aboutsummaryrefslogtreecommitdiff
path: root/id.server/src/test/abnahme
diff options
context:
space:
mode:
Diffstat (limited to 'id.server/src/test/abnahme')
-rw-r--r--id.server/src/test/abnahme/A/Test100StartAuthentication.java171
-rw-r--r--id.server/src/test/abnahme/A/Test200VerifyIdentityLink.java336
-rw-r--r--id.server/src/test/abnahme/A/Test300VerifyAuthBlock.java597
-rw-r--r--id.server/src/test/abnahme/A/Test400GetAuthenticationData.java129
-rw-r--r--id.server/src/test/abnahme/A/Test500StartAuthenticationServlet.java305
-rw-r--r--id.server/src/test/abnahme/A/Test600GetAuthenticationDataService.java281
-rw-r--r--id.server/src/test/abnahme/A/Test700SelectBKU.java63
-rw-r--r--id.server/src/test/abnahme/AbnahmeTestCase.java163
-rw-r--r--id.server/src/test/abnahme/AllTests.java49
-rw-r--r--id.server/src/test/abnahme/C/Test100Konfiguration.java60
-rw-r--r--id.server/src/test/abnahme/P/Test100LoginParameterResolver.java146
11 files changed, 2300 insertions, 0 deletions
diff --git a/id.server/src/test/abnahme/A/Test100StartAuthentication.java b/id.server/src/test/abnahme/A/Test100StartAuthentication.java
new file mode 100644
index 000000000..0d72691aa
--- /dev/null
+++ b/id.server/src/test/abnahme/A/Test100StartAuthentication.java
@@ -0,0 +1,171 @@
+package test.abnahme.A;
+
+import test.abnahme.AbnahmeTestCase;
+import at.gv.egovernment.moa.id.AuthenticationException;
+import at.gv.egovernment.moa.id.auth.WrongParametersException;
+
+/**
+ * @author Stefan Knirsch
+ * @version $Id$
+ *
+ */
+public class Test100StartAuthentication extends AbnahmeTestCase {
+
+ public Test100StartAuthentication(String name) {
+ super(name);
+ }
+
+ public void testA101() throws Exception {
+ try {
+ String htmlForm = server.startAuthentication("https://localhost:8443/auth", //authURL
+ "gb", //target
+ "http://localhost:9080/", //oaURL
+ "file:" + findXmldata("AuthTemplate.html"),
+ "http://localhost:3495/http-security-layer-request",
+ null);
+ htmlForm = killExclusive(htmlForm, "MOASessionID=","\"","DELETED");
+ //writeXmldata("htmlForm_out.html",htmlForm.getBytes("UTF-8"));
+ assertEquals(readXmldata("htmlForm.html"),htmlForm);
+ System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------");
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+
+ public void testA102() throws Exception {
+ try {
+ String htmlForm = server.startAuthentication("https://localhost:8443/auth", //authURL
+ "gb", //target
+ "http://localhost:9080/", //oaURL
+ null,
+ "http://localhost:3495/http-security-layer-request", null);
+ htmlForm = killExclusive(htmlForm, "MOASessionID=","\"","DELETED");
+ //writeXmldata("htmlForm_out.html",htmlForm.getBytes("UTF-8"));
+ assertEquals(readXmldata("htmlForm.html"),htmlForm);
+
+ System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------");
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+ public void testA103() throws Exception {
+ try {
+ String htmlForm = server.startAuthentication("https://localhost:8443/auth", //authURL
+ "gb", //target
+ "http://localhost:9080/", //oaURL
+ "file:" + findXmldata("AuthTemplate.html"),
+ null,
+ null);
+ htmlForm = killExclusive(htmlForm, "MOASessionID=","\"","DELETED");
+ //writeXmldata("htmlForm_out.html",htmlForm.getBytes("UTF-8"));
+ assertEquals(readXmldata("htmlForm.html"),htmlForm);
+ System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------");
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+
+ public void testA151() throws Exception {
+ try {
+ try {
+ server.startAuthentication(null, //authURL
+ "gb", //target
+ "http://localhost:9080/", //oaURL
+ null, null, null);
+ //assertEquals("",htmlForm);
+ System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
+ fail(this.getName() + " hat KEINE FEHLER geworfen");
+ }
+ catch (WrongParametersException e) {
+ System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
+ }
+
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+ public void testA152() throws Exception {
+ try {
+ try {
+ server.startAuthentication("http://localhost:8080/auth", //authURL
+ "gb", "http://localhost:9080/", //oaURL
+ null, null, null);
+ System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
+ fail(this.getName() + " hat KEINE FEHLER geworfen");
+ }
+ catch (AuthenticationException e) {
+ System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
+ }
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+ public void testA153() throws Exception {
+ try {
+ try {
+ server.startAuthentication("https://localhost:8443/auth", //authURL
+ "gb", "http://host_not_in_config/", //oaURL
+ null, null, null);
+ System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
+ fail(this.getName() + " hat KEINE FEHLER geworfen");
+ }
+ catch (AuthenticationException e) {
+ System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
+ }
+
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+ public void testA154() throws Exception {
+ try {
+ try {
+ server.startAuthentication("https://localhost:8443/auth", //authURL
+ "gb", null, //oaURL
+ null, null, null);
+ System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
+ fail(this.getName() + " hat KEINE FEHLER geworfen");
+ }
+ catch (WrongParametersException e) {
+ System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
+ }
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+
+ public void testA155() throws Exception {
+ try {
+ try {
+ server.startAuthentication("https://localhost:8443/auth", //authURL
+ null, "http://localhost:9080/", //oaURL
+ null, null, null);
+ System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
+ fail(this.getName() + " hat KEINE FEHLER geworfen");
+ }
+ catch (WrongParametersException e) {
+ System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
+ }
+ //assertEquals("",htmlForm);
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+
+}
diff --git a/id.server/src/test/abnahme/A/Test200VerifyIdentityLink.java b/id.server/src/test/abnahme/A/Test200VerifyIdentityLink.java
new file mode 100644
index 000000000..ed4410521
--- /dev/null
+++ b/id.server/src/test/abnahme/A/Test200VerifyIdentityLink.java
@@ -0,0 +1,336 @@
+package test.abnahme.A;
+
+import org.w3c.dom.Element;
+import test.abnahme.AbnahmeTestCase;
+
+import at.gv.egovernment.moa.id.AuthenticationException;
+import at.gv.egovernment.moa.id.ParseException;
+import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder;
+import at.gv.egovernment.moa.id.auth.data.IdentityLink;
+import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker;
+import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser;
+import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser;
+import at.gv.egovernment.moa.id.auth.validator.ValidateException;
+import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+
+/**
+ * @author Stefan Knirsch
+ * @version $Id$
+ *
+ */
+public class Test200VerifyIdentityLink extends AbnahmeTestCase {
+
+ public Test200VerifyIdentityLink(String name) {
+ super(name);
+ }
+
+ public void testA201() throws Exception {
+ try {
+ String sessionID = startAuthentication();
+ System.out.println(sessionID);
+ String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
+
+ String createXMLSignatureRequest = server.verifyIdentityLink(sessionID, infoboxReadResponse);
+
+ InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse);
+ IdentityLink idl = irrp.parseIdentityLink();
+ Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID());
+ Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest);
+
+ VerifyXMLSignatureResponseParser respParser = new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse);
+ VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames(), VerifyXMLSignatureResponseValidator.CHECK_IDENTITY_LINK);
+
+ /*
+ * HINWEIS: clearSamlAssertion löscht aus einer beliebiegen String-Repräsentation einer XML-Struktur
+ * AUSSLIESSLICH die Attribute IssueInstand und die AssertionID heraus, von dem her ist diese
+ * Method hier verwendbar
+ */
+
+ assertXmlEquals(clearSamlAssertion(readXmldata("CreateXMLSignatureRequest.xml")), clearSamlAssertion(createXMLSignatureRequest));
+ System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------");
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+
+ }
+ public void testA251() throws Exception {
+ try {
+ startAuthentication();
+ String sessionID = "0";
+ String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
+ try {
+ server.verifyIdentityLink(sessionID, infoboxReadResponse);
+ System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
+ fail(this.getName() + " hat KEINE FEHLER geworfen");
+ }
+ catch (AuthenticationException e) {
+ System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
+ }
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+
+ public void testA252() throws Exception {
+ try {
+ String sessionID = startAuthentication();
+
+ server.setSecondsSessionTimeOut(-100);
+ server.cleanup();
+ server.setSecondsSessionTimeOut(1000);
+
+ System.out.println(sessionID);
+ String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
+ try {
+ server.verifyIdentityLink(sessionID, infoboxReadResponse);
+ System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
+ fail(this.getName() + " hat KEINE FEHLER geworfen");
+ }
+ catch (AuthenticationException e) {
+ System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
+ }
+
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+
+ public void testA253() throws Exception {
+ try {
+ String sessionID = startAuthentication();
+ System.out.println(sessionID);
+ String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
+ try {
+ server.verifyIdentityLink(sessionID, infoboxReadResponse);
+ server.verifyIdentityLink(sessionID, infoboxReadResponse);
+ System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
+ fail(this.getName() + " hat KEINE FEHLER geworfen");
+ }
+ catch (AuthenticationException e) {
+ System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
+ }
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+
+ public void testA254() throws Exception {
+ try {
+ String sessionID = startAuthentication();
+ String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
+ try {
+ server.verifyIdentityLink(sessionID, infoboxReadResponse);
+ System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
+ fail(this.getName() + " hat KEINE FEHLER geworfen");
+ }
+ catch (ValidateException e) {
+ System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
+ }
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+
+ public void testA255() throws Exception {
+ try {
+ String sessionID = startAuthentication();
+ System.out.println(sessionID);
+ String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
+ try {
+ server.verifyIdentityLink(sessionID, infoboxReadResponse);
+ }
+ catch (ParseException e) {
+ System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
+ }
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+ public void testA256() throws Exception {
+ try {
