signedDoc.setValue(signed);
+ palist.add(signedDoc);
+
+ PersonalAttribute isAgeOver = new PersonalAttribute();
+ isAgeOver.setName("isAgeOver");
+ isAgeOver.setIsRequired(false);
+ ArrayList<String> ages = new ArrayList<String>();
+ ages.add("16");
+ ages.add("18");
+ isAgeOver.setValue(ages);
+ palist.add(isAgeOver);
+
+ authenRequest.setPersonalAttributeList(palist);
+
+ final STORKAuthnResponse response = new STORKAuthnResponse();
+
+ response.setPersonalAttributeList(palist);
+
+ final STORKAuthnResponse storkResponse = getEngine()
+ .generateSTORKAuthnResponse(authenRequest, response, ipAddress,
+ isNotHashing);
+
+ authResponse = storkResponse.getTokenSaml();
+ authnResponse = getEngine().validateSTORKAuthnResponse(authResponse,
+ ipAddress);
+
+ assertTrue("SignedDoc response should be the same: ", authnResponse
+ .getPersonalAttributeList().get("signedDoc").getValue().get(0)
+ .equals(signedDocResponse));
+
+ }
+}
diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/package-info.java b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/package-info.java
new file mode 100644
index 000000000..1c34e2ad5
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/package-info.java
@@ -0,0 +1,20 @@
+/*
+ * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence. You may
+ * obtain a copy of the Licence at:
+ *
+ * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ */
+
+/**
+ * Provides the classes necessary to create a SAML message.
+ * @since 1.0
+ */
+package eu.stork.peps.test.simple; \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/SamlEngine.xml b/id/server/stork2-saml-engine/src/test/resources/SamlEngine.xml
new file mode 100644
index 000000000..171e05f12
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/SamlEngine.xml
@@ -0,0 +1,67 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<instances>
+
+ <!-- Configuration name -->
+ <instance name="CONF0">
+ <!-- Configurations parameters StorkSamlEngine -->
+ <configuration name="SamlEngineConf">
+ <parameter name="fileConfiguration" value="StorkSamlEngine_Conf0.xml" />
+ </configuration>
+
+ <!-- Settings module signature -->
+ <configuration name="SignatureConf">
+ <!-- Specific signature module -->
+ <parameter name="class"
+ value="eu.stork.peps.auth.engine.core.impl.SignSW" />
+ <!-- Settings specific module -->
+ <parameter name="fileConfiguration" value="SignModule_Conf0.xml" />
+ </configuration>
+ </instance>
+
+ <!-- ******************** CONF1 ******************** -->
+ <!-- Configuration name -->
+ <instance name="CONF1">
+ <!-- Configurations parameters StorkSamlEngine -->
+ <configuration name="SamlEngineConf">
+ <parameter name="fileConfiguration" value="StorkSamlEngine_Conf1.xml" />
+ </configuration>
+
+ <!-- Settings module signature -->
+ <configuration name="SignatureConf">
+ <!-- Specific signature module -->
+ <parameter name="class"
+ value="eu.stork.peps.auth.engine.core.impl.SignSW" />
+ <!-- Settings specific module -->
+ <parameter name="fileConfiguration" value="SignModule_Conf1.xml" />
+ </configuration>
+ </instance>
+
+ <!-- ******************** CONF2 ******************** -->
+
+ <instance name="CONF2">
+ <configuration name="SamlEngineConf">
+ <parameter name="fileConfiguration" value="StorkSamlEngine_Conf2.xml" />
+ </configuration>
+
+ <configuration name="SignatureConf">
+ <parameter name="class"
+ value="eu.stork.peps.auth.engine.core.impl.SignSW" />
+ <parameter name="fileConfiguration" value="SignModule_Conf2.xml" />
+ </configuration>
+ </instance>
+
+ <!-- ******************** CONF3 ******************** -->
+
+ <instance name="CONF3">
+ <configuration name="SamlEngineConf">
+ <parameter name="fileConfiguration" value="StorkSamlEngine_Conf3.xml" />
+ </configuration>
+
+ <configuration name="SignatureConf">
+ <parameter name="class"
+ value="eu.stork.peps.auth.engine.core.impl.SignSW" />
+ <parameter name="fileConfiguration" value="SignModule_Conf3.xml" />
+ </configuration>
+ </instance>
+
+</instances> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf0.xml b/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf0.xml
new file mode 100644
index 000000000..a9f2038b8
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf0.xml
@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+
+<!-- properties>
+ <comment>SWModule sign with JKS.</comment>
+ <entry key="keystorePath">C:\opt\keystores\keyStoreCountry0.jks</entry>
+ <entry key="keyStorePassword">local-demo</entry>
+ <entry key="keyPassword">local-demo</entry>
+ <entry key="issuer">CN=saml-demo-cert,OU=STORK2,O=Advania,L=Reykjavik,ST=Reykjavik,C=IS</entry>
+ <entry key="serialNumber">524D4C6C</entry>
+ <entry key="keystoreType">JKS</entry>
+</properties-->
+<properties>
+ <comment>SWModule sign with JKS.</comment>
+ <entry key="keystorePath">C:\opt\keystores\storkDemoKeysTest.jks</entry>
+ <entry key="keyStorePassword">local-demo</entry>
+ <entry key="keyPassword">local-demo</entry>
+ <entry key="issuer">CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES</entry>
+ <entry key="serialNumber">4BA89DB2</entry>
+ <entry key="keystoreType">JKS</entry>
+</properties> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf1.xml b/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf1.xml
new file mode 100644
index 000000000..e556a7331
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf1.xml
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+
+<properties>
+ <comment>SWModule sign with JKS.</comment>
+ <entry key="keystorePath">C:\opt\keystores\storkDemoKeysTest.jks</entry>
+ <entry key="keyStorePassword">local-demo</entry>
+ <entry key="keyPassword">local-demo</entry>
+ <entry key="issuer">CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES</entry>
+ <entry key="serialNumber">4BA89DB2</entry>
+ <entry key="keystoreType">JKS</entry>
+</properties> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf2.xml b/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf2.xml
new file mode 100644
index 000000000..3da1e33df
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf2.xml
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+
+<properties>
+ <comment>SWModule sign with JKS.</comment>
+ <entry key="keystorePath">C:\opt\keystores\keyStoreCountry2.jks</entry>
+ <entry key="keyStorePassword">local-demo</entry>
+ <entry key="keyPassword">local-demo</entry>
