aboutsummaryrefslogtreecommitdiff
path: root/id/server
diff options
context:
space:
mode:
authorThomas Lenz <thomas.lenz@egiz.gv.at>2021-07-28 11:33:11 +0200
committerThomas Lenz <thomas.lenz@egiz.gv.at>2021-08-30 10:38:25 +0200
commitba6ba0af88d8c9472a63356ddf3d19f84847c2d7 (patch)
treec491da6c530e7c69dc236dfc02f432bc95b9c24c /id/server
parent1b7c56f30ff37596933a904b8ae931be18e9015b (diff)
downloadmoa-id-spss-ba6ba0af88d8c9472a63356ddf3d19f84847c2d7.tar.gz
moa-id-spss-ba6ba0af88d8c9472a63356ddf3d19f84847c2d7.tar.bz2
moa-id-spss-ba6ba0af88d8c9472a63356ddf3d19f84847c2d7.zip
add new authentication module for EHVD communication
Diffstat (limited to 'id/server')
-rw-r--r--id/server/auth-edu/pom.xml5
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/pom.xml57
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java48
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthModule.java147
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthSpringResourceProvider.java62
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/PvpRoleAttributeBuilder.java58
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java69
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/IEhvdCommunication.java23
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/task/InjectEhvdInformationTask.java103
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/main/resources/DefaultAuth_with_ehvd_interaction.process.xml32
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider1
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder1
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/main/resources/moaid_ehvd_service_auth.beans.xml23
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/id_messages.properties2
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/protocol_response_statuscodes.properties2
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/BeanCreationTest.java39
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthModuleTest.java101
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthSpringResourceProviderTest.java56
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/InjectEhvdIdentityInformationTaskTest.java131
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/PvpRoleAttributeBuilderTest.java124
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/DummyAuthConfigMap.java136
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/TestUtils.java150
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AttributeBuilderRegistrationTest.java41
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AuthenticationRoleFactoryTest.java65
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/MoaStatusMessagerTest.java55
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config1.properties5
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config2.properties4
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth.beans.xml19
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth_lazy.beans.xml24
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_messager_auth.beans.xml15
-rw-r--r--id/server/modules/pom.xml1
31 files changed, 1599 insertions, 0 deletions
diff --git a/id/server/auth-edu/pom.xml b/id/server/auth-edu/pom.xml
index 42e035c7a..6a8110a28 100644
--- a/id/server/auth-edu/pom.xml
+++ b/id/server/auth-edu/pom.xml
@@ -228,6 +228,11 @@
<artifactId>moa-id-module-EID_connector</artifactId>
</dependency>
+ <dependency>
+ <groupId>MOA.id.server.modules</groupId>
+ <artifactId>moa-id-module-ehvd_integration</artifactId>
+ </dependency>
+
<!--
<dependency>
<groupId>org.apache.santuario</groupId>
diff --git a/id/server/modules/moa-id-module-ehvd_integration/pom.xml b/id/server/modules/moa-id-module-ehvd_integration/pom.xml
new file mode 100644
index 000000000..05b2d0daa
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/pom.xml
@@ -0,0 +1,57 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>MOA.id.server.modules</groupId>
+ <artifactId>moa-id-modules</artifactId>
+ <version>4.1.6-SNAPSHOT</version>
+ </parent>
+ <artifactId>moa-id-module-ehvd_integration</artifactId>
+ <version>${moa-id-ehvd_integration.version}</version>
+ <description>Module to integrate information from EHVD into MOA-ID response</description>
+
+ <dependencies>
+ <dependency>
+ <groupId>MOA.id.server.modules</groupId>
+ <artifactId>moa-id-modul-citizencard_authentication</artifactId>
+ <exclusions>
+ <exclusion>
+ <groupId>*</groupId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+
+ <dependency>
+ <groupId>MOA.id.server</groupId>
+ <artifactId>moa-id-lib</artifactId>
+ <scope>provided</scope>
+ </dependency>
+
+
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-test</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>at.gv.egiz.eaaf</groupId>
+ <artifactId>eaaf_core_utils</artifactId>
+ <scope>test</scope>
+ <type>test-jar</type>
+ </dependency>
+ <dependency>
+ <groupId>at.gv.egiz.eaaf</groupId>
+ <artifactId>eaaf-core</artifactId>
+ <scope>test</scope>
+ <type>test-jar</type>
+ </dependency>
+
+ </dependencies>
+</project>
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java
new file mode 100644
index 000000000..fd7d1b013
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java
@@ -0,0 +1,48 @@
+/*
+ * Copyright 2021 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.auth.modules.ehvd;
+
+import java.util.Collection;
+
+import com.google.common.collect.Sets;
+
+import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
+import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions;
+
+public class ConfigurationProperties {
+
+ // configuration properties
+ private static final String MODULE_PREFIX = "modules.ehvd.";
+
+ public static final String PROP_MODULE_ENABLED = MODULE_PREFIX + "enabled";
+ public static final String PROP_MODULE_SP_PREFIX = MODULE_PREFIX + "sp";
+
+ public static final String PROP_MODULE_SERVICE_TARGET = MODULE_PREFIX + "service.bpk.target";
+
+
+ public static final String DEFAULT_EHVD_SERVICE_TARGET = EAAFConstants.URN_PREFIX_CDID + "GH";
+
+ private ConfigurationProperties() {
+ // hide constructor or static class
+ }
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthModule.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthModule.java
new file mode 100644
index 000000000..917c226a2
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthModule.java
@@ -0,0 +1,147 @@
+/*
+ * Copyright 2021 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.auth.modules.ehvd;
+
+import java.util.Collection;
+import java.util.Collections;
+import java.util.stream.Collectors;
+
+import javax.annotation.PostConstruct;
+
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egovernment.moa.id.auth.modules.internal.DefaultCitizenCardAuthModuleImpl;
+import at.gv.egovernment.moa.logging.Logger;
+
+/**
+ * @author tlenz
+ *
+ */
+public class EhvdServiceAuthModule extends DefaultCitizenCardAuthModuleImpl {
+
+ private int priority = 2;
+
+ @Autowired(required = true)
+ protected IConfigurationWithSP authConfig;
+
+ private Collection<String> uniqueIDsEnabled;
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getPriority()
+ */
+ @Override
+ public int getPriority() {
+ return priority;
+
+ }
+
+ /**
+ * Sets the priority of this module. Default value is {@code 0}.