+ String sessionID = startAuthentication();
+ System.out.println(sessionID);
+ String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
+ try {
+ server.verifyIdentityLink(sessionID, infoboxReadResponse);
+ }
+ catch (ValidateException e) {
+ System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
+ }
+
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+ public void testA257() throws Exception {
+ try {
+ String sessionID = startAuthentication();
+ System.out.println(sessionID);
+ String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
+ try {
+ server.verifyIdentityLink(sessionID, infoboxReadResponse);
+ System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
+ fail(this.getName() + " hat KEINE FEHLER geworfen");
+
+ }
+ catch (ValidateException e) {
+ System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
+ }
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+
+ public void testA258() throws Exception {
+ try {
+ String sessionID = startAuthentication();
+ System.out.println(sessionID);
+ String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
+ try {
+ server.verifyIdentityLink(sessionID, infoboxReadResponse);
+ System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
+ fail(this.getName() + " hat KEINE FEHLER geworfen");
+ }
+ catch (ValidateException e) {
+ System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
+ }
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+
+ public void testA259() throws Exception {
+ try {
+ String sessionID = startAuthentication();
+ System.out.println(sessionID);
+ String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
+ try {
+ server.verifyIdentityLink(sessionID, infoboxReadResponse);
+ System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
+ fail(this.getName() + " hat KEINE FEHLER geworfen");
+ }
+ catch (ValidateException e) {
+ System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
+ }
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+
+ public void testA260() throws Exception {
+ try {
+ String sessionID = startAuthentication();
+ System.out.println(sessionID);
+ String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
+ try {
+ server.verifyIdentityLink(sessionID, infoboxReadResponse);
+ System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
+ fail(this.getName() + " hat KEINE FEHLER geworfen");
+ }
+ catch (ValidateException e) {
+ System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
+ }
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+ public void testA261() throws Exception {
+ try {
+ String sessionID = startAuthentication();
+ System.out.println(sessionID);
+ String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
+
+ try {
+ server.verifyIdentityLink(sessionID, infoboxReadResponse);
+ System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
+ fail(this.getName() + " hat KEINE FEHLER geworfen");
+ }
+ catch (ValidateException e) {
+ System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
+ }
+
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+
+ public void testA262() throws Exception {
+ try {
+ String sessionID = startAuthentication();
+ System.out.println(sessionID);
+ String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
+ new InfoboxReadResponseParser(infoboxReadResponse).parseIdentityLink();
+ // System.out.println(infoboxReadResponse);
+
+ try {
+ server.verifyIdentityLink(sessionID, infoboxReadResponse);
+ System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
+ fail(this.getName() + " hat KEINE FEHLER geworfen");
+ }
+ catch (ValidateException e) {
+ System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
+ }
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+
+ public void testA263() throws Exception {
+ try {
+ String sessionID = startAuthentication();
+ System.out.println(sessionID);
+ String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
+ server.verifyIdentityLink(sessionID, infoboxReadResponse);
+ InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse);
+ IdentityLink idl = irrp.parseIdentityLink();
+ Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID());
+ Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest);
+
+ VerifyXMLSignatureResponseParser respParser = new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse);
+
+ // String createXMLSignatureRequest = server.verifyIdentityLink(sessionID, infoboxReadResponse);
+ // System.out.println(createXMLSignatureRequest);
+ // String createXMLSignatureResponse = readFile(TESTDATA_ROOT + "xmldata/standard/"+"CreateXMLSignatureResponse.xml");
+ // String samlArtifact = server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse);
+ try {
+ VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), new String[] { "CN=TEST,OU=TEST,O=TEST,C=AT" }, VerifyXMLSignatureResponseValidator.CHECK_IDENTITY_LINK);
+ System.err.println(this.getName() + " hat KEINE FEHLER geworfen");
+ fail(this.getName() + " hat KEINE FEHLER geworfen");
+ }
+ catch (ValidateException e) {
+ System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
+ }
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+}
diff --git a/id.server/src/test/abnahme/A/Test300VerifyAuthBlock.java b/id.server/src/test/abnahme/A/Test300VerifyAuthBlock.java
new file mode 100644
index 000000000..d9e69eba4
--- /dev/null
+++ b/id.server/src/test/abnahme/A/Test300VerifyAuthBlock.java
@@ -0,0 +1,597 @@
+package test.abnahme.A;
+
+import java.util.Calendar;
+
+import org.w3c.dom.Element;
+import test.abnahme.AbnahmeTestCase;
+
+import at.gv.egovernment.moa.id.AuthenticationException;
+import at.gv.egovernment.moa.id.BuildException;
+import at.gv.egovernment.moa.id.ParseException;
+import at.gv.egovernment.moa.id.auth.AuthenticationServer;
+import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataAssertionBuilder;
+import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder;
+import at.gv.egovernment.moa.id.auth.builder.VPKBuilder;
+import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse;
+import at.gv.egovernment.moa.id.auth.data.IdentityLink;
+import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse;
+import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker;
+import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser;
+import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser;
+import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser;
+import at.gv.egovernment.moa.id.auth.validator.CreateXMLSignatureResponseValidator;
+import at.gv.egovernment.moa.id.auth.validator.ValidateException;
+import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator;
+import at.gv.egovernment.moa.id.config.ConfigurationException;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.id.data.AuthenticationData;
+import at.gv.egovernment.moa.id.util.Random;
+import at.gv.egovernment.moa.util.DOMUtils;
+import at.gv.egovernment.moa.util.DateTimeUtils;
+
+/**
+ * @author Stefan Knirsch
+ * @version $Id$
+ *
+ */
+
+public class Test300VerifyAuthBlock extends AbnahmeTestCase {
+
+ public Test300VerifyAuthBlock(String name) {
+ super(name);
+ }
+
+ public void testA301() throws Exception {
+ try {
+ String sessionID = startAuthentication();
+ AuthenticationData authData = initServer(sessionID);
+ //authDataWriter(authData,this.getName()+"new.xml");
+ assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
+ System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+
+ public void testA302() throws Exception {
+ try {
+ String sessionID = startAuthentication();
+ AuthenticationData authData = initServer(sessionID);
+ //authDataWriter(authData,this.getName()+"new.xml");
+ assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
+ System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+ public void testA303() throws Exception {
+ try {
+ String sessionID = startAuthentication();
+ AuthenticationData authData = initServer(sessionID);
+ assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
+ System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+ public void testA304() throws Exception {
+ try {
+ String sessionID = startAuthentication();
+ AuthenticationData authData = initServer(sessionID);
+ assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
+ System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+ public void testA305() throws Exception {
+ try {
+ String sessionID = startAuthentication();
+ AuthenticationData authData = initServer(sessionID);
+ assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
+ System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+ public void testA306() throws Exception {
+ try {
+ String sessionID = startAuthentication();
+ AuthenticationData authData = initServer(sessionID);
+ assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
+ System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+ public void testA307() throws Exception {
+ try {
+ String sessionID = startAuthentication();
+ AuthenticationData authData = initServer(sessionID);
+ assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
+ System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+ public void testA308() throws Exception {
+ try {
+ String sessionID = startAuthentication();
+ AuthenticationData authData = initServer(sessionID);
+ assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
+ System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+
+ }
+
+ public void testA309() throws Exception {
+ try {
+ String sessionID = startAuthentication();
+ AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID);
+ assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
+ System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+ public void testA310() throws Exception {
+ try {
+ String sessionID = startAuthentication();
+ AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID);
+ assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
+ System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+ public void testA311() throws Exception {
+ try {
+ String sessionID = startAuthentication();
+ AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID);
+ assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
+ System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+
+ public void testA351() throws Exception {
+ try {
+ String sessionID = startAuthentication();
+ System.out.println(sessionID);
+ String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
+ server.verifyIdentityLink(sessionID, infoboxReadResponse);
+ InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse);
+ IdentityLink idl = irrp.parseIdentityLink();
+ Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID());
+ Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest);
+ new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse);
+ //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames());
+ // System.out.println(createXMLSignatureRequest);
+ String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml");
+
+ // nicht existierende Session....