+ <entry key="issuer">CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES</entry>
+ <entry key="serialNumber">4BA89DB2</entry>
+ <entry key="keystoreType">JKS</entry>
+</properties> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf3.xml b/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf3.xml
new file mode 100644
index 000000000..4c14a1711
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf3.xml
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+
+<properties>
+ <comment>SWModule sign with JKS.</comment>
+ <entry key="keystorePath">C:\opt\keystores\keyStoreCountry3.jks</entry>
+ <entry key="keyStorePassword">local-demo</entry>
+ <entry key="keyPassword">local-demo</entry>
+ <entry key="issuer">CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES</entry>
+ <entry key="serialNumber">4BA89DB2</entry>
+ <entry key="keystoreType">JKS</entry>
+</properties> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/SignModule_P11.xml b/id/server/stork2-saml-engine/src/test/resources/SignModule_P11.xml
new file mode 100644
index 000000000..c683d97c3
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/SignModule_P11.xml
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+
+<properties>
+ <comment>HWModule sign with interface PKCS11.</comment>
+ <entry key="configurationFile">p11Config.cfg</entry>
+ <entry key="keyPassword">*******</entry>
+ <entry key="issuer">CN=XXXXXXXXX</entry>
+ <entry key="serialNumber">xxxxxxxxxxxxxx</entry>
+ <entry key="keystoreType">PKCS11</entry>
+</properties> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf0.xml b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf0.xml
new file mode 100644
index 000000000..8c3a94601
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf0.xml
@@ -0,0 +1,87 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+
+<properties>
+ <comment>SAML constants for AuthnRequests and Responses.</comment>
+
+ <!-- Types of consent obtained from the user for this authentication and
+ data transfer. Allow values: 'unspecified'. -->
+ <entry key="consentAuthnRequest">unspecified</entry>
+
+ <!-- Allow values: 'obtained', 'prior', 'current-implicit', 'current-explicit',
+ 'unspecified'. -->
+ <entry key="consentAuthnResponse">obtained</entry>
+
+ <!--URI representing the classification of the identifier Allow values:
+ 'entity'. -->
+ <entry key="formatEntity">entity</entry>
+
+ <!--Only HTTP-POST binding is only supported for inter PEPS -->
+ <!--The SOAP binding is only supported for direct communication between
+ SP-MW and VIdP -->
+ <entry key="protocolBinding">HTTP-POST</entry>
+
+
+
+
+ <!--URI representing the classification of the identifier Allow values:
+ 'entity'. <entry key="eIDSectorShare">true</entry> <entry key="eIDCrossSectorShare">true</entry>
+ <entry key="eIDCrossBorderShare">true</entry> -->
+
+
+
+ <!-- A friendly name for the attribute that can be displayed to a user -->
+ <entry key="friendlyName">false</entry>
+
+ <!-- A friendly name for the attribute that can be displayed to a user -->
+ <entry key="isRequired">true</entry>
+
+ <!--PEPS in the Service Provider's country -->
+ <entry key="requester">http://S-PEPS.gov.xx</entry>
+
+ <!--PEPS in the citizen's origin country -->
+ <entry key="responder">http://C-PEPS.gov.xx</entry>
+
+ <!--Subject cannot be confirmed on or after this seconds time (positive
+ number) -->
+ <entry key="timeNotOnOrAfter">300</entry>
+
+ <!--Validation IP of the response -->
+ <entry key="ipAddrValidation">false</entry>
+
+
+ <!--Subject Attribute Definitions -->
+ <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry>
+ <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry>
+ <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry>
+ <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry>
+ <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry>
+ <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry>
+ <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry>
+ <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry>
+ <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry>
+ <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry>
+ <entry key="residenceAddress">http://www.stork.gov.eu/1.0/residenceAddress</entry>
+ <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry>
+ <entry key="academicTitle">http://www.stork.gov.eu/1.0/academicTitle</entry>
+ <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry>
+ <entry key="age">http://www.stork.gov.eu/1.0/age</entry>
+ <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry>
+
+ <entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry>
+ <entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry>
+
+ <entry key="title">http://www.stork.gov.eu/1.0/title</entry>
+ <entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry>
+
+ <entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry>
+ <entry key="citizen509Certificate">http://www.stork.gov.eu/1.0/citizen509Certificate</entry>
+
+ <entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry>
+ <entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry>
+ <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry>
+ <entry key="mandateContent">http://www.stork.gov.eu/1.0/mandateContent</entry>
+
+ <entry key="docRequest">http://www.stork.gov.eu/1.0/docRequest</entry>
+
+</properties> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf1.xml b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf1.xml
new file mode 100644
index 000000000..ad04cc3df
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf1.xml
@@ -0,0 +1,85 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+
+<properties>
+ <comment>SAML constants for AuthnRequests and Responses.</comment>
+
+ <!-- Types of consent obtained from the user for this authentication and
+ data transfer. Allow values: 'unspecified'. -->
+ <entry key="consentAuthnRequest">unspecified</entry>
+
+ <!-- Allow values: 'obtained', 'prior', 'current-implicit', 'current-explicit',
+ 'unspecified'. -->
+ <entry key="consentAuthnResponse">obtained</entry>
+
+ <!--URI representing the classification of the identifier Allow values:
+ 'entity'. -->
+ <entry key="formatEntity">entity</entry>
+
+ <!--Only HTTP-POST binding is only supported for inter PEPS -->
+ <!--The SOAP binding is only supported for direct communication between
