diff options
22 files changed, 2038 insertions, 929 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/AuthnRequestValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/AuthnRequestValidator.java index 19f865325..5ed237948 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/AuthnRequestValidator.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/AuthnRequestValidator.java @@ -13,7 +13,7 @@ import org.springframework.stereotype.Service; import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.exceptions.AuthnRequestValidatorException; -import at.gv.egiz.eaaf.modules.pvp2.api.validation.IAuthnRequestValidator; +import at.gv.egiz.eaaf.modules.pvp2.api.validation.IAuthnRequestPostProcessor; import at.gv.egiz.eaaf.modules.pvp2.exception.NameIDFormatNotSupportedException; import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.MandateAttributesNotHandleAbleException; @@ -26,9 +26,9 @@ import at.gv.egovernment.moa.logging.Logger; * */ @Service("MOAAuthnRequestValidator") -public class AuthnRequestValidator implements IAuthnRequestValidator { +public class AuthnRequestValidator implements IAuthnRequestPostProcessor { - public void validate(HttpServletRequest httpReq, IRequest pendingReq, AuthnRequest authnReq, SPSSODescriptor spSSODescriptor) throws AuthnRequestValidatorException{ + public void process(HttpServletRequest httpReq, IRequest pendingReq, AuthnRequest authnReq, SPSSODescriptor spSSODescriptor) throws AuthnRequestValidatorException{ //validate NameIDPolicy NameIDPolicy nameIDPolicy = authnReq.getNameIDPolicy(); diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml index 748b6a247..2ba496dd7 100644 --- a/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml +++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml @@ -58,5 +58,23 @@ <artifactId>junit</artifactId> <scope>test</scope> </dependency> + <dependency> + <groupId>at.gv.egiz.eaaf</groupId> + <artifactId>eaaf_core_utils</artifactId> + <scope>test</scope> + <type>test-jar</type> + </dependency> + <dependency> + <groupId>at.gv.egiz.eaaf</groupId> + <artifactId>eaaf-core</artifactId> + <scope>test</scope> + <type>test-jar</type> + </dependency> + <dependency> + <groupId>org.hamcrest</groupId> + <artifactId>hamcrest-library</artifactId> + <version>1.3</version> + <scope>test</scope> + </dependency> </dependencies> </project> diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/EidasCentralAuthConstants.java b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/EidasCentralAuthConstants.java index 19950a078..96c78abb4 100644 --- a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/EidasCentralAuthConstants.java +++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/EidasCentralAuthConstants.java @@ -27,6 +27,7 @@ import java.util.Collections; import java.util.List; import at.gv.egiz.eaaf.core.api.data.EAAFConstants; +import at.gv.egiz.eaaf.core.impl.data.Pair; import at.gv.egiz.eaaf.core.impl.data.Trible; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; @@ -60,6 +61,8 @@ public class EidasCentralAuthConstants { public static final String CONFIG_PROPS_NODE_METADATAURL = CONFIG_PROPS_PREFIX + "node.metadataUrl"; public static final String CONFIG_PROPS_NODE_TRUSTPROFILEID = CONFIG_PROPS_PREFIX + "node.trustprofileID"; + public static final String CONFIG_PROPS_SEMPER_MANDATES_ACTIVE = CONFIG_PROPS_PREFIX + "semper.mandates.active"; + public static final String CONFIG_PROPS_SEMPER_MANDATES_MS_PROXY_LIST = CONFIG_PROPS_PREFIX + "semper.msproxy.list"; public static final String CONFIG_DEFAULT_LOA_EIDAS_LEVEL = EAAFConstants.EIDAS_LOA_HIGH; public static final List<Trible<String, String, Boolean>> DEFAULT_REQUIRED_PVP_ATTRIBUTES = @@ -81,6 +84,22 @@ public class EidasCentralAuthConstants { } }); + public static final List<Pair<String, Boolean>> DEFAULT_SEMPER_MANDATE_PVP_ATTRIBUTES = + Collections.unmodifiableList(new ArrayList<Pair<String, Boolean>>() { + private static final long serialVersionUID = 1L; + { + //request entity information + add(Pair.newInstance(PVPConstants.MANDATE_TYPE_NAME, false)); + add(Pair.newInstance(PVPConstants.MANDATE_TYPE_OID_NAME, false)); + + add(Pair.newInstance(PVPConstants.MANDATE_LEG_PER_SOURCE_PIN_NAME, false)); + add(Pair.newInstance(PVPConstants.MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME, false)); + add(Pair.newInstance(PVPConstants.MANDATE_LEG_PER_FULL_NAME_NAME, false)); + + + } + }); + public static final List<String> DEFAULT_REQUIRED_PVP_ATTRIBUTE_NAMES = Collections.unmodifiableList(new ArrayList<String>() { private static final long serialVersionUID = 1L; diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/config/EidasCentralAuthMetadataConfiguration.java b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/config/EidasCentralAuthMetadataConfiguration.java index aad1244f1..2bb384c74 100644 --- a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/config/EidasCentralAuthMetadataConfiguration.java +++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/config/EidasCentralAuthMetadataConfiguration.java @@ -334,7 +334,7 @@ public class EidasCentralAuthMetadataConfiguration implements IPVPMetadataBuilde * @param additionalAttr List of PVP attribute name and isRequired flag */ public void setAdditionalRequiredAttributes(List<Pair<String, Boolean>> additionalAttr) { - if (additionalAttr != null) { + if (additionalAttr != null && !additionalAttr.isEmpty()) { additionalAttributes = new ArrayList<RequestedAttribute>(); for (Pair<String, Boolean> el : additionalAttr) { Attribute attributBuilder = PVPAttributeBuilder.buildEmptyAttribute(el.getFirst()); diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/controller/EidasCentralAuthMetadataController.java b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/controller/EidasCentralAuthMetadataController.java index a6a7084f5..a0c1fa30b 100644 --- a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/controller/EidasCentralAuthMetadataController.java +++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/controller/EidasCentralAuthMetadataController.java @@ -109,9 +109,17 @@ public class EidasCentralAuthMetadataController extends AbstractController { } private List<Pair<String, Boolean>> getAdditonalRequiredAttributes() { - Map<String, String> addReqAttributes = authConfig.getBasicConfigurationWithPrefix(EidasCentralAuthConstants.CONFIG_PROPS_REQUIRED_PVP_ATTRIBUTES_LIST); - if (addReqAttributes != null) { - List<Pair<String, Boolean>> result = new ArrayList<Pair<String, Boolean>>(); + List<Pair<String, Boolean>> result = new ArrayList<Pair<String, Boolean>>(); + + //load SEMPER attributes if required + if (authConfig.getBasicConfigurationBoolean(EidasCentralAuthConstants.CONFIG_PROPS_SEMPER_MANDATES_ACTIVE, false)) { + result.addAll(EidasCentralAuthConstants.DEFAULT_SEMPER_MANDATE_PVP_ATTRIBUTES); + + } + + //load attributes from configuration + Map<String, String> addReqAttributes = authConfig.getBasicConfigurationWithPrefix(EidasCentralAuthConstants.CONFIG_PROPS_REQUIRED_PVP_ATTRIBUTES_LIST); + if (addReqAttributes != null) { for (String el : addReqAttributes.values()) { if (MiscUtil.isNotEmpty(el)) { Logger.trace("Parse additional attr. definition: " + el); @@ -123,12 +131,12 @@ public class EidasCentralAuthMetadataController extends AbstractController { Logger.info("IGNORE additional attr. definition: " + el + " Reason: Format not valid"); } - } - - return result; + } } - return null; + return result; + + } } diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/semper/AuthnRequestSemperProcessor.java b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/semper/AuthnRequestSemperProcessor.java new file mode 100644 index 000000000..222ba812c --- /dev/null +++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/semper/AuthnRequestSemperProcessor.java @@ -0,0 +1,151 @@ +package at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.semper; + +import java.util.List; +import java.util.Map; + +import javax.servlet.http.HttpServletRequest; + +import org.apache.commons.lang3.StringUtils; +import org.opensaml.saml2.core.AuthnRequest; +import org.opensaml.saml2.metadata.SPSSODescriptor; +import org.opensaml.xml.XMLObject; +import org.springframework.beans.factory.annotation.Autowired; + +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.data.EAAFConstants; +import at.gv.egiz.eaaf.core.api.data.ExtendedPVPAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.exceptions.AuthnRequestValidatorException; +import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; +import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EAAFRequestedAttribute; +import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EAAFRequestedAttributes; +import at.gv.egiz.eaaf.modules.pvp2.api.validation.IAuthnRequestPostProcessor; +import at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.EidasCentralAuthConstants; +import at.gv.egovernment.moa.id.commons.MOAIDConstants; +import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; +import at.gv.egovernment.moa.logging.Logger; + +public class AuthnRequestSemperProcessor implements IAuthnRequestPostProcessor { + + @Autowired IConfiguration authConfig; + + @Override + public void process(HttpServletRequest httpReq, IRequest pendingReq, AuthnRequest authReq, + SPSSODescriptor spSsoDescriptor) throws AuthnRequestValidatorException { + if (authConfig.getBasicConfigurationBoolean( + EidasCentralAuthConstants.CONFIG_PROPS_SEMPER_MANDATES_ACTIVE, false) + && isSpAllowed(authReq)) { + + Logger.debug("SEMPER mode detected. Starting SP-Info extraction from requested attributes ..."); + extractRequestedAttributeInformation(authReq, pendingReq); + + } else { + Logger.trace("Skip: " + AuthnRequestSemperProcessor.class.getSimpleName() + " because is's not active or not allowed"); + + } + + } + + private boolean isSpAllowed(AuthnRequest authReq) { + String csvOfAllowedProxies = authConfig.getBasicConfiguration(EidasCentralAuthConstants.CONFIG_PROPS_SEMPER_MANDATES_MS_PROXY_LIST); + List<String> allowedProxies = KeyValueUtils.getListOfCSVValues(csvOfAllowedProxies); + Logger.trace("Validate SP-EntityId: " + authReq.getIssuer().getValue() + + " with allowed MS-Proxies: [" + StringUtils.join(allowedProxies, ", ") + "]"); + return allowedProxies.contains(authReq.getIssuer().getValue()); + + } + + + private void extractRequestedAttributeInformation(AuthnRequest authnReq, IRequest pendingReq) throws AuthnRequestValidatorException { + // validate and process requested attributes + boolean hasValidBpkTarget = false; + if (authnReq.getExtensions() != null) { + final List<XMLObject> requestedAttributes = authnReq.getExtensions().getUnknownXMLObjects(); + for (final XMLObject reqAttrObj : requestedAttributes) { + if (reqAttrObj instanceof EAAFRequestedAttributes) { + final EAAFRequestedAttributes reqAttr = (EAAFRequestedAttributes) reqAttrObj; + if (reqAttr.getAttributes() != null && reqAttr.getAttributes().size() != 0) { + for (final EAAFRequestedAttribute el : reqAttr.getAttributes()) { + Logger.trace("Processing req. attribute '" + el.getName() + "' ... "); + if (el.getName().equals(PVPAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_NAME)) { + hasValidBpkTarget = extractBpkTarget(el, pendingReq); + + } else if (el.getName().equals(ExtendedPVPAttributeDefinitions.SP_USESMANDATES_NAME )) { + extractMandateProfiles(el, pendingReq); + + } else { + Logger.debug("Ignore req. attribute: " + el.getName()); + } + + } + + } else { + Logger.debug("No requested Attributes in Authn. Request"); + } + + } else { + Logger.info("Ignore unknown requested attribute: " + reqAttrObj.getElementQName().toString()); + } + + } + } + + if (!hasValidBpkTarget) { + Logger.info("Authn.Req validation FAILED. Reason: Contains NO or NO VALID target-sector information."); + throw new AuthnRequestValidatorException("pvp2.22", new Object[] { + "NO or NO VALID target-sector information" }); + + } + + } + + private void extractMandateProfiles(EAAFRequestedAttribute el, IRequest pendingReq) { + if (el.getAttributeValues() != null && el.getAttributeValues().size() == 1) { + final String profiles = el.getAttributeValues().get(0).getDOM().getTextContent(); + Map<String, String> configProps = pendingReq.getServiceProviderConfiguration().getFullConfiguration(); + Logger.debug("Set MandateProfiles to: " + profiles); + configProps.put( + MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_OVS_USE, + String.valueOf(true)); + configProps.put( + MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_OVS_PROFILES, + profiles); + + } else { + Logger.info("Req. attribute '" + el.getName() + + "' contains NO or MORE THEN ONE attribute-values. Ignore full req. attribute"); + } + + } + + + private boolean extractBpkTarget(final EAAFRequestedAttribute el, IRequest pendingReq) { + if (el.getAttributeValues() != null && el.getAttributeValues().size() == 1) { + final String sectorId = el.getAttributeValues().get(0).getDOM().getTextContent(); + Map<String, String> configProps = pendingReq.getServiceProviderConfiguration().getFullConfiguration(); + if (sectorId.startsWith(EAAFConstants.URN_PREFIX_EIDAS)) { + Logger.debug("Set eIDAS target to: " + sectorId); + configProps.put( + MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE, + MOAIDConstants.IDENIFICATIONTYPE_EIDAS); + configProps.put(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_VALUE, + sectorId.substring(EAAFConstants.URN_PREFIX_EIDAS.length())); + return true; + + } else { + Logger.info("Requested sector: " + sectorId + " DOES NOT match to allowed sectors for SP: " + + pendingReq.getServiceProviderConfiguration().getUniqueIdentifier()); + + } + + } else { + Logger.info("Req. attribute '" + el.getName() + + "' contains NO or MORE THEN ONE attribute-values. Ignore full req. attribute"); + } + + return false; + + } + +} diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/tasks/ReceiveAuthnResponseTask.java b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/tasks/ReceiveAuthnResponseTask.java index f3eaff11a..7f44c4deb 100644 --- a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/tasks/ReceiveAuthnResponseTask.java +++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/tasks/ReceiveAuthnResponseTask.java @@ -23,6 +23,7 @@ package at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.tasks; import java.io.IOException; +import java.util.Arrays; import java.util.Set; import javax.servlet.http.HttpServletRequest; @@ -64,6 +65,7 @@ import at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.utils.EidasCentral import at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.utils.Utils; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; +import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.id.protocols.pvp2x.verification.SAMLVerificationEngineSP; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; @@ -194,7 +196,7 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask { throw new AssertionValidationExeption("sp.pvp2.06", new Object[]{EidasCentralAuthConstants.MODULE_NAME_FOR_LOGGING}); } - + //copy attributes into MOASession AuthenticationSessionWrapper session = pendingReq.getSessionData(AuthenticationSessionWrapper.class); Set<String> includedAttrNames = extractor.getAllIncludeAttributeNames(); @@ -207,12 +209,32 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask { //set foreigner flag session.setForeigner(true); + + //set CCE URL if (extractor.getFullAssertion().getIssuer() != null && StringUtils.isNotEmpty(extractor.getFullAssertion().getIssuer().getValue())) session.setBkuURL(extractor.getFullAssertion().getIssuer().getValue()); else session.setBkuURL("eIDAS_Authentication"); + if (authConfig.getBasicConfigurationBoolean(EidasCentralAuthConstants.CONFIG_PROPS_SEMPER_MANDATES_ACTIVE, false)) { + if (extractor.containsAttribute(PVPConstants.MANDATE_TYPE_NAME)) { + Logger.trace("Check attributes in SEMPER eIDAS mode."); + if (!extractor.containsAllRequiredAttributes(Arrays.asList( + PVPConstants.MANDATE_LEG_PER_SOURCE_PIN_NAME, + PVPConstants.MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME, + PVPConstants.MANDATE_LEG_PER_FULL_NAME_NAME))) { + Logger.warn("PVP Response from 'ms-specific eIDAS node' contains not all required attributes for eIDAS SEMPER process."); + throw new AssertionValidationExeption("sp.pvp2.06", new Object[]{EidasCentralAuthConstants.MODULE_NAME_FOR_LOGGING}); + + } + + Logger.info("SEMPER mode is active and mandates are found. Activing mandates for eIDAS login ... "); + session.setUseMandates(true); + + } + } + } catch (AssertionValidationExeption e) { throw new BuildException("builder.06", null, e); diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/resources/moaid_eIDAS_central_node_auth.beans.