+ try {
+ server.verifyAuthenticationBlock("0", createXMLSignatureResponse);
+ fail();
+ }
+ catch (AuthenticationException e) {
+ System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
+ }
+
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+
+ public void testA352() throws Exception {
+ try {
+ String sessionID = startAuthentication();
+ System.out.println(sessionID);
+ String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
+ server.verifyIdentityLink(sessionID, infoboxReadResponse);
+ server.setSecondsSessionTimeOut(-100);
+ server.cleanup();
+ InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse);
+ IdentityLink idl = irrp.parseIdentityLink();
+ Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID());
+ Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest);
+ new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse);
+ //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames());
+ // System.out.println(createXMLSignatureRequest);
+ String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml");
+
+ // abgelaufene Session....
+ server.setSecondsSessionTimeOut(1000);
+ try {
+ server.verifyAuthenticationBlock("0", createXMLSignatureResponse);
+ fail();
+ }
+ catch (AuthenticationException e) {
+ System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
+ }
+
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+
+ public void testA353() throws Exception {
+ try {
+ String sessionID = startAuthentication();
+ System.out.println(sessionID);
+
+ String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml");
+
+ // Session for VerifyIdentityLink-Aufruf
+ try {
+
+ server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse);
+ fail();
+ }
+ //NOCH SEHR UNSCHÖN..... (fliegt raus im AuthenticationServer, Methode buildAuthenticationData
+ // ( IdentityLink identityLink = session.getIdentityLink(); ==> liefert dann NULL...
+ catch (NullPointerException e) {
+ System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
+ }
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+
+ public void testA354() throws Exception {
+ try {
+ String sessionID = startAuthentication();
+ System.out.println(sessionID);
+ String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
+ server.verifyIdentityLink(sessionID, infoboxReadResponse);
+ InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse);
+ IdentityLink idl = irrp.parseIdentityLink();
+ Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID());
+ Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest);
+ new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse);
+ //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames());
+ // System.out.println(createXMLSignatureRequest);
+ String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml");
+
+ // nicht existierende Session....
+
+ server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse);
+ try {
+ server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse);
+ fail();
+ }
+ catch (AuthenticationException e) {
+ System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
+ }
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+
+ public void testA355() throws Exception {
+ try {
+ String sessionID = startAuthentication();
+ try {
+ initServer(sessionID);
+ fail();
+ }
+ catch (ParseException e) {
+ System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
+ }
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+
+ public void testA356() throws Exception {
+ try {
+ String sessionID = startAuthentication();
+ try {
+ initServer(sessionID);
+ fail();
+ }
+ catch (ParseException e) {
+ System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
+ }
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+ public void testA357() throws Exception {
+ try {
+ String sessionID = startAuthentication();
+ try {
+ initServer(sessionID);
+ fail();
+ }
+ catch (ValidateException e) {
+ System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
+ }
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+ public void testA358() throws Exception {
+ try {
+ String sessionID = startAuthentication();
+ try {
+ initServer(sessionID);
+ fail();
+ }
+ catch (ValidateException e) {
+ System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
+ }
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+ public void testA359() throws Exception {
+ try {
+ String sessionID = startAuthentication();
+ try {
+ initServer(sessionID);
+ fail();
+ }
+ catch (ValidateException e) {
+ System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
+ }
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+ public void testA360() throws Exception {
+ try {
+ String sessionID = startAuthentication();
+ try {
+ initServer(sessionID);
+ fail();
+ }
+ catch (ValidateException e) {
+ System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
+ }
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+ public void testA361() throws Exception {
+ try {
+ String sessionID = startAuthentication();
+ try {
+ initServer(sessionID);
+ fail();
+ }
+ catch (ValidateException e) {
+ System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
+ }
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+ public void testA362() throws Exception {
+ try {
+ String sessionID = startAuthentication();
+ try {
+ initServer(sessionID);
+ fail();
+ }
+ catch (ValidateException e) {
+ System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
+ }
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+
+ public void testA363() throws Exception {
+ try {
+ String sessionID = startAuthentication();
+ try {
+ initServer(sessionID);
+ fail();
+ }
+ catch (ValidateException e) {
+ System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
+ }
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+
+ public void testA364() throws Exception {
+ try {
+ String sessionID = startAuthentication();
+ try {
+
+ initServer(sessionID);
+ fail();
+ }
+ catch (ValidateException e) {
+ System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
+ }
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+
+ /* public void testA365() throws Exception {
+ String sessionID = startAuthentication();
+ try {
+ // wegen sinnlosigkeit gestrichen
+ initServer(sessionID);
+ fail();
+ }
+ catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");}
+ }*/
+
+ public void testA366() throws Exception {
+
+ String sessionID = startAuthentication();
+ try {
+ initServer(sessionID);
+ fail();
+ }
+ catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");}
+ }
+ public void testA367() throws Exception {
+ String sessionID = startAuthentication();
+ try {
+ initServer(sessionID);
+ fail();
+ }
+ catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");}
+ }
+
+
+ private AuthenticationData initServer(String sessionID) throws Exception {
+ String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
+ server.verifyIdentityLink(sessionID, infoboxReadResponse);
+ InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse);
+ IdentityLink idl = irrp.parseIdentityLink();
+ Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, "TrustProfile1");
+ Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest);
+ new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse);
+ //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames());
+ // System.out.println(createXMLSignatureRequest);
+ String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml");
+ // CreateXMLSignatureResponseValidator.getInstance().validate(new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(),"gb","https://localhost:9443/");
+ String samlArtifact = server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse);
+ AuthenticationData authData = server.getAuthenticationData(samlArtifact);
+ return authData;
+ }
+
+ private AuthenticationData initServerWithoutValidateAuthBlock(String sessionID) throws Exception {
+ String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
+ server.verifyIdentityLink(sessionID, infoboxReadResponse);
+ InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse);
+ IdentityLink idl = irrp.parseIdentityLink();
+ Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, "TrustProfile1");
+ Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest);
+ new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse);
+ //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames());
+ // System.out.println(createXMLSignatureRequest);
+ String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml");
+ // CreateXMLSignatureResponseValidator.getInstance().validate(new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(),"gb","https://localhost:9443/");
+
+ AuthenticationSession session = AuthenticationServer.getSession(sessionID);
+ AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance();
+ // parses <CreateXMLSignatureResponse>
+ CreateXMLSignatureResponse csresp =
+ new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse();
+ // validates <CreateXMLSignatureResponse>
+ new CreateXMLSignatureResponseValidator().validate(csresp, session.getTarget(), session.getPublicOAURLPrefix());
+ // builds a <VerifyXMLSignatureRequest> for a MOA-SPSS call
+ String[] vtids = authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs();
+ String tpid = authConf.getMoaSpAuthBlockTrustProfileID();
+ Element domVsreq = new VerifyXMLSignatureRequestBuilder().build(csresp, vtids, tpid);
+ // invokes the call
+ Element domVsresp = new SignatureVerificationInvoker().verifyXMLSignature(domVsreq);
+ // parses the <VerifyXMLSignatureResponse>
+ VerifyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponseParser(domVsresp).parseData();
+ // validates the <VerifyXMLSignatureResponse>
+ VerifyXMLSignatureResponseValidator.getInstance().validate(vsresp, null, VerifyXMLSignatureResponseValidator.CHECK_AUTH_BLOCK);
+ // compares the public keys from the identityLink with the AuthBlock
+
+ // builds authentication data and stores it together with a SAML artifact
+ AuthenticationData authData = buildAuthenticationData(session, vsresp);
+ return authData;
+ }
+ private AuthenticationData buildAuthenticationData(
+ AuthenticationSession session,
+ VerifyXMLSignatureResponse verifyXMLSigResp)
+ throws ConfigurationException, BuildException {
+
+ IdentityLink identityLink = session.getIdentityLink();
+ AuthenticationData authData = new AuthenticationData();
+ authData.setMajorVersion(1);
+ authData.setMinorVersion(0);
+ authData.setAssertionID(Random.nextRandom());