+ *
+ * @param priority The priority.
+ */
+ public void setPriority(int priority) {
+ this.priority = priority;
+
+ }
+
+ @PostConstruct
+ private void initialDummyAuthWhiteList() {
+ if (authConfig.getBasicConfigurationBoolean(ConfigurationProperties.PROP_MODULE_ENABLED, false)) {
+ Logger.info("AuthModule for 'EHVD injection' is enabled");
+
+ // load allowed service-provider Id's
+ uniqueIDsEnabled = authConfig.getBasicConfigurationWithPrefix(
+ ConfigurationProperties.PROP_MODULE_SP_PREFIX).values().stream()
+ .filter(el -> StringUtils.isNotEmpty(el))
+ .collect(Collectors.toSet());
+
+ if (!uniqueIDsEnabled.isEmpty()) {
+ Logger.info("EHVD communication is enabled for ....");
+ uniqueIDsEnabled.forEach(el -> Logger.info(" EntityID: " + el));
+
+ }
+
+ } else {
+ uniqueIDsEnabled = Collections.emptySet();
+ Logger.info("AuthModule for 'EHVD injection' is disabled");
+
+ }
+
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.
+ * egovernment.moa.id.process.api.ExecutionContext)
+ */
+ @Override
+ public String selectProcess(ExecutionContext context, IRequest pendingReq) {
+
+ if (authConfig.getBasicConfigurationBoolean(ConfigurationProperties.PROP_MODULE_ENABLED, false)) {
+ final String spEntityID = pendingReq.getServiceProviderConfiguration().getUniqueIdentifier();
+ Logger.trace("Checking EHVD communication for SP: " + spEntityID + " ....");
+ boolean ccAuthRequested = StringUtils.isNotEmpty(super.selectProcess(context, pendingReq));
+ if (uniqueIDsEnabled.contains(spEntityID) && ccAuthRequested) {
+ Logger.debug("EHVD communication is allowed for SP: " + spEntityID);
+ return "DefaultAuthenticationWithEHVDInteraction";
+
+ } else {
+ if (Logger.isDebugEnabled()) {
+ if (ccAuthRequested) {
+ Logger.debug("Unique SP-Id: " + spEntityID + " is not in whitelist for EHVD communication.");
+
+ } else {
+ Logger.trace("No CititzenCard authentication requested. EHVD communication skipped too");
+
+ }
+ }
+ }
+
+ } else {
+ Logger.trace("'EHVD injection' authentication is disabled");
+
+ }
+
+ return null;
+
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getProcessDefinitions()
+ */
+ @Override
+ public String[] getProcessDefinitions() {
+ return new String[] { "classpath:/DefaultAuth_with_ehvd_interaction.process.xml" };
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthSpringResourceProvider.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthSpringResourceProvider.java
new file mode 100644
index 000000000..ea0695a1a
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthSpringResourceProvider.java
@@ -0,0 +1,62 @@
+/*
+ * Copyright 2021 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.auth.modules.ehvd;
+
+import org.springframework.core.io.ClassPathResource;
+import org.springframework.core.io.Resource;
+
+import at.gv.egiz.components.spring.api.SpringResourceProvider;
+
+/**
+ * @author tlenz
+ *
+ */
+public class EhvdServiceAuthSpringResourceProvider implements SpringResourceProvider {
+
+ /* (non-Javadoc)
+ * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getResourcesToLoad()
+ */
+ @Override
+ public Resource[] getResourcesToLoad() {
+ ClassPathResource authConfig = new ClassPathResource("/moaid_ehvd_service_auth.beans.xml", EhvdServiceAuthSpringResourceProvider.class);
+ return new Resource[] {authConfig};
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getPackagesToScan()
+ */
+ @Override
+ public String[] getPackagesToScan() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getName()
+ */
+ @Override
+ public String getName() {
+ return "Module for 'Dummy Authentication'";
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/PvpRoleAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/PvpRoleAttributeBuilder.java
new file mode 100644
index 000000000..0f1c96aa8
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/PvpRoleAttributeBuilder.java
@@ -0,0 +1,58 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes;
+
+import java.util.stream.Collectors;
+
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IPVPAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA;
+import at.gv.egovernment.moa.id.data.IMOAAuthData;
+import at.gv.egovernment.moa.logging.Logger;
+
+@PVPMETADATA
+public class PvpRoleAttributeBuilder implements IPVPAttributeBuilder {
+
+ private static final String ROLE_NAME_DELIMITER = ";";
+
+ @Override
+ public <ATT> ATT build(ISPConfiguration oaParam, IAuthData authData,
+ IAttributeGenerator<ATT> g) throws AttributeBuilderException {
+ if (authData instanceof IMOAAuthData) {
+ IMOAAuthData moaAuthData = (IMOAAuthData)authData;
+ if (moaAuthData.getAuthenticationRoles() != null
+ && !moaAuthData.getAuthenticationRoles().isEmpty()) {
+ return g.buildStringAttribute(ROLES_FRIENDLY_NAME, ROLES_NAME,
+ moaAuthData.getAuthenticationRoles().stream()
+ .map(el -> el.getRawRoleString())
+ .collect(Collectors.joining(ROLE_NAME_DELIMITER)));
+
+
+ } else {
+ Logger.trace("No PVP roles available. Skipping attribute: " + ROLES_FRIENDLY_NAME);
+
+ }
+
+ } else {
+ Logger.info("Attribute: " + ROLES_FRIENDLY_NAME + " is only available in MOA-ID context");
+
+ }
+
+ return null;
+
+ }
+
+ @Override
+ public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) {
+ return g.buildEmptyAttribute(ROLES_FRIENDLY_NAME, ROLES_NAME);
+
+ }
+
+ @Override
+ public String getName() {
+ return ROLES_NAME;
+
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java
new file mode 100644
index 000000000..f0e2069a1
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java
@@ -0,0 +1,69 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.service;
+
+import java.util.Collections;
+import java.util.List;
+
+import javax.annotation.Nonnull;
+import javax.annotation.PostConstruct;
+
+import org.springframework.beans.factory.annotation.Autowired;
+
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
+import at.gv.egiz.eaaf.core.exceptions.EAAFBuilderException;
+import at.gv.egiz.eaaf.core.impl.data.Pair;
+import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BPKBuilder;
+import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.logging.Logger;
+
+/**
+ * Implement interaction with EHVD service to get GDA information.