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/resources/moaid_eIDAS_central_node_auth.beans.xml index f57d4a94b..baf7e84b5 100644 --- a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/resources/moaid_eIDAS_central_node_auth.beans.xml +++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/resources/moaid_eIDAS_central_node_auth.beans.xml @@ -31,6 +31,10 @@ <bean id="pvpAuthnRequestBuilder" class="at.gv.egiz.eaaf.modules.pvp2.sp.impl.PVPAuthnRequestBuilder" /> + <bean id="semperAuthnRequestPostProcessor" + class="at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.semper.AuthnRequestSemperProcessor" /> + + <!-- Federated Authentication Process Tasks --> <bean id="CreateEidasCentrialAuthnRequestTask" class="at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.tasks.CreateAuthnRequestTask" diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/semper/AuthnRequestSemperProcessorTest.java b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/semper/AuthnRequestSemperProcessorTest.java new file mode 100644 index 000000000..9b0ebf88c --- /dev/null +++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/semper/AuthnRequestSemperProcessorTest.java @@ -0,0 +1,348 @@ +package at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.semper; + +import static org.hamcrest.collection.IsIterableContainingInOrder.contains; +import static org.junit.Assert.assertThat; + +import java.io.IOException; +import java.util.HashMap; +import java.util.Map; + +import javax.xml.parsers.ParserConfigurationException; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Assert; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.opensaml.saml2.core.AuthnRequest; +import org.opensaml.xml.ConfigurationException; +import org.opensaml.xml.io.Unmarshaller; +import org.opensaml.xml.io.UnmarshallerFactory; +import org.opensaml.xml.io.UnmarshallingException; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.mock.web.MockHttpServletRequest; +import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.test.annotation.DirtiesContext; +import org.springframework.test.annotation.DirtiesContext.ClassMode; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; +import org.w3c.dom.Element; +import org.xml.sax.SAXException; + +import at.gv.egiz.eaaf.core.api.data.EAAFConfigConstants; +import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration; +import at.gv.egiz.eaaf.core.exceptions.AuthnRequestValidatorException; +import at.gv.egiz.eaaf.core.impl.idp.conf.SPConfigurationImpl; +import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; +import at.gv.egiz.eaaf.core.impl.utils.DOMUtils; +import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EAAFDefaultSAML2Bootstrap; +import at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.EidasCentralAuthConstants; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameterDecorator; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/SpringTest-context_basic_test.xml" }) +@DirtiesContext(classMode = ClassMode.BEFORE_CLASS) +public class AuthnRequestSemperProcessorTest { + + @Autowired DummyAuthConfigMap configMap; + @Autowired AuthnRequestSemperProcessor processor; + + private MockHttpServletRequest httpReq; + private MockHttpServletResponse httpResp; + private TestRequestImpl pendingReq; + + /** + * jUnit class initializer. + * @throws ConfigurationException In case of an OpenSAML error + * + */ + @BeforeClass + public static void classInitializer() throws ConfigurationException { + EAAFDefaultSAML2Bootstrap.bootstrap(); + + } + + /** + * jUnit test set-up. + * + */ + @Before + public void initialize() { + configMap.putConfigValue(EidasCentralAuthConstants.CONFIG_PROPS_SEMPER_MANDATES_ACTIVE, "true"); + configMap.putConfigValue(EidasCentralAuthConstants.CONFIG_PROPS_SEMPER_MANDATES_MS_PROXY_LIST, + RandomStringUtils.randomAlphabetic(15) + ",https://demo.egiz.gv.at/ms_connector/sp/metadata"); + + httpReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector"); + httpResp = new MockHttpServletResponse(); + RequestContextHolder.resetRequestAttributes(); + RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); + + Map<String, String> spConfig = new HashMap<>(); + spConfig.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, + "https://demo.egiz.gv.at/ms_connector/sp/metadata"); + + pendingReq = new TestRequestImpl(); + pendingReq.setAuthURL("https://localhost/ms_connector"); + pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10)); + pendingReq.setSpConfig(new OAAuthParameterDecorator(new SPConfigurationImpl(spConfig, configMap))); + + } + + @Test + public void semperModeNotSet() throws ParserConfigurationException, SAXException, IOException, UnmarshallingException, AuthnRequestValidatorException { + configMap.removeConfigValue(EidasCentralAuthConstants.CONFIG_PROPS_SEMPER_MANDATES_ACTIVE); + + AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_1.xml"); + + processor.process(httpReq, pendingReq, authReq , null); + + ISPConfiguration spConfig = pendingReq.getServiceProviderConfiguration(); + Assert.assertNotNull("SP config is null", spConfig); + org.springframework.util.Assert.isInstanceOf(OAAuthParameterDecorator.class, + spConfig, "SP config is NOT of type MOA-ID SP Config"); + + Assert.assertNull("SP target is null", spConfig.getAreaSpecificTargetIdentifier()); + Assert.assertFalse("UseMandates flag", ((OAAuthParameterDecorator)spConfig).isShowMandateCheckBox()); + Assert.assertNull("Mandate profiles", ((OAAuthParameterDecorator)spConfig).getMandateProfiles()); + + } + + @Test + public void semperModeInactive() throws ParserConfigurationException, SAXException, IOException, UnmarshallingException, AuthnRequestValidatorException { + configMap.putConfigValue(EidasCentralAuthConstants.CONFIG_PROPS_SEMPER_MANDATES_ACTIVE, "false"); + + AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_1.xml"); + + processor.process(httpReq, pendingReq, authReq , null); + + ISPConfiguration spConfig = pendingReq.getServiceProviderConfiguration(); + Assert.assertNotNull("SP config is null", spConfig); + org.springframework.util.Assert.isInstanceOf(OAAuthParameterDecorator.class, + spConfig, "SP config is NOT of type MOA-ID SP Config"); + + Assert.assertNull("SP target is null", spConfig.getAreaSpecificTargetIdentifier()); + Assert.assertFalse("UseMandates flag", ((OAAuthParameterDecorator)spConfig).isShowMandateCheckBox()); + Assert.assertNull("Mandate profiles", ((OAAuthParameterDecorator)spConfig).getMandateProfiles()); + + } + + @Test + public void allowedSPsNotSet() throws ParserConfigurationException, SAXException, IOException, UnmarshallingException, AuthnRequestValidatorException { + configMap.removeConfigValue(EidasCentralAuthConstants.CONFIG_PROPS_SEMPER_MANDATES_MS_PROXY_LIST); + + AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_1.xml"); + + processor.process(httpReq, pendingReq, authReq , null); + + ISPConfiguration spConfig = pendingReq.getServiceProviderConfiguration(); + Assert.assertNotNull("SP config is null", spConfig); + org.springframework.util.Assert.isInstanceOf(OAAuthParameterDecorator.class, + spConfig, "SP config is NOT of type MOA-ID SP Config"); + + Assert.assertNull("SP target is null", spConfig.getAreaSpecificTargetIdentifier()); + Assert.assertFalse("UseMandates flag", ((OAAuthParameterDecorator)spConfig).isShowMandateCheckBox()); + Assert.assertNull("Mandate profiles", ((OAAuthParameterDecorator)spConfig).getMandateProfiles()); + + } + + @Test + public void nonValidSpEntityId() throws ParserConfigurationException, SAXException, IOException, UnmarshallingException, AuthnRequestValidatorException { + + + pendingReq.getServiceProviderConfiguration().getFullConfiguration().put( + EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, + "https://apps.egiz.gv.at/ms_connector/sp/metadata"); + AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_2.xml"); + + processor.process(httpReq, pendingReq, authReq , null); + + ISPConfiguration spConfig = pendingReq.getServiceProviderConfiguration(); + Assert.assertNotNull("SP config is null", spConfig); + org.springframework.util.Assert.isInstanceOf(OAAuthParameterDecorator.class, + spConfig, "SP config is NOT of type MOA-ID SP Config"); + + Assert.assertNull("SP target is null", spConfig.getAreaSpecificTargetIdentifier()); + Assert.assertFalse("UseMandates flag", ((OAAuthParameterDecorator)spConfig).isShowMandateCheckBox()); + Assert.assertNull("Mandate profiles", ((OAAuthParameterDecorator)spConfig).getMandateProfiles()); + + } + + @Test + public void bPKTargetIsMissing_1() throws ParserConfigurationException, SAXException, IOException, UnmarshallingException { + + AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_3.xml"); + + try { + processor.process(httpReq, pendingReq, authReq , null); + Assert.fail("No bPK target not detected"); + + } catch (AuthnRequestValidatorException e) { + Assert.assertEquals("ErrorMessage", "pvp2.22", e.getErrorId()); + + } + } + + @Test + public void bPKTargetIsMissing_2() throws ParserConfigurationException, SAXException, IOException, UnmarshallingException { + + AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_4.xml"); + + try { + processor.process(httpReq, pendingReq, authReq , null); + Assert.fail("No bPK target not detected"); + + } catch (AuthnRequestValidatorException e) { + Assert.assertEquals("ErrorMessage", "pvp2.22", e.getErrorId()); + + } + } + + @Test + public void bPKTargetIsMissing_3() throws ParserConfigurationException, SAXException, IOException, UnmarshallingException { + + AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_5.xml"); + + try { + processor.process(httpReq, pendingReq, authReq , null); + Assert.fail("No bPK target not detected"); + + } catch (AuthnRequestValidatorException e) { + Assert.assertEquals("ErrorMessage", "pvp2.22", e.getErrorId()); + + } + } + + @Test + public void noRequestedAttributes() throws ParserConfigurationException, SAXException, IOException, UnmarshallingException { + + AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_9.xml"); + + try { + processor.process(httpReq, pendingReq, authReq , null); + Assert.fail("No bPK target not detected"); + + } catch (AuthnRequestValidatorException e) { + Assert.assertEquals("ErrorMessage", "pvp2.22", e.getErrorId()); + + } + } + + @Test + public void noSAML2ExtentsionElement() throws ParserConfigurationException, SAXException, IOException, UnmarshallingException { + + AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_10.xml"); + + try { + processor.process(httpReq, pendingReq, authReq , null); + Assert.fail("No bPK target not detected"); + + } catch (AuthnRequestValidatorException e) { + Assert.assertEquals("ErrorMessage", "pvp2.22", e.getErrorId()); + + } + } + + @Test + public void validSpEntityIdNoMandateProfiles() throws ParserConfigurationException, SAXException, IOException, UnmarshallingException, AuthnRequestValidatorException { + + AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_6.xml"); + + processor.process(httpReq, pendingReq, authReq , null); + + ISPConfiguration spConfig = pendingReq.getServiceProviderConfiguration(); + Assert.assertNotNull("SP config is null", spConfig); + org.springframework.util.Assert.isInstanceOf(OAAuthParameterDecorator.class, + spConfig, "SP config is NOT of type MOA-ID SP Config"); + + Assert.assertNotNull("SP target is null", spConfig.getAreaSpecificTargetIdentifier()); + Assert.assertEquals("SP target not match", "urn:publicid:gv.at:eidasid+AT+EE", spConfig.getAreaSpecificTargetIdentifier()); + + + Assert.assertFalse("UseMandates flag", ((OAAuthParameterDecorator)spConfig).isShowMandateCheckBox()); + Assert.assertNull("Mandate profiles", ((OAAuthParameterDecorator)spConfig).getMandateProfiles()); + + } + + @Test + public void validSpEntityIdNotValidMandateProfiles_1() throws ParserConfigurationException, SAXException, IOException, UnmarshallingException, AuthnRequestValidatorException { + + AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_7.xml"); + + processor.process(httpReq, pendingReq, authReq , null); + + ISPConfiguration spConfig = pendingReq.getServiceProviderConfiguration(); + Assert.assertNotNull("SP config is null", spConfig); + org.springframework.util.Assert.isInstanceOf(OAAuthParameterDecorator.class, + spConfig, "SP config is NOT of type MOA-ID SP Config"); + + Assert.assertNotNull("SP target is null", spConfig.getAreaSpecificTargetIdentifier()); + Assert.assertEquals("SP target not match", "urn:publicid:gv.at:eidasid+AT+EE", spConfig.getAreaSpecificTargetIdentifier()); + + + Assert.assertFalse("UseMandates flag", ((OAAuthParameterDecorator)spConfig).isShowMandateCheckBox()); + Assert.assertNull("Mandate profiles", ((OAAuthParameterDecorator)spConfig).getMandateProfiles()); + + } + + @Test + public void validSpEntityIdNotValidMandateProfiles_2() throws ParserConfigurationException, SAXException, IOException, UnmarshallingException, AuthnRequestValidatorException { + + AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_8.xml"); + + processor.process(httpReq, pendingReq, authReq , null); + + ISPConfiguration spConfig = pendingReq.getServiceProviderConfiguration(); + Assert.assertNotNull("SP config is null", spConfig); + org.springframework.util.Assert.isInstanceOf(OAAuthParameterDecorator.class, + spConfig, "SP config is NOT of type MOA-ID SP Config"); + + Assert.assertNotNull("SP target is null", spConfig.getAreaSpecificTargetIdentifier()); + Assert.assertEquals("SP target not match", "urn:publicid:gv.at:eidasid+AT+EE", spConfig.getAreaSpecificTargetIdentifier()); + + + Assert.assertFalse("UseMandates flag", ((OAAuthParameterDecorator)spConfig).isShowMandateCheckBox()); + Assert.assertNull("Mandate profiles", ((OAAuthParameterDecorator)spConfig).getMandateProfiles()); + + } + + @Test + public void validSpEntityIdWithMandateProfiles() throws ParserConfigurationException, SAXException, IOException, UnmarshallingException, AuthnRequestValidatorException { + + AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_1.xml"); + + processor.process(httpReq, pendingReq, authReq , null); + + ISPConfiguration spConfig = pendingReq.getServiceProviderConfiguration(); + Assert.assertNotNull("SP config is null", spConfig); + org.springframework.util.Assert.isInstanceOf(OAAuthParameterDecorator.class, + spConfig, "SP config is NOT of type MOA-ID