diff options
Diffstat (limited to 'id.server/src/test')
43 files changed, 5303 insertions, 0 deletions
diff --git a/id.server/src/test/MOAIDTestCase.java b/id.server/src/test/MOAIDTestCase.java new file mode 100644 index 000000000..725fa1386 --- /dev/null +++ b/id.server/src/test/MOAIDTestCase.java @@ -0,0 +1,203 @@ +package test; + +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.io.InputStream; + +import javax.xml.transform.TransformerException; + +import org.w3c.dom.Element; + +import at.gv.egovernment.moa.util.Constants; +import at.gv.egovernment.moa.util.DOMUtils; +import at.gv.egovernment.moa.util.FileUtils; +import at.gv.egovernment.moa.util.StreamUtils; +import at.gv.egovernment.moa.util.XPathUtils; + +import iaik.ixsil.algorithms.Transform; +import iaik.ixsil.algorithms.TransformImplExclusiveCanonicalXML; +import iaik.ixsil.exceptions.AlgorithmException; +import iaik.ixsil.exceptions.InitException; +import iaik.ixsil.exceptions.URIException; +import iaik.ixsil.init.IXSILInit; +import iaik.ixsil.util.URI; +import test.at.gv.egovernment.moa.MOATestCase; + +/* + * @author Paul Ivancsics + * @version $Id$ + */ +public class MOAIDTestCase extends MOATestCase implements Constants { + + public static final String XML_DECL = + "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>"; + protected static final String nl = "\n"; + + public MOAIDTestCase(String name) { + super(name); + } + + protected void initIxsil() throws InitException, URIException { + IXSILInit.init(new URI("init/properties/init.properties")); + // Switch on debug information + IXSILInit.setPrintDebugLog(true); + } + //STRING <==> STRING + protected void assertXmlEquals(String xml1, String xml2) + throws AlgorithmException, IOException, InitException, URIException{ + initIxsil(); + String canXml1 = canonicalTransform(xml1); + String canXml2 = canonicalTransform(xml2); + assertEquals(canXml1, canXml2); } + // ELEMENT <==> ELEMENT + protected void assertXmlEquals(Element xml1, Element xml2) + throws AlgorithmException, IOException, InitException , URIException, TransformerException{ + initIxsil(); + assertEquals(canonicalTransform(DOMUtils.serializeNode(xml1)),canonicalTransform(DOMUtils.serializeNode(xml2))); + } + // INPUTSTREAM <==> INPUTSTREAM + protected void assertXmlEquals(InputStream xml1, InputStream xml2) + throws AlgorithmException, IOException, InitException , URIException{ + initIxsil(); + assertEquals(canonicalTransform(xml1),canonicalTransform(xml2)); + } + // ELEMENT <==> STRING + protected void assertXmlEquals(Element xml1, String xml2) + throws AlgorithmException, IOException, InitException , URIException, TransformerException { + initIxsil(); + assertEquals(canonicalTransform(xml1),canonicalTransform(xml2)); + } + // ELEMENT <==> INPUTSTREAM + protected void assertXmlEquals(Element xml1, InputStream xml2) + throws AlgorithmException, IOException, InitException , URIException, TransformerException{ + initIxsil(); + assertEquals(canonicalTransform(xml1),canonicalTransform(xml2)); + } + // STRING <==> INPUTSTREAM + protected void assertXmlEquals(String xml1, InputStream xml2) + throws AlgorithmException, IOException, InitException , URIException{ + initIxsil(); + assertEquals(canonicalTransform(xml1),canonicalTransform(xml2)); + } + + /** + * Method canonicalTransform. + * @param input as STRING + * @return String + */ + protected String canonicalTransform(String input) + throws AlgorithmException, IOException { + + Transform tr = new TransformImplExclusiveCanonicalXML(); + InputStream s = new ByteArrayInputStream(input.getBytes("UTF-8")); + tr.setInput(s, null); + ByteArrayInputStream transResult = (ByteArrayInputStream) tr.transform(); + return killWhiteSpace(readString(transResult)); + } + /** + * Method canonicalTransform. + * @param input as Element + * @return String + */ + protected String canonicalTransform(Element input) + throws AlgorithmException, IOException { + + Transform tr = new TransformImplExclusiveCanonicalXML(); + tr.setInput(XPathUtils.selectNodeList(input, XPathUtils.ALL_NODES_XPATH), null); + ByteArrayInputStream transResult = (ByteArrayInputStream) tr.transform(); + + return killWhiteSpace(readString(transResult)); + } + + /** + * Method canonicalTransform. + * @param input as InputStream + * @return String + */ + protected String canonicalTransform(InputStream input) + throws AlgorithmException, IOException { + + Transform tr = new TransformImplExclusiveCanonicalXML(); tr.setInput(input, null); + ByteArrayInputStream transResult = (ByteArrayInputStream) tr.transform(); + + return killWhiteSpace(readString(transResult)); + } + + public static String killWhiteSpace(String input) + { + int start=0; + int ende; + String result; + String middle; + result = input; + do { + start = result.indexOf(">", start); + ende = result.indexOf("<", start); + middle = result.substring(start+1,ende).trim(); + result = result.substring(0,start+1) +middle + result.substring(ende,result.length()); + start++; + } while (result.indexOf("<", ende + 1)>0); + + return result; + } + + /** + * Method killExclusive.: The values startsWith and endsWith will be included into the answer. + * @param input + * @param startsWith + * @param endsWith + * @param newValue + * @return String + */ + public static String killExclusive(String input, String startsWith, String endsWith, String newValue) + { + int start=0; + int ende; + String result; + result = input; + do { + start = result.indexOf(startsWith, start) + startsWith.length(); + ende = result.indexOf(endsWith, start); + result = result.substring(0,start) + newValue + result.substring(ende,result.length()); + start++; + } while (result.indexOf(startsWith, ende + 1)>0); + + return result; + } + + /** + * Method killInclusive. : The values startsWith and endsWith will NOT be included into the answer. + * @param input + * @param startsWith + * @param endsWith + * @param newValue + * @return String + */ + public static String killInclusive(String input, String startsWith, String endsWith, String newValue) + { + int start=0; + int ende; + String result; + result = input; + do { + start = result.indexOf(startsWith, start) + startsWith.length(); + ende = result.indexOf(endsWith, start); + result = result.substring(0,start - startsWith.length() ) + newValue + result.substring(ende + endsWith.length(),result.length()); + start++; + } while (result.indexOf(startsWith, ende + 1)>0); + + return result; + } + + protected String readFile(String filename) throws IOException { + return readFile(filename, "UTF-8"); + } + protected String readFile(String filename, String encoding) throws IOException { + return FileUtils.readFile(filename, encoding); + } + protected String readString(InputStream input) throws IOException + { + return StreamUtils.readStream(input, "UTF-8"); + } + +} diff --git a/id.server/src/test/abnahme/A/Test100StartAuthentication.java b/id.server/src/test/abnahme/A/Test100StartAuthentication.java new file mode 100644 index 000000000..0d72691aa --- /dev/null +++ b/id.server/src/test/abnahme/A/Test100StartAuthentication.java @@ -0,0 +1,171 @@ +package test.abnahme.A; + +import test.abnahme.AbnahmeTestCase; +import at.gv.egovernment.moa.id.AuthenticationException; +import at.gv.egovernment.moa.id.auth.WrongParametersException; + +/** + * @author Stefan Knirsch + * @version $Id$ + * + */ +public class Test100StartAuthentication extends AbnahmeTestCase { + + public Test100StartAuthentication(String name) { + super(name); + } + + public void testA101() throws Exception { + try { + String htmlForm = server.startAuthentication("https://localhost:8443/auth", //authURL + "gb", //target + "http://localhost:9080/", //oaURL + "file:" + findXmldata("AuthTemplate.html"), + "http://localhost:3495/http-security-layer-request", + null); + htmlForm = killExclusive(htmlForm, "MOASessionID=","\"","DELETED"); + //writeXmldata("htmlForm_out.html",htmlForm.getBytes("UTF-8")); + assertEquals(readXmldata("htmlForm.html"),htmlForm); + System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA102() throws Exception { + try { + String htmlForm = server.startAuthentication("https://localhost:8443/auth", //authURL + "gb", //target + "http://localhost:9080/", //oaURL + null, + "http://localhost:3495/http-security-layer-request", null); + htmlForm = killExclusive(htmlForm, "MOASessionID=","\"","DELETED"); + //writeXmldata("htmlForm_out.html",htmlForm.getBytes("UTF-8")); + assertEquals(readXmldata("htmlForm.html"),htmlForm); + + System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA103() throws Exception { + try { + String htmlForm = server.startAuthentication("https://localhost:8443/auth", //authURL + "gb", //target + "http://localhost:9080/", //oaURL + "file:" + findXmldata("AuthTemplate.html"), + null, + null); + htmlForm = killExclusive(htmlForm, "MOASessionID=","\"","DELETED"); + //writeXmldata("htmlForm_out.html",htmlForm.getBytes("UTF-8")); + assertEquals(readXmldata("htmlForm.html"),htmlForm); + System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA151() throws Exception { + try { + try { + server.startAuthentication(null, //authURL + "gb", //target + "http://localhost:9080/", //oaURL + null, null, null); + //assertEquals("",htmlForm); + System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); + fail(this.getName() + " hat KEINE FEHLER geworfen"); + } + catch (WrongParametersException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA152() throws Exception { + try { + try { + server.startAuthentication("http://localhost:8080/auth", //authURL + "gb", "http://localhost:9080/", //oaURL + null, null, null); + System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); + fail(this.getName() + " hat KEINE FEHLER geworfen"); + } + catch (AuthenticationException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA153() throws Exception { + try { + try { + server.startAuthentication("https://localhost:8443/auth", //authURL + "gb", "http://host_not_in_config/", //oaURL + null, null, null); + System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); + fail(this.getName() + " hat KEINE FEHLER geworfen"); + } + catch (AuthenticationException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA154() throws Exception { + try { + try { + server.startAuthentication("https://localhost:8443/auth", //authURL + "gb", null, //oaURL + null, null, null); + System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); + fail(this.getName() + " hat KEINE FEHLER geworfen"); + } + catch (WrongParametersException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA155() throws Exception { + try { + try { + server.startAuthentication("https://localhost:8443/auth", //authURL + null, "http://localhost:9080/", //oaURL + null, null, null); + System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); + fail(this.getName() + " hat KEINE FEHLER geworfen"); + } + catch (WrongParametersException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + //assertEquals("",htmlForm); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + +} diff --git a/id.server/src/test/abnahme/A/Test200VerifyIdentityLink.java b/id.server/src/test/abnahme/A/Test200VerifyIdentityLink.java new file mode 100644 index 000000000..ed4410521 --- /dev/null +++ b/id.server/src/test/abnahme/A/Test200VerifyIdentityLink.java @@ -0,0 +1,336 @@ +package test.abnahme.A; + +import org.w3c.dom.Element; +import test.abnahme.AbnahmeTestCase; + +import at.gv.egovernment.moa.id.AuthenticationException; +import at.gv.egovernment.moa.id.ParseException; +import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; +import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; +import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; +import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; +import at.gv.egovernment.moa.id.auth.validator.ValidateException; +import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; + +/** + * @author Stefan Knirsch + * @version $Id$ + * + */ +public class Test200VerifyIdentityLink extends AbnahmeTestCase { + + public Test200VerifyIdentityLink(String name) { + super(name); + } + + public void testA201() throws Exception { + try { + String sessionID = startAuthentication(); + System.out.println(sessionID); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + + String createXMLSignatureRequest = server.verifyIdentityLink(sessionID, infoboxReadResponse); + + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); + IdentityLink idl = irrp.parseIdentityLink(); + Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); + Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); + + VerifyXMLSignatureResponseParser respParser = new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); + VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames(), VerifyXMLSignatureResponseValidator.CHECK_IDENTITY_LINK); + + /* + * HINWEIS: clearSamlAssertion l�scht aus einer beliebiegen String-Repr�sentation einer XML-Struktur + * AUSSLIESSLICH die Attribute IssueInstand und die AssertionID heraus, von dem her ist diese + * Method hier verwendbar + */ + + assertXmlEquals(clearSamlAssertion(readXmldata("CreateXMLSignatureRequest.xml")), clearSamlAssertion(createXMLSignatureRequest)); + System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + + } + public void testA251() throws Exception { + try { + startAuthentication(); + String sessionID = "0"; + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + try { + server.verifyIdentityLink(sessionID, infoboxReadResponse); + System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); + fail(this.getName() + " hat KEINE FEHLER geworfen"); + } + catch (AuthenticationException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA252() throws Exception { + try { + String sessionID = startAuthentication(); + + server.setSecondsSessionTimeOut(-100); + server.cleanup(); + server.setSecondsSessionTimeOut(1000); + + System.out.println(sessionID); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + try { + server.verifyIdentityLink(sessionID, infoboxReadResponse); + System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); + fail(this.getName() + " hat KEINE FEHLER geworfen"); + } + catch (AuthenticationException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA253() throws Exception { + try { + String sessionID = startAuthentication(); + System.out.println(sessionID); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + try { + server.verifyIdentityLink(sessionID, infoboxReadResponse); + server.verifyIdentityLink(sessionID, infoboxReadResponse); + System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); + fail(this.getName() + " hat KEINE FEHLER geworfen"); + } + catch (AuthenticationException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA254() throws Exception { + try { + String sessionID = startAuthentication(); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + try { + server.verifyIdentityLink(sessionID, infoboxReadResponse); + System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); + fail(this.getName() + " hat KEINE FEHLER geworfen"); + } + catch (ValidateException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA255() throws Exception { + try { + String sessionID = startAuthentication(); + System.out.println(sessionID); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + try { + server.verifyIdentityLink(sessionID, infoboxReadResponse); + } + catch (ParseException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA256() throws Exception { + try { + String sessionID = startAuthentication(); + System.out.println(sessionID); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + try { + server.verifyIdentityLink(sessionID, infoboxReadResponse); + } + catch (ValidateException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA257() throws Exception { + try { + String sessionID = startAuthentication(); + System.out.println(sessionID); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + try { + server.verifyIdentityLink(sessionID, infoboxReadResponse); + System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); + fail(this.getName() + " hat KEINE FEHLER geworfen"); + + } + catch (ValidateException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA258() throws Exception { + try { + String sessionID = startAuthentication(); + System.out.println(sessionID); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + try { + server.verifyIdentityLink(sessionID, infoboxReadResponse); + System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); + fail(this.getName() + " hat KEINE FEHLER geworfen"); + } + catch (ValidateException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA259() throws Exception { + try { + String sessionID = startAuthentication(); + System.out.println(sessionID); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + try { + server.verifyIdentityLink(sessionID, infoboxReadResponse); + System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); + fail(this.getName() + " hat KEINE FEHLER geworfen"); + } + catch (ValidateException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA260() throws Exception { + try { + String sessionID = startAuthentication(); + System.out.println(sessionID); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + try { + server.verifyIdentityLink(sessionID, infoboxReadResponse); + System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); + fail(this.getName() + " hat KEINE FEHLER geworfen"); + } + catch (ValidateException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA261() throws Exception { + try { + String sessionID = startAuthentication(); + System.out.println(sessionID); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + + try { + server.verifyIdentityLink(sessionID, infoboxReadResponse); + System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); + fail(this.getName() + " hat KEINE FEHLER geworfen"); + } + catch (ValidateException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA262() throws Exception { + try { + String sessionID = startAuthentication(); + System.out.println(sessionID); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + new InfoboxReadResponseParser(infoboxReadResponse).parseIdentityLink(); + // System.out.println(infoboxReadResponse); + + try { + server.verifyIdentityLink(sessionID, infoboxReadResponse); + System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); + fail(this.getName() + " hat KEINE FEHLER geworfen"); + } + catch (ValidateException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA263() throws Exception { + try { + String sessionID = startAuthentication(); + System.out.println(sessionID); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + server.verifyIdentityLink(sessionID, infoboxReadResponse); + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); + IdentityLink idl = irrp.parseIdentityLink(); + Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); + Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); + + VerifyXMLSignatureResponseParser respParser = new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); + + // String createXMLSignatureRequest = server.verifyIdentityLink(sessionID, infoboxReadResponse); + // System.out.println(createXMLSignatureRequest); + // String createXMLSignatureResponse = readFile(TESTDATA_ROOT + "xmldata/standard/"+"CreateXMLSignatureResponse.xml"); + // String samlArtifact = server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); + try { + VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), new String[] { "CN=TEST,OU=TEST,O=TEST,C=AT" }, VerifyXMLSignatureResponseValidator.CHECK_IDENTITY_LINK); + System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); + fail(this.getName() + " hat KEINE FEHLER geworfen"); + } + catch (ValidateException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } +} diff --git a/id.server/src/test/abnahme/A/Test300VerifyAuthBlock.java b/id.server/src/test/abnahme/A/Test300VerifyAuthBlock.java new file mode 100644 index 000000000..d9e69eba4 --- /dev/null +++ b/id.server/src/test/abnahme/A/Test300VerifyAuthBlock.java @@ -0,0 +1,597 @@ +package test.abnahme.A; + +import java.util.Calendar; + +import org.w3c.dom.Element; +import test.abnahme.AbnahmeTestCase; + +import at.gv.egovernment.moa.id.AuthenticationException; +import at.gv.egovernment.moa.id.BuildException; +import at.gv.egovernment.moa.id.ParseException; +import at.gv.egovernment.moa.id.auth.AuthenticationServer; +import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataAssertionBuilder; +import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder; +import at.gv.egovernment.moa.id.auth.builder.VPKBuilder; +import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; +import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; +import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; +import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser; +import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; +import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; +import at.gv.egovernment.moa.id.auth.validator.CreateXMLSignatureResponseValidator; +import at.gv.egovernment.moa.id.auth.validator.ValidateException; +import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator; +import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.data.AuthenticationData; +import at.gv.egovernment.moa.id.util.Random; +import at.gv.egovernment.moa.util.DOMUtils; +import at.gv.egovernment.moa.util.DateTimeUtils; + +/** + * @author Stefan Knirsch + * @version $Id$ + * + */ + +public class Test300VerifyAuthBlock extends AbnahmeTestCase { + + public Test300VerifyAuthBlock(String name) { + super(name); + } + + public void