+ *
+ * @author tlenz
+ *
+ */
+public class EhvdCommunicationService implements IEhvdCommunication {
+
+ @Autowired IConfiguration config;
+
+ private String ehvdBpkTarget;
+
+ /**
+ * Get user's GDA roles from EHVD Service.
+ *
+ * @param identityLink IdentityLink of the user
+ * @return {@link List} of Roles that are received from EHVD
+ * @throws AuthenticationException In case of an EHVD communication error
+ * @throws EAAFBuilderException In case of a bPK generation error
+ */
+ @Override
+ @Nonnull
+ public List<String> getRoles(IIdentityLink identityLink) throws AuthenticationException, EAAFBuilderException {
+
+ // get bPK for EHVD request
+ Pair<String, String> ehvdBpk = BPKBuilder.generateAreaSpecificPersonIdentifier(
+ identityLink.getIdentificationValue(),
+ identityLink.getIdentificationType(),
+ ehvdBpkTarget);
+
+
+ //TODO: request EHVD and handle errors
+
+ //TODO: parse roles from response
+
+
+ return Collections.emptyList();
+
+ }
+
+ @PostConstruct
+ private void initialize() {
+ ehvdBpkTarget = config.getBasicConfiguration(
+ ConfigurationProperties.PROP_MODULE_SERVICE_TARGET,
+ ConfigurationProperties.DEFAULT_EHVD_SERVICE_TARGET);
+ Logger.info("Initialize EHVD Client with bPK target: " + ehvdBpkTarget);
+
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/IEhvdCommunication.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/IEhvdCommunication.java
new file mode 100644
index 000000000..8a9c7db5c
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/IEhvdCommunication.java
@@ -0,0 +1,23 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.service;
+
+import java.util.List;
+
+import javax.annotation.Nonnull;
+
+import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
+import at.gv.egiz.eaaf.core.exceptions.EAAFBuilderException;
+import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+
+public interface IEhvdCommunication {
+
+ /**
+ * Get user's GDA roles from EHVD Service.
+ *
+ * @param identityLink IdentityLink of the user
+ * @return {@link List} of Roles that are received from EHVD
+ * @throws AuthenticationException In case of an EHVD communication error
+ * @throws EAAFBuilderException In case of a bPK generation error
+ */
+ List<String> getRoles(IIdentityLink identityLink) throws AuthenticationException, EAAFBuilderException;
+
+} \ No newline at end of file
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/task/InjectEhvdInformationTask.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/task/InjectEhvdInformationTask.java
new file mode 100644
index 000000000..b44863b80
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/task/InjectEhvdInformationTask.java
@@ -0,0 +1,103 @@
+/*
+ * Copyright 2021 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.auth.modules.ehvd.task;
+
+import java.util.List;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.data.Pair;
+import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BPKBuilder;
+import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
+import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.service.IEhvdCommunication;
+import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
+import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
+import at.gv.egovernment.moa.logging.Logger;
+
+/**
+ * @author tlenz
+ *
+ */
+@Component("InjectEhvdInformationTask")
+public class InjectEhvdInformationTask extends AbstractAuthServletTask {
+
+ @Autowired IEhvdCommunication ehvdService;
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask#execute(at.gv.
+ * egovernment.moa.id.process.api.ExecutionContext,
+ * javax.servlet.http.HttpServletRequest,
+ * javax.servlet.http.HttpServletResponse)
+ */
+ @Override
+ public void execute(ExecutionContext executionContext, HttpServletRequest request,
+ HttpServletResponse response)
+ throws TaskExecutionException {
+ try {
+ final AuthenticationSessionWrapper session = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
+
+ // validate internal state
+ validateInternalState(session);
+
+ // requesting roles from EHVD
+ List<String> ehvdRoles = ehvdService.getRoles(session.getIdentityLink());
+
+ // inject EHVD roles
+ session.setGenericDataToSession(PVPConstants.ROLES_NAME, StringUtils.join(ehvdRoles, ";"));
+
+ // store MOASession into database
+ requestStoreage.storePendingRequest(pendingReq);
+
+ } catch (final MOAIDException e) {
+ throw new TaskExecutionException(pendingReq, e.getMessage(), e);
+
+ } catch (final Exception e) {
+ throw new TaskExecutionException(pendingReq, e.getMessage(), e);
+
+ }
+ }
+
+ private void validateInternalState(AuthenticationSessionWrapper session) throws AuthenticationException {
+ //check if identityLink is available
+ if (session.getIdentityLink() == null ) {
+ Logger.error("No IdentityLink in session. There is an internal error in process definition");
+ throw new AuthenticationException("process.04", null);
+
+ }
+
+
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/DefaultAuth_with_ehvd_interaction.process.xml b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/DefaultAuth_with_ehvd_interaction.process.xml
new file mode 100644
index 000000000..2ff0d552f
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/DefaultAuth_with_ehvd_interaction.process.xml
@@ -0,0 +1,32 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<pd:ProcessDefinition id="DefaultAuthenticationWithEHVDInteraction" xmlns:pd="http://reference.e-government.gv.at/namespace/moa/process/definition/v1">
+
+ <!-- Tasks involved in this authentication flow -->
+ <pd:Task id="initializeBKUAuthentication" class="InitializeBKUAuthenticationTask" />
+ <pd:Task id="createIdentityLinkForm" class="CreateIdentityLinkFormTask" />
+ <pd:Task id="verifyIdentityLink" class="VerifyIdentityLinkTask" async="true" />