SP Config"); + + Assert.assertNotNull("SP target is null", spConfig.getAreaSpecificTargetIdentifier()); + Assert.assertEquals("SP target not match", "urn:publicid:gv.at:eidasid+AT+EE", spConfig.getAreaSpecificTargetIdentifier()); + + + Assert.assertTrue("UseMandates flag", ((OAAuthParameterDecorator)spConfig).isShowMandateCheckBox()); + + Assert.assertNotNull("Mandate profiles are null", ((OAAuthParameterDecorator)spConfig).getMandateProfiles()); + Assert.assertEquals("Number of mandate profiles not match", 3, ((OAAuthParameterDecorator)spConfig).getMandateProfiles().size()); + assertThat("Mandate profiles not match", ((OAAuthParameterDecorator)spConfig).getMandateProfiles(), + contains("Einzelvertretungsbefugnis", "1.2.40.0.10.1.7.3.1.1", "ERsB")); + + } + + private AuthnRequest getAuthRequest(String resource) throws + ParserConfigurationException, SAXException, IOException, UnmarshallingException { + final Element authBlockDom = + DOMUtils.parseXmlValidating(AuthnRequestSemperProcessor.class.getResourceAsStream(resource)); + + final UnmarshallerFactory unmarshallerFactory = + org.opensaml.xml.Configuration.getUnmarshallerFactory(); + final Unmarshaller unmarshaller = unmarshallerFactory.getUnmarshaller(authBlockDom); + return (AuthnRequest) unmarshaller.unmarshall(authBlockDom); + +} +} diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/semper/DummyAuthConfigMap.java b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/semper/DummyAuthConfigMap.java new file mode 100644 index 000000000..1cc51f2e0 --- /dev/null +++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/semper/DummyAuthConfigMap.java @@ -0,0 +1,136 @@ +package at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.semper; + +import java.io.IOException; +import java.io.InputStream; +import java.net.URI; +import java.net.URL; +import java.util.HashMap; +import java.util.Map; +import java.util.Properties; + +import org.apache.commons.lang3.StringUtils; + +import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; +import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration; +import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException; +import at.gv.egiz.eaaf.core.exceptions.EAAFException; +import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; + +/** + * Dummy Application-configuration implementation for jUnit tests. + * + * @author tlenz + * + */ +public class DummyAuthConfigMap implements IConfigurationWithSP { + + private Map<String, String> config = new HashMap<>(); + + public DummyAuthConfigMap() { + + } + + /** + * Dummy Application-configuration. + * + * @param configIs Property based configuration + * @throws IOException In case of an configuration read error + */ + public DummyAuthConfigMap(final InputStream configIs) throws IOException { + + final Properties props = new Properties(); + props.load(configIs); + + config = KeyValueUtils.convertPropertiesToMap(props); + + } + + /** + * Dummy Application-configuration. + * + * @param path Path to property based configuration + * @throws IOException In case of an configuration read error + */ + public DummyAuthConfigMap(final String path) throws IOException { + + final Properties props = new Properties(); + props.load(this.getClass().getResourceAsStream(path)); + + config = KeyValueUtils.convertPropertiesToMap(props); + + } + + + @Override + public String getBasicConfiguration(final String key) { + return config.get(key); + + } + + @Override + public String getBasicConfiguration(final String key, final String defaultValue) { + final String value = getBasicConfiguration(key); + if (StringUtils.isEmpty(value)) { + return defaultValue; + } else { + return value; + } + + } + + @Override + public Boolean getBasicConfigurationBoolean(final String key) { + final String value = getBasicConfiguration(key); + if (StringUtils.isEmpty(value)) { + return false; + } else { + return Boolean.valueOf(value); + } + } + + @Override + public boolean getBasicConfigurationBoolean(final String key, final boolean defaultValue) { + return Boolean.parseBoolean(getBasicConfiguration(key, String.valueOf(defaultValue))); + + } + + @Override + public Map<String, String> getBasicConfigurationWithPrefix(final String prefix) { + return KeyValueUtils.getSubSetWithPrefix(config, prefix); + + } + + @Override + public ISPConfiguration getServiceProviderConfiguration(final String uniqueID) + throws EAAFConfigurationException { + return null; + } + + @Override + public <T> T getServiceProviderConfiguration(final String spIdentifier, final Class<T> decorator) + throws EAAFConfigurationException { + return null; + } + + @Override + public URI getConfigurationRootDirectory() { + return new java.io.File(".").toURI(); + + } + + @Override + public String validateIDPURL(final URL authReqUrl) throws EAAFException { + return null; + } + + public void putConfigValue(final String key, final String value) { + config.put(key, value); + } + + public void removeConfigValue(final String key) { + config.remove(key); + + } + + +} diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/SpringTest-context_basic_test.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/SpringTest-context_basic_test.xml new file mode 100644 index 000000000..18900c27d --- /dev/null +++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/SpringTest-context_basic_test.xml @@ -0,0 +1,20 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:tx="http://www.springframework.org/schema/tx" + xmlns:aop="http://www.springframework.org/schema/aop" + xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + + <context:annotation-config /> + + <bean id="semperAuthnRequestPostProcessor" + class="at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.semper.AuthnRequestSemperProcessor" /> + + <bean id="dummyConfig" + class="at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.semper.DummyAuthConfigMap" /> + +</beans>
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_1.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_1.xml new file mode 100644 index 000000000..f6c6b26ee --- /dev/null +++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_1.xml @@ -0,0 +1,43 @@ +<?xml version="1.0" encoding="UTF-8"?> +<saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsumerServiceIndex="0" Destination="https://vidp.gv.at/ms_connector/pvp/post" ID="_5f6e9aff8ff6fa4b84e888bf99400f95" IsPassive="false" IssueInstant="2019-12-13T06:42:21.185Z" ProviderName="OpenID Connect Demo" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema"> + <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/ms_connector/sp/metadata</saml2:Issuer> + <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> + <ds:SignedInfo> + <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> + <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> + <ds:Reference URI="#_5f6e9aff8ff6fa4b84e888bf99400f95"> + <ds:Transforms> + <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> + <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> + <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/> + </ds:Transform> + </ds:Transforms> + <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> + <ds:DigestValue>mOljEGj9lBXPvJbT3biANFlsYGLrKtcaoHTNDmjRuko=</ds:DigestValue> + </ds:Reference> + </ds:SignedInfo> + <ds:SignatureValue>ARMTDwMGYMJteX/wjLqtONtFoHWc34gd6KKkgxnWe17xrUns1gHo/wDnKhvyG6kNtUZgfrebbdNA5Z4XZC+wiGkeZggKXaPdxAKco9amauuwSwoK8C556bQFA0F7yEjhypZGZxCoEMhS+hDKN+r/Pgh5QxkTgYi5DJXK6tIYgewt41k1YOAtrhr/RbyqvlFLvdZig2Sr8eotsCfATmics6NXeHGJV2ajaFITmNZd09exAoe4oi0zk2DUOUc2611bPW+4wrAb4F0iB4sPGxngfKArdMeJ8Ybh4nnA0WncwwJ2WMVu4CF87cWQKU1VIIPTisJjSN5pFXnm6wMQQUZu1A==</ds:SignatureValue> + <ds:KeyInfo> + <ds:X509Data> + <ds:X509Certificate>MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt 1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc 2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy 4jpXrp77JXFRSDWddb0yePc=</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </ds:Signature> + <saml2p:Extensions> + <eid:RequestedAttributes xmlns:eid="http://eid.gv.at/eID/attributes/saml-extensions"> + <eid:RequestedAttribute FriendlyName="EID-SECTOR-FOR-IDENTIFIER" Name="urn:oid:1.2.40.0.10.2.1.1.261.34" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"> + <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">urn:publicid:gv.at:eidasid+AT+EE</eid:AttributeValue> + </eid:RequestedAttribute> + <eid:RequestedAttribute FriendlyName="ServiceProvider-MandateProfiles" Name="urn:eidgvat:attributes.ServiceProviderMandateProfiles" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"> + <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">Einzelvertretungsbefugnis,1.2.40.0.10.1.7.3.1.1,ERsB</eid:AttributeValue> + </eid:RequestedAttribute> + </eid:RequestedAttributes> + </saml2p:Extensions> + <saml2p:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"/> + <saml2p:RequestedAuthnContext Comparison="minimum"> + <saml2:AuthnContextClassRef xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">http://eidas.europa.eu/LoA/low</saml2:AuthnContextClassRef> + </saml2p:RequestedAuthnContext> + <saml2p:Scoping> + <saml2p:RequesterID>https://demo.egiz.gv.at/demoportal-openID_demo</saml2p:RequesterID> + </saml2p:Scoping> +</saml2p:AuthnRequest>
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_10.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_10.xml new file mode 100644 index 000000000..1d52986fc --- /dev/null +++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_10.xml @@ -0,0 +1,33 @@ +<?xml version="1.0" encoding="UTF-8"?> +<saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsumerServiceIndex="0" Destination="https://vidp.gv.at/ms_connector/pvp/post" ID="_5f6e9aff8ff6fa4b84e888bf99400f95" IsPassive="false" IssueInstant="2019-12-13T06:42:21.185Z" ProviderName="OpenID Connect Demo" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema"> + <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/ms_connector/sp/metadata</saml2:Issuer> + <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> + <ds:SignedInfo> + <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> + <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> + <ds:Reference URI="#_5f6e9aff8ff6fa4b84e888bf99400f95"> + <ds:Transforms> + <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> + <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> + <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/> + </ds:Transform> + </ds:Transforms> + <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> + <ds:DigestValue>mOljEGj9lBXPvJbT3biANFlsYGLrKtcaoHTNDmjRuko=</ds:DigestValue> + </ds:Reference> + </ds:SignedInfo> + <ds:SignatureValue>ARMTDwMGYMJteX/wjLqtONtFoHWc34gd6KKkgxnWe17xrUns1gHo/wDnKhvyG6kNtUZgfrebbdNA5Z4XZC+wiGkeZggKXaPdxAKco9amauuwSwoK8C556bQFA0F7yEjhypZGZxCoEMhS+hDKN+r/Pgh5QxkTgYi5DJXK6tIYgewt41k1YOAtrhr/RbyqvlFLvdZig2Sr8eotsCfATmics6NXeHGJV2ajaFITmNZd09exAoe4oi0zk2DUOUc2611bPW+4wrAb4F0iB4sPGxngfKArdMeJ8Ybh4nnA0WncwwJ2WMVu4CF87cWQKU1VIIPTisJjSN5pFXnm6wMQQUZu1A==</ds:SignatureValue> + <ds:KeyInfo> + <ds:X509Data> + <ds:X509Certificate>MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt 1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc 2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy 4jpXrp77JXFRSDWddb0yePc=</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </ds:Signature> + <saml2p:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"/> + <saml2p:RequestedAuthnContext Comparison="minimum"> + <saml2:AuthnContextClassRef xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">http://eidas.europa.eu/LoA/low</saml2:AuthnContextClassRef> + </saml2p:RequestedAuthnContext> + <saml2p:Scoping> + <saml2p:RequesterID>https://demo.egiz.gv.at/demoportal-openID_demo</saml2p:RequesterID> + </saml2p:Scoping> +</saml2p:AuthnRequest>
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_2.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_2.xml new file mode 100644 index 000000000..c5b634539 --- /dev/null +++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_2.xml @@ -0,0 +1,43 @@ +<?xml version="1.0" encoding="UTF-8"?> +<saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsumerServiceIndex="0" Destination="https://vidp.gv.at/ms_connector/pvp/post" ID="_5f6e9aff8ff6fa4b84e888bf99400f95" IsPassive="false" IssueInstant="2019-12-13T06:42:21.185Z" ProviderName="OpenID Connect Demo" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema"> + <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://apps.egiz.gv.at/ms_connector/sp/metadata</saml2:Issuer> + <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> + <ds:SignedInfo> + <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> + <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> + <ds:Reference URI="#_5f6e9aff8ff6fa4b84e888bf99400f95"> + <ds:Transforms> + <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> + <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> + <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/> + </ds:Transform> + </ds:Transforms> + <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> + <ds:DigestValue>mOljEGj9lBXPvJbT3biANFlsYGLrKtcaoHTNDmjRuko=</ds:DigestValue> + </ds:Reference> + </ds:SignedInfo> + <ds:SignatureValue>ARMTDwMGYMJteX/wjLqtONtFoHWc34gd6KKkgxnWe17xrUns1gHo/wDnKhvyG6kNtUZgfrebbdNA5Z4XZC+wiGkeZggKXaPdxAKco9amauuwSwoK8C556bQFA0F7yEjhypZGZxCoEMhS+hDKN+r/Pgh5QxkTgYi5DJXK6tIYgewt41k1YOAtrhr/RbyqvlFLvdZig2Sr8eotsCfATmics6NXeHGJV2ajaFITmNZd09exAoe4oi0zk2DUOUc2611bPW+4wrAb4F0iB4sPGxngfKArdMeJ8Ybh4nnA0WncwwJ2WMVu4CF87cWQKU1VIIPTisJjSN5pFXnm6wMQQUZu1A==</ds:SignatureValue> + <ds:KeyInfo> + <ds:X509Data> + <ds:X509Certificate>MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt 1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc 2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy 4jpXrp77JXFRSDWddb0yePc=</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </ds:Signature> + <saml2p:Extensions> + <eid:RequestedAttributes xmlns:eid="http://eid.gv.at/eID/attributes/saml-extensions"> + <eid:RequestedAttribute FriendlyName="EID-SECTOR-FOR-IDENTIFIER" Name="urn:oid:1.2.40.0.10.2.1.1.261.34" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"> + <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">urn:publicid:gv.at:eidasid+AT+EE</eid:AttributeValue> + </eid:RequestedAttribute> + <eid:RequestedAttribute FriendlyName="ServiceProvider-MandateProfiles" Name="urn:eidgvat:attributes.ServiceProviderMandateProfiles" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"> + <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">Einzelvertretungsbefugnis,1.2.40.0.10.1.7.3.1.1,ERsB</eid:AttributeValue> + </eid:RequestedAttribute> + </eid:RequestedAttributes> + </saml2p:Extensions> + <saml2p:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"/> + <saml2p:RequestedAuthnContext Comparison="minimum"> + <saml2:AuthnContextClassRef xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">http://eidas.europa.eu/LoA/low</saml2:AuthnContextClassRef> + </saml2p:RequestedAuthnContext> + <saml2p:Scoping> + <saml2p:RequesterID>https://demo.egiz.gv.at/demoportal-openID_demo</saml2p:RequesterID> + </saml2p:Scoping> +</saml2p:AuthnRequest>