testA301() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServer(sessionID); + //authDataWriter(authData,this.getName()+"new.xml"); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA302() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServer(sessionID); + //authDataWriter(authData,this.getName()+"new.xml"); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA303() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServer(sessionID); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA304() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServer(sessionID); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA305() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServer(sessionID); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA306() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServer(sessionID); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA307() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServer(sessionID); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA308() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServer(sessionID); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + + } + + public void testA309() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA310() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA311() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA351() throws Exception { + try { + String sessionID = startAuthentication(); + System.out.println(sessionID); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + server.verifyIdentityLink(sessionID, infoboxReadResponse); + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); + IdentityLink idl = irrp.parseIdentityLink(); + Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); + Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); + new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); + //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); + // System.out.println(createXMLSignatureRequest); + String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); + + // nicht existierende Session.... + try { + server.verifyAuthenticationBlock("0", createXMLSignatureResponse); + fail(); + } + catch (AuthenticationException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA352() throws Exception { + try { + String sessionID = startAuthentication(); + System.out.println(sessionID); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + server.verifyIdentityLink(sessionID, infoboxReadResponse); + server.setSecondsSessionTimeOut(-100); + server.cleanup(); + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); + IdentityLink idl = irrp.parseIdentityLink(); + Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); + Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); + new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); + //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); + // System.out.println(createXMLSignatureRequest); + String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); + + // abgelaufene Session.... + server.setSecondsSessionTimeOut(1000); + try { + server.verifyAuthenticationBlock("0", createXMLSignatureResponse); + fail(); + } + catch (AuthenticationException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA353() throws Exception { + try { + String sessionID = startAuthentication(); + System.out.println(sessionID); + + String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); + + // Session for VerifyIdentityLink-Aufruf + try { + + server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); + fail(); + } + //NOCH SEHR UNSCH�N..... (fliegt raus im AuthenticationServer, Methode buildAuthenticationData + // ( IdentityLink identityLink = session.getIdentityLink(); ==> liefert dann NULL... + catch (NullPointerException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA354() throws Exception { + try { + String sessionID = startAuthentication(); + System.out.println(sessionID); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + server.verifyIdentityLink(sessionID, infoboxReadResponse); + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); + IdentityLink idl = irrp.parseIdentityLink(); + Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); + Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); + new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); + //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); + // System.out.println(createXMLSignatureRequest); + String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); + + // nicht existierende Session.... + + server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); + try { + server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); + fail(); + } + catch (AuthenticationException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA355() throws Exception { + try { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ParseException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA356() throws Exception { + try { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ParseException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA357() throws Exception { + try { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ValidateException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA358() throws Exception { + try { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ValidateException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA359() throws Exception { + try { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ValidateException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA360() throws Exception { + try { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ValidateException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA361() throws Exception { + try { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ValidateException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA362() throws Exception { + try { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ValidateException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA363() throws Exception { + try { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ValidateException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA364() throws Exception { + try { + String sessionID = startAuthentication(); + try { + + initServer(sessionID); + fail(); + } + catch (ValidateException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + /* public void testA365() throws Exception { + String sessionID = startAuthentication(); + try { + // wegen sinnlosigkeit gestrichen + initServer(sessionID); + fail(); + } + catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");} + }*/ + + public void testA366() throws Exception { + + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");} + } + public void testA367() throws Exception { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");} + } + + + private AuthenticationData initServer(String sessionID) throws Exception { + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + server.verifyIdentityLink(sessionID, infoboxReadResponse); + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); + IdentityLink idl = irrp.parseIdentityLink(); + Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, "TrustProfile1"); + Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); + new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); + //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); + // System.out.println(createXMLSignatureRequest); + String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); + // CreateXMLSignatureResponseValidator.getInstance().validate(new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(),"gb","https://localhost:9443/"); + String samlArtifact = server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); + AuthenticationData authData = server.getAuthenticationData(samlArtifact); + return authData; + } + + private AuthenticationData initServerWithoutValidateAuthBlock(String sessionID) throws Exception { + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + server.verifyIdentityLink(sessionID, infoboxReadResponse); + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); + IdentityLink idl = irrp.parseIdentityLink(); + Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, "TrustProfile1"); + Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); + new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); + //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); + // System.out.println(createXMLSignatureRequest); + String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); + // CreateXMLSignatureResponseValidator.getInstance().validate(new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(),"gb","https://localhost:9443/"); + + AuthenticationSession session = AuthenticationServer.getSession(sessionID); + AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance(); + // parses <CreateXMLSignatureResponse> + CreateXMLSignatureResponse csresp = + new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(); + // validates <CreateXMLSignatureResponse> + new CreateXMLSignatureResponseValidator().validate(csresp, session.getTarget(), session.getPublicOAURLPrefix()); + // builds a <VerifyXMLSignatureRequest> for a MOA-SPSS call + String[] vtids = authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs(); + String tpid = authConf.getMoaSpAuthBlockTrustProfileID(); + Element domVsreq = new VerifyXMLSignatureRequestBuilder().build(csresp, vtids, tpid); + // invokes the call + Element domVsresp = new SignatureVerificationInvoker().verifyXMLSignature(domVsreq); + // parses the <VerifyXMLSignatureResponse> + VerifyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponseParser(domVsresp).parseData(); + // validates the <VerifyXMLSignatureResponse> + VerifyXMLSignatureResponseValidator.getInstance().validate(vsresp, null, VerifyXMLSignatureResponseValidator.CHECK_AUTH_BLOCK); + // compares the public keys from the identityLink with the AuthBlock + + // builds authentication data and stores it together with a SAML artifact + AuthenticationData authData = buildAuthenticationData(session, vsresp); + return authData; + } + private AuthenticationData buildAuthenticationData( + AuthenticationSession session, + VerifyXMLSignatureResponse verifyXMLSigResp) + throws ConfigurationException, BuildException { + + IdentityLink identityLink = session.getIdentityLink(); + AuthenticationData authData = new AuthenticationData(); + authData.setMajorVersion(1); + authData.setMinorVersion(0); + authData.setAssertionID(Random.nextRandom()); + authData.setIssuer(session.getAuthURL()); + authData.setIssueInstant(DateTimeUtils.buildDateTime(Calendar.getInstance())); + String vpkBase64 = new VPKBuilder().buildVPK( + identityLink.getIdentificationValue(), identityLink.getDateOfBirth(), session.getTarget()); + authData.setVPK(vpkBase64); + authData.setGivenName(identityLink.getGivenName()); + authData.setFamilyName(identityLink.getFamilyName()); + authData.setDateOfBirth(identityLink.getDateOfBirth()); + authData.setQualifiedCertificate(verifyXMLSigResp.isQualifiedCertificate()); + authData.setPublicAuthority(verifyXMLSigResp.isPublicAuthority()); + authData.setPublicAuthorityCode(verifyXMLSigResp.getPublicAuthorityCode()); + OAAuthParameter oaParam = + AuthConfigurationProvider.getInstance().getOnlineApplicationParameter( + session.getPublicOAURLPrefix()); + String prPerson = new PersonDataBuilder().build( + identityLink, oaParam.getProvideZMRZahl()); + + try { + String ilAssertion = + oaParam.getProvideIdentityLink() ? DOMUtils.serializeNode(identityLink.getSamlAssertion()) : ""; + String authBlock = oaParam.getProvideAuthBlock() ? session.getAuthBlock() : ""; + String samlAssertion = new AuthenticationDataAssertionBuilder().build( + authData, prPerson, authBlock, ilAssertion); + authData.setSamlAssertion(samlAssertion); + return authData; + } + catch (Throwable ex) { + throw new BuildException( + "builder.00", + new Object[] { "AuthenticationData", ex.getMessage() }, + ex); + } + } +} diff --git a/id.server/src/test/abnahme/A/Test400GetAuthenticationData.java b/id.server/src/test/abnahme/A/Test400GetAuthenticationData.java new file mode 100644 index 000000000..b05e2b92c --- /dev/null +++ b/id.server/src/test/abnahme/A/Test400GetAuthenticationData.java @@ -0,0 +1,129 @@ +package test.abnahme.A; + +import org.w3c.dom.Element; +import test.abnahme.AbnahmeTestCase; + +import at.gv.egovernment.moa.id.AuthenticationException; +import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; +import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; +import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser; +import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; +import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; +import at.gv.egovernment.moa.id.auth.validator.CreateXMLSignatureResponseValidator; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.data.AuthenticationData; + +/** + * @author Stefan Knirsch + * @version $Id$ + */ + +public class Test400GetAuthenticationData extends AbnahmeTestCase { + + private String samlArtifact; + + public Test400GetAuthenticationData(String name) { + super(name); + } + + protected void setUp() throws Exception { + super.setUp(); + String sessionID = startAuthentication(); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + server.verifyIdentityLink(sessionID, infoboxReadResponse); + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); + IdentityLink idl = irrp.parseIdentityLink(); + Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); + Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); + new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); + //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); + // System.out.println(createXMLSignatureRequest); + String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); + CreateXMLSignatureResponseValidator.getInstance().validate(new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(), "gb", "https://localhost:9443/"); + samlArtifact = server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); + } + + public void testA401() throws Exception { + try { + + AuthenticationData authData = server.getAuthenticationData(samlArtifact); +// authDataWriter(authData,"NEWA401"); + assertXmlEquals(clearSamlAssertion(authData.getSamlAssertion()), readXmldata("AuthenticationData.xml")); + System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA451() throws Exception { + try { + try { + AuthenticationData authData = server.getAuthenticationData("AAGu1JFbyGKqJ+3NAonwMu5bNyUc7kooeMK6bxeXBbnK6NL0DfuVJsGi"); + authDataWriter(authData, "A45"); + if (authData != null) + fail(); + } + catch (AuthenticationException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA452() throws Exception { + try { + server.getAuthenticationData(samlArtifact); + try { + server.getAuthenticationData(samlArtifact); + fail(); + } + catch (AuthenticationException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA453() throws Exception { + try { + server.setSecondsAuthDataTimeOut(-1000); + server.cleanup(); + try { + server.getAuthenticationData(samlArtifact); + fail(); + } + catch (AuthenticationException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA454() throws Exception { + try { + try { + server.getAuthenticationData("blabla123"); + fail(); + } + catch (AuthenticationException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + +} diff --git a/id.server/src/test/abnahme/A/Test500StartAuthenticationServlet.java b/id.server/src/test/abnahme/A/Test500StartAuthenticationServlet.java new file mode 100644 index 000000000..f4f37a871 --- /dev/null +++ b/id.server/src/test/abnahme/A/Test500StartAuthenticationServlet.java @@ -0,0 +1,305 @@ +package test.abnahme.A; + +import java.io.OutputStream; +import java.net.URL; +import java.security.Security; + +import javax.net.ssl.SSLSocketFactory; + +import test.abnahme.AbnahmeTestCase; + +import at.gv.egovernment.moa.util.StreamUtils; +import at.gv.egovernment.moa.util.URLEncoder; + +import com.sun.net.ssl.HostnameVerifier; +import com.sun.net.ssl.HttpsURLConnection; + +/** + * @author Stefan Knirsch + * @version $Id$ + * + */ +public class Test500StartAuthenticationServlet extends AbnahmeTestCase { + + private String testdataRoot = TESTDATA_ROOT + "xmldata/standard/"; + SSLSocketFactory ssf; + public Test500StartAuthenticationServlet(String name) { + super(name); + } + protected void setUp() throws Exception { + super.setUp(); + Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); + System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol"); + System.setProperty("javax.net.ssl.trustStore", "C:/Programme/ApacheGroup/abnahme/server.keystore"); + System.setProperty("javax.net.ssl.trustStorePassword", "changeit"); + } + + public void testA501() throws Exception { + //NUR einmal f�r alle folgenden Testf�lle + //---------------------------------------- + + //---------------------------------------- + + try { + String targetURL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); + HttpsURLConnection conn = giveConnection(targetURL, "GET"); + conn.connect(); + int resultCode = conn.getResponseCode(); + String contentType = conn.getHeaderField("Content-Type"); + if (resultCode != 200) + fail("Wrong HTTP-Code"); + if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/html")) + fail("Wrong contentType: expected text/html and was " + conn.getHeaderField("Content-Type")); + conn.disconnect(); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA502() throws Exception { + try { + String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); + HttpsURLConnection conn = giveConnection(URL, "GET"); + conn.connect(); + int resultCode = conn.getResponseCode(); + String contentType = conn.getHeaderField("Content-Type"); + if (resultCode != 200) + fail("Wrong HTTP-Code: expected '200' and was '" + resultCode + "'"); + if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/html")) + fail("Wrong contentType: expected text/html and was " + conn.getHeaderField("Content-Type")); + String result = new String(StreamUtils.readStream(conn.getInputStream())); + + conn.disconnect(); + + URL = parseDataURL(result); + conn = giveConnection(URL, "POST"); + conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); + + String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); + System.out.println("File gelesen, Daten in Outputstream einpflegen"); + OutputStream out = conn.getOutputStream(); + out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes("UTF-8")); + out.flush(); + out.close(); + + System.out.println("Verbinden zu " + URL); + conn.connect(); + resultCode = conn.getResponseCode(); + System.out.println("resultCode :" + resultCode); + String redirectLoc = conn.getHeaderField("Location"); + System.out.println("redirectLoc :" + redirectLoc); + // Austausch von VerifyIdentityLink in der POST-URL durch VerifyAuthBlock... rest MUSS gleich sein! + if (!killInclusive(URL, "VerifyI", "Link", "VerifyAuthBlock").equals(redirectLoc)) + fail("Wrong Redirect-Location: expected " + URL + " and was " + conn.getHeaderField("Location")); + if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/xml")) + fail("Wrong contentType: expected text/xml and was " + conn.getHeaderField("Content-Type")); + conn.disconnect(); + System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA503() throws Exception { + try { + String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); + HttpsURLConnection conn = giveConnection(URL, "GET"); + conn.connect(); + + assertEquals(200,conn.getResponseCode()); + if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/html")) + fail("Wrong contentType: expected text/html and was " + conn.getHeaderField("Content-Type")); + String result = new String(StreamUtils.readStream(conn.getInputStream())); + URL = parseDataURL(result); + + conn.disconnect(); + conn = giveConnection(URL, "POST"); + conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); + String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); + OutputStream out = conn.getOutputStream(); + out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); + out.flush(); + out.close(); + conn.connect(); + String redirectLoc = conn.getHeaderField("Location"); + // Austausch von VerifyIdentityLink in der POST-URL durch VerifyAuthBlock... rest MUSS gleich sein! + if (!killInclusive(URL, "VerifyI", "Link", "VerifyAuthBlock").equals(redirectLoc)) + fail("Wrong Redirect-Location: expected " + URL + " and was " + conn.getHeaderField("Location")); + if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/xml")) + fail("Wrong contentType: expected text/xml and was " + conn.getHeaderField("Content-Type")); + conn.disconnect(); + + conn = giveConnection(redirectLoc, "POST"); + System.out.println("Redirect Location: " + redirectLoc); + String createXMLSignatureResponse = URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8"); + out = conn.getOutputStream(); + out.write(("XMLResponse=" +createXMLSignatureResponse).getBytes()); + out.flush(); + out.close(); + + System.out.println("Sending Data to " + redirectLoc); + conn.connect(); + + redirectLoc = conn.getHeaderField("Location"); + System.out.println("redirectLoc: " + redirectLoc); + /* RandomAccessFile raf = new RandomAccessFile("C://503.xml", "rw"); + raf.write(StreamUtils.readStream(conn.getInputStream())); + raf.close();*/ + conn.disconnect(); + assertEquals(302, conn.getResponseCode()); + assertTrue(redirectLoc.startsWith("https://localhost:9443/?Target=gb&SAMLArtifact=")); + System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); + + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA551() throws Exception { + try { + String targetURL = getURL("https://localhost:8443/moa-id-auth/", "gb", ""); + HttpsURLConnection conn = giveConnection(targetURL, "GET"); + conn.connect(); + String result = new String(StreamUtils.readStream(conn.getInputStream())); + assertTrue(result.indexOf("Die Angabe der Parameter ist unvollständig") >= 0); + conn.disconnect(); + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: Die Angabe der Parameter ist unvollst�ndig.