+ <pd:Task id="prepareAuthBlockSignature" class="PrepareAuthBlockSignatureTask" />
+ <pd:Task id="verifyAuthBlock" class="VerifyAuthenticationBlockTask" async="true" />
+
+ <pd:Task id="injectEhvdInformation" class="InjectEhvdInformationTask" />
+ <pd:Task id="userRestrictionTask" class="UserRestrictionTask" />
+
+ <pd:Task id="finalizeAuthentication" class="FinalizeAuthenticationTask" />
+
+
+ <!-- definition of the authentication flow -->
+ <pd:StartEvent id="start" />
+
+ <pd:Transition from="start" to="initializeBKUAuthentication" />
+ <pd:Transition from="initializeBKUAuthentication" to="createIdentityLinkForm" />
+ <pd:Transition from="createIdentityLinkForm" to="verifyIdentityLink" />
+ <pd:Transition from="verifyIdentityLink" to="prepareAuthBlockSignature" />
+ <pd:Transition from="prepareAuthBlockSignature" to="verifyAuthBlock" />
+ <pd:Transition from="verifyAuthBlock" to="userRestrictionTask" />
+ <pd:Transition from="userRestrictionTask" to="injectEhvdInformation" />
+ <pd:Transition from="injectEhvdInformation" to="finalizeAuthentication" />
+ <pd:Transition from="finalizeAuthentication" to="end" />
+
+ <pd:EndEvent id="end" />
+
+</pd:ProcessDefinition>
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider
new file mode 100644
index 000000000..6985f2b7d
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider
@@ -0,0 +1 @@
+at.gv.egovernment.moa.id.auth.modules.ehvd.EhvdServiceAuthSpringResourceProvider \ No newline at end of file
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder
new file mode 100644
index 000000000..4dd043048
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder
@@ -0,0 +1 @@
+at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.PvpRoleAttributeBuilder
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/moaid_ehvd_service_auth.beans.xml b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/moaid_ehvd_service_auth.beans.xml
new file mode 100644
index 000000000..4ef523ec8
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/moaid_ehvd_service_auth.beans.xml
@@ -0,0 +1,23 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xmlns:tx="http://www.springframework.org/schema/tx"
+ xmlns:aop="http://www.springframework.org/schema/aop"
+ xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+ http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+ <bean id="ehvdServiceAuthModule" class="at.gv.egovernment.moa.id.auth.modules.ehvd.EhvdServiceAuthModule">
+ <property name="priority" value="4" />
+ </bean>
+
+ <bean id="ehvdCommunicationService"
+ class="at.gv.egovernment.moa.id.auth.modules.ehvd.service.EhvdCommunicationService"/>
+
+ <bean id="InjectEhvdInformationTask"
+ class="at.gv.egovernment.moa.id.auth.modules.ehvd.task.InjectEhvdInformationTask"
+ scope="prototype"/>
+
+</beans> \ No newline at end of file
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/id_messages.properties b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/id_messages.properties
new file mode 100644
index 000000000..89fd19362
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/id_messages.properties
@@ -0,0 +1,2 @@
+ehvd.00=GDA Status inaktiv
+ehvd.99=Allgemeiner Fehler bei der Abfrage des EHVD Service
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/protocol_response_statuscodes.properties b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/protocol_response_statuscodes.properties
new file mode 100644
index 000000000..fca8fa8cd
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/protocol_response_statuscodes.properties
@@ -0,0 +1,2 @@
+test.01=aabbccdd
+test.02=zzzyyyxxx \ No newline at end of file
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/BeanCreationTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/BeanCreationTest.java
new file mode 100644
index 000000000..91bf67b2d
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/BeanCreationTest.java
@@ -0,0 +1,39 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test;
+
+import static org.junit.Assert.assertNotNull;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egovernment.moa.id.auth.modules.ehvd.EhvdServiceAuthModule;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+ "/test_ehvd_service_auth_lazy.beans.xml" })
+public class BeanCreationTest {
+
+ @Autowired
+ DummyAuthConfigMap config;
+ @Autowired
+ ApplicationContext context;
+
+ @Before
+ public void initialize() {
+ // re-set config
+ config.putConfigValue("modules.ehvd.enabled", String.valueOf(false));
+
+ }
+
+ @Test
+ public void authModuleDeactivated() {
+ assertNotNull("AuthModule", context.getBean(EhvdServiceAuthModule.class));
+
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthModuleTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthModuleTest.java
new file mode 100644
index 000000000..4a7c98803
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthModuleTest.java
@@ -0,0 +1,101 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.api.data.EAAFConfigConstants;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.EhvdServiceAuthModule;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap;
+import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+ "/test_ehvd_service_auth.beans.xml" })
+public class EhvdServiceAuthModuleTest {
+
+ @Autowired DummyAuthConfigMap config;
+ @Autowired EhvdServiceAuthModule module;
+
+ private ExecutionContext context;
+ private TestRequestImpl pendingReq;
+ private Map<String, String> spConfigMap;
+
+ @Before
+ public void initialize() {
+ context = new ExecutionContextImpl();
+
+ spConfigMap = new HashMap<>();
+ spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphanumeric(10));
+
+ ISPConfiguration spConfig = new DummySPConfiguration(spConfigMap, config);
+ pendingReq = new TestRequestImpl();
+ pendingReq.setSpConfig(spConfig);
+