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_3.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_3.xml new file mode 100644 index 000000000..d79caa0fe --- /dev/null +++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_3.xml @@ -0,0 +1,40 @@ +<?xml version="1.0" encoding="UTF-8"?> +<saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsumerServiceIndex="0" Destination="https://vidp.gv.at/ms_connector/pvp/post" ID="_5f6e9aff8ff6fa4b84e888bf99400f95" IsPassive="false" IssueInstant="2019-12-13T06:42:21.185Z" ProviderName="OpenID Connect Demo" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema"> + <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/ms_connector/sp/metadata</saml2:Issuer> + <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> + <ds:SignedInfo> + <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> + <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> + <ds:Reference URI="#_5f6e9aff8ff6fa4b84e888bf99400f95"> + <ds:Transforms> + <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> + <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> + <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/> + </ds:Transform> + </ds:Transforms> + <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> + <ds:DigestValue>mOljEGj9lBXPvJbT3biANFlsYGLrKtcaoHTNDmjRuko=</ds:DigestValue> + </ds:Reference> + </ds:SignedInfo> + <ds:SignatureValue>ARMTDwMGYMJteX/wjLqtONtFoHWc34gd6KKkgxnWe17xrUns1gHo/wDnKhvyG6kNtUZgfrebbdNA5Z4XZC+wiGkeZggKXaPdxAKco9amauuwSwoK8C556bQFA0F7yEjhypZGZxCoEMhS+hDKN+r/Pgh5QxkTgYi5DJXK6tIYgewt41k1YOAtrhr/RbyqvlFLvdZig2Sr8eotsCfATmics6NXeHGJV2ajaFITmNZd09exAoe4oi0zk2DUOUc2611bPW+4wrAb4F0iB4sPGxngfKArdMeJ8Ybh4nnA0WncwwJ2WMVu4CF87cWQKU1VIIPTisJjSN5pFXnm6wMQQUZu1A==</ds:SignatureValue> + <ds:KeyInfo> + <ds:X509Data> + <ds:X509Certificate>MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt 1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc 2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy 4jpXrp77JXFRSDWddb0yePc=</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </ds:Signature> + <saml2p:Extensions> + <eid:RequestedAttributes xmlns:eid="http://eid.gv.at/eID/attributes/saml-extensions"> + <eid:RequestedAttribute FriendlyName="ServiceProvider-MandateProfiles" Name="urn:eidgvat:attributes.ServiceProviderMandateProfiles" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"> + <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">Einzelvertretungsbefugnis,1.2.40.0.10.1.7.3.1.1,ERsB</eid:AttributeValue> + </eid:RequestedAttribute> + </eid:RequestedAttributes> + </saml2p:Extensions> + <saml2p:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"/> + <saml2p:RequestedAuthnContext Comparison="minimum"> + <saml2:AuthnContextClassRef xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">http://eidas.europa.eu/LoA/low</saml2:AuthnContextClassRef> + </saml2p:RequestedAuthnContext> + <saml2p:Scoping> + <saml2p:RequesterID>https://demo.egiz.gv.at/demoportal-openID_demo</saml2p:RequesterID> + </saml2p:Scoping> +</saml2p:AuthnRequest>
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_4.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_4.xml new file mode 100644 index 000000000..c04a97a7f --- /dev/null +++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_4.xml @@ -0,0 +1,43 @@ +<?xml version="1.0" encoding="UTF-8"?> +<saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsumerServiceIndex="0" Destination="https://vidp.gv.at/ms_connector/pvp/post" ID="_5f6e9aff8ff6fa4b84e888bf99400f95" IsPassive="false" IssueInstant="2019-12-13T06:42:21.185Z" ProviderName="OpenID Connect Demo" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema"> + <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/ms_connector/sp/metadata</saml2:Issuer> + <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> + <ds:SignedInfo> + <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> + <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> + <ds:Reference URI="#_5f6e9aff8ff6fa4b84e888bf99400f95"> + <ds:Transforms> + <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> + <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> + <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/> + </ds:Transform> + </ds:Transforms> + <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> + <ds:DigestValue>mOljEGj9lBXPvJbT3biANFlsYGLrKtcaoHTNDmjRuko=</ds:DigestValue> + </ds:Reference> + </ds:SignedInfo> + <ds:SignatureValue>ARMTDwMGYMJteX/wjLqtONtFoHWc34gd6KKkgxnWe17xrUns1gHo/wDnKhvyG6kNtUZgfrebbdNA5Z4XZC+wiGkeZggKXaPdxAKco9amauuwSwoK8C556bQFA0F7yEjhypZGZxCoEMhS+hDKN+r/Pgh5QxkTgYi5DJXK6tIYgewt41k1YOAtrhr/RbyqvlFLvdZig2Sr8eotsCfATmics6NXeHGJV2ajaFITmNZd09exAoe4oi0zk2DUOUc2611bPW+4wrAb4F0iB4sPGxngfKArdMeJ8Ybh4nnA0WncwwJ2WMVu4CF87cWQKU1VIIPTisJjSN5pFXnm6wMQQUZu1A==</ds:SignatureValue> + <ds:KeyInfo> + <ds:X509Data> + <ds:X509Certificate>MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt 1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc 2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy 4jpXrp77JXFRSDWddb0yePc=</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </ds:Signature> + <saml2p:Extensions> + <eid:RequestedAttributes xmlns:eid="http://eid.gv.at/eID/attributes/saml-extensions"> + <eid:RequestedAttribute FriendlyName="EID-SECTOR-FOR-IDENTIFIER" Name="urn:oid:1.2.40.0.10.2.1.1.261.34" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"> + <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string"></eid:AttributeValue> + </eid:RequestedAttribute> + <eid:RequestedAttribute FriendlyName="ServiceProvider-MandateProfiles" Name="urn:eidgvat:attributes.ServiceProviderMandateProfiles" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"> + <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">Einzelvertretungsbefugnis,1.2.40.0.10.1.7.3.1.1,ERsB</eid:AttributeValue> + </eid:RequestedAttribute> + </eid:RequestedAttributes> + </saml2p:Extensions> + <saml2p:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"/> + <saml2p:RequestedAuthnContext Comparison="minimum"> + <saml2:AuthnContextClassRef xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">http://eidas.europa.eu/LoA/low</saml2:AuthnContextClassRef> + </saml2p:RequestedAuthnContext> + <saml2p:Scoping> + <saml2p:RequesterID>https://demo.egiz.gv.at/demoportal-openID_demo</saml2p:RequesterID> + </saml2p:Scoping> +</saml2p:AuthnRequest>
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_5.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_5.xml new file mode 100644 index 000000000..339514323 --- /dev/null +++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_5.xml @@ -0,0 +1,44 @@ +<?xml version="1.0" encoding="UTF-8"?> +<saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsumerServiceIndex="0" Destination="https://vidp.gv.at/ms_connector/pvp/post" ID="_5f6e9aff8ff6fa4b84e888bf99400f95" IsPassive="false" IssueInstant="2019-12-13T06:42:21.185Z" ProviderName="OpenID Connect Demo" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema"> + <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/ms_connector/sp/metadata</saml2:Issuer> + <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> + <ds:SignedInfo> + <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> + <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> + <ds:Reference URI="#_5f6e9aff8ff6fa4b84e888bf99400f95"> + <ds:Transforms> + <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> + <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> + <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/> + </ds:Transform> + </ds:Transforms> + <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> + <ds:DigestValue>mOljEGj9lBXPvJbT3biANFlsYGLrKtcaoHTNDmjRuko=</ds:DigestValue> + </ds:Reference> + </ds:SignedInfo> + <ds:SignatureValue>ARMTDwMGYMJteX/wjLqtONtFoHWc34gd6KKkgxnWe17xrUns1gHo/wDnKhvyG6kNtUZgfrebbdNA5Z4XZC+wiGkeZggKXaPdxAKco9amauuwSwoK8C556bQFA0F7yEjhypZGZxCoEMhS+hDKN+r/Pgh5QxkTgYi5DJXK6tIYgewt41k1YOAtrhr/RbyqvlFLvdZig2Sr8eotsCfATmics6NXeHGJV2ajaFITmNZd09exAoe4oi0zk2DUOUc2611bPW+4wrAb4F0iB4sPGxngfKArdMeJ8Ybh4nnA0WncwwJ2WMVu4CF87cWQKU1VIIPTisJjSN5pFXnm6wMQQUZu1A==</ds:SignatureValue> + <ds:KeyInfo> + <ds:X509Data> + <ds:X509Certificate>MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt 1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc 2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy 4jpXrp77JXFRSDWddb0yePc=</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </ds:Signature> + <saml2p:Extensions> + <eid:RequestedAttributes xmlns:eid="http://eid.gv.at/eID/attributes/saml-extensions"> + <eid:RequestedAttribute FriendlyName="EID-SECTOR-FOR-IDENTIFIER" Name="urn:oid:1.2.40.0.10.2.1.1.261.34" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"> + <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">urn:publicid:gv.at:eidasid+AT+EE</eid:AttributeValue> + <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">urn:publicid:gv.at:eidasid+AT+XX</eid:AttributeValue> + </eid:RequestedAttribute> + <eid:RequestedAttribute FriendlyName="ServiceProvider-MandateProfiles" Name="urn:eidgvat:attributes.ServiceProviderMandateProfiles" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"> + <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">Einzelvertretungsbefugnis,1.2.40.0.10.1.7.3.1.1,ERsB</eid:AttributeValue> + </eid:RequestedAttribute> + </eid:RequestedAttributes> + </saml2p:Extensions> + <saml2p:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"/> + <saml2p:RequestedAuthnContext Comparison="minimum"> + <saml2:AuthnContextClassRef xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">http://eidas.europa.eu/LoA/low</saml2:AuthnContextClassRef> + </saml2p:RequestedAuthnContext> + <saml2p:Scoping> + <saml2p:RequesterID>https://demo.egiz.gv.at/demoportal-openID_demo</saml2p:RequesterID> + </saml2p:Scoping> +</saml2p:AuthnRequest>
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_6.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_6.xml new file mode 100644 index 000000000..8a046363c --- /dev/null +++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_6.xml @@ -0,0 +1,40 @@ +<?xml version="1.0" encoding="UTF-8"?> +<saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsumerServiceIndex="0" Destination="https://vidp.gv.at/ms_connector/pvp/post" ID="_5f6e9aff8ff6fa4b84e888bf99400f95" IsPassive="false" IssueInstant="2019-12-13T06:42:21.185Z" ProviderName="OpenID Connect Demo" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema"> + <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/ms_connector/sp/metadata</saml2:Issuer> + <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> + <ds:SignedInfo> + <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> + <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> + <ds:Reference URI="#_5f6e9aff8ff6fa4b84e888bf99400f95"> + <ds:Transforms> + <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> + <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> + <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/> + </ds:Transform> + </ds:Transforms> + <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> + <ds:DigestValue>mOljEGj9lBXPvJbT3biANFlsYGLrKtcaoHTNDmjRuko=</ds:DigestValue> + </ds:Reference> + </ds:SignedInfo> + <ds:SignatureValue>ARMTDwMGYMJteX/wjLqtONtFoHWc34gd6KKkgxnWe17xrUns1gHo/wDnKhvyG6kNtUZgfrebbdNA5Z4XZC+wiGkeZggKXaPdxAKco9amauuwSwoK8C556bQFA0F7yEjhypZGZxCoEMhS+hDKN+r/Pgh5QxkTgYi5DJXK6tIYgewt41k1YOAtrhr/RbyqvlFLvdZig2Sr8eotsCfATmics6NXeHGJV2ajaFITmNZd09exAoe4oi0zk2DUOUc2611bPW+4wrAb4F0iB4sPGxngfKArdMeJ8Ybh4nnA0WncwwJ2WMVu4CF87cWQKU1VIIPTisJjSN5pFXnm6wMQQUZu1A==</ds:SignatureValue> + <ds:KeyInfo> + <ds:X509Data> + <ds:X509Certificate>MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt 1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc 2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy 4jpXrp77JXFRSDWddb0yePc=</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </ds:Signature> + <saml2p:Extensions> + <eid:RequestedAttributes xmlns:eid="http://eid.gv.at/eID/attributes/saml-extensions"> + <eid:RequestedAttribute FriendlyName="EID-SECTOR-FOR-IDENTIFIER" Name="urn:oid:1.2.40.0.10.2.1.1.261.34" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"> + <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">urn:publicid:gv.at:eidasid+AT+EE</eid:AttributeValue> + </eid:RequestedAttribute> + </eid:RequestedAttributes> + </saml2p:Extensions> + <saml2p:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"/> + <saml2p:RequestedAuthnContext Comparison="minimum"> + <saml2:AuthnContextClassRef xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">http://eidas.europa.eu/LoA/low</saml2:AuthnContextClassRef> + </saml2p:RequestedAuthnContext> + <saml2p:Scoping> + <saml2p:RequesterID>https://demo.egiz.gv.at/demoportal-openID_demo</saml2p:RequesterID> + </saml2p:Scoping> +</saml2p:AuthnRequest>
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_7.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_7.xml new file mode 100644 index 000000000..502619e94 --- /dev/null +++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_7.xml @@ -0,0 +1,44 @@ +<?xml version="1.0" encoding="UTF-8"?> +<saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsumerServiceIndex="0" Destination="https://vidp.gv.at/ms_connector/pvp/post" ID="_5f6e9aff8ff6fa4b84e888bf99400f95" IsPassive="false" IssueInstant="2019-12-13T06:42:21.185Z" ProviderName="OpenID Connect Demo" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema"> + <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/ms_connector/sp/metadata</saml2:Issuer> + <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> + <ds:SignedInfo> + <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> + <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> + <ds:Reference URI="#_5f6e9aff8ff6fa4b84e888bf99400f95"> + <ds:Transforms> + <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> + <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> + <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/> + </ds:Transform> + </ds:Transforms> + <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> + <ds:DigestValue>mOljEGj9lBXPvJbT3biANFlsYGLrKtcaoHTNDmjRuko=</ds:DigestValue> + </ds:Reference> + </ds:SignedInfo> + <ds:SignatureValue>ARMTDwMGYMJteX/wjLqtONtFoHWc34gd6KKkgxnWe17xrUns1gHo/wDnKhvyG6kNtUZgfrebbdNA5Z4XZC+wiGkeZggKXaPdxAKco9amauuwSwoK8C556bQFA0F7yEjhypZGZxCoEMhS+hDKN+r/Pgh5QxkTgYi5DJXK6tIYgewt41k1YOAtrhr/RbyqvlFLvdZig2Sr8eotsCfATmics6NXeHGJV2ajaFITmNZd09exAoe4oi0zk2DUOUc2611bPW+4wrAb4F0iB4sPGxngfKArdMeJ8Ybh4nnA0WncwwJ2WMVu4CF87cWQKU1VIIPTisJjSN5pFXnm6wMQQUZu1A==</ds:SignatureValue> + <ds:KeyInfo> + <ds:X509Data> + <ds:X509Certificate>MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt 1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc 2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy 4jpXrp77JXFRSDWddb0yePc=</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </ds:Signature> + <saml2p:Extensions> + <eid:RequestedAttributes xmlns:eid="http://eid.gv.at/eID/attributes/saml-extensions"> + <eid:RequestedAttribute FriendlyName="EID-SECTOR-FOR-IDENTIFIER" Name="urn:oid:1.2.40.0.10.2.1.1.261.34" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"> + <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">urn:publicid:gv.at:eidasid+AT+EE</eid:AttributeValue> + </eid:RequestedAttribute> + <eid:RequestedAttribute FriendlyName="ServiceProvider-MandateProfiles" Name="urn:eidgvat:attributes.ServiceProviderMandateProfiles" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"> + <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">Einzelvertretungsbefugnis,1.2.40.0.10.1.7.3.1.1,ERsB</eid:AttributeValue> + <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">Einzelvertretungsbefugnis,1.2.40.0.10.1.7.3.1.1,ERsB</eid:AttributeValue> + </eid:RequestedAttribute> + </eid:RequestedAttributes> + </saml2p:Extensions> + <saml2p:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"/> + <saml2p:RequestedAuthnContext Comparison="minimum"> + <saml2:AuthnContextClassRef xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">http://eidas.europa.eu/LoA/low</saml2:AuthnContextClassRef> + </saml2p:RequestedAuthnContext> + <saml2p:Scoping> + <saml2p:RequesterID>https://demo.egiz.gv.at/demoportal-openID_demo</saml2p:RequesterID> + </saml2p:Scoping> +</saml2p:AuthnRequest>