+ SP-MW and VIdP -->
+ <entry key="protocolBinding">HTTP-POST</entry>
+
+
+
+
+ <!--URI representing the classification of the identifier Allow values:
+ 'entity'. <entry key="eIDSectorShare">true</entry> <entry key="eIDCrossSectorShare">true</entry>
+ <entry key="eIDCrossBorderShare">true</entry> -->
+
+
+
+ <!-- A friendly name for the attribute that can be displayed to a user -->
+ <entry key="friendlyName">false</entry>
+
+ <!-- A friendly name for the attribute that can be displayed to a user -->
+ <entry key="isRequired">true</entry>
+
+ <!--PEPS in the Service Provider's country -->
+ <entry key="requester">http://S-PEPS.gov.xx</entry>
+
+ <!--PEPS in the citizen's origin country -->
+ <entry key="responder">http://C-PEPS.gov.xx</entry>
+
+ <!--Subject cannot be confirmed on or after this seconds time (positive
+ number) -->
+ <entry key="timeNotOnOrAfter">300</entry>
+
+ <!--Validation IP of the response -->
+ <entry key="ipAddrValidation">false</entry>
+
+
+ <!--Subject Attribute Definitions -->
+ <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry>
+ <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry>
+ <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry>
+ <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry>
+ <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry>
+ <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry>
+ <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry>
+ <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry>
+ <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry>
+ <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry>
+ <entry key="residenceAddress">http://www.stork.gov.eu/1.0/residenceAddress</entry>
+ <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry>
+ <entry key="academicTitle">http://www.stork.gov.eu/1.0/academicTitle</entry>
+ <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry>
+ <entry key="age">http://www.stork.gov.eu/1.0/age</entry>
+ <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry>
+
+ <entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry>
+ <entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry>
+
+ <entry key="title">http://www.stork.gov.eu/1.0/title</entry>
+ <entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry>
+
+ <entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry>
+ <entry key="citizen509Certificate">http://www.stork.gov.eu/1.0/citizen509Certificate</entry>
+
+ <entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry>
+ <entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry>
+ <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry>
+ <entry key="mandateContent">http://www.stork.gov.eu/1.0/mandateContent</entry>
+
+</properties> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf2.xml b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf2.xml
new file mode 100644
index 000000000..fd1db92ac
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf2.xml
@@ -0,0 +1,60 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+
+<properties>
+ <comment>SAML constants for AuthnRequests and Responses.</comment>
+
+ <!-- Types of consent obtained from the user for this authentication and
+ data transfer. Allow values: 'unspecified'. -->
+ <entry key="consentAuthnRequest">unspecified</entry>
+ <!-- Allow values: 'obtained', 'prior', 'curent-implicit', 'curent-explicit',
+ 'unspecified'. -->
+ <entry key="consentAuthnResponse">obtained</entry>
+
+ <!--URI representing the classification of the identifier Allow values:
+ 'entity'. -->
+ <entry key="formatEntity">entity</entry>
+
+ <!--Only HTTP-POST binding is only supported for inter PEPS -->
+ <!--The SOAP binding is only supported for direct communication between
+ SP-MW and VIdP -->
+ <entry key="protocolBinding">HTTP-POST</entry>
+
+ <entry key="eIDSectorShare">false</entry>
+ <entry key="eIDCrossSectorShare">false</entry>
+ <entry key="eIDCrossBorderShare">false</entry>
+
+ <!--PEPS in the Service Provider's country -->
+ <entry key="requester">http://S-PEPS.gov.xx</entry>
+
+ <!--PEPS in the citizen's origin country -->
+ <entry key="responder">http://C-PEPS.gov.xx</entry>
+
+ <!--Subject cannot be confirmed on or after this seconds time -->
+ <entry key="timeNotOnOrAfter">300</entry>
+
+ <!--Validation IP of the response -->
+ <entry key="ipAddrValidation">false</entry>
+
+ <!-- A friendly name for the attribute that can be displayed to a user -->
+ <entry key="isRequired">false</entry>
+
+
+ <!--Subject Attribute Definitions -->
+ <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry>
+ <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry>
+ <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry>
+ <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry>
+ <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry>
+ <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry>
+ <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry>
+ <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry>
+ <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry>
+ <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry>
+ <entry key="residenceAddress">http://www.stork.gov.eu/1.0/residenceAddress</entry>
+ <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry>
+ <entry key="academicTitle">http://www.stork.gov.eu/1.0/academicTitle</entry>
+ <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry>
+ <entry key="age">http://www.stork.gov.eu/1.0/age</entry>
+ <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry>
+</properties> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf3.xml b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf3.xml
new file mode 100644
index 000000000..bea40d274
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf3.xml
@@ -0,0 +1,57 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+
+<properties>
+ <comment>SAML constants for AuthnRequests and Responses.</comment>
+
+ <!-- Types of consent obtained from the user for this authentication and
+ data transfer. Allow values: 'unspecified'. -->
+ <entry key="consentAuthnRequest">unspecified</entry>
+ <!-- Allow values: 'obtained', 'prior', 'curent-implicit', 'curent-explicit',
+ 'unspecified'. -->
+ <entry key="consentAuthnResponse">obtained</entry>
+
+ <!--URI representing the classification of the identifier Allow values:
+ 'entity'. -->