+ authData.setIssuer(session.getAuthURL());
+ authData.setIssueInstant(DateTimeUtils.buildDateTime(Calendar.getInstance()));
+ String vpkBase64 = new VPKBuilder().buildVPK(
+ identityLink.getIdentificationValue(), identityLink.getDateOfBirth(), session.getTarget());
+ authData.setVPK(vpkBase64);
+ authData.setGivenName(identityLink.getGivenName());
+ authData.setFamilyName(identityLink.getFamilyName());
+ authData.setDateOfBirth(identityLink.getDateOfBirth());
+ authData.setQualifiedCertificate(verifyXMLSigResp.isQualifiedCertificate());
+ authData.setPublicAuthority(verifyXMLSigResp.isPublicAuthority());
+ authData.setPublicAuthorityCode(verifyXMLSigResp.getPublicAuthorityCode());
+ OAAuthParameter oaParam =
+ AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(
+ session.getPublicOAURLPrefix());
+ String prPerson = new PersonDataBuilder().build(
+ identityLink, oaParam.getProvideZMRZahl());
+
+ try {
+ String ilAssertion =
+ oaParam.getProvideIdentityLink() ? DOMUtils.serializeNode(identityLink.getSamlAssertion()) : "";
+ String authBlock = oaParam.getProvideAuthBlock() ? session.getAuthBlock() : "";
+ String samlAssertion = new AuthenticationDataAssertionBuilder().build(
+ authData, prPerson, authBlock, ilAssertion);
+ authData.setSamlAssertion(samlAssertion);
+ return authData;
+ }
+ catch (Throwable ex) {
+ throw new BuildException(
+ "builder.00",
+ new Object[] { "AuthenticationData", ex.getMessage() },
+ ex);
+ }
+ }
+}
diff --git a/id.server/src/test/abnahme/A/Test400GetAuthenticationData.java b/id.server/src/test/abnahme/A/Test400GetAuthenticationData.java
new file mode 100644
index 000000000..b05e2b92c
--- /dev/null
+++ b/id.server/src/test/abnahme/A/Test400GetAuthenticationData.java
@@ -0,0 +1,129 @@
+package test.abnahme.A;
+
+import org.w3c.dom.Element;
+import test.abnahme.AbnahmeTestCase;
+
+import at.gv.egovernment.moa.id.AuthenticationException;
+import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder;
+import at.gv.egovernment.moa.id.auth.data.IdentityLink;
+import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker;
+import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser;
+import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser;
+import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser;
+import at.gv.egovernment.moa.id.auth.validator.CreateXMLSignatureResponseValidator;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.id.data.AuthenticationData;
+
+/**
+ * @author Stefan Knirsch
+ * @version $Id$
+ */
+
+public class Test400GetAuthenticationData extends AbnahmeTestCase {
+
+ private String samlArtifact;
+
+ public Test400GetAuthenticationData(String name) {
+ super(name);
+ }
+
+ protected void setUp() throws Exception {
+ super.setUp();
+ String sessionID = startAuthentication();
+ String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
+ server.verifyIdentityLink(sessionID, infoboxReadResponse);
+ InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse);
+ IdentityLink idl = irrp.parseIdentityLink();
+ Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID());
+ Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest);
+ new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse);
+ //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames());
+ // System.out.println(createXMLSignatureRequest);
+ String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml");
+ CreateXMLSignatureResponseValidator.getInstance().validate(new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(), "gb", "https://localhost:9443/");
+ samlArtifact = server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse);
+ }
+
+ public void testA401() throws Exception {
+ try {
+
+ AuthenticationData authData = server.getAuthenticationData(samlArtifact);
+// authDataWriter(authData,"NEWA401");
+ assertXmlEquals(clearSamlAssertion(authData.getSamlAssertion()), readXmldata("AuthenticationData.xml"));
+ System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------");
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+
+ public void testA451() throws Exception {
+ try {
+ try {
+ AuthenticationData authData = server.getAuthenticationData("AAGu1JFbyGKqJ+3NAonwMu5bNyUc7kooeMK6bxeXBbnK6NL0DfuVJsGi");
+ authDataWriter(authData, "A45");
+ if (authData != null)
+ fail();
+ }
+ catch (AuthenticationException e) {
+ System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
+ }
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+
+ public void testA452() throws Exception {
+ try {
+ server.getAuthenticationData(samlArtifact);
+ try {
+ server.getAuthenticationData(samlArtifact);
+ fail();
+ }
+ catch (AuthenticationException e) {
+ System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
+ }
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+ public void testA453() throws Exception {
+ try {
+ server.setSecondsAuthDataTimeOut(-1000);
+ server.cleanup();
+ try {
+ server.getAuthenticationData(samlArtifact);
+ fail();
+ }
+ catch (AuthenticationException e) {
+ System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
+ }
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+
+ public void testA454() throws Exception {
+ try {
+ try {
+ server.getAuthenticationData("blabla123");
+ fail();
+ }
+ catch (AuthenticationException e) {
+ System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------");
+ }
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+
+}
diff --git a/id.server/src/test/abnahme/A/Test500StartAuthenticationServlet.java b/id.server/src/test/abnahme/A/Test500StartAuthenticationServlet.java
new file mode 100644
index 000000000..f4f37a871
--- /dev/null
+++ b/id.server/src/test/abnahme/A/Test500StartAuthenticationServlet.java
@@ -0,0 +1,305 @@
+package test.abnahme.A;
+
+import java.io.OutputStream;
+import java.net.URL;
+import java.security.Security;
+
+import javax.net.ssl.SSLSocketFactory;
+
+import test.abnahme.AbnahmeTestCase;
+
+import at.gv.egovernment.moa.util.StreamUtils;
+import at.gv.egovernment.moa.util.URLEncoder;
+
+import com.sun.net.ssl.HostnameVerifier;
+import com.sun.net.ssl.HttpsURLConnection;
+
+/**
+ * @author Stefan Knirsch
+ * @version $Id$
+ *
+ */
+public class Test500StartAuthenticationServlet extends AbnahmeTestCase {
+
+ private String testdataRoot = TESTDATA_ROOT + "xmldata/standard/";
+ SSLSocketFactory ssf;
+ public Test500StartAuthenticationServlet(String name) {
+ super(name);
+ }
+ protected void setUp() throws Exception {
+ super.setUp();
+ Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
+ System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
+ System.setProperty("javax.net.ssl.trustStore", "C:/Programme/ApacheGroup/abnahme/server.keystore");
+ System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
+ }
+
+ public void testA501() throws Exception {
+ //NUR einmal für alle folgenden Testfälle
+ //----------------------------------------
+
+ //----------------------------------------
+
+ try {
+ String targetURL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/");
+ HttpsURLConnection conn = giveConnection(targetURL, "GET");
+ conn.connect();
+ int resultCode = conn.getResponseCode();
+ String contentType = conn.getHeaderField("Content-Type");
+ if (resultCode != 200)
+ fail("Wrong HTTP-Code");
+ if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/html"))
+ fail("Wrong contentType: expected text/html and was " + conn.getHeaderField("Content-Type"));
+ conn.disconnect();
+ System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
+
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+
+ public void testA502() throws Exception {
+ try {
+ String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/");
+ HttpsURLConnection conn = giveConnection(URL, "GET");
+ conn.connect();
+ int resultCode = conn.getResponseCode();
+ String contentType = conn.getHeaderField("Content-Type");
+ if (resultCode != 200)
+ fail("Wrong HTTP-Code: expected '200' and was '" + resultCode + "'");
+ if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/html"))
+ fail("Wrong contentType: expected text/html and was " + conn.getHeaderField("Content-Type"));
+ String result = new String(StreamUtils.readStream(conn.getInputStream()));
+
+ conn.disconnect();
+
+ URL = parseDataURL(result);
+ conn = giveConnection(URL, "POST");
+ conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded");
+
+ String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml");
+ System.out.println("File gelesen, Daten in Outputstream einpflegen");
+ OutputStream out = conn.getOutputStream();
+ out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes("UTF-8"));
+ out.flush();
+ out.close();
+
+ System.out.println("Verbinden zu " + URL);
+ conn.connect();
+ resultCode = conn.getResponseCode();
+ System.out.println("resultCode :" + resultCode);
+ String redirectLoc = conn.getHeaderField("Location");
+ System.out.println("redirectLoc :" + redirectLoc);
+ // Austausch von VerifyIdentityLink in der POST-URL durch VerifyAuthBlock... rest MUSS gleich sein!
+ if (!killInclusive(URL, "VerifyI", "Link", "VerifyAuthBlock").equals(redirectLoc))
+ fail("Wrong Redirect-Location: expected " + URL + " and was " + conn.getHeaderField("Location"));
+ if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/xml"))
+ fail("Wrong contentType: expected text/xml and was " + conn.getHeaderField("Content-Type"));
+ conn.disconnect();
+ System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------");
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+
+ public void testA503() throws Exception {
+ try {
+ String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/");
+ HttpsURLConnection conn = giveConnection(URL, "GET");
+ conn.connect();
+
+ assertEquals(200,conn.getResponseCode());
+ if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/html"))
+ fail("Wrong contentType: expected text/html and was " + conn.getHeaderField("Content-Type"));
+ String result = new String(StreamUtils.readStream(conn.getInputStream()));
+ URL = parseDataURL(result);
+
+ conn.disconnect();
+ conn = giveConnection(URL, "POST");
+ conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded");
+ String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml");
+ OutputStream out = conn.getOutputStream();
+ out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes());
+ out.flush();
+ out.close();
+ conn.connect();
+ String redirectLoc = conn.getHeaderField("Location");
+ // Austausch von VerifyIdentityLink in der POST-URL durch VerifyAuthBlock... rest MUSS gleich sein!