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_8.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_8.xml new file mode 100644 index 000000000..ff667168a --- /dev/null +++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_8.xml @@ -0,0 +1,42 @@ +<?xml version="1.0" encoding="UTF-8"?> +<saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsumerServiceIndex="0" Destination="https://vidp.gv.at/ms_connector/pvp/post" ID="_5f6e9aff8ff6fa4b84e888bf99400f95" IsPassive="false" IssueInstant="2019-12-13T06:42:21.185Z" ProviderName="OpenID Connect Demo" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema"> + <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/ms_connector/sp/metadata</saml2:Issuer> + <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> + <ds:SignedInfo> + <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> + <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> + <ds:Reference URI="#_5f6e9aff8ff6fa4b84e888bf99400f95"> + <ds:Transforms> + <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> + <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> + <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/> + </ds:Transform> + </ds:Transforms> + <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> + <ds:DigestValue>mOljEGj9lBXPvJbT3biANFlsYGLrKtcaoHTNDmjRuko=</ds:DigestValue> + </ds:Reference> + </ds:SignedInfo> + <ds:SignatureValue>ARMTDwMGYMJteX/wjLqtONtFoHWc34gd6KKkgxnWe17xrUns1gHo/wDnKhvyG6kNtUZgfrebbdNA5Z4XZC+wiGkeZggKXaPdxAKco9amauuwSwoK8C556bQFA0F7yEjhypZGZxCoEMhS+hDKN+r/Pgh5QxkTgYi5DJXK6tIYgewt41k1YOAtrhr/RbyqvlFLvdZig2Sr8eotsCfATmics6NXeHGJV2ajaFITmNZd09exAoe4oi0zk2DUOUc2611bPW+4wrAb4F0iB4sPGxngfKArdMeJ8Ybh4nnA0WncwwJ2WMVu4CF87cWQKU1VIIPTisJjSN5pFXnm6wMQQUZu1A==</ds:SignatureValue> + <ds:KeyInfo> + <ds:X509Data> + <ds:X509Certificate>MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt 1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc 2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy 4jpXrp77JXFRSDWddb0yePc=</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </ds:Signature> + <saml2p:Extensions> + <eid:RequestedAttributes xmlns:eid="http://eid.gv.at/eID/attributes/saml-extensions"> + <eid:RequestedAttribute FriendlyName="EID-SECTOR-FOR-IDENTIFIER" Name="urn:oid:1.2.40.0.10.2.1.1.261.34" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"> + <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">urn:publicid:gv.at:eidasid+AT+EE</eid:AttributeValue> + </eid:RequestedAttribute> + <eid:RequestedAttribute FriendlyName="ServiceProvider-MandateProfiles" Name="urn:eidgvat:attributes.ServiceProviderMandateProfiles" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"> + </eid:RequestedAttribute> + </eid:RequestedAttributes> + </saml2p:Extensions> + <saml2p:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"/> + <saml2p:RequestedAuthnContext Comparison="minimum"> + <saml2:AuthnContextClassRef xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">http://eidas.europa.eu/LoA/low</saml2:AuthnContextClassRef> + </saml2p:RequestedAuthnContext> + <saml2p:Scoping> + <saml2p:RequesterID>https://demo.egiz.gv.at/demoportal-openID_demo</saml2p:RequesterID> + </saml2p:Scoping> +</saml2p:AuthnRequest>
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_9.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_9.xml new file mode 100644 index 000000000..5506b2f31 --- /dev/null +++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_9.xml @@ -0,0 +1,35 @@ +<?xml version="1.0" encoding="UTF-8"?> +<saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsumerServiceIndex="0" Destination="https://vidp.gv.at/ms_connector/pvp/post" ID="_5f6e9aff8ff6fa4b84e888bf99400f95" IsPassive="false" IssueInstant="2019-12-13T06:42:21.185Z" ProviderName="OpenID Connect Demo" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema"> + <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/ms_connector/sp/metadata</saml2:Issuer> + <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> + <ds:SignedInfo> + <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> + <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> + <ds:Reference URI="#_5f6e9aff8ff6fa4b84e888bf99400f95"> + <ds:Transforms> + <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> + <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> + <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/> + </ds:Transform> + </ds:Transforms> + <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> + <ds:DigestValue>mOljEGj9lBXPvJbT3biANFlsYGLrKtcaoHTNDmjRuko=</ds:DigestValue> + </ds:Reference> + </ds:SignedInfo> + <ds:SignatureValue>ARMTDwMGYMJteX/wjLqtONtFoHWc34gd6KKkgxnWe17xrUns1gHo/wDnKhvyG6kNtUZgfrebbdNA5Z4XZC+wiGkeZggKXaPdxAKco9amauuwSwoK8C556bQFA0F7yEjhypZGZxCoEMhS+hDKN+r/Pgh5QxkTgYi5DJXK6tIYgewt41k1YOAtrhr/RbyqvlFLvdZig2Sr8eotsCfATmics6NXeHGJV2ajaFITmNZd09exAoe4oi0zk2DUOUc2611bPW+4wrAb4F0iB4sPGxngfKArdMeJ8Ybh4nnA0WncwwJ2WMVu4CF87cWQKU1VIIPTisJjSN5pFXnm6wMQQUZu1A==</ds:SignatureValue> + <ds:KeyInfo> + <ds:X509Data> + <ds:X509Certificate>MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt 1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc 2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy 4jpXrp77JXFRSDWddb0yePc=</ds:X509Certificate> + </ds:X509Data> + </ds:KeyInfo> + </ds:Signature> + <saml2p:Extensions> + </saml2p:Extensions> + <saml2p:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"/> + <saml2p:RequestedAuthnContext Comparison="minimum"> + <saml2:AuthnContextClassRef xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">http://eidas.europa.eu/LoA/low</saml2:AuthnContextClassRef> + </saml2p:RequestedAuthnContext> + <saml2p:Scoping> + <saml2p:RequesterID>https://demo.egiz.gv.at/demoportal-openID_demo</saml2p:RequesterID> + </saml2p:Scoping> +</saml2p:AuthnRequest>
\ No newline at end of file @@ -1,923 +1,899 @@ -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <modelVersion>4.0.0</modelVersion> - <groupId>MOA</groupId> - <artifactId>MOA</artifactId> - <packaging>pom</packaging> - <version>4.1.0</version> - <name>MOA</name> - - <properties> - <repositoryPath>${basedir}/repository</repositoryPath> - <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> - - <!-- Project Version --> - <moa-id-version>4.1.0</moa-id-version> - - <moa-id-version-final>4.1.0</moa-id-version-final> - <moa-id-version-edu>4.1.0</moa-id-version-edu> - - <moa-id-proxy-version>2.0.1</moa-id-proxy-version> - - <configtool-version>3.0.1</configtool-version> - <demo-oa-version>2.0.6</demo-oa-version> - - <moa-id-module-elga_mandate_client>1.3.2</moa-id-module-elga_mandate_client> - - <!-- =================================================================================== --> - <egiz-spring-api.version>0.3</egiz-spring-api.version> - <egiz.eaaf.version>1.0.13.1</egiz.eaaf.version> - <org.springframework.version>5.2.2.RELEASE</org.springframework.version> - <org.springframework.data.spring-data-jpa>2.2.3.RELEASE</org.springframework.data.spring-data-jpa> - <org.springframework.data.spring-data-redis>2.2.3.RELEASE</org.springframework.data.spring-data-redis> - <surefire.version>2.22.0</surefire.version> - - <jaxb.version>2.3.1</jaxb.version> - <jaxb-core.version>2.3.0.1</jaxb-core.version> - <guava.version>28.1-jre</guava.version> - - <opensaml.version>2.6.6</opensaml.version> <!-- update to v3 (v2 is end-of-life in june 2016)--> - <org.opensaml.openws.version>1.5.6</org.opensaml.openws.version> - <xmltooling.version>1.4.6</xmltooling.version> - <xmlsec.version>2.1.3</xmlsec.version> - <jaxws-api.version>2.3.1</jaxws-api.version> - <jws-api.version>1.1</jws-api.version> - - <hibernate.version>5.4.3.Final</hibernate.version> - <org.apache.commons.commons.dbcp2>2.6.0</org.apache.commons.commons.dbcp2> - - <cxf.version>3.3.4</cxf.version> - <struts.version>2.5.22</struts.version> <!-- 2.5.10.1 --> - - <egovutils.version>2.0.0</egovutils.version> - - <slf4j.version>1.7.26</slf4j.version> - - <httpclient.version>4.5.8</httpclient.version> - <httpcore.version>4.4.11</httpcore.version> - - <!-- Maybe problems with Hibernate 5.0.10 --> - <mysql-connector.java>8.0.16</mysql-connector.java> - <!-- <mysql-connector.java>5.1.40</mysql-connector.java> --> - - <junit.version>4.12</junit.version> - <org.apache.commons.io.version>2.6</org.apache.commons.io.version> - <org.apache.commons.lang3.version>3.9</org.apache.commons.lang3.version> - <org.apache.commons.collections4.version>4.3</org.apache.commons.collections4.version> - <org.apache.commons.collections3.version>3.2.2</org.apache.commons.collections3.version> - <org.apache.commons-text.version>1.6</org.apache.commons-text.version> - <jodatime.version>2.10.2</jodatime.version> - - <jackson-version>2.9.9</jackson-version> - <apache-cli-version>1.4</apache-cli-version> - <spring-orm-version>${org.springframework.version}</spring-orm-version> - - </properties> - - <profiles> - <profile> - <id>default</id> - <activation> - <activeByDefault>true</activeByDefault> - <property> - <name>default</name> - </property> - </activation> - <modules> - <module>id</module> - </modules> - <repositories> - <repository> - <id>moaid_local</id> - <name>local</name> - <url>file:${basedir}/../../../repository</url> - </repository> -<!-- <repository> - <id>hyberjaxb</id> - <url>http://repository.highsource.org/maven2/releases/</url> - <releases> - <enabled>false</enabled> - </releases> - </repository> --> - <repository> - <id>egiz-shibboleth-mirror</id> - <name>egiz-shibboleth-mirror</name> - <url>https://apps.egiz.gv.at/shibboleth_nexus/</url> - </repository> - <repository> - <id>jboss</id> - <url>https://repository.jboss.org/nexus/content/repositories/central/</url> - <releases> - <enabled>true</enabled> - </releases> - </repository> - <repository> - <id>egiz-commons</id> - <url>https://apps.egiz.gv.at/maven/</url> - <releases> - <enabled>true</enabled> - </releases> - </repository> - - </repositories> - </profile> - </profiles> - - <build> - <pluginManagement> - <plugins> - <plugin> - <artifactId>maven-release-plugin</artifactId> - <version>2.5.1</version> - </plugin> - </plugins> - </pluginManagement> - <plugins> -<!-- <plugin> - <groupId>org.codehaus.mojo</groupId> - <artifactId>properties-maven-plugin</artifactId> - <version>1.0-alpha-2</version> - <executions> - <execution> - <phase>initialize</phase> - <goals> - <goal>read-project-properties</goal> - </goals> - <configuration> - <files> - <file>${basedir}/moa-id.properties</file> - </files> - </configuration> - </execution> - </executions> - </plugin> --> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-surefire-plugin</artifactId> - <version>${surefire.version}</version> - <configuration> - <excludes> - <exclude>eu/stork/peps/test/simple/SimpleBaseTest.java</exclude> - <exclude>eu/stork/peps/test/simple/StorkAttrQueryRequestTest.java</exclude> - <exclude>eu/stork/peps/test/simple/StorkAttrQueryResponseTest.java</exclude> - <exclude>eu/stork/peps/test/simple/StorkAuthRequestTest.java</exclude> - <exclude>eu/stork/peps/test/simple/StorkLogoutRequestTest.java</exclude> - <exclude>eu/stork/peps/test/simple/StorkLogoutResponseTest.java</exclude> - <exclude>eu/stork/peps/test/simple/StorkNewResponseTest.java</exclude> - <exclude>eu/stork/peps/test/simple/StorkResponseTest.java</exclude> - <exclude>test/MOAIDTestCase.java</exclude> - <exclude>test/at/gv/egovernment/moa/MOATestCase.java</exclude> - <exclude>test/at/gv/egovernment/moa/id/UnitTestCase.java</exclude> - <exclude>test/at/gv/egovernment/moa/id/auth/MOAIDAuthInitialiserTest.java</exclude> - <exclude>test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java</exclude> - <exclude>test/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilderTest.java</exclude> - <exclude>test/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilderTest.java</exclude> - <exclude>test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java</exclude> - <exclude>test/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilderTest.java</exclude> - <exclude>test/at/gv/egovernment/moa/id/auth/invoke/IdentityLinkAssertionParserTest.java</exclude> - <exclude>test/at/gv/egovernment/moa/id/auth/invoke/MOASPSSTestCase.java</exclude> - <exclude>test/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationTest.java</exclude> - <exclude>test/at/gv/egovernment/moa/id/auth/oauth/CertTest.java</exclude> - <exclude>test/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParserTest.java</exclude> - <exclude>test/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParserTest.java</exclude> - <exclude>test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java</exclude> - <exclude>test/at/gv/egovernment/moa/id/proxy/builder/SAMLArtifactBuilderTest.java</exclude> - <exclude>test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilderTest.java</exclude> - <exclude>test/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParserTest.java</exclude> - <exclude>test/at/gv/egovernment/moa/spss/SPSSTestCase.java</exclude> - <exclude>test/at/gv/egovernment/moa/spss/api/xmlbind/CreateXMLSignatureRequestParserTest.java</exclude> - <exclude>test/at/gv/egovernment/moa/spss/api/xmlbind/TransformParserTest.java</exclude> - <exclude>test/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureRequestParserTest.java</exclude> - <exclude>test/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureRequestParserTest.java</exclude> - <exclude>test/at/gv/egovernment/moa/spss/server/iaik/config/ConfigurationDataImplTest.java</exclude> - <exclude>test/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfiguratorTest.java</exclude> - <exclude>test/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvokerTest.java</exclude> - <exclude>test/at/gv/egovernment/moa/spss/server/invoke/DataObjectFactoryTest.java</exclude> - <exclude>test/at/gv/egovernment/moa/spss/server/invoke/TransformationFactoryTest.java</exclude> - <exclude>test/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureCreationInvokerTest.java</exclude> - <exclude>test/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvokerTest.java</exclude> - <exclude>test/at/gv/egovernment/moa/spss/server/tools/CertToolTest.java</exclude> - <exclude>test/at/gv/egovernment/moa/util/DOMUtilsTest.java</exclude> - <exclude>test/at/gv/egovernment/moa/util/KeyStoreUtilsTest.java</exclude> - <exclude>test/at/gv/egovernment/moa/util/SSLUtilsTest.java</exclude> - <exclude>test/at/gv/egovernment/moa/util/URLDecoderTest.java</exclude> - <exclude>test/at/gv/egovernment/moa/util/URLEncoderTest.java</exclude> - <exclude>test/at/gv/egovernment/moa/util/XMLGrammarBuilderTest.java</exclude> - <exclude>test/at/gv/egovernment/moa/util/XPathUtilsTest.java</exclude> - </excludes> - </configuration> - </plugin> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-compiler-plugin</artifactId> - <version>3.6.1</version> - <configuration> - <verbose>false</verbose> - <fork>true</fork> - <executable>${env.BUILD_EXECUTEABLE}</executable> - <compilerVersion>${env.BUILD_VERSION}</compilerVersion> - <encoding>${project.build.sourceEncoding}</encoding> - <source>1.8</source> - <target>1.8</target> - </configuration> - </plugin> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-jar-plugin</artifactId> - <version>3.1.2</version> - <configuration> - <archive> - <manifest> - <addDefaultImplementationEntries>true</addDefaultImplementationEntries> - </manifest> - </archive> - </configuration> - </plugin> - <plugin> - <inherited>false</inherited> - <artifactId>maven-assembly-plugin</artifactId> - <!