+ <entry key="formatEntity">entity</entry>
+
+ <!--Only HTTP-POST binding is only supported for inter PEPS -->
+ <!--The SOAP binding is only supported for direct communication between
+ SP-MW and VIdP -->
+ <entry key="protocolBinding">HTTP-POST</entry>
+
+ <entry key="eIDSectorShare">false</entry>
+ <entry key="eIDCrossSectorShare">false</entry>
+ <entry key="eIDCrossBorderShare">false</entry>
+
+ <!--PEPS in the Service Provider's country -->
+ <entry key="requester">http://S-PEPS.gov.xx</entry>
+
+ <!--PEPS in the citizen's origin country -->
+ <entry key="responder">http://C-PEPS.gov.xx</entry>
+
+ <!--Subject cannot be confirmed on or after this seconds time -->
+ <entry key="timeNotOnOrAfter">300</entry>
+
+ <!--Validation IP of the response -->
+ <entry key="ipAddrValidation">false</entry>
+
+ <!--Subject Attribute Definitions -->
+ <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry>
+ <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry>
+ <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry>
+ <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry>
+ <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry>
+ <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry>
+ <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry>
+ <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry>
+ <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry>
+ <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry>
+ <entry key="residenceAddress">http://www.stork.gov.eu/1.0/residenceAddress</entry>
+ <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry>
+ <entry key="academicTitle">http://www.stork.gov.eu/1.0/academicTitle</entry>
+ <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry>
+ <entry key="age">http://www.stork.gov.eu/1.0/age</entry>
+ <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry>
+ <entry key="unknown">http://www.stork.gov.eu/1.0/unknown</entry>
+</properties> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequest.xml b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequest.xml
new file mode 100644
index 000000000..3764389e4
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequest.xml
@@ -0,0 +1,82 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<saml2p:AttributeQuery xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"
+ xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
+ xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol"
+ xmlns:xs="http://www.w3.org/2001/XMLSchema" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified"
+ Destination="http://A-PEPS.gov.xx/PEPS/AttributeColleagueRequest" ID="_939726f0a02072f40b548de378612a50"
+ IssueInstant="2013-10-04T16:57:55.547Z" Version="2.0">
+ <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer>
+ <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:SignedInfo>
+ <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+ <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
+ <ds:Reference URI="#_939726f0a02072f40b548de378612a50">
+ <ds:Transforms>
+ <ds:Transform
+ Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
+ <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
+ <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"
+ PrefixList="xs" />
+ </ds:Transform>
+ </ds:Transforms>
+ <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <ds:DigestValue>BgPDTVCv7BhiWIs6HsC06jaHaag=</ds:DigestValue>
+ </ds:Reference>
+ </ds:SignedInfo>
+ <ds:SignatureValue>dIC61bGi6Jqp1zSVojpjaVq9WaZcDtNImXgo1Dyze5/hJA07Sy4TaHu+/IuLEC99aLjM6rxh2UUNqpPaQCFlF5eVkVv/c4gHEZVyevhjJKTidqmnuhlI78PGMx2thfxFsHsPcqHqOzy1Z6w18K1ds6APQP+aXI9TNKis+pykn4nJititYuiSseD0VY0F4QnXx+U6k3raoi1CAFE5fe7EuI/KfxuhhQLAbLq90Vm8R94ITBjfSS25mXstXNe9zppTSjDB42ld1TjDovDwXAn5OxiZasIEb5m68sRlxgoQ/2/+ZdYNNINFLAwkCbb8MiCbGASd626Bme0Kx+ropeWdxw==</ds:SignatureValue>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDXjCCAkagAwIBAgIEUk1MbDANBgkqhkiG9w0BAQUFADBxMQswCQYDVQQGEwJJUzESMBAGA1UE
+ CAwJUmV5a2phdmlrMRIwEAYDVQQHDAlSZXlramF2aWsxEDAOBgNVBAoMB0FkdmFuaWExDzANBgNV
+ BAsMBlNUT1JLMjEXMBUGA1UEAwwOc2FtbC1kZW1vLWNlcnQwHhcNMTMxMDAzMTA1MzEyWhcNMjMx
+ MDAzMTA1MzEyWjBxMQswCQYDVQQGEwJJUzESMBAGA1UECAwJUmV5a2phdmlrMRIwEAYDVQQHDAlS
+ ZXlramF2aWsxEDAOBgNVBAoMB0FkdmFuaWExDzANBgNVBAsMBlNUT1JLMjEXMBUGA1UEAwwOc2Ft
+ bC1kZW1vLWNlcnQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkSgTxZkNRXZTKLB0c
+ 4oz7/8Dh56FX+0cYg7hjw4e8vn+ITXkxzrmUH57FtsvKln4mq1H0FHXL80u3IiWX8qY+QLgNeKeB
+ m85lXuyOb3wWpKAaQvpLAkejGLCx22AN2L0WZkKZV2puwRQVsRHCq6U6vToJXDZ6Ui6ltKsAl/ZS
+ 8qUFpiIvqD5ea4ohz4JsFE/uApRc7pbJ4VbOmAAeH/tQTayptq2kPb2vvUVk+2cH5J7UD+GCI88E
+ e+mS+C33tV9NmWUHL69mYEe8FXjumbKA5e9i1ejn9i0/BLUtHFonHnL9YFMim0foI7NNc5mNg9aw
+ vm0PuByVU3kuibQkqGBLAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBAA9X5B4NBmVuhjECi+KOnRRX
+ 5oUV+jbYKhGZODDPi+F4Uo7ZtPFQ6sS3tE54+8AoDl5zQ5q5fDDVXhB42IIIjDxHKo8cBXie5FZ6
+ mJtErvWZWYWdO0uV2OQAUALq2LieidqSFDJ+Pjl8w1New8oi3migwyE0jZo4Q97lJGDfJTruV0A2
+ JE/Gt6QAAcWhhN2hZl92pYkIi5OeqHXyzBUp5vg8LLfNmeyziCAiXDC1Sy/aQU/cllZ3zFJMrqZM
+ s2xBpmB4sF1YRbIrr2OqEVE6M6DUx+pAQOd2uogV3AMT9D5MYpckI1jx/o/Tto7ju74nIVOskDiN
+ K0FR8izxcT0HixM=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </ds:Signature>
+ <saml2p:Extensions>
+ <stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel>
+ <storkp:eIDSectorShare>false</storkp:eIDSectorShare>
+ <storkp:eIDCrossSectorShare>false</storkp:eIDCrossSectorShare>
+ <storkp:eIDCrossBorderShare>false</storkp:eIDCrossBorderShare>
+ <storkp:RequestedAttributes>
+ <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/dateOfBirth"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ isRequired="false" />
+ <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/isAgeOver"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ isRequired="true">
+ <stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:type="xs:anyType">16</stork:AttributeValue>
+ <stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:type="xs:anyType">18</stork:AttributeValue>
+ </stork:RequestedAttribute>
+ <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/givenName"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ isRequired="true">
+ <stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:type="xs:anyType">Sveinbjorn</stork:AttributeValue>
+ </stork:RequestedAttribute>
+ <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/eIdentifier"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ isRequired="true">