+ if (!killInclusive(URL, "VerifyI", "Link", "VerifyAuthBlock").equals(redirectLoc))
+ fail("Wrong Redirect-Location: expected " + URL + " and was " + conn.getHeaderField("Location"));
+ if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/xml"))
+ fail("Wrong contentType: expected text/xml and was " + conn.getHeaderField("Content-Type"));
+ conn.disconnect();
+
+ conn = giveConnection(redirectLoc, "POST");
+ System.out.println("Redirect Location: " + redirectLoc);
+ String createXMLSignatureResponse = URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8");
+ out = conn.getOutputStream();
+ out.write(("XMLResponse=" +createXMLSignatureResponse).getBytes());
+ out.flush();
+ out.close();
+
+ System.out.println("Sending Data to " + redirectLoc);
+ conn.connect();
+
+ redirectLoc = conn.getHeaderField("Location");
+ System.out.println("redirectLoc: " + redirectLoc);
+ /* RandomAccessFile raf = new RandomAccessFile("C://503.xml", "rw");
+ raf.write(StreamUtils.readStream(conn.getInputStream()));
+ raf.close();*/
+ conn.disconnect();
+ assertEquals(302, conn.getResponseCode());
+ assertTrue(redirectLoc.startsWith("https://localhost:9443/?Target=gb&SAMLArtifact="));
+ System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------");
+
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+ public void testA551() throws Exception {
+ try {
+ String targetURL = getURL("https://localhost:8443/moa-id-auth/", "gb", "");
+ HttpsURLConnection conn = giveConnection(targetURL, "GET");
+ conn.connect();
+ String result = new String(StreamUtils.readStream(conn.getInputStream()));
+ assertTrue(result.indexOf("Die Angabe der Parameter ist unvollst&auml;ndig") >= 0);
+ conn.disconnect();
+ System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: Die Angabe der Parameter ist unvollständig.\n-----------------------");
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+
+ public void testA552() throws Exception {
+ try {
+ String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/");
+ HttpsURLConnection conn = giveConnection(URL, "GET");
+ conn.connect();
+ int resultCode = conn.getResponseCode();
+ assertEquals(200, resultCode);
+ if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/html"))
+ fail("Wrong contentType: expected text/html and was " + conn.getHeaderField("Content-Type"));
+ conn.disconnect();
+ URL = "https://localhost:8443/moa-id-auth/" + "VerifyIdentityLink?MOASessionID=0000";
+ conn = giveConnection(URL, "POST");
+ conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded");
+
+ String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml");
+ OutputStream out = conn.getOutputStream();
+ out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes());
+ out.flush();
+ out.close();
+
+ conn.connect();
+ String result = new String(StreamUtils.readStream(conn.getInputStream()));
+ assertTrue(result.indexOf("MOASessionID ist unbekannt") >= 0);
+ System.out.println("Fehler in testA552 erfolgreich abgefangen: MOASessionID ist unbekannt");
+ conn.disconnect();
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+ public void testA553() throws Exception {
+ try {
+ String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/");
+ HttpsURLConnection conn = giveConnection(URL, "GET");
+ conn.connect();
+ int resultCode = conn.getResponseCode();
+ assertEquals(200,resultCode);
+ if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/html"))
+ fail("Wrong contentType: expected text/html and was " + conn.getHeaderField("Content-Type"));
+ String result = new String(StreamUtils.readStream(conn.getInputStream()));
+ String MOASessionID = parseSessionIDFromForm(result);
+ URL = parseDataURL(result);
+ conn.disconnect();
+
+ conn = giveConnection(URL, "POST");
+ conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded");
+
+ String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml");
+ OutputStream out = conn.getOutputStream();
+ out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes());
+ out.flush();
+ out.close();
+ conn.connect();
+ result = new String(StreamUtils.readStream(conn.getInputStream()));
+ String redirectLoc = conn.getHeaderField("Location");
+ // Austausch von VerifyIdentityLink in der POST-URL durch VerifyAuthBlock... rest MUSS gleich sein!
+ if (!killInclusive(URL, "VerifyI", "Link", "VerifyAuthBlock").equals(redirectLoc))
+ fail("Wrong Redirect-Location: expected " + URL + " and was " + conn.getHeaderField("Location"));
+ if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/xml"))
+ fail("Wrong contentType: expected text/xml and was " + conn.getHeaderField("Content-Type"));
+ conn.disconnect();
+ conn = giveConnection(redirectLoc + "XXX", "POST");
+ System.out.println("Redirect Location: " + redirectLoc + "XXX");
+ String createXMLSignatureResponse = "XMLResponse=" + URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8");
+
+ out = conn.getOutputStream();
+ out.write(new String("MOASessionID=" + MOASessionID + "&").getBytes());
+ out.write(createXMLSignatureResponse.getBytes("UTF-8"));
+ out.flush();
+ out.close();
+ System.out.println("Sending Data to " + redirectLoc);
+ conn.connect();
+ resultCode = conn.getResponseCode();
+
+ result = new String(StreamUtils.readStream(conn.getInputStream()));
+ conn.disconnect();
+ assertEquals(200, resultCode);
+ assertTrue(result.indexOf("MOASessionID ist unbekannt") >= 0);
+ System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------");
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+
+ private String parseDataURL(String input) {
+ String ret = getSubString(input.substring(input.indexOf("DataURL"), input.length()), "value=\"", "\"");
+ return ret;
+ }
+
+ private String getSubString(String input, String startsWith, String endsWith) {
+ return input.substring(input.indexOf(startsWith) + startsWith.length(), input.indexOf(endsWith, input.indexOf(startsWith) + startsWith.length()));
+ }
+ private String getURL(String authURL, String target, String oaURL) {
+ return authURL + "StartAuthentication?Target=" + target + "&OA=" + oaURL;
+ }
+ private String parseSessionIDFromForm(String htmlForm) {
+ String parName = "MOASessionID=";
+ assertTrue("HTML Form enthält keine SessionID", htmlForm.indexOf(parName) >= 0);
+ int i1 = htmlForm.indexOf(parName) + parName.length();
+ int i2 = htmlForm.indexOf("\"", i1);
+ assertTrue("HTML Form enthält keine gültige SessionID", i2 > i1);
+ return htmlForm.substring(i1, i2);
+ }
+
+ private class HostnameVerifierHack implements HostnameVerifier {
+ public boolean verify(String arg0, String arg1) {
+ return true;
+ }
+ }
+ private HttpsURLConnection giveConnection(String targetURL, String requestMethod) throws Exception {
+ URL url = new URL(targetURL);
+ HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
+ conn.setRequestMethod(requestMethod);
+ conn.setDoInput(true);
+ conn.setDoOutput(true);
+ conn.setUseCaches(false);
+ conn.setAllowUserInteraction(false);
+ conn.setHostnameVerifier(new HostnameVerifierHack());
+ return conn;
+ }
+
+} \ No newline at end of file
diff --git a/id.server/src/test/abnahme/A/Test600GetAuthenticationDataService.java b/id.server/src/test/abnahme/A/Test600GetAuthenticationDataService.java
new file mode 100644
index 000000000..b44852346
--- /dev/null
+++ b/id.server/src/test/abnahme/A/Test600GetAuthenticationDataService.java
@@ -0,0 +1,281 @@
+package test.abnahme.A;
+
+import java.io.OutputStream;
+import java.net.URL;
+import java.security.Security;
+import java.util.Calendar;
+import java.util.Vector;
+
+import javax.xml.namespace.QName;
+import javax.xml.rpc.Call;
+import javax.xml.rpc.Service;
+import javax.xml.rpc.ServiceFactory;
+
+import org.apache.axis.message.SOAPBodyElement;
+import org.w3c.dom.Element;
+
+import com.sun.net.ssl.HostnameVerifier;
+import com.sun.net.ssl.HttpsURLConnection;
+
+import test.abnahme.AbnahmeTestCase;
+
+import at.gv.egovernment.moa.id.proxy.builder.SAMLRequestBuilder;
+import at.gv.egovernment.moa.util.DOMUtils;
+import at.gv.egovernment.moa.util.DateTimeUtils;
+import at.gv.egovernment.moa.util.StreamUtils;
+import at.gv.egovernment.moa.util.URLDecoder;
+import at.gv.egovernment.moa.util.URLEncoder;
+
+/**
+ * @author Stefan Knirsch
+ * @version $Id$
+ */
+
+public class Test600GetAuthenticationDataService extends AbnahmeTestCase {
+
+ private String moaSessionID;
+ private String samlArtifact;
+ private static final QName SERVICE_QNAME = new QName("SignatureCreation");
+
+ public Test600GetAuthenticationDataService(String name) {
+ super(name);
+ }
+
+ protected void setUp() throws Exception {
+ super.setUp();
+ Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
+ System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
+ System.setProperty("javax.net.ssl.trustStore", "C:/Programme/ApacheGroup/abnahme/server.keystore");
+ System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
+ }
+
+ public void testA601() throws Exception {
+ try {
+
+ // Anmelden
+ String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/");
+ HttpsURLConnection conn = giveConnection(URL, "GET");
+ conn.connect();
+ String result = new String(StreamUtils.readStream(conn.getInputStream()));
+ String MOASessionID = parseSessionIDFromForm(result);
+ conn.disconnect();
+
+ URL = parseDataURL(result);
+ // Verify Identity Link
+ conn = giveConnection(URL, "POST");
+ conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded");
+ String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml");
+ OutputStream out = conn.getOutputStream();
+ out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes());
+ out.flush();
+ out.close();
+ conn.connect();
+ String redirectLoc = conn.getHeaderField("Location");
+ conn.disconnect();
+ //Verify Auth Block
+ conn = giveConnection(redirectLoc, "POST");
+ String createXMLSignatureResponse = URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8");
+ out = conn.getOutputStream();
+ out.write(("MOASessionID=" + moaSessionID + "&XMLResponse=" + createXMLSignatureResponse).getBytes("UTF-8"));