-- <version>2.2-beta-1</version> --> - <version>2.2.2</version> - <!-- TODO Update Version 2.2-beta-1 for MOA-SPSS --> - <configuration> - <finalName>moa</finalName> - <encoding>UTF-8</encoding> - <descriptors> - <descriptor>id/assembly-auth-final.xml</descriptor> - <descriptor>id/assembly-auth-edu.xml</descriptor> - <descriptor>id/assembly-proxy.xml</descriptor> - -<!-- <descriptor>spss/assembly.xml</descriptor> - <descriptor>spss/assembly-lib.xml</descriptor> --> - </descriptors> - </configuration> - </plugin> - - <plugin> - <groupId>org.codehaus.mojo</groupId> - <artifactId>versions-maven-plugin</artifactId> - <version>2.7</version> - </plugin> - - <!-- Vulnerability checks --> -<!-- <plugin> - <groupId>org.owasp</groupId> - <artifactId>dependency-check-maven</artifactId> - <version>1.2.5</version> - <executions> - <execution> - <phase>verify</phase> - <goals> - <goal>check</goal> - </goals> - </execution> - </executions> - </plugin> --> - - </plugins> - - </build> - - <reporting> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-javadoc-plugin</artifactId> - <configuration> - <excludePackageNames>test.*</excludePackageNames> - <failOnError>false</failOnError> - </configuration> - </plugin> - </plugins> - </reporting> - - <dependencyManagement> - <dependencies> - - <dependency> - <groupId>org.apache.commons</groupId> - <artifactId>commons-dbcp2</artifactId> - <version>${org.apache.commons.commons.dbcp2}</version> - </dependency> - <dependency> - <groupId>org.opensaml</groupId> - <artifactId>opensaml</artifactId> - <version>${opensaml.version}</version> - </dependency> - <dependency> - <groupId>org.opensaml</groupId> - <artifactId>xmltooling</artifactId> - <version>${xmltooling.version}</version> - </dependency> - <dependency> - <groupId>org.opensaml</groupId> - <artifactId>openws</artifactId> - <version>${org.opensaml.openws.version}</version> - </dependency> - <dependency> - <groupId>org.apache.santuario</groupId> - <artifactId>xmlsec</artifactId> - <version>${xmlsec.version}</version> - </dependency> - - <dependency> - <groupId>javax.xml.ws</groupId> - <artifactId>jaxws-api</artifactId> - <version>${jaxws-api.version}</version> - </dependency> - <dependency> - <groupId>javax.jws</groupId> - <artifactId>javax.jws-api</artifactId> - <version>${jws-api.version}</version> - </dependency> - - - <dependency> - <groupId>com.google.guava</groupId> - <artifactId>guava</artifactId> - <version>${guava.version}</version> - </dependency> - - <dependency> - <groupId>org.apache.cxf</groupId> - <artifactId>cxf-rt-frontend-jaxws</artifactId> - <version>${cxf.version}</version> - </dependency> - <dependency> - <groupId>org.apache.cxf</groupId> - <artifactId>cxf-rt-transports-http</artifactId> - <version>${cxf.version}</version> - </dependency> - - <dependency> - <groupId>commons-collections</groupId> - <artifactId>commons-collections</artifactId> - <version>${org.apache.commons.collections3.version}</version> - </dependency> - - <dependency> - <groupId>org.apache.commons</groupId> - <artifactId>commons-text</artifactId> - <version>${org.apache.commons-text.version}</version> - </dependency> - - <dependency> - <groupId>org.apache.struts</groupId> - <artifactId>struts2-core</artifactId> - <version>${struts.version}</version> - </dependency> - <dependency> - <groupId>org.apache.struts</groupId> - <artifactId>struts2-json-plugin</artifactId> - <version>${struts.version}</version> - </dependency> - - <dependency> - <groupId>at.gv.util</groupId> - <artifactId>egovutils</artifactId> - <version>${egovutils.version}</version> - </dependency> - - <dependency> - <groupId>at.gv.egiz.components</groupId> - <artifactId>egiz-spring-api</artifactId> - <version>${egiz-spring-api.version}</version> - </dependency> - - <dependency> - <groupId>org.slf4j</groupId> - <artifactId>slf4j-api</artifactId> - <version>${slf4j.version}</version> - </dependency> - <dependency> - <groupId>org.slf4j</groupId> - <artifactId>jcl-over-slf4j</artifactId> - <version>${slf4j.version}</version> - </dependency> - <dependency> - <groupId>org.slf4j</groupId> - <artifactId>jul-to-slf4j</artifactId> - <version>${slf4j.version}</version> - </dependency> - <dependency> - <groupId>org.slf4j</groupId> - <artifactId>slf4j-log4j12</artifactId> - <version>${slf4j.version}</version> - </dependency> - - <dependency> - <groupId>jaxen</groupId> - <artifactId>jaxen</artifactId> - <version>1.1.6</version> - </dependency> - <dependency> - <groupId>saxpath</groupId> - <artifactId>saxpath</artifactId> - <version>1.0-FCS</version> - <scope>compile</scope> - </dependency> - - <dependency> - <groupId>org.apache.logging.log4j</groupId> - <artifactId>log4j-core</artifactId> - <version>2.5</version> - </dependency> - - <dependency> - <groupId>org.apache.httpcomponents</groupId> - <artifactId>httpclient</artifactId> - <version>${httpclient.version}</version> - </dependency> - - <dependency> - <groupId>org.apache.httpcomponents</groupId> - <artifactId>httpcore</artifactId> - <version>${httpcore.version}</version> - </dependency> - - <dependency> - <groupId>org.postgresql</groupId> - <artifactId>postgresql</artifactId> - <version>9.3-1102-jdbc41</version> - </dependency> - - <dependency> - <groupId>javax.mail</groupId> - <artifactId>mail</artifactId> - <version>1.4.7</version> - </dependency> - <dependency> - <groupId>commons-fileupload</groupId> - <artifactId>commons-fileupload</artifactId> - <version>1.3.3</version> - </dependency> - <dependency> - <groupId>commons-httpclient</groupId> - <artifactId>commons-httpclient</artifactId> - <version>3.1</version> - </dependency> - <dependency> - <groupId>dav4j</groupId> - <artifactId>dav4j</artifactId> - <version>0.1</version> - <scope>compile</scope> - </dependency> - <dependency> - <groupId>httpsclient</groupId> - <artifactId>httpsclient</artifactId> - <version>JSSE-1.0</version> - <scope>compile</scope> - </dependency> -<!-- <dependency> - <groupId>regexp</groupId> - <artifactId>regexp</artifactId> - <version>1.3</version> - </dependency> --> - - -<!-- <dependency> - <groupId>org.bouncycastle</groupId> - <artifactId>bcprov-jdk16</artifactId> - <version>1.46</version> - </dependency> --> - - <dependency> - <groupId>at.gv.egiz.eaaf</groupId> - <artifactId>eaaf_core_api</artifactId> - <version>${egiz.eaaf.version}</version> - </dependency> - <dependency> - <groupId>at.gv.egiz.eaaf</groupId> - <artifactId>eaaf-core</artifactId> - <version>${egiz.eaaf.version}</version> - </dependency> - <dependency> - <groupId>at.gv.egiz.eaaf</groupId> - <artifactId>eaaf-core</artifactId> - <type>test-jar</type> - <version>${egiz.eaaf.version}</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>at.gv.egiz.eaaf</groupId> - <artifactId>eaaf_module_pvp2_idp</artifactId> - <version>${egiz.eaaf.version}</version> - </dependency> - <dependency> - <groupId>at.gv.egiz.eaaf</groupId> - <artifactId>eaaf_module_pvp2_sp</artifactId> - <version>${egiz.eaaf.version}</version> - </dependency> - <dependency> - <groupId>at.gv.egiz.eaaf</groupId> - <artifactId>eaaf_module_pvp2_core</artifactId> - <version>${egiz.eaaf.version}</version> - </dependency> - <dependency> - <groupId>at.gv.egiz.eaaf</groupId> - <artifactId>eaaf_module_auth_sl20</artifactId> - <version>${egiz.eaaf.version}</version> - </dependency> - - - <dependency> - <groupId>MOA.id.server</groupId> - <artifactId>moa-id-spring-initializer</artifactId> - <version>${moa-id-version}</version> - </dependency> - - <dependency> - <groupId>MOA.id.server</groupId> - <artifactId>moa-id-frontend-resources</artifactId> - <version>${moa-id-version}</version> - </dependency> - - <dependency> - <groupId>MOA.id</groupId> - <artifactId>moa-spss-container</artifactId> - <version>${moa-id-version}</version> - <type>pom</type> - </dependency> - - - - <dependency> - <groupId>MOA.id.server</groupId> - <artifactId>moa-id-lib</artifactId> - <version>${moa-id-version}</version> - <scope>compile</scope> - </dependency> - <dependency> - <groupId>MOA.id.server</groupId> - <artifactId>moa-id-commons</artifactId> - <version>${moa-id-version}</version> - <scope>compile</scope> - </dependency> - - <dependency> - <groupId>MOA.id.server</groupId> - <artifactId>moa-id-jaxb_classes</artifactId> - <version>${moa-id-version}</version> - </dependency> - - <dependency> - <groupId>MOA.id.server</groupId> - <artifactId>moa-id-lib</artifactId> - <version>${moa-id-version}</version> - <scope>test</scope> - <type>test-jar</type> - </dependency> - - <dependency> - <groupId>MOA.id.server.modules</groupId> - <artifactId>moa-id-module-stork</artifactId> - <version>${moa-id-version}</version> - </dependency> - <dependency> - <groupId>MOA.id.server.modules</groupId> - <artifactId>moa-id-module-monitoring</artifactId> - <version>${moa-id-version}</version> - </dependency> - <dependency> - <groupId>MOA.id.server.modules</groupId> - <artifactId>moa-id-module-saml1</artifactId> - <version>${moa-id-version}</version> - </dependency> - <dependency> - <groupId>MOA.id.server.modules</groupId> - <artifactId>moa-id-module-openID</artifactId> - <version>${moa-id-version}</version> - </dependency> - <dependency> - <groupId>MOA.id.server.modules</groupId> - <artifactId>moa-id-modul-citizencard_authentication</artifactId> - <version>${moa-id-version}</version> - </dependency> - <dependency> - <groupId>MOA.id.server.modules</groupId> - <artifactId>moa-id-module-eIDAS</artifactId> - <version>${moa-id-version}</version> - </dependency> - <dependency> - <groupId>MOA.id.server.modules</groupId> - <artifactId>moa-id-module-pvp2</artifactId> - <version>${moa-id-version}</version> - </dependency> - <dependency> - <groupId>MOA.id.server.modules</groupId> - <artifactId>moa-id-modules-federated_authentication</artifactId> - <version>${moa-id-version}</version> - </dependency> - - <dependency> - <groupId>MOA.id.server.modules</groupId> - <artifactId>moa-id-module-elga_mandate_service</artifactId> - <version>${moa-id-module-elga_mandate_client}</version> - </dependency> - - <dependency> - <groupId>MOA.id.server.modules</groupId> - <artifactId>moa-id-module-bkaMobilaAuthSAML2Test</artifactId> - <version>${moa-id-version}</version> - </dependency> - - <dependency> - <groupId>MOA.id.server.modules</groupId> - <artifactId>moa-id-module-sl20_authentication</artifactId> - <version>${moa-id-version}</version> - </dependency> - - <dependency> - <groupId>MOA.id.server.modules</groupId> - <artifactId>moa-id-module-AT_eIDAS_connector</artifactId> - <version>${moa-id-version}</version> - </dependency> - - <dependency> - <groupId>MOA.id.server.modules</groupId> - <artifactId>moa-id-module-EID_connector</artifactId> - <version>${moa-id-version}</version> - </dependency> - - - <dependency> - <groupId>MOA.id.server</groupId> - <artifactId>moa-id-commons</artifactId> - <version>${moa-id-version}</version> - <type>test-jar</type> - <scope>test</scope> - </dependency> - - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - <version>${junit.version}</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>commons-logging</groupId> - <artifactId>commons-logging</artifactId> - <version>1.2</version> - <scope>compile</scope> - </dependency> - - <dependency> - <groupId>javax.servlet</groupId> - <artifactId>javax.servlet-api</artifactId> - <version>3.0.1</version> - <scope>provide</scope> - </dependency> - <dependency> - <groupId>javax.activation</groupId> - <artifactId>activation</artifactId> - <version>1.1.1</version> - <scope>compile</scope> - </dependency> - <dependency> - <groupId>commons-discovery</groupId> - <artifactId>commons-discovery</artifactId> - <version>0.5</version> - <scope>compile</scope> - </dependency> - <!-- IAIK libraries --> - <dependency> - <groupId>iaik.prod</groupId> - <artifactId>iaik_jce_full</artifactId> - <version>5.52_moa</version> - </dependency> - - <dependency> - <groupId>iaik.prod</groupId> - <artifactId>iaik_X509TrustManager</artifactId> - <version>0.3.1</version> - <scope>compile</scope> - </dependency> - <dependency> - <groupId>iaik.prod</groupId> - <artifactId>iaik_Pkcs11Provider</artifactId> - <version>1.2.4</version> - <scope>runtime</scope> - </dependency> - <dependency> - <groupId>iaik.prod</groupId> - <artifactId>iaik_Pkcs11Wrapper</artifactId> - <version>1.2.17</version> - <scope>compile</scope> - </dependency> - <dependency> - <groupId>iaik.prod</groupId> - <artifactId>iaik_Pkcs11Wrapper</artifactId> - <version>1.2.17</version> - <classifier>win32</classifier> - <type>dll</type> - <scope>runtime</scope> - </dependency> - <dependency> - <groupId>iaik.prod</groupId> - <artifactId>iaik_Pkcs11Wrapper</artifactId> - <version>1.2.17</version> - <classifier>linux</classifier> - <type>so</type> - <scope>runtime</scope> - </dependency> - <dependency> - <groupId>iaik.prod</groupId> - <artifactId>iaik_Pkcs11Wrapper</artifactId> - <version>1.2.17</version> - <classifier>linux_x64</classifier> - <type>so</type> - <scope>runtime</scope> - </dependency> - <dependency> - <groupId>iaik.prod</groupId> - <artifactId>iaik_Pkcs11Wrapper</artifactId> - <version>1.2.17</version> - <classifier>solaris_sparc</classifier> - <type>so</type> - <scope>runtime</scope> - </dependency> - <dependency> - <groupId>iaik.prod</groupId> - <artifactId>iaik_Pkcs11Wrapper</artifactId> - <version>1.2.17</version> - <classifier>solaris_sparcv9</classifier> - <type>so</type> - <scope>runtime</scope> - </dependency> - <dependency> - <groupId>iaik.prod</groupId> - <artifactId>iaik_Pkcs11Wrapper</artifactId> - <version>1.2.17</version> - <classifier>win64</classifier> - <type>dll</type> - <scope>runtime</scope> - </dependency> - - <dependency> - <groupId>javax.xml.bind</groupId> - <artifactId>jaxb-api</artifactId> - <version>${jaxb.version}</version> - </dependency> - - <dependency> - <groupId>xerces</groupId> - <artifactId>xercesImpl</artifactId> - <version>2.11.0</version> - <scope>compile</scope> - </dependency> - <!-- The xmlParserAPIs.jar of the official xalan distribution - and the one in the central repository differ. So, we - are going to include the official one in our own - distribution to prevent from problems with different - versions in the endorsed directory of the servlet container - or jre endorsed directory. --> - <dependency> - <groupId>xalan-bin-dist</groupId> - <artifactId>xml-apis</artifactId> - <version>2.11.0</version> - <scope>runtime</scope> - </dependency> - <!-- The xalan.jar of the official xalan distribution - and the one in the central repository differ. So, we - are going to include the official one in our own - distribution to prevent from problems with different - versions in the endorsed directory of the servlet container - or jre endorsed directory. --> - <dependency> - <groupId>xalan-bin-dist</groupId> - <artifactId>xalan</artifactId> - <version>2.7.1</version> - <scope>compile</scope><!-- for XPathAPI, Javadoc,...--> - </dependency> - <dependency> - <groupId>xalan-bin-dist</groupId> - <artifactId>serializer</artifactId> - <version>2.7.1</version><!