+ <stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:type="xs:anyType">ES/IS/1234567890</stork:AttributeValue>
+ </stork:RequestedAttribute>
+ </storkp:RequestedAttributes>
+ </saml2p:Extensions>
+ <saml2:Subject>
+ <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer" />
+ </saml2:Subject>
+</saml2p:AttributeQuery> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestSdoc.xml b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestSdoc.xml
new file mode 100644
index 000000000..d64572829
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestSdoc.xml
@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="UTF-8"?><saml2p:AttributeQuery xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol" xmlns:xs="http://www.w3.org/2001/XMLSchema" AssertionConsumerServiceURL="http://S-PEPS.gov.xx/PEPS/ColleagueResponse" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" Destination="http://A-PEPS.gov.xx/PEPS/AttributeColleagueRequest" ID="_334488599e0c2781ff34857c4964debb" IssueInstant="2014-02-06T22:09:18.113Z" Version="2.0"><saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/><ds:Reference URI="#_334488599e0c2781ff34857c4964debb"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/></ds:Transform></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>X1nUVB6qXdoKbJzNekiSo9ExLdw=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>ExCPHHC/9OhdhOl1Ou+43Qw1nvskpbMYMu9vqa7m16doxM2PIUmK7LUw7hZiKtjIdBxuhpca3OrjO8O6MuTDN1FksWoj+7B1KTLFtmspucT5O7Cu2OqhK5WIVuCaLuA7CD0N2UfFouRwR5NlLHyzn9Trd7IM5OjA41dGb5jqYl7Ir+62+MgjhZRlLooDzb5fDAczbxv9LHGiKRBpgnk40w3gDAvoSPNdEuKhZi8LPQWWNBvVi3N5ZmJmAIacZWBqePywXTjygmChWAc8p7ptAX6tw0hpBxyxoW3aaZZzWQNcwobTRYbn89fcM11gqIz/YK7VXtiQ7WEQt1enQD/GAA==</ds:SignatureValue><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIDIjCCAgqgAwIBAgIES6idsjANBgkqhkiG9w0BAQUFADBTMQswCQYDVQQGEwJFUzEOMAwGA1UE
+CAwFU3BhaW4xDzANBgNVBAcMBk1hZHJpZDEOMAwGA1UECgwFSW5kcmExEzARBgNVBAMMCmxvY2Fs
+LWRlbW8wHhcNMTMwODI4MTY0NzM1WhcNMTUwODI4MTY0NzM1WjBTMQswCQYDVQQGEwJFUzEOMAwG
+A1UECAwFU3BhaW4xDzANBgNVBAcMBk1hZHJpZDEOMAwGA1UECgwFSW5kcmExEzARBgNVBAMMCmxv
+Y2FsLWRlbW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx+7zEQUbt8Ot9dByR5TuY
+NPmTwaKhECtnkxYAx9tl+Ga3kFiv+dOSeDoQOhxkICG1ZMaG0Gtk0EQWjscC1cLwDXpAOdhOm5xh
+ndFHxa3V3Y3zomFZA7A3nwP8wt17wDrc1xi2Ye8VrwO7Vjb/F8Rgutlcrvq+LF4g9nQLoRiKUq8w
+NFvDlvhBbLr8hMVBMY/jY7tSQ85qLqKUkWRcoDttJjgWZoO1vpBS4m+FywtYdOoHnN6fv4Dvf1r2
+rNLgebgBvSfwznxiulwW6FBLasYX0rYKP7RfwG8TJ+FumOgAjADj2LdwK25RZNg44XU2V1z1Fp37
+fNXhfo08LpdD1ueFAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBADMRGTWOmadZyCoJNluV+M7LopjC
+9WpFUj76X0cAoNXmt12zYqYe8hjRmBr6l2V/FXT3/TyWET1nILG46zwwAxslw3b2LvkhU+9QcuB8
+yC8TCJJ0kgsTZ/EUZPSbwUG7Nn2jkMiyjlyKcjSCQOzEKQyR1xYwyZG40+BPeGbYjmRgm6kcmCxY
+USWoPwNyfke9gNT80f0pUj7wJ9YwWbTIz1rhf/h7rxoMYypXo+JXwaXW/Ra8v1uDcwfKpE5ZgwAU
+nubLXF4A+H7/N7ZvB5XDwJ4W+99nuPsKfwacD8m1sflTXcEPzzhOq6iQ9anJT94/pMctnp827zXA
+y66jvDrin5I=</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature><saml2p:Extensions><stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel><stork:spCountry>IS</stork:spCountry><storkp:eIDSectorShare>false</storkp:eIDSectorShare><storkp:eIDCrossSectorShare>false</storkp:eIDCrossSectorShare><storkp:eIDCrossBorderShare>false</storkp:eIDCrossBorderShare><storkp:RequestedAttributes><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/docRequest" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"><stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">IS/IS/fbea6e68-0393-401b-b616-f767fff9418c</stork:AttributeValue></stork:RequestedAttribute></storkp:RequestedAttributes></saml2p:Extensions><saml2:Subject><saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"/></saml2:Subject></saml2p:AttributeQuery> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestTagDelete.xml b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestTagDelete.xml
new file mode 100644
index 000000000..becc689fe
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestTagDelete.xml
@@ -0,0 +1,66 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<saml2p:AttributeQuery xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"
+ xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
+ xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol"
+ xmlns:xs="http://www.w3.org/2001/XMLSchema" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified"
+ Destination="http://C-PEPS.gov.xx/PEPS/ColleagueRequest" ID="_f6c8fc355b9f125cb5283f038e1b3cdf"
+ IssueInstant="2013-10-03T10:28:15.449Z" Version="2.0">
+ <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer>
+ <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:SignatureValue>hhQXDKNrJJ3Yy/pkZNZF4GlWrA/Xsx4CH9chgVa5HK4qZQvFXvZwegdw6U7rm7qv0zmI4xaLTv/bpmqJzEPfY3sIvrDRu9EouEKwtjbMbcvVQsx7I+j0yy7/cBcQJe3lRwQwyvazfYVbnSeGFxBN6WOHPqv6uInaQO/hXkicT3tBtm8o3UgUDY6c8wIMuD5A0hWTkL6z6f893AbdN85OQYAdHItNsQWeLOIeiGC918X7qqTfhFtBAB2oGVjlsSEqWox1jNqrPl1jjA0dP76m5SIVSqF8XcDR306ZB9GLJywOHKba0lxGLsXOAzJ+8u9jeixJ6VZKFqZg2Fhl/saKbg==</ds:SignatureValue>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDJzCCAg8CBEuonbIwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UEBhMCRVMxDjAMBgNVBAgMBVNw
+ YWluMQ8wDQYDVQQHDAZNYWRyaWQxDjAMBgNVBAoMBUluZHJhMRgwFgYDVQQDDA9sb2NhbC1kZW1v
+ LWNlcnQwHhcNMTAwMzIzMTA1MzM4WhcNMTAwNjAxMTA1MzM4WjBYMQswCQYDVQQGEwJFUzEOMAwG
+ A1UECAwFU3BhaW4xDzANBgNVBAcMBk1hZHJpZDEOMAwGA1UECgwFSW5kcmExGDAWBgNVBAMMD2xv
+ Y2FsLWRlbW8tY2VydDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJfdQ1/mkM9sqqab
+ ri8qqqX4s0J6UEEXyF+0AjLU8RC4WMeYFSZ5tfwnyLsoXY0/9bZLXnBxSibQYaf4SnpZJhlVA4sU
+ 0d8qyEWA2OvXGDCm7uspGHG3CRQa7fpHsmHmfIAqho9XDlwpwJdx5gK4Edc6aArcMQfjqMhy1s1n
+ 6Of1i1lMGGsGrERIRY7biIQu/8nITbHH18sUAZMG1u/Q0Avi9O3LWyswHXUouZ818fWwG6xru2N5
+ y6vtVO/SL3doRSdqYkEms93TgxTtaKg8XNe24zhNTte6nvWLaKesi2KzZGC57HU47HBFEs8NWk7z
+ 9BDf8uLyPz9VDahwVKzMto8CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAgpuReXQ7Dsfdoe5zzy2F
+ 6kn1qqtMkRGsBPKnDFCI/GkIZpBiqlfwdh6sipnFKWfKEDlPKN1kEhbkDR2GA1Cp4F4ZSL/HumZM
+ pWabRhDxhTPvHIFbbShPDJY93+jw/yQeaWgMuhw3WzdH9TrVoRZH0Q7sG1pIJo5/6IogIZwFvJHT
+ /NDutKmurU6Lw8Vnde8PfnQd+FTEhz0SEGyKkWjAuhGbJfseBy/z3L+MJq1rdSQ9PF7wXDvWNzJq
+ yaNBUWWBV1TskvkNZXcaguroVPy2XhA1aixlAajWEXLk6Uuj5UYqalrV/reNYvDvY0BV2CIn51r7
+ Ppm8IFVTk8mYfX8/jw==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </ds:Signature>