+ // re-set config
+ config.putConfigValue("modules.ehvd.enabled", String.valueOf(true));
+
+ context.put(MOAIDAuthConstants.PROCESSCONTEXT_PERFORM_BKUSELECTION, String.valueOf(false));
+ context.put(MOAIDAuthConstants.PARAM_BKU, RandomStringUtils.randomAlphabetic(5));
+
+ }
+
+ @Test
+ public void checkProcessDefinition() {
+ String[] def = module.getProcessDefinitions();
+
+ assertNotNull("no process definition", def);
+ Arrays.asList(def).stream().forEach(
+ el -> EhvdServiceAuthModuleTest.class.getResourceAsStream(el));
+
+ }
+
+ @Test
+ public void bkuSelectionActiv() {
+ context.put(MOAIDAuthConstants.PROCESSCONTEXT_PERFORM_BKUSELECTION, String.valueOf(true));
+
+ assertNull("wrong authModule selected", module.selectProcess(context, pendingReq));
+
+ }
+
+ @Test
+ public void deactivated() {
+ config.putConfigValue("modules.ehvd.enabled", String.valueOf(false));
+
+ assertNull("wrong authModule selected", module.selectProcess(context, pendingReq));
+
+ }
+
+ @Test
+ public void unknownServiceProvider() {
+ assertNull("wrong authModule selected", module.selectProcess(context, pendingReq));
+
+ }
+
+ @Test
+ public void allowedServiceProviderAndRequested() {
+ spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, "yyasdfasfsa2323");
+
+ assertEquals("wrong authmethod identifier", "DefaultAuthenticationWithEHVDInteraction",
+ module.selectProcess(context, pendingReq));
+
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthSpringResourceProviderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthSpringResourceProviderTest.java
new file mode 100644
index 000000000..b584e8753
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthSpringResourceProviderTest.java
@@ -0,0 +1,56 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+import org.apache.commons.io.IOUtils;
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.BlockJUnit4ClassRunner;
+import org.springframework.core.io.Resource;
+
+import at.gv.egovernment.moa.id.auth.modules.ehvd.EhvdServiceAuthSpringResourceProvider;
+
+
+
+@RunWith(BlockJUnit4ClassRunner.class)
+public class EhvdServiceAuthSpringResourceProviderTest {
+
+ @Test
+ public void testSpringConfig() {
+ final EhvdServiceAuthSpringResourceProvider test =
+ new EhvdServiceAuthSpringResourceProvider();
+ for (final Resource el : test.getResourcesToLoad()) {
+ try {
+ IOUtils.toByteArray(el.getInputStream());
+
+ } catch (final IOException e) {
+ Assert.fail("Ressouce: " + el.getFilename() + " not found");
+ }
+
+ }
+
+ Assert.assertNotNull("no Name", test.getName());
+ Assert.assertNull("Find package definitions", test.getPackagesToScan());
+
+ }
+
+ @Test
+ public void testSpILoaderConfig() {
+ final InputStream el = this.getClass().getResourceAsStream(
+ "/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider");
+ try {
+ final String spiFile = IOUtils.toString(el, "UTF-8");
+
+ Assert.assertEquals("Wrong classpath in SPI file",
+ EhvdServiceAuthSpringResourceProvider.class.getName(), spiFile);
+
+
+ } catch (final IOException e) {
+ Assert.fail("Ressouce: '/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider' not found");
+
+ }
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/InjectEhvdIdentityInformationTaskTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/InjectEhvdIdentityInformationTaskTest.java
new file mode 100644
index 000000000..45f7a8fc4
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/InjectEhvdIdentityInformationTaskTest.java
@@ -0,0 +1,131 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.fail;
+
+import java.io.IOException;
+import java.security.PublicKey;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.xml.transform.TransformerException;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Before;
+import org.junit.Ignore;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.util.Assert;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+import org.w3c.dom.Element;
+
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.IRequestStorage;
+import at.gv.egiz.eaaf.core.api.data.EAAFConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFParserException;
+import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
+import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.task.InjectEhvdInformationTask;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.TestUtils;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+ "/test_ehvd_service_auth.beans.xml" })
+public class InjectEhvdIdentityInformationTaskTest {
+
+ @Autowired InjectEhvdInformationTask task;
+ @Autowired DummyAuthConfigMap config;
+ @Autowired IRequestStorage storage;
+
+ protected MockHttpServletRequest httpReq;
+ protected MockHttpServletResponse httpResp;
+ private ExecutionContext context;
+ private TestRequestImpl pendingReq;
+ private Map<String, String> spConfigMap;
+
+ @Before
+ public void initialize() throws EAAFParserException {
+ httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+ httpResp = new MockHttpServletResponse();
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+ context = new ExecutionContextImpl();
+
+ spConfigMap = new HashMap<>();
+ spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphanumeric(10));
+
+ ISPConfiguration spConfig = new DummySPConfiguration(spConfigMap, config);
+ pendingReq = new TestRequestImpl();
+ pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10));
+ pendingReq.setSpConfig(spConfig);
+
+ // re-set config
+ config.putConfigValue("modules.dummyauth.enabled", String.valueOf(true));
+
+ //inject identityLink
+ final AuthenticationSessionWrapper moaSession = pendingReq.getSessionData(
+ AuthenticationSessionWrapper.class);
+ moaSession.setIdentityLink(TestUtils.generateDummyIdl(
+ RandomStringUtils.randomAlphanumeric(10),
+ EAAFConstants.URN_PREFIX_BASEID));
+