-- xalan version --> - <scope>runtime</scope> - </dependency> - - <dependency> - <groupId>org.springframework</groupId> - <artifactId>spring-webmvc</artifactId> - <version>${org.springframework.version}</version> - </dependency> - - <dependency> - <groupId>org.springframework.data</groupId> - <artifactId>spring-data-redis</artifactId> - <version>${org.springframework.data.spring-data-redis}</version> - </dependency> - - - <!-- the core, which includes Streaming API, shared low-level abstractions (but NOT data-binding) --> - <dependency> - <groupId>com.fasterxml.jackson.core</groupId> - <artifactId>jackson-core</artifactId> - <version>${jackson-version}</version> - </dependency> - <!-- databinding; ObjectMapper, JsonNode and related classes are here --> - <dependency> - <groupId>com.fasterxml.jackson.core</groupId> - <artifactId>jackson-databind</artifactId> - <version>${jackson-version}</version> - </dependency> - <dependency> - <groupId>com.fasterxml.jackson.core</groupId> - <artifactId>jackson-annotations</artifactId> - <version>${jackson-version}</version> - </dependency> - <dependency> - <groupId>commons-cli</groupId> - <artifactId>commons-cli</artifactId> - <version>${apache-cli-version}</version> - </dependency> - - <dependency> - <groupId>com.sun.xml.bind</groupId> - <artifactId>jaxb-core</artifactId> - <version>${jaxb-core.version}</version> - </dependency> - <dependency> - <groupId>com.sun.xml.bind</groupId> - <artifactId>jaxb-impl</artifactId> - <version>${jaxb.version}</version> - </dependency> - - <dependency> - <groupId>org.easymock</groupId> - <artifactId>easymock</artifactId> - <scope>test</scope> - <version>3.5</version> - </dependency> - <dependency> - <groupId>org.unitils</groupId> - <artifactId>unitils-core</artifactId> - <version>3.4.6</version> - </dependency> - - </dependencies> - </dependencyManagement> +<?xml version="1.0" encoding="UTF-8"?> +<project xmlns="http://maven.apache.org/POM/4.0.0" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <modelVersion>4.0.0</modelVersion> + <groupId>MOA</groupId> + <artifactId>MOA</artifactId> + <packaging>pom</packaging> + <version>4.1.0</version> + <name>MOA</name> - <dependencies> - <dependency> - <groupId>iaik.prod</groupId> - <artifactId>iaik_Pkcs11Wrapper</artifactId> - <classifier>win32</classifier> - <type>dll</type> - <scope>runtime</scope> - </dependency> - <dependency> - <groupId>iaik.prod</groupId> - <artifactId>iaik_Pkcs11Wrapper</artifactId> - <classifier>linux</classifier> - <type>so</type> - <scope>runtime</scope> - </dependency> - <dependency> - <groupId>iaik.prod</groupId> - <artifactId>iaik_Pkcs11Wrapper</artifactId> - <classifier>linux_x64</classifier> - <type>so</type> - <scope>runtime</scope> - </dependency> - <dependency> - <groupId>iaik.prod</groupId> - <artifactId>iaik_Pkcs11Wrapper</artifactId> - <classifier>solaris_sparc</classifier> - <type>so</type> - <scope>runtime</scope> - </dependency> - <dependency> - <groupId>iaik.prod</groupId> - <artifactId>iaik_Pkcs11Wrapper</artifactId> - <classifier>solaris_sparcv9</classifier> - <type>so</type> - <scope>runtime</scope> - </dependency> - <dependency> - <groupId>iaik.prod</groupId> - <artifactId>iaik_Pkcs11Wrapper</artifactId> - <classifier>win64</classifier> - <type>dll</type> - <scope>runtime</scope> - </dependency> - <dependency> - <groupId>commons-io</groupId> - <artifactId>commons-io</artifactId> - <version>${org.apache.commons.io.version}</version> - </dependency> + <properties> + <repositoryPath>${basedir}/repository</repositoryPath> + <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> - </dependencies> + <!-- Project Version --> + <moa-id-version>4.1.0</moa-id-version> + + <moa-id-version-final>4.1.0</moa-id-version-final> + <moa-id-version-edu>4.1.0</moa-id-version-edu> + + <moa-id-proxy-version>2.0.1</moa-id-proxy-version> + + <configtool-version>3.0.1</configtool-version> + <demo-oa-version>2.0.6</demo-oa-version> + + <moa-id-module-elga_mandate_client>1.3.2</moa-id-module-elga_mandate_client> + + <!-- =================================================================================== --> + <egiz-spring-api.version>0.3</egiz-spring-api.version> + <egiz.eaaf.version>1.0.13.2</egiz.eaaf.version> + <org.springframework.version>5.2.2.RELEASE</org.springframework.version> + <org.springframework.data.spring-data-jpa>2.2.3.RELEASE</org.springframework.data.spring-data-jpa> + <org.springframework.data.spring-data-redis>2.2.3.RELEASE</org.springframework.data.spring-data-redis> + <surefire.version>2.22.0</surefire.version> + + <jaxb.version>2.3.1</jaxb.version> + <jaxb-core.version>2.3.0.1</jaxb-core.version> + <guava.version>28.1-jre</guava.version> + + <opensaml.version>2.6.6</opensaml.version> <!-- update to v3 (v2 is end-of-life in june 2016) --> + <org.opensaml.openws.version>1.5.6</org.opensaml.openws.version> + <xmltooling.version>1.4.6</xmltooling.version> + <xmlsec.version>2.1.3</xmlsec.version> + <jaxws-api.version>2.3.1</jaxws-api.version> + <jws-api.version>1.1</jws-api.version> + + <hibernate.version>5.4.3.Final</hibernate.version> + <org.apache.commons.commons.dbcp2>2.6.0</org.apache.commons.commons.dbcp2> + + <cxf.version>3.3.4</cxf.version> + <struts.version>2.5.22</struts.version> <!-- 2.5.10.1 --> + + <egovutils.version>2.0.0</egovutils.version> - <repositories> + <slf4j.version>1.7.26</slf4j.version> + + <httpclient.version>4.5.8</httpclient.version> + <httpcore.version>4.4.11</httpcore.version> + + <!-- Maybe problems with Hibernate 5.0.10 --> + <mysql-connector.java>8.0.16</mysql-connector.java> + <!-- <mysql-connector.java>5.1.40</mysql-connector.java> --> + + <junit.version>4.12</junit.version> + <org.apache.commons.io.version>2.6</org.apache.commons.io.version> + <org.apache.commons.lang3.version>3.9</org.apache.commons.lang3.version> + <org.apache.commons.collections4.version>4.3</org.apache.commons.collections4.version> + <org.apache.commons.collections3.version>3.2.2</org.apache.commons.collections3.version> + <org.apache.commons-text.version>1.6</org.apache.commons-text.version> + <jodatime.version>2.10.2</jodatime.version> + + <jackson-version>2.9.9</jackson-version> + <apache-cli-version>1.4</apache-cli-version> + <spring-orm-version>${org.springframework.version}</spring-orm-version> + + </properties> + + <profiles> + <profile> + <id>default</id> + <activation> + <activeByDefault>true</activeByDefault> + <property> + <name>default</name> + </property> + </activation> + <modules> + <module>id</module> + </modules> + <repositories> <repository> - <id>MOA</id> - <name>MOA Dependencies</name> - <!--releases> - <enabled>false</enabled> - </releases--> - <layout>default</layout> - <url>file://${repositoryPath}</url> + <id>moaid_local</id> + <name>local</name> + <url>file:${basedir}/../../../repository</url> </repository> - </repositories> + <!-- <repository> <id>hyberjaxb</id> <url>http://repository.highsource.org/maven2/releases/</url> + <releases> <enabled>false</enabled> </releases> </repository> --> + <repository> + <id>egiz-shibboleth-mirror</id> + <name>egiz-shibboleth-mirror</name> + <url>https://apps.egiz.gv.at/shibboleth_nexus/</url> + </repository> + <repository> + <id>jboss</id> + <url>https://repository.jboss.org/nexus/content/repositories/central/</url> + <releases> + <enabled>true</enabled> + </releases> + </repository> + <repository> + <id>egiz-commons</id> + <url>https://apps.egiz.gv.at/maven/</url> + <releases> + <enabled>true</enabled> + </releases> + </repository> + + </repositories> + </profile> + </profiles> + + <build> + <pluginManagement> + <plugins> + <plugin> + <artifactId>maven-release-plugin</artifactId> + <version>2.5.1</version> + </plugin> + </plugins> + </pluginManagement> + <plugins> + <!-- <plugin> <groupId>org.codehaus.mojo</groupId> <artifactId>properties-maven-plugin</artifactId> + <version>1.0-alpha-2</version> <executions> <execution> <phase>initialize</phase> + <goals> <goal>read-project-properties</goal> </goals> <configuration> <files> + <file>${basedir}/moa-id.properties</file> </files> </configuration> </execution> + </executions> </plugin> --> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-surefire-plugin</artifactId> + <version>${surefire.version}</version> + <configuration> + <excludes> + <exclude>eu/stork/peps/test/simple/SimpleBaseTest.java</exclude> + <exclude>eu/stork/peps/test/simple/StorkAttrQueryRequestTest.java</exclude> + <exclude>eu/stork/peps/test/simple/StorkAttrQueryResponseTest.java</exclude> + <exclude>eu/stork/peps/test/simple/StorkAuthRequestTest.java</exclude> + <exclude>eu/stork/peps/test/simple/StorkLogoutRequestTest.java</exclude> + <exclude>eu/stork/peps/test/simple/StorkLogoutResponseTest.java</exclude> + <exclude>eu/stork/peps/test/simple/StorkNewResponseTest.java</exclude> + <exclude>eu/stork/peps/test/simple/StorkResponseTest.java</exclude> + <exclude>test/MOAIDTestCase.java</exclude> + <exclude>test/at/gv/egovernment/moa/MOATestCase.java</exclude> + <exclude>test/at/gv/egovernment/moa/id/UnitTestCase.java</exclude> + <exclude>test/at/gv/egovernment/moa/id/auth/MOAIDAuthInitialiserTest.java</exclude> + <exclude>test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java</exclude> + <exclude>test/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilderTest.java</exclude> + <exclude>test/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilderTest.java</exclude> + <exclude>test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java</exclude> + <exclude>test/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilderTest.java</exclude> + <exclude>test/at/gv/egovernment/moa/id/auth/invoke/IdentityLinkAssertionParserTest.java</exclude> + <exclude>test/at/gv/egovernment/moa/id/auth/invoke/MOASPSSTestCase.java</exclude> + <exclude>test/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationTest.java</exclude> + <exclude>test/at/gv/egovernment/moa/id/auth/oauth/CertTest.java</exclude> + <exclude>test/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParserTest.java</exclude> + <exclude>test/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParserTest.java</exclude> + <exclude>test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java</exclude> + <exclude>test/at/gv/egovernment/moa/id/proxy/builder/SAMLArtifactBuilderTest.java</exclude> + <exclude>test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilderTest.java</exclude> + <exclude>test/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParserTest.java</exclude> + <exclude>test/at/gv/egovernment/moa/spss/SPSSTestCase.java</exclude> + <exclude>test/at/gv/egovernment/moa/spss/api/xmlbind/CreateXMLSignatureRequestParserTest.java</exclude> + <exclude>test/at/gv/egovernment/moa/spss/api/xmlbind/TransformParserTest.java</exclude> + <exclude>test/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureRequestParserTest.java</exclude> + <exclude>test/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureRequestParserTest.java</exclude> + <exclude>test/at/gv/egovernment/moa/spss/server/iaik/config/ConfigurationDataImplTest.java</exclude> + <exclude>test/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfiguratorTest.java</exclude> + <exclude>test/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvokerTest.java</exclude> + <exclude>test/at/gv/egovernment/moa/spss/server/invoke/DataObjectFactoryTest.java</exclude> + <exclude>test/at/gv/egovernment/moa/spss/server/invoke/TransformationFactoryTest.java</exclude> + <exclude>test/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureCreationInvokerTest.java</exclude> + <exclude>test/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvokerTest.java</exclude> + <exclude>test/at/gv/egovernment/moa/spss/server/tools/CertToolTest.java</exclude> + <exclude>test/at/gv/egovernment/moa/util/DOMUtilsTest.java</exclude> + <exclude>test/at/gv/egovernment/moa/util/KeyStoreUtilsTest.java</exclude> + <exclude>test/at/gv/egovernment/moa/util/SSLUtilsTest.java</exclude> + <exclude>test/at/gv/egovernment/moa/util/URLDecoderTest.java</exclude> + <exclude>test/at/gv/egovernment/moa/util/URLEncoderTest.java</exclude> + <exclude>test/at/gv/egovernment/moa/util/XMLGrammarBuilderTest.java</exclude> + <exclude>test/at/gv/egovernment/moa/util/XPathUtilsTest.java</exclude> + </excludes> + </configuration> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-compiler-plugin</artifactId> + <version>3.6.1</version> + <configuration> + <verbose>false</verbose> + <fork>true</fork> + <executable>${env.BUILD_EXECUTEABLE}</executable> + <compilerVersion>${env.BUILD_VERSION}</compilerVersion> + <encoding>${project.build.sourceEncoding}</encoding> + <source>1.8</source> + <target>1.8</target> + </configuration> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-jar-plugin</artifactId> + <version>3.1.2</version> + <configuration> + <archive> + <manifest> + <addDefaultImplementationEntries>true</addDefaultImplementationEntries> + </manifest> + </archive> + </configuration> + </plugin> + <plugin> + <inherited>false</inherited> + <artifactId>maven-assembly-plugin</artifactId> + <!-- <version>2.2-beta-1</version> --> + <version>2.2.2</version> + <!-- TODO Update Version 2.2-beta-1 for MOA-SPSS --> + <configuration> + <finalName>moa</finalName> + <encoding>UTF-8</encoding> + <descriptors> + <descriptor>id/assembly-auth-final.xml</descriptor> + <descriptor>id/assembly-auth-edu.xml</descriptor> + <descriptor>id/assembly-proxy.xml</descriptor> + + <!-- <descriptor>spss/assembly.xml</descriptor> <descriptor>spss/assembly-lib.xml</descriptor> --> + </descriptors> + </configuration> + </plugin> + + <plugin> + <groupId>org.codehaus.mojo</groupId> + <artifactId>versions-maven-plugin</artifactId> + <version>2.7</version> + </plugin> + + <!-- Vulnerability checks --> + <!-- <plugin> <groupId>org.owasp</groupId> <artifactId>dependency-check-maven</artifactId> + <version>1.2.5</version> <executions> <execution> <phase>verify</phase> <goals> + <goal>check</goal> </goals> </execution> </executions> </plugin> --> + + </plugins> + + </build> + + <reporting> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-javadoc-plugin</artifactId> + <configuration> + <excludePackageNames>test.