+ out.flush();
+ out.close();
+ conn.connect();
+ redirectLoc = conn.getHeaderField("Location");
+ samlArtifact = parseSamlArtifact(redirectLoc);
+ System.out.println("SamlArtifact: " + samlArtifact);
+ conn.disconnect();
+
+ assertTrue(redirectLoc.startsWith("https://localhost:9443/?Target=gb&SAMLArtifact="));
+
+ conn = null;
+
+ SAMLRequestBuilder srb = new SAMLRequestBuilder();
+
+ Element erg = doCall(srb.build(moaSessionID,URLDecoder.decode(samlArtifact, "UTF-8")));
+ result = DOMUtils.serializeNode(erg);
+ result = killInclusive(result,"IssueInstant=\"","\"","");
+ result = killInclusive(result,"AssertionID=\"","\"","");
+ result = killInclusive(result,"ResponseID=\"","\"","");
+
+// writeXmldata("GetAuthenticationDataWebServiceResponse.xml", result.getBytes("UTF-8"));
+
+ assertEquals(result,readXmldata("GetAuthenticationDataWebServiceResponse.xml"));
+
+ System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------");
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+
+ public void testA651() throws Exception {
+ try {
+
+ // Anmelden
+ String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/");
+ HttpsURLConnection conn = giveConnection(URL, "GET");
+ conn.connect();
+ String result = new String(StreamUtils.readStream(conn.getInputStream()));
+ String MOASessionID = parseSessionIDFromForm(result);
+ conn.disconnect();
+
+ URL = parseDataURL(result);
+ // Verify Identity Link
+ conn = giveConnection(URL, "POST");
+ conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded");
+ String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml");
+ OutputStream out = conn.getOutputStream();
+ out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes());
+ out.flush();
+ out.close();
+ conn.connect();
+ String redirectLoc = conn.getHeaderField("Location");
+ conn.disconnect();
+ //Verify Auth Block
+ conn = giveConnection(redirectLoc, "POST");
+ String createXMLSignatureResponse = URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8");
+ out = conn.getOutputStream();
+ out.write(("MOASessionID=" + moaSessionID + "&XMLResponse=" + createXMLSignatureResponse).getBytes("UTF-8"));
+ out.flush();
+ out.close();
+ conn.connect();
+ redirectLoc = conn.getHeaderField("Location");
+ samlArtifact = "AAGu1JFbyGKqJ+3NAonwMu5bNyUc7kooeMK6bxeXBbnK6NL0DfuVJsGi";
+ System.out.println("SamlArtifact: " + samlArtifact);
+ conn.disconnect();
+
+ assertTrue(redirectLoc.startsWith("https://localhost:9443/?Target=gb&SAMLArtifact="));
+
+ conn = null;
+
+ SAMLRequestBuilder srb = new SAMLRequestBuilder();
+ Element samlPRequest = srb.build(moaSessionID,samlArtifact);
+
+ assertTrue(DOMUtils.serializeNode(doCall(samlPRequest)).indexOf("unbekanntes SAML-Artifakt")!=-1);
+
+ System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: Fehler beim Abholen der Anmeldedaten, unbekanntes SAML-Artifakt\n-----------------------");
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+
+ public void testA652() throws Exception {
+ try {
+
+ // Anmelden
+ String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/");
+ HttpsURLConnection conn = giveConnection(URL, "GET");
+ conn.connect();
+ String result = new String(StreamUtils.readStream(conn.getInputStream()));
+ String MOASessionID = parseSessionIDFromForm(result);
+ conn.disconnect();
+
+ URL = parseDataURL(result);
+ // Verify Identity Link
+ conn = giveConnection(URL, "POST");
+ conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded");
+ String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml");
+ OutputStream out = conn.getOutputStream();
+ out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes());
+ out.flush();
+ out.close();
+ conn.connect();
+ String redirectLoc = conn.getHeaderField("Location");
+ conn.disconnect();
+ //Verify Auth Block
+ conn = giveConnection(redirectLoc, "POST");
+ String createXMLSignatureResponse = URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8");
+ out = conn.getOutputStream();
+ out.write(("MOASessionID=" + moaSessionID + "&XMLResponse=" + createXMLSignatureResponse).getBytes("UTF-8"));
+ out.flush();
+ out.close();
+ conn.connect();
+ redirectLoc = conn.getHeaderField("Location");
+ samlArtifact = parseSamlArtifact(redirectLoc);
+ System.out.println("SamlArtifact: " + samlArtifact);
+ conn.disconnect();
+
+ assertTrue(redirectLoc.startsWith("https://localhost:9443/?Target=gb&SAMLArtifact="));
+
+ conn = null;
+ String request =
+ "<samlp:Request xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" RequestID=\"" +
+ moaSessionID + "\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"" +
+ DateTimeUtils.buildDateTime(Calendar.getInstance())+"\">" +
+ "</samlp:Request>";
+
+ Element samlPRequest = DOMUtils.parseDocument(request, false, ALL_SCHEMA_LOCATIONS, null).getDocumentElement();
+
+ assertTrue(DOMUtils.serializeNode(doCall(samlPRequest)).indexOf("Fehlerhaftes Requestformat")!=-1);
+// writeXmldata("GetAuthenticationDataWebServiceResponse.xml", result.getBytes("UTF-8"));
+ System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: Fehlerhaftes Requestformat\n-----------------------"); }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+
+ protected Element doCall(Element request)
+ throws Exception {
+ QName serviceName = new QName("GetAuthenticationData");
+ String endPoint = "http://localhost:8080/moa-id-auth/services/GetAuthenticationData";
+ Service service = ServiceFactory.newInstance().createService(serviceName);
+ Call call = service.createCall();
+ SOAPBodyElement body =
+ new SOAPBodyElement(request);
+ SOAPBodyElement[] params = new SOAPBodyElement[] {body};
+ Vector responses;
+ SOAPBodyElement response;
+
+ call.setTargetEndpointAddress(endPoint);
+ responses = (Vector) call.invoke(params);
+ response = (SOAPBodyElement) responses.get(0);
+
+ return response.getAsDOM();
+ }
+
+ private String parseDataURL(String input)
+ {
+ return getSubString(input.substring(input.indexOf("DataURL"),input.length()),"value=\"","\"");
+ }
+ private String parseSamlArtifact(String input)
+ {
+ return getSubString(input+"@@@","SAMLArtifact=","@@@");
+ }
+ private String getSubString(String input, String startsWith, String endsWith)
+ {
+ return input.substring(input.indexOf(startsWith)+startsWith.length(), input.indexOf(endsWith, input.indexOf(startsWith)+startsWith.length()));
+ }
+ private String getURL(String authURL, String target, String oaURL)
+ {
+ return authURL + "StartAuthentication?Target=" + target + "&OA=" + oaURL;
+ }
+ private String parseSessionIDFromForm(String htmlForm) {
+ String parName = "MOASessionID=";
+ assertTrue(
+ "HTML Form enthält keine SessionID",
+ htmlForm.indexOf(parName) >= 0);
+ int i1 = htmlForm.indexOf(parName) + parName.length();
+ int i2 = htmlForm.indexOf("\"", i1);
+ assertTrue("HTML Form enthält keine gültige SessionID", i2 > i1);
+ return htmlForm.substring(i1, i2);
+ }
+ private HttpsURLConnection giveConnection(String targetURL, String requestMethod) throws Exception {
+ HttpsURLConnection conn = (HttpsURLConnection) new URL(targetURL).openConnection();
+ conn.setRequestMethod(requestMethod);
+ conn.setDoInput(true);
+ conn.setDoOutput(true);
+ conn.setUseCaches(false);
+ conn.setAllowUserInteraction(false);
+ conn.setHostnameVerifier(new HostnameVerifierHack());
+ return conn;
+ }
+ private class HostnameVerifierHack implements HostnameVerifier {
+ public boolean verify(String arg0, String arg1) {
+ return true;
+ }
+ }
+}
diff --git a/id.server/src/test/abnahme/A/Test700SelectBKU.java b/id.server/src/test/abnahme/A/Test700SelectBKU.java
new file mode 100644
index 000000000..9cfa47033
--- /dev/null
+++ b/id.server/src/test/abnahme/A/Test700SelectBKU.java
@@ -0,0 +1,63 @@
+package test.abnahme.A;
+
+import test.abnahme.AbnahmeTestCase;
+
+/*
+ * @author Paul Ivancsics
+ * @version $Id$
+ */
+public class Test700SelectBKU extends AbnahmeTestCase {
+
+ public Test700SelectBKU(String name) {
+ super(name);
+ }
+
+ public void testA701() throws Exception {
+ try {
+ String form = server.selectBKU(
+ "https://localhost:8443/auth",
+ "gb",
+ "https://localhost:9443/",
+ "file:" + getTestCaseDirectory() + "BKUSelectionTemplate.html",
+ "file:" + getTestCaseDirectory() + "Template.html");
+ //writeXmldata("SelectBKUForm_out.html", form.getBytes());
+ assertEqualsIgnoreSessionID(readXmldata("SelectBKUForm.html"), form);
+ }
+ catch (Exception ex) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + ex.getLocalizedMessage());
+ throw ex;
+ }
+ }
+ public void testA702() throws Exception {
+ try {
+ String form = server.selectBKU(
+ "https://localhost:8443/auth",
+ "gb",
+ "https://localhost:9443/",
+ null,
+ null);
+ //writeXmldata("SelectBKUForm_out.html", form.getBytes());
+ assertEqualsIgnoreSessionID(readXmldata("SelectBKUForm.html"), form);
+ }
+ catch (Exception ex) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + ex.getLocalizedMessage());
+ throw ex;
+ }
+ }
+ public void testA703() throws Exception {
+ try {
+ String form = server.selectBKU(
+ "https://localhost:8443/auth",
+ "gb",
+ "https://localhost:9443/",
+ null,
+ null);
+ //writeXmldata("SelectBKUForm_out.html", form.getBytes());
+ assertEqualsIgnoreSessionID(readXmldata("SelectBKUForm.html"), form);
+ }
+ catch (Exception ex) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + ex.getLocalizedMessage());
+ throw ex;
+ }
+ }
+}
diff --git a/id.server/src/test/abnahme/AbnahmeTestCase.java b/id.server/src/test/abnahme/AbnahmeTestCase.java
new file mode 100644
index 000000000..e0e6fc183
--- /dev/null
+++ b/id.server/src/test/abnahme/AbnahmeTestCase.java
@@ -0,0 +1,163 @@
+package test.abnahme;
+
+import java.io.File;
+import java.io.IOException;
+import java.io.RandomAccessFile;
+
+import test.MOAIDTestCase;
+
+import at.gv.egovernment.moa.id.MOAIDException;
+import at.gv.egovernment.moa.id.auth.AuthenticationServer;
+import at.gv.egovernment.moa.id.config.ConfigurationProvider;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.id.data.AuthenticationData;
+
+/**
+ * Base class for MOA ID test cases.
