diff options
Diffstat (limited to 'id.server/src/test/abnahme/A/Test600GetAuthenticationDataService.java')
-rw-r--r-- | id.server/src/test/abnahme/A/Test600GetAuthenticationDataService.java | 281 |
1 files changed, 0 insertions, 281 deletions
diff --git a/id.server/src/test/abnahme/A/Test600GetAuthenticationDataService.java b/id.server/src/test/abnahme/A/Test600GetAuthenticationDataService.java deleted file mode 100644 index b44852346..000000000 --- a/id.server/src/test/abnahme/A/Test600GetAuthenticationDataService.java +++ /dev/null @@ -1,281 +0,0 @@ -package test.abnahme.A; - -import java.io.OutputStream; -import java.net.URL; -import java.security.Security; -import java.util.Calendar; -import java.util.Vector; - -import javax.xml.namespace.QName; -import javax.xml.rpc.Call; -import javax.xml.rpc.Service; -import javax.xml.rpc.ServiceFactory; - -import org.apache.axis.message.SOAPBodyElement; -import org.w3c.dom.Element; - -import com.sun.net.ssl.HostnameVerifier; -import com.sun.net.ssl.HttpsURLConnection; - -import test.abnahme.AbnahmeTestCase; - -import at.gv.egovernment.moa.id.proxy.builder.SAMLRequestBuilder; -import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.egovernment.moa.util.DateTimeUtils; -import at.gv.egovernment.moa.util.StreamUtils; -import at.gv.egovernment.moa.util.URLDecoder; -import at.gv.egovernment.moa.util.URLEncoder; - -/** - * @author Stefan Knirsch - * @version $Id$ - */ - -public class Test600GetAuthenticationDataService extends AbnahmeTestCase { - - private String moaSessionID; - private String samlArtifact; - private static final QName SERVICE_QNAME = new QName("SignatureCreation"); - - public Test600GetAuthenticationDataService(String name) { - super(name); - } - - protected void setUp() throws Exception { - super.setUp(); - Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); - System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol"); - System.setProperty("javax.net.ssl.trustStore", "C:/Programme/ApacheGroup/abnahme/server.keystore"); - System.setProperty("javax.net.ssl.trustStorePassword", "changeit"); - } - - public void testA601() throws Exception { - try { - - // Anmelden - String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); - HttpsURLConnection conn = giveConnection(URL, "GET"); - conn.connect(); - String result = new String(StreamUtils.readStream(conn.getInputStream())); - String MOASessionID = parseSessionIDFromForm(result); - conn.disconnect(); - - URL = parseDataURL(result); - // Verify Identity Link - conn = giveConnection(URL, "POST"); - conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); - String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); - OutputStream out = conn.getOutputStream(); - out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); - out.flush(); - out.close(); - conn.connect(); - String redirectLoc = conn.getHeaderField("Location"); - conn.disconnect(); - //Verify Auth Block - conn = giveConnection(redirectLoc, "POST"); - String createXMLSignatureResponse = URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8"); - out = conn.getOutputStream(); - out.write(("MOASessionID=" + moaSessionID + "&XMLResponse=" + createXMLSignatureResponse).getBytes("UTF-8")); - out.flush(); - out.close(); - conn.connect(); - redirectLoc = conn.getHeaderField("Location"); - samlArtifact = parseSamlArtifact(redirectLoc); - System.out.println("SamlArtifact: " + samlArtifact); - conn.disconnect(); - - assertTrue(redirectLoc.startsWith("https://localhost:9443/?Target=gb&SAMLArtifact=")); - - conn = null; - - SAMLRequestBuilder srb = new SAMLRequestBuilder(); - - Element erg = doCall(srb.build(moaSessionID,URLDecoder.decode(samlArtifact, "UTF-8"))); - result = DOMUtils.serializeNode(erg); - result = killInclusive(result,"IssueInstant=\"","\"",""); - result = killInclusive(result,"AssertionID=\"","\"",""); - result = killInclusive(result,"ResponseID=\"","\"",""); - -// writeXmldata("GetAuthenticationDataWebServiceResponse.xml", result.getBytes("UTF-8")); - - assertEquals(result,readXmldata("GetAuthenticationDataWebServiceResponse.xml")); - - System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA651() throws Exception { - try { - - // Anmelden - String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); - HttpsURLConnection conn = giveConnection(URL, "GET"); - conn.connect(); - String result = new String(StreamUtils.readStream(conn.getInputStream())); - String MOASessionID = parseSessionIDFromForm(result); - conn.disconnect(); - - URL = parseDataURL(result); - // Verify Identity Link - conn = giveConnection(URL, "POST"); - conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); - String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); - OutputStream out = conn.getOutputStream(); - out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); - out.flush(); - out.close(); - conn.connect(); - String redirectLoc = conn.getHeaderField("Location"); - conn.disconnect(); - //Verify Auth Block - conn = giveConnection(redirectLoc, "POST"); - String createXMLSignatureResponse = URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8"); - out = conn.getOutputStream(); - out.write(("MOASessionID=" + moaSessionID + "&XMLResponse=" + createXMLSignatureResponse).getBytes("UTF-8")); - out.flush(); - out.close(); - conn.connect(); - redirectLoc = conn.getHeaderField("Location"); - samlArtifact = "AAGu1JFbyGKqJ+3NAonwMu5bNyUc7kooeMK6bxeXBbnK6NL0DfuVJsGi"; - System.out.println("SamlArtifact: " + samlArtifact); - conn.disconnect(); - - assertTrue(redirectLoc.startsWith("https://localhost:9443/?Target=gb&SAMLArtifact=")); - - conn = null; - - SAMLRequestBuilder srb = new SAMLRequestBuilder(); - Element samlPRequest = srb.build(moaSessionID,samlArtifact); - - assertTrue(DOMUtils.serializeNode(doCall(samlPRequest)).indexOf("unbekanntes SAML-Artifakt")!