*</excludePackageNames> + <failOnError>false</failOnError> + </configuration> + </plugin> + </plugins> + </reporting> + + <dependencyManagement> + <dependencies> + + <dependency> + <groupId>org.apache.commons</groupId> + <artifactId>commons-dbcp2</artifactId> + <version>${org.apache.commons.commons.dbcp2}</version> + </dependency> + <dependency> + <groupId>org.opensaml</groupId> + <artifactId>opensaml</artifactId> + <version>${opensaml.version}</version> + </dependency> + <dependency> + <groupId>org.opensaml</groupId> + <artifactId>xmltooling</artifactId> + <version>${xmltooling.version}</version> + </dependency> + <dependency> + <groupId>org.opensaml</groupId> + <artifactId>openws</artifactId> + <version>${org.opensaml.openws.version}</version> + </dependency> + <dependency> + <groupId>org.apache.santuario</groupId> + <artifactId>xmlsec</artifactId> + <version>${xmlsec.version}</version> + </dependency> + + <dependency> + <groupId>javax.xml.ws</groupId> + <artifactId>jaxws-api</artifactId> + <version>${jaxws-api.version}</version> + </dependency> + <dependency> + <groupId>javax.jws</groupId> + <artifactId>javax.jws-api</artifactId> + <version>${jws-api.version}</version> + </dependency> + + + <dependency> + <groupId>com.google.guava</groupId> + <artifactId>guava</artifactId> + <version>${guava.version}</version> + </dependency> + + <dependency> + <groupId>org.apache.cxf</groupId> + <artifactId>cxf-rt-frontend-jaxws</artifactId> + <version>${cxf.version}</version> + </dependency> + <dependency> + <groupId>org.apache.cxf</groupId> + <artifactId>cxf-rt-transports-http</artifactId> + <version>${cxf.version}</version> + </dependency> + + <dependency> + <groupId>commons-collections</groupId> + <artifactId>commons-collections</artifactId> + <version>${org.apache.commons.collections3.version}</version> + </dependency> + + <dependency> + <groupId>org.apache.commons</groupId> + <artifactId>commons-text</artifactId> + <version>${org.apache.commons-text.version}</version> + </dependency> + + <dependency> + <groupId>org.apache.struts</groupId> + <artifactId>struts2-core</artifactId> + <version>${struts.version}</version> + </dependency> + <dependency> + <groupId>org.apache.struts</groupId> + <artifactId>struts2-json-plugin</artifactId> + <version>${struts.version}</version> + </dependency> + + <dependency> + <groupId>at.gv.util</groupId> + <artifactId>egovutils</artifactId> + <version>${egovutils.version}</version> + </dependency> + + <dependency> + <groupId>at.gv.egiz.components</groupId> + <artifactId>egiz-spring-api</artifactId> + <version>${egiz-spring-api.version}</version> + </dependency> + + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-api</artifactId> + <version>${slf4j.version}</version> + </dependency> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>jcl-over-slf4j</artifactId> + <version>${slf4j.version}</version> + </dependency> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>jul-to-slf4j</artifactId> + <version>${slf4j.version}</version> + </dependency> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-log4j12</artifactId> + <version>${slf4j.version}</version> + </dependency> + + <dependency> + <groupId>jaxen</groupId> + <artifactId>jaxen</artifactId> + <version>1.1.6</version> + </dependency> + <dependency> + <groupId>saxpath</groupId> + <artifactId>saxpath</artifactId> + <version>1.0-FCS</version> + <scope>compile</scope> + </dependency> + + <dependency> + <groupId>org.apache.logging.log4j</groupId> + <artifactId>log4j-core</artifactId> + <version>2.5</version> + </dependency> + + <dependency> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpclient</artifactId> + <version>${httpclient.version}</version> + </dependency> + + <dependency> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpcore</artifactId> + <version>${httpcore.version}</version> + </dependency> + + <dependency> + <groupId>org.postgresql</groupId> + <artifactId>postgresql</artifactId> + <version>9.3-1102-jdbc41</version> + </dependency> + + <dependency> + <groupId>javax.mail</groupId> + <artifactId>mail</artifactId> + <version>1.4.7</version> + </dependency> + <dependency> + <groupId>commons-fileupload</groupId> + <artifactId>commons-fileupload</artifactId> + <version>1.3.3</version> + </dependency> + <dependency> + <groupId>commons-httpclient</groupId> + <artifactId>commons-httpclient</artifactId> + <version>3.1</version> + </dependency> + <dependency> + <groupId>dav4j</groupId> + <artifactId>dav4j</artifactId> + <version>0.1</version> + <scope>compile</scope> + </dependency> + <dependency> + <groupId>httpsclient</groupId> + <artifactId>httpsclient</artifactId> + <version>JSSE-1.0</version> + <scope>compile</scope> + </dependency> + <!-- <dependency> <groupId>regexp</groupId> <artifactId>regexp</artifactId> + <version>1.3</version> </dependency> --> + + + <!-- <dependency> <groupId>org.bouncycastle</groupId> <artifactId>bcprov-jdk16</artifactId> + <version>1.46</version> </dependency> --> + + <dependency> + <groupId>at.gv.egiz.eaaf</groupId> + <artifactId>eaaf_core_api</artifactId> + <version>${egiz.eaaf.version}</version> + </dependency> + <dependency> + <groupId>at.gv.egiz.eaaf</groupId> + <artifactId>eaaf-core</artifactId> + <version>${egiz.eaaf.version}</version> + </dependency> + <dependency> + <groupId>at.gv.egiz.eaaf</groupId> + <artifactId>eaaf-core</artifactId> + <type>test-jar</type> + <version>${egiz.eaaf.version}</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>at.gv.egiz.eaaf</groupId> + <artifactId>eaaf_module_pvp2_idp</artifactId> + <version>${egiz.eaaf.version}</version> + </dependency> + <dependency> + <groupId>at.gv.egiz.eaaf</groupId> + <artifactId>eaaf_module_pvp2_sp</artifactId> + <version>${egiz.eaaf.version}</version> + </dependency> + <dependency> + <groupId>at.gv.egiz.eaaf</groupId> + <artifactId>eaaf_module_pvp2_core</artifactId> + <version>${egiz.eaaf.version}</version> + </dependency> + <dependency> + <groupId>at.gv.egiz.eaaf</groupId> + <artifactId>eaaf_module_auth_sl20</artifactId> + <version>${egiz.eaaf.version}</version> + </dependency> + <dependency> + <groupId>at.gv.egiz.eaaf</groupId> + <artifactId>eaaf_core_utils</artifactId> + <version>${egiz.eaaf.version}</version> + <scope>test</scope> + <type>test-jar</type> + </dependency> + <dependency> + <groupId>at.gv.egiz.eaaf</groupId> + <artifactId>eaaf-core</artifactId> + <version>${egiz.eaaf.version}</version> + <scope>test</scope> + <type>test-jar</type> + </dependency> + + + <dependency> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-spring-initializer</artifactId> + <version>${moa-id-version}</version> + </dependency> + + <dependency> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-frontend-resources</artifactId> + <version>${moa-id-version}</version> + </dependency> + + <dependency> + <groupId>MOA.id</groupId> + <artifactId>moa-spss-container</artifactId> + <version>${moa-id-version}</version> + <type>pom</type> + </dependency> + + + + <dependency> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-lib</artifactId> + <version>${moa-id-version}</version> + <scope>compile</scope> + </dependency> + <dependency> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-commons</artifactId> + <version>${moa-id-version}</version> + <scope>compile</scope> + </dependency> + + <dependency> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-jaxb_classes</artifactId> + <version>${moa-id-version}</version> + </dependency> + + <dependency> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-lib</artifactId> + <version>${moa-id-version}</version> + <scope>test</scope> + <type>test-jar</type> + </dependency> + + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-module-stork</artifactId> + <version>${moa-id-version}</version> + </dependency> + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-module-monitoring</artifactId> + <version>${moa-id-version}</version> + </dependency> + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-module-saml1</artifactId> + <version>${moa-id-version}</version> + </dependency> + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-module-openID</artifactId> + <version>${moa-id-version}</version> + </dependency> + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-modul-citizencard_authentication</artifactId> + <version>${moa-id-version}</version> + </dependency> + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-module-eIDAS</artifactId> + <version>${moa-id-version}</version> + </dependency> + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-module-pvp2</artifactId> + <version>${moa-id-version}</version> + </dependency> + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-modules-federated_authentication</artifactId> + <version>${moa-id-version}</version> + </dependency> + + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-module-elga_mandate_service</artifactId> + <version>${moa-id-module-elga_mandate_client}</version> + </dependency> + + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-module-bkaMobilaAuthSAML2Test</artifactId> + <version>${moa-id-version}</version> + </dependency> + + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-module-sl20_authentication</artifactId> + <version>${moa-id-version}</version> + </dependency> + + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-module-AT_eIDAS_connector</artifactId> + <version>${moa-id-version}</version> + </dependency> + + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-module-EID_connector</artifactId> + <version>${moa-id-version}</version> + </dependency> + + + <dependency> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-commons</artifactId> + <version>${moa-id-version}</version> + <type>test-jar</type> + <scope>test</scope> + </dependency> + + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <version>${junit.version}</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>commons-logging</groupId> + <artifactId>commons-logging</artifactId> + <version>1.2</version> + <scope>compile</scope> + </dependency> + + <dependency> + <groupId>javax.servlet</groupId> + <artifactId>javax.servlet-api</artifactId> + <version>3.0.1</version> + <scope>provide</scope> + </dependency> + <dependency> + <groupId>javax.activation</groupId> + <artifactId>activation</artifactId> + <version>1.1.1</version> + <scope>compile</scope> + </dependency> + <dependency> + <groupId>commons-discovery</groupId> + <artifactId>commons-discovery</artifactId> + <version>0.5</version> + <scope>compile</scope> + </dependency> + <!-- IAIK libraries --> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_jce_full</artifactId> + <version>5.52_moa</version> + </dependency> + + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_X509TrustManager</artifactId> + <version>0.3.1</version> + <scope>compile</scope> + </dependency> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_Pkcs11Provider</artifactId> + <version>1.2.4</version> + <scope>runtime</scope> + </dependency> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_Pkcs11Wrapper</artifactId> + <version>1.2.17</version> + <scope>compile</scope> + </dependency> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_Pkcs11Wrapper</artifactId> + <version>1.2.17</version> + <classifier>win32</classifier> + <type>dll</type> + <scope>runtime</scope> + </dependency> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_Pkcs11Wrapper</artifactId> + <version>1.2.17</version> + <classifier>linux</classifier> + <type>so</type> + <scope>runtime</scope> + </dependency> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_Pkcs11Wrapper</artifactId> + <version>1.2.17</version> + <classifier>linux_x64</classifier> + <type>so</type> + <scope>runtime</scope> + </dependency> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_Pkcs11Wrapper</artifactId> + <version>1.2.17</version> + <classifier>solaris_sparc</classifier> + <type>so</type> + <scope>runtime</scope> + </dependency> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_Pkcs11Wrapper</artifactId> + <version>1.2.17</version> + <classifier>solaris_sparcv9</classifier> + <type>so</type> + <scope>runtime</scope> + </dependency> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_Pkcs11Wrapper</artifactId> + <version>1.2.17</version> + <classifier>win64</classifier> + <type>dll</type> + <scope>runtime</scope> + </dependency> + + <dependency> + <groupId>javax.xml.bind</groupId> + <artifactId>jaxb-api</artifactId> + <version>${jaxb.version}</version> + </dependency> + + <dependency> + <groupId>xerces</groupId> + <artifactId>xercesImpl</artifactId> + <version>2.11.0</version> + <scope>compile</scope> + </dependency> + <!-- The xmlParserAPIs.jar of the official xalan distribution and the + one in the central repository differ. So, we are going to include the official + one in our own distribution to prevent from problems with different versions + in the endorsed directory of the servlet container or jre endorsed directory. --> + <dependency> + <groupId>xalan-bin-dist</groupId> + <artifactId>xml-apis</artifactId> + <version>2.11.0</version> + <scope>runtime</scope> + </dependency> + <!-- The xalan.jar of the official xalan distribution and the one in + the central repository differ. So, we are going to include the official one + in our own distribution to prevent from problems with different versions + in the endorsed directory of the servlet container or jre endorsed directory. --> + <dependency> + <groupId>xalan-bin-dist</groupId> + <artifactId>xalan</artifactId> + <version>2.7.1</version> + <scope>compile</scope><!-- for XPathAPI, Javadoc,... --> + </dependency> + <dependency> + <groupId>xalan-bin-dist</groupId> + <artifactId>serializer</artifactId> + <version>2.7.1</version><!-- xalan version --> + <scope>runtime</scope> + </dependency> + + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-webmvc</artifactId> + <version>${org.springframework.version}</version> + </dependency> + + <dependency> + <groupId>org.springframework.data</groupId> + <artifactId>spring-data-redis</artifactId> + <version>${org.springframework.data.spring-data-redis}</version> + </dependency> + + + <!-- the core, which includes Streaming API, shared low-level abstractions + (but NOT data-binding) --> + <dependency> + <groupId>com.fasterxml.jackson.core</groupId> + <artifactId>jackson-core</artifactId> + <version>${jackson-version}</version> + </dependency> + <!-- databinding; ObjectMapper, JsonNode and related classes are here --> + <dependency> + <groupId>com.fasterxml.jackson.core</groupId> + <artifactId>jackson-databind</artifactId> + <version>${jackson-version}</version> + </dependency> + <dependency> + <groupId>com.fasterxml.jackson.core</groupId> + <artifactId>jackson-annotations</artifactId> + <version>${jackson-version}</version> + </dependency> + <dependency> + <groupId>commons-cli</groupId> + <artifactId>commons-cli</artifactId> + <version>${apache-cli-version}</version> + </dependency> + + <dependency> + <groupId>com.sun.xml.bind</groupId> + <artifactId>jaxb-core</artifactId> + <version>${jaxb-core.version}</version> + </dependency> + <dependency> + <groupId>com.sun.xml.bind</groupId> + <artifactId>jaxb-impl</artifactId> + <version>${jaxb.version}</version> + </dependency> + + <dependency> + <groupId>org.easymock</groupId> + <artifactId>easymock</artifactId> + <scope>test</scope> + <version>3.5</version> + </dependency> + <dependency> + <groupId>org.unitils</groupId> + <artifactId>unitils-core</artifactId> + <version>3.4.6</version> + </dependency> + + </dependencies> + </dependencyManagement> + + <dependencies> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_Pkcs11Wrapper</artifactId> + <classifier>win32</classifier> + <type>dll</type> + <scope>runtime</scope> + </dependency> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_Pkcs11Wrapper</artifactId> + <classifier>linux</classifier> + <type>so</type> + <scope>runtime</scope> + </dependency> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_Pkcs11Wrapper</artifactId> + <classifier>linux_x64</classifier> + <type>so</type> + <scope>runtime</scope> + </dependency> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_Pkcs11Wrapper</artifactId> + <classifier>solaris_sparc</classifier> + <type>so</type> + <scope>runtime</scope> + </dependency> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_Pkcs11Wrapper</artifactId> + <classifier>solaris_sparcv9</classifier> + <type>so</type> + <scope>runtime</scope> + </dependency> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_Pkcs11Wrapper</artifactId> + <classifier>win64</classifier> + <type>dll</type> + <scope>runtime</scope> + </dependency> + <dependency> + <groupId>commons-io</groupId> + <artifactId>commons-io</artifactId> + <version>${org.apache.commons.io.version}</version> + </dependency> + + </dependencies> + + <repositories> + <repository> + <id>MOA</id> + <name>MOA Dependencies</name> + <!--releases> <enabled>false</enabled> </releases --> + <layout>default</layout> + <url>file://${repositoryPath}</url> + </repository> + </repositories> </project> |