+ }
+
+ @Test
+ public void noIdentityLinkInSession() {
+ final AuthenticationSessionWrapper moaSession = pendingReq.getSessionData(
+ AuthenticationSessionWrapper.class);
+ moaSession.setIdentityLink(null);
+
+ try {
+ task.execute(pendingReq, context);
+ fail("wrong state not detected");
+
+ } catch (TaskExecutionException e) {
+ Assert.isInstanceOf(AuthenticationException.class, e.getOriginalException(), "wrong execpetion");
+ assertEquals("wrong errorCode", "process.04", ((EAAFException) e.getOriginalException()).getErrorId());
+
+ }
+ }
+
+
+ @Test
+ public void validateState() throws TaskExecutionException, PendingReqIdValidationException {
+
+ task.execute(pendingReq, context);
+
+ // validate state
+ IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId());
+ assertNotNull("pendingReq not stored", storedReq);
+
+ final AuthenticationSessionWrapper moaSession = storedReq.getSessionData(
+ AuthenticationSessionWrapper.class);
+
+ assertFalse("foreign", moaSession.isForeigner());
+ assertFalse("mandate", moaSession.isMandateUsed());
+ assertEquals("missing attributes", 1, moaSession.getGenericSessionDataStorage().size());
+
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/PvpRoleAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/PvpRoleAttributeBuilderTest.java
new file mode 100644
index 000000000..df02c6f4e
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/PvpRoleAttributeBuilderTest.java
@@ -0,0 +1,124 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.BlockJUnit4ClassRunner;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData;
+import at.gv.egiz.eaaf.core.impl.idp.builder.SimpleStringAttributeGenerator;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.PvpRoleAttributeBuilder;
+import at.gv.egovernment.moa.id.data.AuthenticationRole;
+import at.gv.egovernment.moa.id.data.MOAAuthenticationData;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+ "/test_ehvd_service_auth.beans.xml" })
+public class PvpRoleAttributeBuilderTest {
+
+ @Autowired
+ private IConfiguration basicConfig;
+
+ private PvpRoleAttributeBuilder toTest = new PvpRoleAttributeBuilder();
+ private IAttributeGenerator<String> g = new SimpleStringAttributeGenerator();
+ private ISPConfiguration oaParam;
+
+
+ @Before
+ public void initialize() {
+ oaParam = new DummySPConfiguration(Collections.emptyMap(), basicConfig);
+
+ }
+
+ @Test
+ public void checkName() {
+ assertEquals("wrong attr. name", "urn:oid:1.2.40.0.10.2.1.1.261.30", toTest.getName());
+
+ }
+
+ @Test
+ public void checkEmptyAttribute() {
+ assertNull("wrong empty attr.", toTest.buildEmpty(g));
+
+ }
+
+ @Test
+ public void wrongAuthData() throws AttributeBuilderException {
+ IAuthData authData = new AuthenticationData();
+ assertNull("wrong attr. value", toTest.build(oaParam, authData, g));
+
+ }
+
+ public void noRoles() throws AttributeBuilderException {
+ IAuthData authData = generateAuthData(null);
+ assertNull("wrong attr. value", toTest.build(oaParam, authData, g));
+
+ }
+
+ @Test
+ public void emptyRoles() throws AttributeBuilderException {
+ IAuthData authData = generateAuthData(Collections.emptyList());
+ assertNull("wrong attr. value", toTest.build(oaParam, authData, g));
+
+ }
+
+ @Test
+ public void randomRoles() throws AttributeBuilderException {
+ String role1 = RandomStringUtils.randomAlphabetic(5);
+ String role2 = RandomStringUtils.randomAlphabetic(5);
+ String role3 = RandomStringUtils.randomAlphabetic(5);
+ String role4 = RandomStringUtils.randomAlphabetic(5);
+
+ IAuthData authData = generateAuthData(Arrays.asList(
+ new AuthenticationRole(role1, role1),
+ new AuthenticationRole(role2, role2),
+ new AuthenticationRole(role3, role3 + "()"),
+ new AuthenticationRole(role4, role4 + "(\"aaa\"=\"bbb\")")
+ ));
+
+ // perform test
+ String attrValue = toTest.build(oaParam, authData, g);
+
+ // validate state
+ assertNotNull("wrong attr. value", attrValue);
+
+ String[] el = attrValue.split(";");
+ assertEquals("wrong role count", 4, el.length);
+ assertEquals("wrong 1. role", role1, el[0]);
+ assertEquals("wrong 2. role", role2, el[1]);
+ assertEquals("wrong 3. role", role3 + "()", el[2]);
+ assertEquals("wrong 4. role", role4 + "(\"aaa\"=\"bbb\")", el[3]);
+
+
+ }
+
+ private IAuthData generateAuthData(List<AuthenticationRole> roles) {
+ MOAAuthenticationData authData = new MOAAuthenticationData(null);
+ if (roles != null) {
+ roles.forEach(el -> authData.addAuthenticationRole(el));
+
+ }
+
+ return authData;
+
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/DummyAuthConfigMap.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/DummyAuthConfigMap.java
new file mode 100644
index 000000000..865cf7157
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/DummyAuthConfigMap.java
@@ -0,0 +1,136 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.URI;
+import java.net.URL;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Properties;
+
+import org.apache.commons.lang3.StringUtils;
+
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
+import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
+
+/**
+ * Dummy Application-configuration implementation for jUnit tests.
+ *
+ * @author tlenz
+ *
+ */
+public class DummyAuthConfigMap implements IConfigurationWithSP {
+
+ private Map<String, String> config = new HashMap<>();
+
+ public DummyAuthConfigMap() {
+
+ }
+
+ /**
+ * Dummy Application-configuration.
+ *
+ * @param configIs Property based configuration
+ * @throws IOException In case of an configuration read error
+ */
+ public DummyAuthConfigMap(final InputStream configIs) throws IOException {
+
+ final Properties props = new Properties();
+ props.load(configIs);
+
+ config = KeyValueUtils.convertPropertiesToMap(props);
+
+ }
+
+ /**
+ * Dummy Application-configuration.