+ *
+ * Provides some utility functions.
+ *
+ * @author Stefan Knirsch
+ * @version $Id$
+ */
+public class AbnahmeTestCase extends MOAIDTestCase {
+
+ protected static final String TESTDATA_ROOT = "data/abnahme-test/";
+ protected static final String TESTDATA_XMLDATA = "data/abnahme-test/xmldata/";
+ protected static final String AUTH_ENDPOINT = "http://localhost:8080/moa-id-auth/";
+ protected AuthenticationServer server;
+
+ /**
+ * Constructor for MOATestCase.
+ * @param arg0
+ */
+ public AbnahmeTestCase(String name) {
+ super(name);
+ }
+ /**
+ * Set up a transaction context with a test configuration.
+ */
+ protected void setUp() throws Exception {
+
+ System.out.print("--------S-T-A-R-T----V-O-N----");
+ System.out.print(getName().toUpperCase().substring(4,getName().length()));
+ System.out.print("-----------------------------\n");
+
+ // Set moa.spss.server.configuration property
+ System.setProperty("moa.spss.server.configuration",TESTDATA_ROOT + "conf/moa/ConfigurationTest.xml");
+
+ // Set moa.id.configuration property
+ String pathname = findXmldata("Configuration.xml");
+ System.setProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME, pathname);
+ System.out.println("Konfiguration " + pathname);
+ AuthConfigurationProvider.reload();
+
+ server = AuthenticationServer.getInstance();
+ }
+ /** Test case z.B. "A153" */
+ protected String getID() {
+ return getName().toUpperCase().substring(4,getName().length());
+ }
+ /** Test group z.B. "A100" */
+ protected String getTestGroup() {
+ return getID().substring(0, 2) + "00";
+ }
+ /** Test case data directory */
+ protected String getTestCaseDirectory() {
+ return getTestGroupDirectory() + getID() + "/";
+ }
+ /** Test group data directory */
+ protected String getTestGroupDirectory() {
+ return TESTDATA_XMLDATA + getTestGroup() + "/";
+ }
+ /** Finds a file in the xmldata directory */
+ protected String findXmldata(String filename) {
+ String pathname = getTestCaseDirectory() + filename;
+ if (! new File(pathname).exists()) {
+ pathname = getTestGroupDirectory() + filename;
+ if (! new File(pathname).exists()) {
+ pathname = TESTDATA_XMLDATA + filename;
+ }
+ }
+ return pathname;
+ }
+ /** Finds and reads a file in the xmldata directory */
+ protected String readXmldata(String filename) throws IOException {
+ String pathname = findXmldata(filename);
+ System.out.println("Read file " + pathname);
+ return readFile(pathname);
+ }
+ protected void writeXmldata(String filename, byte[] content) throws Exception {
+ String pathname = getTestCaseDirectory() + filename;
+ System.out.println("Write file " + pathname);
+ RandomAccessFile raf = new RandomAccessFile(pathname, "rw");
+ byte[] data = content;
+ raf.write(data);
+ raf.setLength(data.length);
+ raf.close();
+ }
+
+ /**
+ * Creates a session using standard parameters,
+ * and returns the session ID.
+ */
+ protected String startAuthentication() throws MOAIDException {
+ return startAuthentication("https://localhost:9443/");
+ }
+ /**
+ * Creates a session using standard parameters,
+ * and returns the session ID.
+ */
+ protected String startAuthentication(String oaURL) throws MOAIDException {
+ String htmlForm = AuthenticationServer.getInstance().startAuthentication(
+ "https://localhost:8443/auth",
+ "gb",
+ oaURL,
+ null,
+ null,
+ null);
+ String sessionID = parseSessionIDFromForm(htmlForm);
+ return sessionID;
+ }
+ private String parseSessionIDFromForm(String htmlForm) {
+ String parName = "MOASessionID=";
+ assertTrue(
+ "HTML Form enthält keine SessionID",
+ htmlForm.indexOf(parName) >= 0);
+ int i1 = htmlForm.indexOf(parName) + parName.length();
+ int i2 = i1;
+ while(i2 < htmlForm.length() &&
+ (htmlForm.charAt(i2) == '-' || (htmlForm.charAt(i2) >= '0' && htmlForm.charAt(i2) <= '9')))
+ i2++;
+ assertTrue("HTML Form enthält keine gültige SessionID", i2 > i1);
+ return htmlForm.substring(i1, i2);
+ }
+ protected String clearSessionID(String htmlForm) {
+ String sessionID = parseSessionIDFromForm(htmlForm);
+ int i1 = htmlForm.indexOf(sessionID);
+ int i2 = i1 + sessionID.length();
+ return htmlForm.substring(0, i1) + htmlForm.substring(i2);
+ }
+ protected void assertEqualsIgnoreSessionID(String s1, String s2) {
+ String ss1 = clearSessionID(s1);
+ String ss2 = clearSessionID(s2);
+ assertEquals(ss1, ss2);
+ }
+ protected void authDataWriter(AuthenticationData authData, String filename) throws Exception
+ {
+ writeXmldata("AuthenticationDataNEW.xml", clearSamlAssertion(authData.getSamlAssertion()).getBytes("UTF-8"));
+ }
+
+ /**
+ * clearSamlAssertion löscht aus einer beliebiegen String-Repräsentation einer XML-Struktur
+ * AUSSLIESSLICH die Attribute 'IssueInstant' und 'AssertionID' heraus.