=-1); - - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: Fehler beim Abholen der Anmeldedaten, unbekanntes SAML-Artifakt\n-----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA652() throws Exception { - try { - - // Anmelden - String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); - HttpsURLConnection conn = giveConnection(URL, "GET"); - conn.connect(); - String result = new String(StreamUtils.readStream(conn.getInputStream())); - String MOASessionID = parseSessionIDFromForm(result); - conn.disconnect(); - - URL = parseDataURL(result); - // Verify Identity Link - conn = giveConnection(URL, "POST"); - conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); - String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); - OutputStream out = conn.getOutputStream(); - out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); - out.flush(); - out.close(); - conn.connect(); - String redirectLoc = conn.getHeaderField("Location"); - conn.disconnect(); - //Verify Auth Block - conn = giveConnection(redirectLoc, "POST"); - String createXMLSignatureResponse = URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8"); - out = conn.getOutputStream(); - out.write(("MOASessionID=" + moaSessionID + "&XMLResponse=" + createXMLSignatureResponse).getBytes("UTF-8")); - out.flush(); - out.close(); - conn.connect(); - redirectLoc = conn.getHeaderField("Location"); - samlArtifact = parseSamlArtifact(redirectLoc); - System.out.println("SamlArtifact: " + samlArtifact); - conn.disconnect(); - - assertTrue(redirectLoc.startsWith("https://localhost:9443/?Target=gb&SAMLArtifact=")); - - conn = null; - String request = - "<samlp:Request xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" RequestID=\"" + - moaSessionID + "\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"" + - DateTimeUtils.buildDateTime(Calendar.getInstance())+"\">" + - "</samlp:Request>"; - - Element samlPRequest = DOMUtils.parseDocument(request, false, ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); - - assertTrue(DOMUtils.serializeNode(doCall(samlPRequest)).indexOf("Fehlerhaftes Requestformat")!=-1); -// writeXmldata("GetAuthenticationDataWebServiceResponse.xml", result.getBytes("UTF-8")); - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: Fehlerhaftes Requestformat\n-----------------------"); } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - protected Element doCall(Element request) - throws Exception { - QName serviceName = new QName("GetAuthenticationData"); - String endPoint = "http://localhost:8080/moa-id-auth/services/GetAuthenticationData"; - Service service = ServiceFactory.newInstance().createService(serviceName); - Call call = service.createCall(); - SOAPBodyElement body = - new SOAPBodyElement(request); - SOAPBodyElement[] params = new SOAPBodyElement[] {body}; - Vector responses; - SOAPBodyElement response; - - call.setTargetEndpointAddress(endPoint); - responses = (Vector) call.invoke(params); - response = (SOAPBodyElement) responses.get(0); - - return response.getAsDOM(); - } - - private String parseDataURL(String input) - { - return getSubString(input.substring(input.indexOf("DataURL"),input.length()),"value=\"","\""); - } - private String parseSamlArtifact(String input) - { - return getSubString(input+"@@@","SAMLArtifact=","@@@"); - } - private String getSubString(String input, String startsWith, String endsWith) - { - return input.substring(input.indexOf(startsWith)+startsWith.length(), input.indexOf(endsWith, input.indexOf(startsWith)+startsWith.length())); - } - private String getURL(String authURL, String target, String oaURL) - { - return authURL + "StartAuthentication?Target=" + target + "&OA=" + oaURL; - } - private String parseSessionIDFromForm(String htmlForm) { - String parName = "MOASessionID="; - assertTrue( - "HTML Form enthält keine SessionID", - htmlForm.indexOf(parName) >= 0); - int i1 = htmlForm.indexOf(parName) + parName.length(); - int i2 = htmlForm.indexOf("\"", i1); - assertTrue("HTML Form enthält keine gültige SessionID", i2 > i1); - return htmlForm.substring(i1, i2); - } - private HttpsURLConnection giveConnection(String targetURL, String requestMethod) throws Exception { - HttpsURLConnection conn = (HttpsURLConnection) new URL(targetURL).openConnection(); - conn.setRequestMethod(requestMethod); - conn.setDoInput(true); - conn.setDoOutput(true); - conn.setUseCaches(false); - conn.setAllowUserInteraction(false); - conn.setHostnameVerifier(new HostnameVerifierHack()); - return conn; - } - private class HostnameVerifierHack implements HostnameVerifier { - public boolean verify(String arg0, String arg1) { - return true; - } - } -} |