+ <saml2p:Extensions>
+ <stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel>
+ <storkp:eIDSectorShare>false</storkp:eIDSectorShare>
+ <storkp:eIDCrossSectorShare>false</storkp:eIDCrossSectorShare>
+ <storkp:eIDCrossBorderShare>false</storkp:eIDCrossBorderShare>
+ <storkp:RequestedAttributes>
+ <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/dateOfBirth"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ isRequired="false" />
+ <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/isAgeOver"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ isRequired="true">
+ <stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:type="xs:anyType">16</stork:AttributeValue>
+ <stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:type="xs:anyType">18</stork:AttributeValue>
+ </stork:RequestedAttribute>
+ <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/givenName"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ isRequired="true">
+ <stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:type="xs:anyType">Sveinbjörn</stork:AttributeValue>
+ </stork:RequestedAttribute>
+ <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/eIdentifier"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ isRequired="true">
+ <stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:type="xs:anyType">ES/IS/1234567890</stork:AttributeValue>
+ </stork:RequestedAttribute>
+ </storkp:RequestedAttributes>
+ </saml2p:Extensions>
+ <saml2:Subject>
+ <saml2:SubjectConfirmation
+ Method="urn:oasis:names:tc:SAML:1.0:cm:sender-vouches" />
+ </saml2:Subject>
+</saml2p:AttributeQuery> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryResponse.xml b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryResponse.xml
new file mode 100644
index 000000000..7ea486812
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryResponse.xml
@@ -0,0 +1,124 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"
+ xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
+ xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol"
+ xmlns:xs="http://www.w3.org/2001/XMLSchema" Consent="urn:oasis:names:tc:SAML:2.0:consent:obtained"
+ Destination="http://C-PEPS.gov.xx/PEPS/ColleagueRequest" ID="_483140d440fc4eef8e949ace49669f2e"
+ InResponseTo="_0a22c1120bf2de912714c24e99dd38ed" IssueInstant="2013-10-08T09:11:17.255Z"
+ Version="2.0">
+ <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://C-PEPS.gov.xx</saml2:Issuer>
+ <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:SignedInfo>
+ <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+ <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
+ <ds:Reference URI="#_483140d440fc4eef8e949ace49669f2e">
+ <ds:Transforms>
+ <ds:Transform
+ Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
+ <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
+ <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"
+ PrefixList="xs" />
+ </ds:Transform>
+ </ds:Transforms>
+ <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <ds:DigestValue>yMOVS1T/yRiVh3L6IBM9rR9Ie3w=</ds:DigestValue>
+ </ds:Reference>
+ </ds:SignedInfo>
+ <ds:SignatureValue>d8e/RyNNPmnHRIzTIuRSnW6B60oWGBGxjRua/HvNxTuod0qSarYJxEedhY9Wl1Z9WYXlry28FuKjp3DA3HhzNaVd7A7QpFqNC4dnizSVWFjxlhmoE/Uv3Y/ha9P/fk6nbtHCSKW4kHSX7QfFLeggcLmUG0IULRF8UmRdQ0WerCl0aSZZeSp8J3LsFBPeWCRSwXgfiLn+RehggzZmQU6g0ssxrpnsYEAtjAiOli+YVQGuumsZGaJ8zHA/DgJ2FTGovNUyfuSUFLhd9nLlSqFs2Avnx0Ck7Q1dxDO5truOm6e285YLHqLaGdetFyPQAj/Z4w4RJ5u5X6d7rhBjTfRAAw==</ds:SignatureValue>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDJzCCAg8CBEuonbIwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UEBhMCRVMxDjAMBgNVBAgMBVNw
+ YWluMQ8wDQYDVQQHDAZNYWRyaWQxDjAMBgNVBAoMBUluZHJhMRgwFgYDVQQDDA9sb2NhbC1kZW1v
+ LWNlcnQwHhcNMTAwMzIzMTA1MzM4WhcNMTAwNjAxMTA1MzM4WjBYMQswCQYDVQQGEwJFUzEOMAwG
+ A1UECAwFU3BhaW4xDzANBgNVBAcMBk1hZHJpZDEOMAwGA1UECgwFSW5kcmExGDAWBgNVBAMMD2xv
+ Y2FsLWRlbW8tY2VydDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJfdQ1/mkM9sqqab
+ ri8qqqX4s0J6UEEXyF+0AjLU8RC4WMeYFSZ5tfwnyLsoXY0/9bZLXnBxSibQYaf4SnpZJhlVA4sU
+ 0d8qyEWA2OvXGDCm7uspGHG3CRQa7fpHsmHmfIAqho9XDlwpwJdx5gK4Edc6aArcMQfjqMhy1s1n
+ 6Of1i1lMGGsGrERIRY7biIQu/8nITbHH18sUAZMG1u/Q0Avi9O3LWyswHXUouZ818fWwG6xru2N5
+ y6vtVO/SL3doRSdqYkEms93TgxTtaKg8XNe24zhNTte6nvWLaKesi2KzZGC57HU47HBFEs8NWk7z
+ 9BDf8uLyPz9VDahwVKzMto8CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAgpuReXQ7Dsfdoe5zzy2F
+ 6kn1qqtMkRGsBPKnDFCI/GkIZpBiqlfwdh6sipnFKWfKEDlPKN1kEhbkDR2GA1Cp4F4ZSL/HumZM
+ pWabRhDxhTPvHIFbbShPDJY93+jw/yQeaWgMuhw3WzdH9TrVoRZH0Q7sG1pIJo5/6IogIZwFvJHT
+ /NDutKmurU6Lw8Vnde8PfnQd+FTEhz0SEGyKkWjAuhGbJfseBy/z3L+MJq1rdSQ9PF7wXDvWNzJq
+ yaNBUWWBV1TskvkNZXcaguroVPy2XhA1aixlAajWEXLk6Uuj5UYqalrV/reNYvDvY0BV2CIn51r7
+ Ppm8IFVTk8mYfX8/jw==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </ds:Signature>
+ <saml2p:Status>
+ <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" />
+ <saml2p:StatusMessage>urn:oasis:names:tc:SAML:2.0:status:Success</saml2p:StatusMessage>
+ </saml2p:Status>
+ <saml2:Assertion ID="_9ed05849dee5c154e62fa9e3ba53e9f3"
+ IssueInstant="2013-10-08T09:11:17.255Z" Version="2.0">
+ <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://C-PEPS.gov.xx</saml2:Issuer>
+ <saml2:Subject>
+ <saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
+ NameQualifier="http://C-PEPS.gov.xx">urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</saml2:NameID>
+ <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+ <saml2:SubjectConfirmationData
+ Address="111.222.333.444" InResponseTo="_0a22c1120bf2de912714c24e99dd38ed"
+ NotOnOrAfter="2013-10-08T09:16:17.255Z" />
+ </saml2:SubjectConfirmation>
+ </saml2:Subject>
+ <saml2:Conditions NotBefore="2013-10-08T09:11:17.255Z"
+ NotOnOrAfter="2013-10-08T09:16:17.255Z">
+ <saml2:AudienceRestriction>
+ <saml2:Audience>http://S-PEPS.gov.xx</saml2:Audience>
+ </saml2:AudienceRestriction>
+ <saml2:OneTimeUse />
+ </saml2:Conditions>
+ <saml2:AuthnStatement AuthnInstant="2013-10-08T09:11:17.255Z">
+ <saml2:SubjectLocality Address="111.222.333.444" />
+ <saml2:AuthnContext>
+ <saml2:AuthnContextDecl />
+ </saml2:AuthnContext>
+ </saml2:AuthnStatement>
+ <saml2:AttributeStatement>
+ <saml2:Attribute Name="http://www.stork.gov.eu/1.0/dateOfBirth"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ stork:AttributeStatus="Available">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:type="xs:anyType">16/12/2008</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute
+ Name="http://www.stork.gov.eu/1.0/canonicalResidenceAddress"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ stork:AttributeStatus="Available">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:type="xs:anyType">
+ <stork:postalCode xsi:type="xs:anyType">105</stork:postalCode>
+ <stork:state xsi:type="xs:anyType">IS</stork:state>
+ <stork:streetNumber xsi:type="xs:anyType">10</stork:streetNumber>
+ <stork:streetName xsi:type="xs:anyType">Gudrunartun</stork:streetName>
+ <stork:town xsi:type="xs:anyType">Reykjavik</stork:town>
+ </saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute Name="http://www.stork.gov.eu/1.0/newAttribute2"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ stork:AttributeStatus="Available">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:type="xs:anyType">
+ <stork:value3 xsi:type="xs:anyType">value3</stork:value3>
+ <stork:value4 xsi:type="xs:anyType">value4</stork:value4>
+ <stork:value1 xsi:type="xs:anyType">value1</stork:value1>
+ <stork:value2 xsi:type="xs:anyType">value2</stork:value2>
+ </saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute Name="http://www.stork.gov.eu/1.0/isAgeOver"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ stork:AttributeStatus="Available">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:type="xs:anyType">16</saml2:AttributeValue>
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:type="xs:anyType">18</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute Name="http://www.stork.gov.eu/1.0/eIdentifier"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ stork:AttributeStatus="Available">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:type="xs:anyType">123456789IS</saml2:AttributeValue>
+ </saml2:Attribute>
+ </saml2:AttributeStatement>
+ </saml2:Assertion>
+</saml2p:Response> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequest.xml b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequest.xml
new file mode 100644
index 000000000..c48bfde95
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequest.xml
@@ -0,0 +1,72 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"
+ xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
+ xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol"
+ AssertionConsumerServiceURL="http://S-PEPS.gov.xx/PEPS/ColleagueResponse"
+ Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" Destination="http://C-PEPS.gov.xx/PEPS/ColleagueRequest"
+ ForceAuthn="true" ID="_e54eee285e7b8e2772875c406ec39674" IsPassive="false"
+ IssueInstant="2010-06-08T07:37:54.533Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ ProviderName="University of Oxford" Version="2.0">
+ <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer>
+ <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:SignedInfo>
+ <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+ <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
+ <ds:Reference URI="#_e54eee285e7b8e2772875c406ec39674">
+ <ds:Transforms>
+ <ds:Transform
+ Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
+ <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
+ <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"
+ PrefixList="ds saml2 saml2p stork storkp xs" />
+ </ds:Transform>
+ </ds:Transforms>
+ <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <ds:DigestValue>yzsqaxBNicOrixBUno5cL0CBOpE=</ds:DigestValue>
+ </ds:Reference>
+ </ds:SignedInfo>
+ <ds:SignatureValue>
+ Xycll1PF7hh3Xdykpr6nIr8Q6PQ6OxLIBBBugoGpAm/V4Hu7tKakHJp8TgtRWZ30jG5eolOXnJkC
+ wiaTVUFaQz7cNn27syRJkdA+eYlz9doiwUJ5eD1cAyddZYsNPpSeAj5UK45oN0qCH+/pI9mRw8Oi
+ YIN/BUEtXkoYTjPtkmA=
+ </ds:SignatureValue>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIBmDCCAQECBEuWisIwDQYJKoZIhvcNAQEFBQAwEzERMA8GA1UEAxMIY291bnRyeTEwHhcNMTAw
+ MzA5MTc1MjAyWhcNMTAwNjA3MTc1MjAyWjATMREwDwYDVQQDEwhjb3VudHJ5MTCBnzANBgkqhkiG
+ 9w0BAQEFAAOBjQAwgYkCgYEAnb2gcchwxvJBclcsfCBWJnYefLJYQnDGCQ3RUtYZc26JznnLXclu
+ h1XfLJlWgYk/pFKz7B9KfJztal47c6mBfisnxjhdcLqcbXOuRIm7E8TZPzdbHEd60WHPDv20jr+r
+ /WkOQs12tKQMbgDX2wtBBcJODLYCDiYa1oQsnyhdOGkCAwEAATANBgkqhkiG9w0BAQUFAAOBgQBk
+ 3luVRc0EqEE1zZeYvRPi5a2yOZfI9H+/rXI1qNLwmICnuJX++ukUbqJHm/FV1iSPM9O9oqzifJ/K
+ eKL5EcUugJ76Tu5XO8za2FoJvYr+jIZDsEkCg+OSzcp/eljiWAIh2enZcQ/ON6QxWXeSNJPH0xOq
+ KAoZgbUK0Zld3Dsheg==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </ds:Signature>
+ <saml2p:Extensions>
+ <stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel>
+ <stork:spSector>EDU001</stork:spSector>
+ <stork:spInstitution>OXF001</stork:spInstitution>
+ <stork:spApplication>APP001</stork:spApplication>
+ <stork:spCountry>EN</stork:spCountry>
+ <storkp:eIDSectorShare>true</storkp:eIDSectorShare>
+ <storkp:eIDCrossSectorShare>true</storkp:eIDCrossSectorShare>
+ <storkp:eIDCrossBorderShare>true</storkp:eIDCrossBorderShare>
+ <storkp:RequestedAttributes>
+ <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/isAgeOver"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ isRequired="true">
+ <stork:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">16</stork:AttributeValue>
+ <stork:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">18</stork:AttributeValue>
+ </stork:RequestedAttribute>
+ <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/dateOfBirth"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ isRequired="false" />
+ <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/eIdentifier"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ isRequired="true" />
+ </storkp:RequestedAttributes>
+ </saml2p:Extensions>
+</saml2p:AuthnRequest> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDelete.xml b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDelete.xml
new file mode 100644
index 000000000..8766f9a8b
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDelete.xml
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"
+ xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
+ xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:stork" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol"
+ AssertionConsumerServiceURL="http://localhost:8080/SP/ReturnPage"
+ Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" Destination="http://locahost:8080/PEPS/ServiceProvider"
+ ForceAuthn="true" ID="_0c64ff85-1323-4618-847b-12d1983b86e4" IsPassive="false"