+ *
+ * @param path Path to property based configuration
+ * @throws IOException In case of an configuration read error
+ */
+ public DummyAuthConfigMap(final String path) throws IOException {
+
+ final Properties props = new Properties();
+ props.load(this.getClass().getResourceAsStream(path));
+
+ config = KeyValueUtils.convertPropertiesToMap(props);
+
+ }
+
+
+ @Override
+ public String getBasicConfiguration(final String key) {
+ return config.get(key);
+
+ }
+
+ @Override
+ public String getBasicConfiguration(final String key, final String defaultValue) {
+ final String value = getBasicConfiguration(key);
+ if (StringUtils.isEmpty(value)) {
+ return defaultValue;
+ } else {
+ return value;
+ }
+
+ }
+
+ @Override
+ public Boolean getBasicConfigurationBoolean(final String key) {
+ final String value = getBasicConfiguration(key);
+ if (StringUtils.isEmpty(value)) {
+ return false;
+ } else {
+ return Boolean.valueOf(value);
+ }
+ }
+
+ @Override
+ public boolean getBasicConfigurationBoolean(final String key, final boolean defaultValue) {
+ return Boolean.parseBoolean(getBasicConfiguration(key, String.valueOf(defaultValue)));
+
+ }
+
+ @Override
+ public Map<String, String> getBasicConfigurationWithPrefix(final String prefix) {
+ return KeyValueUtils.getSubSetWithPrefix(config, prefix);
+
+ }
+
+ @Override
+ public ISPConfiguration getServiceProviderConfiguration(final String uniqueID)
+ throws EAAFConfigurationException {
+ return null;
+ }
+
+ @Override
+ public <T> T getServiceProviderConfiguration(final String spIdentifier, final Class<T> decorator)
+ throws EAAFConfigurationException {
+ return null;
+ }
+
+ @Override
+ public URI getConfigurationRootDirectory() {
+ return new java.io.File(".").toURI();
+
+ }
+
+ @Override
+ public String validateIDPURL(final URL authReqUrl) throws EAAFException {
+ return null;
+ }
+
+ public void putConfigValue(final String key, final String value) {
+ config.put(key, value);
+ }
+
+ public void removeConfigValue(final String key) {
+ config.remove(key);
+
+ }
+
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/TestUtils.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/TestUtils.java
new file mode 100644
index 000000000..9ab52a27e
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/TestUtils.java
@@ -0,0 +1,150 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy;
+
+import java.io.IOException;
+import java.security.PublicKey;
+
+import javax.xml.transform.TransformerException;
+
+import org.w3c.dom.Element;
+
+import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
+
+public class TestUtils {
+
+ public static IIdentityLink generateDummyIdl(String baseId, String baseIdType) {
+ return new IIdentityLink() {
+
+ @Override
+ public void setSamlAssertion(Element samlAssertion) throws TransformerException, IOException {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void setPublicKey(PublicKey[] publicKey) {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void setPrPerson(Element prPerson) {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void setIssueInstant(String issueInstant) {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void setIdentificationValue(String identificationValue) {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void setIdentificationType(String identificationType) {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void setGivenName(String givenName) {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void setFamilyName(String familyName) {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void setDsigReferenceTransforms(Element[] dsigReferenceTransforms) {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void setDateOfBirth(String dateOfBirth) {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public String getSerializedSamlAssertion() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Element getSamlAssertion() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public PublicKey[] getPublicKey() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Element getPrPerson() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getName() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getIssueInstant() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getIdentificationValue() {
+ return baseId;
+
+ }
+
+ @Override
+ public String getIdentificationType() {
+ return baseIdType;
+
+ }
+
+ @Override
+ public String getGivenName() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getFamilyName() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Element[] getDsigReferenceTransforms() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getDateOfBirth() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+ };
+ }
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AttributeBuilderRegistrationTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AttributeBuilderRegistrationTest.java
new file mode 100644
index 000000000..5ff8ffba7
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AttributeBuilderRegistrationTest.java
@@ -0,0 +1,41 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.utils;
+
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+
+import java.util.List;
+
+import org.junit.Assert;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.BlockJUnit4ClassRunner;
+import org.opensaml.saml2.core.Attribute;
+import org.opensaml.xml.ConfigurationException;
+
+import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions;
+import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PVPAttributeBuilder;
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EAAFDefaultSAML2Bootstrap;
+
+@RunWith(BlockJUnit4ClassRunner.class)
+public class AttributeBuilderRegistrationTest {
+
+ @BeforeClass
+ public static void classInitializer() throws ConfigurationException {
+ EAAFDefaultSAML2Bootstrap.bootstrap();
+
+ }
+
+ @Test
+ public void checkRegistratedAttributeBuilder() {
+
+ List<Attribute> supportedAttributes = PVPAttributeBuilder.buildSupportedEmptyAttributes();
+
+ assertFalse("Registered Attribute-Builder is empty", supportedAttributes.isEmpty());
+ assertTrue("No role attribute registrated", supportedAttributes.stream()
+ .filter(el -> PVPAttributeDefinitions.ROLES_NAME.equals(el.getName()))
+ .findFirst()
+ .isPresent());
+
+ }
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AuthenticationRoleFactoryTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AuthenticationRoleFactoryTest.java
new file mode 100644
index 000000000..6d39b926e
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AuthenticationRoleFactoryTest.java
@@ -0,0 +1,65 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.utils;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.BlockJUnit4ClassRunner;
+
+import at.gv.egovernment.moa.id.data.AuthenticationRole;
+import at.gv.egovernment.moa.id.data.AuthenticationRoleFactory;
+
+@RunWith(BlockJUnit4ClassRunner.class)
+public class AuthenticationRoleFactoryTest {
+
+ @Test
+ public void simpleRole() {
+ String role = RandomStringUtils.randomAlphabetic(5);
+