+ * @param samlAssertion
+ * @return String
+ */
+ protected String clearSamlAssertion(String samlAssertion)
+ {
+ String result = killInclusive(samlAssertion,"IssueInstant='", "'","");
+ result = killInclusive(result,"AssertionID='", "'","");
+ return result;
+ }
+} \ No newline at end of file
diff --git a/id.server/src/test/abnahme/AllTests.java b/id.server/src/test/abnahme/AllTests.java
new file mode 100644
index 000000000..56a38be28
--- /dev/null
+++ b/id.server/src/test/abnahme/AllTests.java
@@ -0,0 +1,49 @@
+package test.abnahme;
+
+import junit.awtui.TestRunner;
+import junit.framework.*;
+
+import test.abnahme.A.Test100StartAuthentication;
+import test.abnahme.A.Test200VerifyIdentityLink;
+import test.abnahme.A.Test300VerifyAuthBlock;
+import test.abnahme.A.Test400GetAuthenticationData;
+import test.abnahme.A.Test500StartAuthenticationServlet;
+import test.abnahme.A.Test600GetAuthenticationDataService;
+import test.abnahme.A.Test700SelectBKU;
+import test.abnahme.C.Test100Konfiguration;
+import test.abnahme.P.Test100LoginParameterResolver;
+
+
+
+
+/**
+ * @author Paul Ivancsics
+ * @version $Id$
+ */
+public class AllTests {
+
+ public static Test suite() {
+ TestSuite suite = new TestSuite();
+
+ suite.addTestSuite(Test100StartAuthentication.class);
+ suite.addTestSuite(Test200VerifyIdentityLink.class);
+ suite.addTestSuite(Test300VerifyAuthBlock.class);
+ suite.addTestSuite(Test400GetAuthenticationData.class);
+ suite.addTestSuite(Test500StartAuthenticationServlet.class);
+ suite.addTestSuite(Test600GetAuthenticationDataService.class);
+ suite.addTestSuite(Test700SelectBKU.class);
+
+ suite.addTestSuite(Test100LoginParameterResolver.class);
+
+ suite.addTestSuite(Test100Konfiguration.class);
+ return suite;
+ }
+
+ public static void main(String[] args) {
+ try {
+ TestRunner.run(AllTests.class);
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
+}
diff --git a/id.server/src/test/abnahme/C/Test100Konfiguration.java b/id.server/src/test/abnahme/C/Test100Konfiguration.java
new file mode 100644
index 000000000..7da5a7449
--- /dev/null
+++ b/id.server/src/test/abnahme/C/Test100Konfiguration.java
@@ -0,0 +1,60 @@
+package test.abnahme.C;
+
+import at.gv.egovernment.moa.id.config.ConfigurationProvider;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+
+import test.abnahme.AbnahmeTestCase;
+
+/**
+ * @author Stefan Knirsch
+ * @version $Id$
+ *
+ */
+
+public class Test100Konfiguration extends AbnahmeTestCase {
+
+ public Test100Konfiguration(String name) {
+ super(name);
+ }
+
+ public void testC001() throws Exception {
+ try {
+ System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+ public void testC002() throws Exception {
+ try {
+ System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+ public void testC003() throws Exception {
+ try {
+ System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+ public void testC051() throws Exception {
+ try {
+ // Set moa.id.configuration property
+ String pathname = findXmldata("ConfigurationC051.xml");
+ System.setProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME, pathname);
+ System.out.println("Konfiguration " + pathname);
+ AuthConfigurationProvider.reload();
+ }
+ catch (Exception e) {
+ System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
+ }
+ // AuthConfigurationProvider.getInstance().getBKUConnectionParameter().getAcceptedServerCertificates()
+ }
+}
diff --git a/id.server/src/test/abnahme/P/Test100LoginParameterResolver.java b/id.server/src/test/abnahme/P/Test100LoginParameterResolver.java
new file mode 100644
index 000000000..8b7b2002f
--- /dev/null
+++ b/id.server/src/test/abnahme/P/Test100LoginParameterResolver.java
@@ -0,0 +1,146 @@
+package test.abnahme.P;
+import java.util.Map;
+
+import sun.misc.BASE64Decoder;
+import test.abnahme.AbnahmeTestCase;
+
+import at.gv.egovernment.moa.id.config.proxy.OAConfiguration;
+import at.gv.egovernment.moa.id.config.proxy.OAProxyParameter;
+import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider;
+import at.gv.egovernment.moa.id.data.AuthenticationData;
+import at.gv.egovernment.moa.id.proxy.LoginParameterResolver;
+import at.gv.egovernment.moa.id.proxy.LoginParameterResolverFactory;
+import at.gv.egovernment.moa.util.Base64Utils;
+
+/**
+ * @author Stefan Knirsch
+ * @version $Id$
+ *
+ */
+
+public class Test100LoginParameterResolver extends AbnahmeTestCase {
+
+ private static final String CLIENT_IP_ADDRESS = "56.246.75.11";
+ private OAConfiguration oaConf;
+ private LoginParameterResolver lpr;
+
+ public Test100LoginParameterResolver(String name) {
+ super(name);
+ }
+
+ private void setUp(String publicURLPrefix)
+ throws Exception {
+
+ // get configuration data
+ ProxyConfigurationProvider proxyConf = ProxyConfigurationProvider.getInstance();
+ OAProxyParameter oaParam = proxyConf.getOnlineApplicationParameter(publicURLPrefix);
+ oaConf = oaParam.getOaConfiguration();
+ System.out.println("Parameterübergabe: " + oaConf.getAuthType());
+
+ // get login parameter resolver
+ LoginParameterResolverFactory.initialize();
+ lpr = LoginParameterResolverFactory.getLoginParameterResolver(publicURLPrefix);
+ }
+ public void testP101() throws Exception {
+ try {
+ // read configuration and set up LoginParameterResolver
+ setUp("https://testP101:9443/");
+ if (! oaConf.getAuthType().equals(OAConfiguration.BASIC_AUTH))
+ fail();
+
+ // assemble authentication data
+ AuthenticationData authData = new AuthenticationData();
+ authData.setFamilyName("Huber");
+ authData.setGivenName("Hugo");
+
+ // resolve login headers
+ Map loginHeaders = lpr.getAuthenticationHeaders(oaConf, authData, CLIENT_IP_ADDRESS);
+
+ // validate login headers
+ assertEquals(1, loginHeaders.keySet().size());
+ System.out.println("Header Authorization: " + loginHeaders.get("Authorization"));
+ System.out.println("Decoded UserID:Password " +
+ new String(new BASE64Decoder().decodeBuffer(((String)loginHeaders.get("Authorization")).substring(6))));
+ String userIDPassword = "Hugo:Huber";
+ String credentials = Base64Utils.encode(userIDPassword.getBytes());
+ assertEquals("Basic " + credentials, loginHeaders.get("Authorization"));
+ System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+
+ }
+ public void testP102() throws Exception {
+ try {
+ // read configuration and set up LoginParameterResolver
+ setUp("https://testP102:9443/");
+ if (! oaConf.getAuthType().equals(OAConfiguration.PARAM_AUTH))
+ fail();
+
+ // assemble authentication data
+ AuthenticationData authData = new AuthenticationData();
+ String DATE_OF_BIRTH = "1963-12-29";
+ String VPK = "kp6hOq6LRAkLtrqm6EvDm6bMwJw=";
+ authData.setDateOfBirth(DATE_OF_BIRTH);
+ authData.setVPK(VPK);
+
+ // resolve login parameters
+ Map loginParameters = lpr.getAuthenticationParameters(oaConf, authData, CLIENT_IP_ADDRESS);
+
+ // validate login headers
+ assertEquals(2, loginParameters.keySet().size());
+ System.out.println("Param1: " + loginParameters.get("Param1"));
+ System.out.println("Param2: " + loginParameters.get("Param2"));
+ assertEquals(DATE_OF_BIRTH, loginParameters.get("Param1"));
+ assertEquals(VPK, loginParameters.get("Param2"));
+ System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+
+ public void testP103() throws Exception {
+ try {
+ // read configuration and set up LoginParameterResolver
+ setUp("https://localhost:9443/");
+ if (! oaConf.getAuthType().equals(OAConfiguration.HEADER_AUTH))
+ fail();
+
+ // assemble authentication data
+ AuthenticationData authData = new AuthenticationData();
+ boolean PUBLIC_AUTH = true;
+ String BKZ = "FinanzamtWien23Leitstelle";
+ boolean QUAL_CERT = false;
+ String ZMR_ZAHL = "3456789012";
+ authData.setPublicAuthority(PUBLIC_AUTH);
+ authData.setPublicAuthorityCode(BKZ);
+ authData.setQualifiedCertificate(QUAL_CERT);
+ authData.setIdentificationValue(ZMR_ZAHL);
+
+ // resolve login headers
+ Map loginHeaders = lpr.getAuthenticationHeaders(oaConf, authData, CLIENT_IP_ADDRESS);
+
+ // validate login headers
+ assertEquals(5, loginHeaders.keySet().size());
+ System.out.println("Header Param1: " + loginHeaders.get("Param1"));
+ System.out.println("Header Param2: " + loginHeaders.get("Param2"));
+ System.out.println("Header Param3: " + loginHeaders.get("Param3"));
+ System.out.println("Header Param4: " + loginHeaders.get("Param4"));
+ System.out.println("Header Param5: " + loginHeaders.get("Param5"));
+ assertEquals(String.valueOf(PUBLIC_AUTH), loginHeaders.get("Param1"));
+ assertEquals(BKZ, loginHeaders.get("Param2"));
+ assertEquals(String.valueOf(QUAL_CERT), loginHeaders.get("Param3"));
+ assertEquals(ZMR_ZAHL, loginHeaders.get("Param4"));
+ assertEquals(CLIENT_IP_ADDRESS, loginHeaders.get("Param5"));
+ System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
+ }
+ catch (Exception e) {
+ System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
+ throw e;
+ }
+ }
+}