\n-----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA552() throws Exception { + try { + String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); + HttpsURLConnection conn = giveConnection(URL, "GET"); + conn.connect(); + int resultCode = conn.getResponseCode(); + assertEquals(200, resultCode); + if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/html")) + fail("Wrong contentType: expected text/html and was " + conn.getHeaderField("Content-Type")); + conn.disconnect(); + URL = "https://localhost:8443/moa-id-auth/" + "VerifyIdentityLink?MOASessionID=0000"; + conn = giveConnection(URL, "POST"); + conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); + + String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); + OutputStream out = conn.getOutputStream(); + out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); + out.flush(); + out.close(); + + conn.connect(); + String result = new String(StreamUtils.readStream(conn.getInputStream())); + assertTrue(result.indexOf("MOASessionID ist unbekannt") >= 0); + System.out.println("Fehler in testA552 erfolgreich abgefangen: MOASessionID ist unbekannt"); + conn.disconnect(); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA553() throws Exception { + try { + String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); + HttpsURLConnection conn = giveConnection(URL, "GET"); + conn.connect(); + int resultCode = conn.getResponseCode(); + assertEquals(200,resultCode); + if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/html")) + fail("Wrong contentType: expected text/html and was " + conn.getHeaderField("Content-Type")); + String result = new String(StreamUtils.readStream(conn.getInputStream())); + String MOASessionID = parseSessionIDFromForm(result); + URL = parseDataURL(result); + conn.disconnect(); + + conn = giveConnection(URL, "POST"); + conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); + + String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); + OutputStream out = conn.getOutputStream(); + out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); + out.flush(); + out.close(); + conn.connect(); + result = new String(StreamUtils.readStream(conn.getInputStream())); + String redirectLoc = conn.getHeaderField("Location"); + // Austausch von VerifyIdentityLink in der POST-URL durch VerifyAuthBlock... rest MUSS gleich sein! + if (!killInclusive(URL, "VerifyI", "Link", "VerifyAuthBlock").equals(redirectLoc)) + fail("Wrong Redirect-Location: expected " + URL + " and was " + conn.getHeaderField("Location")); + if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/xml")) + fail("Wrong contentType: expected text/xml and was " + conn.getHeaderField("Content-Type")); + conn.disconnect(); + conn = giveConnection(redirectLoc + "XXX", "POST"); + System.out.println("Redirect Location: " + redirectLoc + "XXX"); + String createXMLSignatureResponse = "XMLResponse=" + URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8"); + + out = conn.getOutputStream(); + out.write(new String("MOASessionID=" + MOASessionID + "&").getBytes()); + out.write(createXMLSignatureResponse.getBytes("UTF-8")); + out.flush(); + out.close(); + System.out.println("Sending Data to " + redirectLoc); + conn.connect(); + resultCode = conn.getResponseCode(); + + result = new String(StreamUtils.readStream(conn.getInputStream())); + conn.disconnect(); + assertEquals(200, resultCode); + assertTrue(result.indexOf("MOASessionID ist unbekannt") >= 0); + System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + private String parseDataURL(String input) { + String ret = getSubString(input.substring(input.indexOf("DataURL"), input.length()), "value=\"", "\""); + return ret; + } + + private String getSubString(String input, String startsWith, String endsWith) { + return input.substring(input.indexOf(startsWith) + startsWith.length(), input.indexOf(endsWith, input.indexOf(startsWith) + startsWith.length())); + } + private String getURL(String authURL, String target, String oaURL) { + return authURL + "StartAuthentication?Target=" + target + "&OA=" + oaURL; + } + private String parseSessionIDFromForm(String htmlForm) { + String parName = "MOASessionID="; + assertTrue("HTML Form enth�lt keine SessionID", htmlForm.indexOf(parName) >= 0); + int i1 = htmlForm.indexOf(parName) + parName.length(); + int i2 = htmlForm.indexOf("\"", i1); + assertTrue("HTML Form enth�lt keine g�ltige SessionID", i2 > i1); + return htmlForm.substring(i1, i2); + } + + private class HostnameVerifierHack implements HostnameVerifier { + public boolean verify(String arg0, String arg1) { + return true; + } + } + private HttpsURLConnection giveConnection(String targetURL, String requestMethod) throws Exception { + URL url = new URL(targetURL); + HttpsURLConnection conn = (HttpsURLConnection) url.openConnection(); + conn.setRequestMethod(requestMethod); + conn.setDoInput(true); + conn.setDoOutput(true); + conn.setUseCaches(false); + conn.setAllowUserInteraction(false); + conn.setHostnameVerifier(new HostnameVerifierHack()); + return conn; + } + +}
\ No newline at end of file diff --git a/id.server/src/test/abnahme/A/Test600GetAuthenticationDataService.java b/id.server/src/test/abnahme/A/Test600GetAuthenticationDataService.java new file mode 100644 index 000000000..b44852346 --- /dev/null +++ b/id.server/src/test/abnahme/A/Test600GetAuthenticationDataService.java @@ -0,0 +1,281 @@ +package test.abnahme.A; + +import java.io.OutputStream; +import java.net.URL; +import java.security.Security; +import java.util.Calendar; +import java.util.Vector; + +import javax.xml.namespace.QName; +import javax.xml.rpc.Call; +import javax.xml.rpc.Service; +import javax.xml.rpc.ServiceFactory; + +import org.apache.axis.message.SOAPBodyElement; +import org.w3c.dom.Element; + +import com.sun.net.ssl.HostnameVerifier; +import com.sun.net.ssl.HttpsURLConnection; + +import test.abnahme.AbnahmeTestCase; + +import at.gv.egovernment.moa.id.proxy.builder.SAMLRequestBuilder; +import at.gv.egovernment.moa.util.DOMUtils; +import at.gv.egovernment.moa.util.DateTimeUtils; +import at.gv.egovernment.moa.util.StreamUtils; +import at.gv.egovernment.moa.util.URLDecoder; +import at.gv.egovernment.moa.util.URLEncoder; + +/** + * @author Stefan Knirsch + * @version $Id$ + */ + +public class Test600GetAuthenticationDataService extends AbnahmeTestCase { + + private String moaSessionID; + private String samlArtifact; + private static final QName SERVICE_QNAME = new QName("SignatureCreation"); + + public Test600GetAuthenticationDataService(String name) { + super(name); + } + + protected void setUp() throws Exception { + super.setUp(); + Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); + System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol"); + System.setProperty("javax.net.ssl.trustStore", "C:/Programme/ApacheGroup/abnahme/server.keystore"); + System.setProperty("javax.net.ssl.trustStorePassword", "changeit"); + } + + public void testA601() throws Exception { + try { + + // Anmelden + String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); + HttpsURLConnection conn = giveConnection(URL, "GET"); + conn.connect(); + String result = new String(StreamUtils.readStream(conn.getInputStream())); + String MOASessionID = parseSessionIDFromForm(result); + conn.disconnect(); + + URL = parseDataURL(result); + // Verify Identity Link + conn = giveConnection(URL, "POST"); + conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); + String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); + OutputStream out = conn.getOutputStream(); + out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); + out.flush(); + out.close(); + conn.connect(); + String redirectLoc = conn.getHeaderField("Location"); + conn.disconnect(); + //Verify Auth Block + conn = giveConnection(redirectLoc, "POST"); + String createXMLSignatureResponse = URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8"); + out = conn.getOutputStream(); + out.write(("MOASessionID=" + moaSessionID + "&XMLResponse=" + createXMLSignatureResponse).getBytes("UTF-8")); + out.flush(); + out.close(); + conn.connect(); + redirectLoc = conn.getHeaderField("Location"); + samlArtifact = parseSamlArtifact(redirectLoc); + System.out.println("SamlArtifact: " + samlArtifact); + conn.disconnect(); + + assertTrue(redirectLoc.startsWith("https://localhost:9443/?Target=gb&SAMLArtifact=")); + + conn = null; + + SAMLRequestBuilder srb = new SAMLRequestBuilder(); + + Element erg = doCall(srb.build(moaSessionID,URLDecoder.decode(samlArtifact, "UTF-8"))); + result = DOMUtils.serializeNode(erg); + result = killInclusive(result,"IssueInstant=\"","\"",""); + result = killInclusive(result,"AssertionID=\"","\"",""); + result = killInclusive(result,"ResponseID=\"","\"",""); + +// writeXmldata("GetAuthenticationDataWebServiceResponse.xml", result.getBytes("UTF-8")); + + assertEquals(result,readXmldata("GetAuthenticationDataWebServiceResponse.xml")); + + System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA651() throws Exception { + try { + + // Anmelden + String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); + HttpsURLConnection conn = giveConnection(URL, "GET"); + conn.connect(); + String result = new String(StreamUtils.readStream(conn.getInputStream())); + String MOASessionID = parseSessionIDFromForm(result); + conn.disconnect(); + + URL = parseDataURL(result); + // Verify Identity Link + conn = giveConnection(URL, "POST"); + conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); + String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); + OutputStream out = conn.getOutputStream(); + out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); + out.flush(); + out.close(); + conn.connect(); + String redirectLoc = conn.getHeaderField("Location"); + conn.disconnect(); + //Verify Auth Block + conn = giveConnection(redirectLoc, "POST"); + String createXMLSignatureResponse = URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8"); + out = conn.getOutputStream(); + out.write(("MOASessionID=" + moaSessionID + "&XMLResponse=" + createXMLSignatureResponse).getBytes("UTF-8")); + out.flush(); + out.close(); + conn.connect(); + redirectLoc = conn.getHeaderField("Location"); + samlArtifact = "AAGu1JFbyGKqJ+3NAonwMu5bNyUc7kooeMK6bxeXBbnK6NL0DfuVJsGi"; + System.out.println("SamlArtifact: " + samlArtifact); + conn.disconnect(); + + assertTrue(redirectLoc.startsWith("https://localhost:9443/?Target=gb&SAMLArtifact=")); + + conn = null; + + SAMLRequestBuilder srb = new SAMLRequestBuilder(); + Element samlPRequest = srb.build(moaSessionID,samlArtifact); + + assertTrue(DOMUtils.serializeNode(doCall(samlPRequest)).indexOf("unbekanntes SAML-Artifakt")!