+ AuthenticationRole toCheck = AuthenticationRoleFactory.buildFormPVPole(role);
+
+ assertEquals("wrong role name", role, toCheck.getRoleName());
+ assertEquals("wrong raw role", role, toCheck.getRawRoleString());
+ assertNull("wrong role attr", toCheck.getParams());
+
+ }
+
+ @Test
+ public void complexeRoleEmptyParams() {
+ String role = RandomStringUtils.randomAlphabetic(5);
+ String fullRole = role + "()";
+
+ AuthenticationRole toCheck = AuthenticationRoleFactory.buildFormPVPole(fullRole);
+
+ assertEquals("wrong role name", role, toCheck.getRoleName());
+ assertEquals("wrong raw role", fullRole, toCheck.getRawRoleString());
+ assertNull("wrong role attr", toCheck.getParams());
+
+ }
+
+ @Test
+ public void complexeRoleWithParams() {
+ String p1 = RandomStringUtils.randomAlphabetic(5);
+ String v1 = RandomStringUtils.randomAlphabetic(5);
+ String p2 = RandomStringUtils.randomAlphabetic(5);
+ String v2 = RandomStringUtils.randomAlphabetic(5);
+
+ String role = RandomStringUtils.randomAlphabetic(5);
+ String fullRole = role + "(\""
+ + p1 + "\"=\"" + v1 + "\","
+ + p2 + "\"=\"" + v2 + "\""
+ +")";
+
+ AuthenticationRole toCheck = AuthenticationRoleFactory.buildFormPVPole(fullRole);
+
+ assertEquals("wrong role name", role, toCheck.getRoleName());
+ assertEquals("wrong raw role", fullRole, toCheck.getRawRoleString());
+ assertNotNull("wrong role attr", toCheck.getParams());
+ assertEquals("wrong param size", 2, toCheck.getParams().size());
+
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/MoaStatusMessagerTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/MoaStatusMessagerTest.java
new file mode 100644
index 000000000..399980dbf
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/MoaStatusMessagerTest.java
@@ -0,0 +1,55 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.utils;
+
+import static org.junit.Assert.assertEquals;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.api.IStatusMessenger;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({"/test_ehvd_service_messager_auth.beans.xml"})
+public class MoaStatusMessagerTest {
+
+ @Autowired IStatusMessenger messager;
+
+
+ @Test
+ public void checkErrorCodeMapper() {
+ assertEquals("default errorcode", "9199",
+ messager.getResponseErrorCode(new NullPointerException()));
+
+
+ assertEquals("new errorCode file", "aabbccdd",
+ messager.mapInternalErrorToExternalError("test.01"));
+ assertEquals("new errorCode file", "zzzyyyxxx",
+ messager.mapInternalErrorToExternalError("test.02"));
+
+ assertEquals("existing errorCode file", "4401",
+ messager.mapInternalErrorToExternalError("auth.34"));
+ assertEquals("existing errorCode file", "1101",
+ messager.mapInternalErrorToExternalError("parser.07"));
+
+ }
+
+ @Test
+ public void checkErrorMessages() {
+ assertEquals("new error msg",
+ "GDA Status inaktiv", messager.getMessage("ehvd.00", null));
+ assertEquals("new error msg",
+ "Allgemeiner Fehler bei der Abfrage des EHVD Service", messager.getMessage("ehvd.99", null));
+
+
+ assertEquals("existing error msg",
+ "Zertifikat konnte nicht ausgelesen werden.", messager.getMessage("auth.14", null));
+ assertEquals("existing error msg",
+ "\"Issuer\" im AUTH-Block nicht vorhanden.", messager.getMessage("validator.32", null));
+
+ }
+
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config1.properties b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config1.properties
new file mode 100644
index 000000000..bc71dc6ab
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config1.properties
@@ -0,0 +1,5 @@
+modules.ehvd.enabled=true
+modules.ehvd.sp.1=aaabbccddeeffgg
+modules.ehvd.sp.2=yyasdfasfsa2323
+modules.ehvd.sp.3=
+modules.ehvd.sp.4=435344534egewgegf
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config2.properties b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config2.properties
new file mode 100644
index 000000000..4e666c204
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config2.properties
@@ -0,0 +1,4 @@
+modules.ehvd.enabled=false
+modules.ehvd.sp.1=aaabbccddeeffgg
+modules.ehvd.sp.2=yyasdfasfsa2323
+modules.ehvd.sp.3=435344534egewgegf
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth.beans.xml b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth.beans.xml
new file mode 100644
index 000000000..b499ad395
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth.beans.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xmlns:tx="http://www.springframework.org/schema/tx"
+ xmlns:aop="http://www.springframework.org/schema/aop"
+ xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+ http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+ <import resource="classpath:/SpringTest-context_authManager.xml" />
+ <import resource="classpath:/moaid_ehvd_service_auth.beans.xml" />
+
+ <bean id="dummyConfig" class="at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap">
+ <constructor-arg name="path" value="/config/config1.properties" />
+ </bean>
+
+</beans> \ No newline at end of file
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth_lazy.beans.xml b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth_lazy.beans.xml
new file mode 100644
index 000000000..7116034b7
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth_lazy.beans.xml
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xmlns:tx="http://www.springframework.org/schema/tx"
+ xmlns:aop="http://www.springframework.org/schema/aop"
+ xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+ http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+ <import resource="classpath:/SpringTest-context_authManager.xml" />
+
+ <bean id="dummyConfig" class="at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap">
+ <constructor-arg name="path" value="/config/config2.properties" />
+ </bean>
+
+ <beans default-lazy-init="true">
+ <bean id="ehvdServiceAuthModule" class="at.gv.egovernment.moa.id.auth.modules.ehvd.EhvdServiceAuthModule">
+ <property name="priority" value="4" />
+ </bean>
+
+ </beans>
+</beans> \ No newline at end of file
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_messager_auth.beans.xml b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_messager_auth.beans.xml
new file mode 100644
index 000000000..5d8e03fb5
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_messager_auth.beans.xml
@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xmlns:tx="http://www.springframework.org/schema/tx"
+ xmlns:aop="http://www.springframework.org/schema/aop"
+ xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+ http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+ <bean id="testMsgProvider"
+ class="at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider"/>
+
+</beans> \ No newline at end of file
diff --git a/id/server/modules/pom.xml b/id/server/modules/pom.xml
index c762cf51c..a5cf8bfa0 100644
--- a/id/server/modules/pom.xml
+++ b/id/server/modules/pom.xml
@@ -38,6 +38,7 @@
<module>moa-id-module-AT_eIDAS_connector</module>
<module>moa-id-module-E-ID_connector</module>
<module>moa-id-module-dummyAuth</module>
+ <module>moa-id-module-ehvd_integration</module>
</modules>