+ IssueInstant="2010-04-07T16:45:03.593Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ ProviderName="PT-SP" Version="2.0">
+ <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer>
+ <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:SignatureValue>
+ S6nY97RSCUJXq3HZ5obSLCI341LvtAA3vHjR1FWxrIMDPACQMqlNWBYNnRP1RiZiJV6x0RieH+SR
+ Vkiy03jYyhr0XkwAE5Wd6Huf+zIbeTXjZkdQj7JpAXoB+ky4G/+L0deamvsP3eO7ZJ4grady4gmC
+ Xt8p8tK3EoMocZse2hw=
+ </ds:SignatureValue>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIBkTCB+wIESpT8bTANBgkqhkiG9w0BAQUFADAQMQ4wDAYDVQQDEwVzdG9yazAeFw0wOTA4MjYw
+ OTEyMTNaFw0wOTExMjQwOTEyMTNaMBAxDjAMBgNVBAMTBXN0b3JrMIGfMA0GCSqGSIb3DQEBAQUA
+ A4GNADCBiQKBgQDK/QL8NuMd41I1lObObeRA6DaM8bjeYqIz5mg5WnnZv4jlcK7Gq89Lk6htXRFl
+ lAXpDYhI3zolMIMHEMZ3zQQPc7lgTV6Bbz9uD2YTJ9Kx55e8Y6Y49DO+TiiejGJxTzTFUcuBJHaK
+ ipuvLVd1a8N3RAnaGSUOozhrTqxba82mEwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFJgeS18nhUl
+ r7WnvSn9FlkI94U//Hk3iZLc3/cScTu7D7Y/J0eUq4TF8PsSzWX5khGuqrTkswNgfEtl2IpACQ2w
+ kB8+RxeRNdddQlGHlO4ZqnpvxXBwSouiy2yUeAo0y++vMFm6DO4sxfk8eTtimPDo5SzBtjtGtbqS
+ 3cyl/wz8</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </ds:Signature>
+ <saml2p:Extensions>
+ <stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel>
+ <storkp:eIDSectorShare>false</storkp:eIDSectorShare>
+ <storkp:eIDCrossSectorShare>false</storkp:eIDCrossSectorShare>
+ <storkp:eIDCrossBorderShare>false</storkp:eIDCrossBorderShare>
+ <storkp:RequestedAttributes>
+ <stork:RequestedAttribute
+ Name="http://www.stork.gov.eu/1.0/nationalityCode" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ isRequired="true" />
+ <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/dateOfBirth"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ isRequired="true" />
+ <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/givenName"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ isRequired="true" />
+ </storkp:RequestedAttributes>
+ </saml2p:Extensions>
+</saml2p:AuthnRequest> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDeleteEncoded.xml b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDeleteEncoded.xml
new file mode 100644
index 000000000..1b1e1646c
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDeleteEncoded.xml
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"
+ xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
+ xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:stork" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol"
+ AssertionConsumerServiceURL="http://localhost:8080/SP/ReturnPage"
+ Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" Destination="http://localhost:8080/PEPS/ServiceProvider"
+ ForceAuthn="true" ID="_0c64ff85-1323-4618-847b-12d1983b86e4" IsPassive="false"
+ IssueInstant="2010-04-07T16:45:03.593Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ ProviderName="PT-SP" Version="2.0">
+ <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer>
+ <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:SignatureValue>
+ S6nY97RSCUJXq3HZ5obSLCI341LvtAA3vHjR1FWxrIMDPACQMqlNWBYNnRP1RiZiJV6x0RieH+SR
+ Vkiy03jYyhr0XkwAE5Wd6Huf+zIbeTXjZkdQj7JpAXoB+ky4G/+L0deamvsP3eO7ZJ4grady4gmC
+ Xt8p8tK3EoMocZse2hw=
+ </ds:SignatureValue>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIBkTCB+wIESpT8bTANBgkqhkiG9w0BAQUFADAQMQ4wDAYDVQQDEwVzdG9yazAeFw0wOTA4MjYw
+ OTEyMTNaFw0wOTExMjQwOTEyMTNaMBAxDjAMBgNVBAMTBXN0b3JrMIGfMA0GCSqGSIb3DQEBAQUA
+ A4GNADCBiQKBgQDK/QL8NuMd41I1lObObeRA6DaM8bjeYqIz5mg5WnnZv4jlcK7Gq89Lk6htXRFl
+ lAXpDYhI3zolMIMHEMZ3zQQPc7lgTV6Bbz9uD2YTJ9Kx55e8Y6Y49DO+TiiejGJxTzTFUcuBJHaK
+ ipuvLVd1a8N3RAnaGSUOozhrTqxba82mEwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFJgeS18nhUl
+ r7WnvSn9FlkI94U//Hk3iZLc3/cScTu7D7Y/J0eUq4TF8PsSzWX5khGuqrTkswNgfEtl2IpACQ2w
+ kB8+RxeRNdddQlGHlO4ZqnpvxXBwSouiy2yUeAo0y++vMFm6DO4sxfk8eTtimPDo5SzBtjtGtbqS
+ 3cyl/wz8</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </ds:Signature>
+ <saml2p:Extensions>
+ <stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel>
+ <storkp:eIDSectorShare>false</storkp:eIDSectorShare>
+ <storkp:eIDCrossSectorShare>false</storkp:eIDCrossSectorShare>
+ <storkp:eIDCrossBorderShare>false</storkp:eIDCrossBorderShare>
+ <storkp:RequestedAttributes>
+ <stork:RequestedAttribute
+ Name="http://www.stork.gov.eu/1.0/nationalityCode" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ isRequired="true" />
+ <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/dateOfBirth"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ isRequired="true" />
+ <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/givenName"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ isRequired="true" />
+ </storkp:RequestedAttributes>
+ </saml2p:Extensions>
+</saml2p:AuthnRequest> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/logback-test.xml b/id/server/stork2-saml-engine/src/test/resources/logback-test.xml
new file mode 100644
index 000000000..99d7d353a
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/logback-test.xml
@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- Basic configuration used until the IdP can load the real configuration -->
+<configuration>
+
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <layout class="ch.qos.logback.classic.PatternLayout">
+ <Pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n
+ </Pattern>
+ </layout>
+ </appender>
+
+ <logger name="eu.stork">
+ <level value="DEBUG" />
+ </logger>
+
+ <root>
+ <appender-ref ref="STDOUT" />
+ <level value="INFO" />
+ </root>
+
+</configuration> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/p11Conf.cfg b/id/server/stork2-saml-engine/src/test/resources/p11Conf.cfg
new file mode 100644
index 000000000..bd9f357ce
--- /dev/null
+++ b/id/server/stork2-saml-engine/src/test/resources/p11Conf.cfg
@@ -0,0 +1,24 @@
+//ATTRIBUTE VALUE
+//name name suffix of this provider instance
+//library pathname of PKCS#11 implementation
+//slotListIndex slot index
+
+//PREFIX DESCRIPTION
+//CKO_ Object class
+//CKA_ Attribute
+//CKK_ Key type
+
+//attributes(operation, keytype, keyalgorithm) = {
+// name1 = value1
+// [...]
+//}
+
+name=nameProvider
+library=library.dll
+slotListIndex=0
+attributes(*,CKO_PUBLIC_KEY,CKK_RSA)={
+ CKA_VERIFY=true
+}
+attributes(*,CKO_PRIVATE_KEY,CKK_RSA)={
+ CKA_SIGN=true
+} \ No newline at end of file