=-1); + + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: Fehler beim Abholen der Anmeldedaten, unbekanntes SAML-Artifakt\n-----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA652() throws Exception { + try { + + // Anmelden + String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); + HttpsURLConnection conn = giveConnection(URL, "GET"); + conn.connect(); + String result = new String(StreamUtils.readStream(conn.getInputStream())); + String MOASessionID = parseSessionIDFromForm(result); + conn.disconnect(); + + URL = parseDataURL(result); + // Verify Identity Link + conn = giveConnection(URL, "POST"); + conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); + String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); + OutputStream out = conn.getOutputStream(); + out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); + out.flush(); + out.close(); + conn.connect(); + String redirectLoc = conn.getHeaderField("Location"); + conn.disconnect(); + //Verify Auth Block + conn = giveConnection(redirectLoc, "POST"); + String createXMLSignatureResponse = URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8"); + out = conn.getOutputStream(); + out.write(("MOASessionID=" + moaSessionID + "&XMLResponse=" + createXMLSignatureResponse).getBytes("UTF-8")); + out.flush(); + out.close(); + conn.connect(); + redirectLoc = conn.getHeaderField("Location"); + samlArtifact = parseSamlArtifact(redirectLoc); + System.out.println("SamlArtifact: " + samlArtifact); + conn.disconnect(); + + assertTrue(redirectLoc.startsWith("https://localhost:9443/?Target=gb&SAMLArtifact=")); + + conn = null; + String request = + "<samlp:Request xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" RequestID=\"" + + moaSessionID + "\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"" + + DateTimeUtils.buildDateTime(Calendar.getInstance())+"\">" + + "</samlp:Request>"; + + Element samlPRequest = DOMUtils.parseDocument(request, false, ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); + + assertTrue(DOMUtils.serializeNode(doCall(samlPRequest)).indexOf("Fehlerhaftes Requestformat")!=-1); +// writeXmldata("GetAuthenticationDataWebServiceResponse.xml", result.getBytes("UTF-8")); + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: Fehlerhaftes Requestformat\n-----------------------"); } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + protected Element doCall(Element request) + throws Exception { + QName serviceName = new QName("GetAuthenticationData"); + String endPoint = "http://localhost:8080/moa-id-auth/services/GetAuthenticationData"; + Service service = ServiceFactory.newInstance().createService(serviceName); + Call call = service.createCall(); + SOAPBodyElement body = + new SOAPBodyElement(request); + SOAPBodyElement[] params = new SOAPBodyElement[] {body}; + Vector responses; + SOAPBodyElement response; + + call.setTargetEndpointAddress(endPoint); + responses = (Vector) call.invoke(params); + response = (SOAPBodyElement) responses.get(0); + + return response.getAsDOM(); + } + + private String parseDataURL(String input) + { + return getSubString(input.substring(input.indexOf("DataURL"),input.length()),"value=\"","\""); + } + private String parseSamlArtifact(String input) + { + return getSubString(input+"@@@","SAMLArtifact=","@@@"); + } + private String getSubString(String input, String startsWith, String endsWith) + { + return input.substring(input.indexOf(startsWith)+startsWith.length(), input.indexOf(endsWith, input.indexOf(startsWith)+startsWith.length())); + } + private String getURL(String authURL, String target, String oaURL) + { + return authURL + "StartAuthentication?Target=" + target + "&OA=" + oaURL; + } + private String parseSessionIDFromForm(String htmlForm) { + String parName = "MOASessionID="; + assertTrue( + "HTML Form enth�lt keine SessionID", + htmlForm.indexOf(parName) >= 0); + int i1 = htmlForm.indexOf(parName) + parName.length(); + int i2 = htmlForm.indexOf("\"", i1); + assertTrue("HTML Form enth�lt keine g�ltige SessionID", i2 > i1); + return htmlForm.substring(i1, i2); + } + private HttpsURLConnection giveConnection(String targetURL, String requestMethod) throws Exception { + HttpsURLConnection conn = (HttpsURLConnection) new URL(targetURL).openConnection(); + conn.setRequestMethod(requestMethod); + conn.setDoInput(true); + conn.setDoOutput(true); + conn.setUseCaches(false); + conn.setAllowUserInteraction(false); + conn.setHostnameVerifier(new HostnameVerifierHack()); + return conn; + } + private class HostnameVerifierHack implements HostnameVerifier { + public boolean verify(String arg0, String arg1) { + return true; + } + } +} diff --git a/id.server/src/test/abnahme/A/Test700SelectBKU.java b/id.server/src/test/abnahme/A/Test700SelectBKU.java new file mode 100644 index 000000000..9cfa47033 --- /dev/null +++ b/id.server/src/test/abnahme/A/Test700SelectBKU.java @@ -0,0 +1,63 @@ +package test.abnahme.A; + +import test.abnahme.AbnahmeTestCase; + +/* + * @author Paul Ivancsics + * @version $Id$ + */ +public class Test700SelectBKU extends AbnahmeTestCase { + + public Test700SelectBKU(String name) { + super(name); + } + + public void testA701() throws Exception { + try { + String form = server.selectBKU( + "https://localhost:8443/auth", + "gb", + "https://localhost:9443/", + "file:" + getTestCaseDirectory() + "BKUSelectionTemplate.html", + "file:" + getTestCaseDirectory() + "Template.html"); + //writeXmldata("SelectBKUForm_out.html", form.getBytes()); + assertEqualsIgnoreSessionID(readXmldata("SelectBKUForm.html"), form); + } + catch (Exception ex) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + ex.getLocalizedMessage()); + throw ex; + } + } + public void testA702() throws Exception { + try { + String form = server.selectBKU( + "https://localhost:8443/auth", + "gb", + "https://localhost:9443/", + null, + null); + //writeXmldata("SelectBKUForm_out.html", form.getBytes()); + assertEqualsIgnoreSessionID(readXmldata("SelectBKUForm.html"), form); + } + catch (Exception ex) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + ex.getLocalizedMessage()); + throw ex; + } + } + public void testA703() throws Exception { + try { + String form = server.selectBKU( + "https://localhost:8443/auth", + "gb", + "https://localhost:9443/", + null, + null); + //writeXmldata("SelectBKUForm_out.html", form.getBytes()); + assertEqualsIgnoreSessionID(readXmldata("SelectBKUForm.html"), form); + } + catch (Exception ex) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + ex.getLocalizedMessage()); + throw ex; + } + } +} diff --git a/id.server/src/test/abnahme/AbnahmeTestCase.java b/id.server/src/test/abnahme/AbnahmeTestCase.java new file mode 100644 index 000000000..e0e6fc183 --- /dev/null +++ b/id.server/src/test/abnahme/AbnahmeTestCase.java @@ -0,0 +1,163 @@ +package test.abnahme; + +import java.io.File; +import java.io.IOException; +import java.io.RandomAccessFile; + +import test.MOAIDTestCase; + +import at.gv.egovernment.moa.id.MOAIDException; +import at.gv.egovernment.moa.id.auth.AuthenticationServer; +import at.gv.egovernment.moa.id.config.ConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.data.AuthenticationData; + +/** + * Base class for MOA ID test cases. + * + * Provides some utility functions. + * + * @author Stefan Knirsch + * @version $Id$ + */ +public class AbnahmeTestCase extends MOAIDTestCase { + + protected static final String TESTDATA_ROOT = "data/abnahme-test/"; + protected static final String TESTDATA_XMLDATA = "data/abnahme-test/xmldata/"; + protected static final String AUTH_ENDPOINT = "http://localhost:8080/moa-id-auth/"; + protected AuthenticationServer server; + + /** + * Constructor for MOATestCase. + * @param arg0 + */ + public AbnahmeTestCase(String name) { + super(name); + } + /** + * Set up a transaction context with a test configuration. + */ + protected void setUp() throws Exception { + + System.out.print("--------S-T-A-R-T----V-O-N----"); + System.out.print(getName().toUpperCase().substring(4,getName().length())); + System.out.print("-----------------------------\n"); + + // Set moa.spss.server.configuration property + System.setProperty("moa.spss.server.configuration",TESTDATA_ROOT + "conf/moa/ConfigurationTest.xml"); + + // Set moa.id.configuration property + String pathname = findXmldata("Configuration.xml"); + System.setProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME, pathname); + System.out.println("Konfiguration " + pathname); + AuthConfigurationProvider.reload(); + + server = AuthenticationServer.getInstance(); + } + /** Test case z.B. "A153" */ + protected String getID() { + return getName().toUpperCase().substring(4,getName().length()); + } + /** Test group z.B. "A100" */ + protected String getTestGroup() { + return getID().substring(0, 2) + "00"; + } + /** Test case data directory */ + protected String getTestCaseDirectory() { + return getTestGroupDirectory() + getID() + "/"; + } + /** Test group data directory */ + protected String getTestGroupDirectory() { + return TESTDATA_XMLDATA + getTestGroup() + "/"; + } + /** Finds a file in the xmldata directory */ + protected String findXmldata(String filename) { + String pathname = getTestCaseDirectory() + filename; + if (! new File(pathname).exists()) { + pathname = getTestGroupDirectory() + filename; + if (! new File(pathname).exists()) { + pathname = TESTDATA_XMLDATA + filename; + } + } + return pathname; + } + /** Finds and reads a file in the xmldata directory */ + protected String readXmldata(String filename) throws IOException { + String pathname = findXmldata(filename); + System.out.println("Read file " + pathname); + return readFile(pathname); + } + protected void writeXmldata(String filename, byte[] content) throws Exception { + String pathname = getTestCaseDirectory() + filename; + System.out.println("Write file " + pathname); + RandomAccessFile raf = new RandomAccessFile(pathname, "rw"); + byte[] data = content; + raf.write(data); + raf.setLength(data.length); + raf.close(); + } + + /** + * Creates a session using standard parameters, + * and returns the session ID. + */ + protected String startAuthentication() throws MOAIDException { + return startAuthentication("https://localhost:9443/"); + } + /** + * Creates a session using standard parameters, + * and returns the session ID. + */ + protected String startAuthentication(String oaURL) throws MOAIDException { + String htmlForm = AuthenticationServer.getInstance().startAuthentication( + "https://localhost:8443/auth", + "gb", + oaURL, + null, + null, + null); + String sessionID = parseSessionIDFromForm(htmlForm); + return sessionID; + } + private String parseSessionIDFromForm(String htmlForm) { + String parName = "MOASessionID="; + assertTrue( + "HTML Form enth�lt keine SessionID", + htmlForm.indexOf(parName) >= 0); + int i1 = htmlForm.indexOf(parName) + parName.length(); + int i2 = i1; + while(i2 < htmlForm.length() && + (htmlForm.charAt(i2) == '-' || (htmlForm.charAt(i2) >= '0' && htmlForm.charAt(i2) <= '9'))) + i2++; + assertTrue("HTML Form enth�lt keine g�ltige SessionID", i2 > i1); + return htmlForm.substring(i1, i2); + } + protected String clearSessionID(String htmlForm) { + String sessionID = parseSessionIDFromForm(htmlForm); + int i1 = htmlForm.indexOf(sessionID); + int i2 = i1 + sessionID.length(); + return htmlForm.substring(0, i1) + htmlForm.substring(i2); + } + protected void assertEqualsIgnoreSessionID(String s1, String s2) { + String ss1 = clearSessionID(s1); + String ss2 = clearSessionID(s2); + assertEquals(ss1, ss2); + } + protected void authDataWriter(AuthenticationData authData, String filename) throws Exception + { + writeXmldata("AuthenticationDataNEW.xml", clearSamlAssertion(authData.getSamlAssertion()).getBytes("UTF-8")); + } + + /** + * clearSamlAssertion l�scht aus einer beliebiegen String-Repr�sentation einer XML-Struktur + * AUSSLIESSLICH die Attribute 'IssueInstant' und 'AssertionID' heraus. + * @param samlAssertion + * @return String + */ + protected String clearSamlAssertion(String samlAssertion) + { + String result = killInclusive(samlAssertion,"IssueInstant='", "'",""); + result = killInclusive(result,"AssertionID='", "'",""); + return result; + } +}
\ No newline at end of file diff --git a/id.server/src/test/abnahme/AllTests.java b/id.server/src/test/abnahme/AllTests.java new file mode 100644 index 000000000..56a38be28 --- /dev/null +++ b/id.server/src/test/abnahme/AllTests.java @@ -0,0 +1,49 @@ +package test.abnahme; + +import junit.awtui.TestRunner; +import junit.framework.*; + +import test.abnahme.A.Test100StartAuthentication; +import test.abnahme.A.Test200VerifyIdentityLink; +import test.abnahme.A.Test300VerifyAuthBlock; +import test.abnahme.A.Test400GetAuthenticationData; +import test.abnahme.A.Test500StartAuthenticationServlet; +import test.abnahme.A.Test600GetAuthenticationDataService; +import test.abnahme.A.Test700SelectBKU; +import test.abnahme.C.Test100Konfiguration; +import test.abnahme.P.Test100LoginParameterResolver; + + + + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class AllTests { + + public static Test suite() { + TestSuite suite = new TestSuite(); + + suite.addTestSuite(Test100StartAuthentication.class); + suite.addTestSuite(Test200VerifyIdentityLink.class); + suite.addTestSuite(Test300VerifyAuthBlock.class); + suite.addTestSuite(Test400GetAuthenticationData.class); + suite.addTestSuite(Test500StartAuthenticationServlet.class); + suite.addTestSuite(Test600GetAuthenticationDataService.class); + suite.addTestSuite(Test700SelectBKU.class); + + suite.addTestSuite(Test100LoginParameterResolver.class); + + suite.addTestSuite(Test100Konfiguration.class); + return suite; + } + + public static void main(String[] args) { + try { + TestRunner.run(AllTests.class); + } catch (Exception e) { + e.printStackTrace(); + } + } +} diff --git a/id.server/src/test/abnahme/C/Test100Konfiguration.java b/id.server/src/test/abnahme/C/Test100Konfiguration.java new file mode 100644 index 000000000..7da5a7449 --- /dev/null +++ b/id.server/src/test/abnahme/C/Test100Konfiguration.java @@ -0,0 +1,60 @@ +package test.abnahme.C; + +import at.gv.egovernment.moa.id.config.ConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; + +import test.abnahme.AbnahmeTestCase; + +/** + * @author Stefan Knirsch + * @version $Id$ + * + */ + +public class Test100Konfiguration extends AbnahmeTestCase { + + public Test100Konfiguration(String name) { + super(name); + } + + public void testC001() throws Exception { + try { + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testC002() throws Exception { + try { + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testC003() throws Exception { + try { + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testC051() throws Exception { + try { + // Set moa.id.configuration property + String pathname = findXmldata("ConfigurationC051.xml"); + System.setProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME, pathname); + System.out.println("Konfiguration " + pathname); + AuthConfigurationProvider.reload(); + } + catch (Exception e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + // AuthConfigurationProvider.getInstance().getBKUConnectionParameter().getAcceptedServerCertificates() + } +} diff --git a/id.server/src/test/abnahme/P/Test100LoginParameterResolver.java b/id.server/src/test/abnahme/P/Test100LoginParameterResolver.java new file mode 100644 index 000000000..8b7b2002f --- /dev/null +++ b/id.server/src/test/abnahme/P/Test100LoginParameterResolver.java @@ -0,0 +1,146 @@ +package test.abnahme.P; +import java.util.Map; + +import sun.misc.BASE64Decoder; +import test.abnahme.AbnahmeTestCase; + +import at.gv.egovernment.moa.id.config.proxy.OAConfiguration; +import at.gv.egovernment.moa.id.config.proxy.OAProxyParameter; +import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider; +import at.gv.egovernment.moa.id.data.AuthenticationData; +import at.gv.egovernment.moa.id.proxy.LoginParameterResolver; +import at.gv.egovernment.moa.id.proxy.LoginParameterResolverFactory; +import at.gv.egovernment.moa.util.Base64Utils; + +/** + * @author Stefan Knirsch + * @version $Id$ + * + */ + +public class Test100LoginParameterResolver extends AbnahmeTestCase { + + private static final String CLIENT_IP_ADDRESS = "56.246.75.11"; + private OAConfiguration oaConf; + private LoginParameterResolver lpr; + + public Test100LoginParameterResolver(String name) { + super(name); + } + + private void setUp(String publicURLPrefix) + throws Exception { + + // get configuration data + ProxyConfigurationProvider proxyConf = ProxyConfigurationProvider.getInstance(); + OAProxyParameter oaParam = proxyConf.getOnlineApplicationParameter(publicURLPrefix); + oaConf = oaParam.getOaConfiguration(); + System.out.println("Parameter�bergabe: " + oaConf.getAuthType()); + + // get login parameter resolver + LoginParameterResolverFactory.initialize(); + lpr = LoginParameterResolverFactory.getLoginParameterResolver(publicURLPrefix); + } + public void testP101() throws Exception { + try { + // read configuration and set up LoginParameterResolver + setUp("https://testP101:9443/"); + if (! oaConf.getAuthType().equals(OAConfiguration.BASIC_AUTH)) + fail(); + + // assemble authentication data + AuthenticationData authData = new AuthenticationData(); + authData.setFamilyName("Huber"); + authData.setGivenName("Hugo"); + + // resolve login headers + Map loginHeaders = lpr.getAuthenticationHeaders(oaConf, authData, CLIENT_IP_ADDRESS); + + // validate login headers + assertEquals(1, loginHeaders.keySet().size()); + System.out.println("Header Authorization: " + loginHeaders.get("Authorization")); + System.out.println("Decoded UserID:Password " + + new String(new BASE64Decoder().decodeBuffer(((String)loginHeaders.get("Authorization")).substring(6)))); + String userIDPassword = "Hugo:Huber"; + String credentials = Base64Utils.encode(userIDPassword.getBytes()); + assertEquals("Basic " + credentials, loginHeaders.get("Authorization")); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + + } + public void testP102() throws Exception { + try { + // read configuration and set up LoginParameterResolver + setUp("https://testP102:9443/"); + if (! oaConf.getAuthType().equals(OAConfiguration.PARAM_AUTH)) + fail(); + + // assemble authentication data + AuthenticationData authData = new AuthenticationData(); + String DATE_OF_BIRTH = "1963-12-29"; + String VPK = "kp6hOq6LRAkLtrqm6EvDm6bMwJw="; + authData.setDateOfBirth(DATE_OF_BIRTH); + authData.setVPK(VPK); + + // resolve login parameters + Map loginParameters = lpr.getAuthenticationParameters(oaConf, authData, CLIENT_IP_ADDRESS); + + // validate login headers + assertEquals(2, loginParameters.keySet().size()); + System.out.println("Param1: " + loginParameters.get("Param1")); + System.out.println("Param2: " + loginParameters.get("Param2")); + assertEquals(DATE_OF_BIRTH, loginParameters.get("Param1")); + assertEquals(VPK, loginParameters.get("Param2")); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testP103() throws Exception { + try { + // read configuration and set up LoginParameterResolver + setUp("https://localhost:9443/"); + if (! oaConf.getAuthType().equals(OAConfiguration.HEADER_AUTH)) + fail(); + + // assemble authentication data + AuthenticationData authData = new AuthenticationData(); + boolean PUBLIC_AUTH = true; + String BKZ = "FinanzamtWien23Leitstelle"; + boolean QUAL_CERT = false; + String ZMR_ZAHL = "3456789012"; + authData.setPublicAuthority(PUBLIC_AUTH); + authData.setPublicAuthorityCode(BKZ); + authData.setQualifiedCertificate(QUAL_CERT); + authData.setIdentificationValue(ZMR_ZAHL); + + // resolve login headers + Map loginHeaders = lpr.getAuthenticationHeaders(oaConf, authData, CLIENT_IP_ADDRESS); + + // validate login headers + assertEquals(5, loginHeaders.keySet().size()); + System.out.println("Header Param1: " + loginHeaders.get("Param1")); + System.out.println("Header Param2: " + loginHeaders.get("Param2")); + System.out.println("Header Param3: " + loginHeaders.get("Param3")); + System.out.println("Header Param4: " + loginHeaders.get("Param4")); + System.out.println("Header Param5: " + loginHeaders.get("Param5")); + assertEquals(String.valueOf(PUBLIC_AUTH), loginHeaders.get("Param1")); + assertEquals(BKZ, loginHeaders.get("Param2")); + assertEquals(String.valueOf(QUAL_CERT), loginHeaders.get("Param3")); + assertEquals(ZMR_ZAHL, loginHeaders.get("Param4")); + assertEquals(CLIENT_IP_ADDRESS, loginHeaders.get("Param5")); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/AllTests.java b/id.server/src/test/at/gv/egovernment/moa/id/AllTests.java new file mode 100644 index 000000000..69ed3d12b --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/AllTests.java @@ -0,0 +1,41 @@ +package test.at.gv.egovernment.moa.id; + +import test.at.gv.egovernment.moa.id.auth.AuthenticationServerTest; +import test.at.gv.egovernment.moa.id.auth.servlet.GetAuthenticationDataServiceTest; +import test.at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationTest; +import test.at.gv.egovernment.moa.id.config.auth.MOAIDAuthConfigurationProviderTest; +import test.at.gv.egovernment.moa.id.config.proxy.MOAIDProxyConfigurationProviderTest; + +import junit.awtui.TestRunner; +import junit.framework.Test; +import junit.framework.TestSuite; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class AllTests { + + public static Test suite() { + TestSuite suite = new TestSuite(); + + suite.addTestSuite(AuthenticationServerTest.class); + suite.addTest(test.at.gv.egovernment.moa.id.auth.builder.AllTests.suite()); + suite.addTest(test.at.gv.egovernment.moa.id.auth.parser.AllTests.suite()); + suite.addTestSuite(GetAuthenticationDataServiceTest.class); + suite.addTestSuite(SignatureVerificationTest.class); + suite.addTestSuite(MOAIDAuthConfigurationProviderTest.class); + suite.addTestSuite(MOAIDProxyConfigurationProviderTest.class); + suite.addTest(test.at.gv.egovernment.moa.id.proxy.AllTests.suite()); + + return suite; + } + + public static void main(String[] args) { + try { + TestRunner.run(AllTests.class); + } catch (Exception e) { + e.printStackTrace(); + } + } +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/UnitTestCase.java b/id.server/src/test/at/gv/egovernment/moa/id/UnitTestCase.java new file mode 100644 index 000000000..8309a4f7e --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/UnitTestCase.java @@ -0,0 +1,35 @@ +package test.at.gv.egovernment.moa.id; + +import test.MOAIDTestCase; + +import at.gv.egovernment.moa.id.config.ConfigurationProvider; + +/** + * Base class for MOA ID test cases. + * + * Provides some utility functions. + * + * @author Patrick Peck + * @version $Id$ + */ +public class UnitTestCase extends MOAIDTestCase { + + protected static final String TESTDATA_ROOT = "data/test/"; + + /** + * Constructor for MOATestCase. + * @param arg0 + */ + public UnitTestCase(String name) { + super(name); + } + /** + * Set up a transaction context with a test configuration. + */ + protected void setUp() throws Exception { + System.setProperty( + ConfigurationProvider.CONFIG_PROPERTY_NAME, + TESTDATA_ROOT + "conf/ConfigurationTest.xml"); + } + +}
\ No newline at end of file diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/AuthenticationServerTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/AuthenticationServerTest.java new file mode 100644 index 000000000..753b2ef12 --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/auth/AuthenticationServerTest.java @@ -0,0 +1,50 @@ +package test.at.gv.egovernment.moa.id.auth; + +import at.gv.egovernment.moa.id.auth.AuthenticationServer; +import at.gv.egovernment.moa.id.data.AuthenticationData; + +import test.at.gv.egovernment.moa.id.UnitTestCase; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class AuthenticationServerTest extends UnitTestCase { + + public AuthenticationServerTest(String name) { + super(name); + } + + public void testStandard() throws Exception { + doTest( + "standard", + "https://localhost:8443/auth", + "gb", + "https://localhost:9443/", + null, + null); + } + public void doTest(String testdataDirectory, String authURL, String target, String oaURL, String bkuURL, String templateURL) throws Exception { + String testdataRoot = TESTDATA_ROOT + "xmldata/" + testdataDirectory + "/"; + AuthenticationServer server = AuthenticationServer.getInstance(); + String htmlForm = server.startAuthentication(authURL, target, oaURL, templateURL, bkuURL, null); + String sessionID = parseSessionIDFromForm(htmlForm); + String infoboxReadResponse = readFile(TESTDATA_ROOT + "xmldata/testperson1/" + "InfoboxReadResponse.xml"); + String createXMLSignatureRequest = server.verifyIdentityLink(sessionID, infoboxReadResponse); + String createXMLSignatureRequestShould = readFile(testdataRoot + "CreateXMLSignatureRequest.xml"); + assertXmlEquals(createXMLSignatureRequestShould, createXMLSignatureRequest); + String createXMLSignatureResponse = readFile(testdataRoot + "CreateXMLSignatureResponse.xml"); + String samlArtifact = server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); + AuthenticationData authData = server.getAuthenticationData(samlArtifact); + String authDataShould = readFile(testdataRoot + "AuthenticationDataAssertion.xml"); + assertXmlEquals(authDataShould, authData.getSamlAssertion()); + } + private String parseSessionIDFromForm(String htmlForm) { + String parName = "MOASessionID="; + assertTrue("HTML Form enth�lt keine SessionID", htmlForm.indexOf(parName) >= 0); + int i1 = htmlForm.indexOf(parName) + parName.length(); + int i2 = htmlForm.indexOf("\"", i1); + assertTrue("HTML Form enth�lt keine g�ltige SessionID", i2 > i1); + return htmlForm.substring(i1, i2); + } +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/MOAIDAuthInitialiserTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/MOAIDAuthInitialiserTest.java new file mode 100644 index 000000000..afaf4a199 --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/auth/MOAIDAuthInitialiserTest.java @@ -0,0 +1,55 @@ +package test.at.gv.egovernment.moa.id.auth; + +import java.io.ByteArrayInputStream; +import java.security.KeyStore; +import java.util.Enumeration; + +import iaik.pkcs.pkcs12.PKCS12; +import iaik.security.provider.IAIK; + +import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer; +import at.gv.egovernment.moa.id.config.ConfigurationProvider; +import at.gv.egovernment.moa.id.util.SSLUtils; +import at.gv.egovernment.moa.util.FileUtils; +import at.gv.egovernment.moa.util.KeyStoreUtils; + +import test.at.gv.egovernment.moa.id.UnitTestCase; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class MOAIDAuthInitialiserTest extends UnitTestCase { + + public MOAIDAuthInitialiserTest(String name) { + super(name); + } + + public void testInit() throws Exception + { +// System.setProperty( +// ConfigurationProvider.CONFIG_PROPERTY_NAME,"C://Programme/ApacheGroup/abnahme/conf/moa-id/SampleMOAIDConfiguration.xml"); +// System.setProperty( +// ConfigurationProvider.CONFIG_PROPERTY_NAME,"D://Daten/_Projects/moa_id_maengel/SampleMOAIDConfiguration.xml"); + SSLUtils.initialize(); + + try { + KeyStore s = KeyStoreUtils.loadKeyStore("pkcs12","file:C:/Programme/ApacheGroup/abnahme/cert/keystore.p12","changeit"); + System.out.println(s.getProvider().getClass().getName()); + Enumeration enum = s.aliases(); + while (enum.hasMoreElements()) { + String element = (String) enum.nextElement(); + System.out.print(element+":"); + System.out.println(s.getCertificate(element).getPublicKey().getAlgorithm()); + System.out.println(s.getCertificate(element).getType()); + } + + + System.out.println(s.getCertificate("pc41408").getPublicKey().getFormat()); + + } + catch (Exception e) {e.printStackTrace();}; + + } + + } diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/AllTests.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/AllTests.java new file mode 100644 index 000000000..77dff29aa --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/AllTests.java @@ -0,0 +1,33 @@ +package test.at.gv.egovernment.moa.id.auth.builder; + +import junit.awtui.TestRunner; +import junit.framework.Test; +import junit.framework.TestSuite; + +/** + * @author patrick + * @version $Id$ + */ +public class AllTests { + + public static Test suite() { + TestSuite suite = new TestSuite(); + + suite.addTestSuite(AuthenticationBlockAssertionBuilderTest.class); + suite.addTestSuite(CreateXMLSignatureBuilderTest.class); + suite.addTestSuite(GetIdentityLinkFormBuilderTest.class); + suite.addTestSuite(InfoboxReadRequestBuilderTest.class); + suite.addTestSuite(PersonDataBuilderTest.class); + suite.addTestSuite(SAMLArtifactBuilderTest.class); + + return suite; + } + + public static void main(String[] args) { + try { + TestRunner.run(AllTests.class); + } catch (Exception e) { + e.printStackTrace(); + } + } +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilderTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilderTest.java new file mode 100644 index 000000000..2717ee8c0 --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilderTest.java @@ -0,0 +1,46 @@ +package test.at.gv.egovernment.moa.id.auth.builder; + +import test.at.gv.egovernment.moa.id.UnitTestCase; + +import at.gv.egovernment.moa.id.auth.builder.AuthenticationBlockAssertionBuilder; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class AuthenticationBlockAssertionBuilderTest extends UnitTestCase { + private static final String nl = "\n"; + private static final String ISSUER = "Hugo Mustermann"; + private static final String ISSUE_INSTANT = "2003-03-15T22:50:21+01:00"; + private static final String AUTH_URL = "https://auth.moa.gv.at/"; + private static final String TARGET = "Grundbuch"; + private static final String OA_URL = "https://grundbuch.gv.at/"; + + // wird auch von CreateXMLSignatureBuilderTest verwendet ! + public static final String ASSERTION_SHOULD = +"<saml:Assertion xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' MajorVersion='1' MinorVersion='0' AssertionID='any' Issuer='" + ISSUER + "' IssueInstant='" + ISSUE_INSTANT + "'>" + nl + +" <saml:AttributeStatement>" + nl + +" <saml:Subject>" + nl + +" <saml:NameIdentifier>" + AUTH_URL + "</saml:NameIdentifier>" + nl + +" </saml:Subject>" + nl + +" <saml:Attribute AttributeName='Gesch�ftsbereich' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'>" + nl + +" <saml:AttributeValue>" + TARGET + "</saml:AttributeValue>" + nl + +" </saml:Attribute>" + nl + +" <saml:Attribute AttributeName='OA' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'>" + nl + +" <saml:AttributeValue>" + OA_URL + "</saml:AttributeValue>" + nl + +" </saml:Attribute>" + nl + +" </saml:AttributeStatement>" + nl + +"</saml:Assertion>"; + + public AuthenticationBlockAssertionBuilderTest(String name) { + super(name); + } + + public void testBuild() throws Exception { + AuthenticationBlockAssertionBuilder builder = new AuthenticationBlockAssertionBuilder(); + String assertionBuilt = builder.build(ISSUER, ISSUE_INSTANT, AUTH_URL, TARGET, OA_URL); + assertionBuilt = XML_DECL + assertionBuilt; + String assertionShould = XML_DECL + ASSERTION_SHOULD; + assertXmlEquals(assertionShould, assertionBuilt); + } +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureBuilderTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureBuilderTest.java new file mode 100644 index 000000000..13f86efee --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureBuilderTest.java @@ -0,0 +1,58 @@ +package test.at.gv.egovernment.moa.id.auth.builder; + +import at.gv.egovernment.moa.id.auth.builder.CreateXMLSignatureRequestBuilder; + +import test.at.gv.egovernment.moa.id.UnitTestCase; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class CreateXMLSignatureBuilderTest extends UnitTestCase { + private static final String nl = "\n"; + public static final String TRANSFORMS_INFO = + " <sl10:TransformsInfo>" + nl + + " <dsig:Transforms>" + nl + + " <dsig:Transform Algorithm='http://www.w3.org/2000/09/xmldsig#enveloped-signature'/>" + nl + + " <dsig:Transform Algorithm='http://www.w3.org/TR/1999/REC-xslt-19991116'>" + nl + +"<xsl:stylesheet version='1.0' xmlns:xsl='http://www.w3.org/1999/XSL/Transform' xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' >" + nl + +"<xsl:template match='/'>" + nl + +"<html>" + nl + +"<body>" + nl + +"</body>" + nl + +"</html>" + nl + +"</xsl:template>" + nl + +"</xsl:stylesheet>" + nl + + " </dsig:Transform>" + nl + + " </dsig:Transforms>" + nl + + " <sl10:FinalDataMetaInfo>" + nl + + " <sl10:MimeType>text/html</sl10:MimeType>" + nl + + " </sl10:FinalDataMetaInfo>" + nl + + " </sl10:TransformsInfo>" + nl; + public static final String REQUEST_SHOULD = +"<?xml version=\"1.0\" encoding=\"UTF-8\"?>" + nl + +"<sl11:CreateXMLSignatureRequest xmlns:dsig=\"http://www.w3.org/2000/09/xmldsig#\" xmlns:sl10=\"http://www.buergerkarte.at/namespaces/securitylayer/20020225#\" xmlns:sl11=\"http://www.buergerkarte.at/namespaces/securitylayer/20020831#\">" + nl + +" <sl11:KeyboxIdentifier>SecureSignatureKeypair</sl11:KeyboxIdentifier>" + nl + +" <sl11:DataObjectInfo Structure=\"detached\">" + nl + +" <sl10:DataObject Reference=\"\"/>" + nl + +TRANSFORMS_INFO + +" </sl11:DataObjectInfo>" + nl + +" <sl11:SignatureInfo>" + nl + +" <sl11:SignatureEnvironment>" + nl + +" <sl10:XMLContent>" + AuthenticationBlockAssertionBuilderTest.ASSERTION_SHOULD + "</sl10:XMLContent>" + nl + +" </sl11:SignatureEnvironment>" + nl + +" <sl11:SignatureLocation Index=\"2\">/saml:Assertion</sl11:SignatureLocation>" + nl + +" </sl11:SignatureInfo>" + nl + +"</sl11:CreateXMLSignatureRequest>"; + + public CreateXMLSignatureBuilderTest(String name) { + super(name); + } + + public void testBuild() throws Exception { + String request = new CreateXMLSignatureRequestBuilder().build( + AuthenticationBlockAssertionBuilderTest.ASSERTION_SHOULD, + new String[] {TRANSFORMS_INFO}); + assertXmlEquals(REQUEST_SHOULD, request); + } +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java new file mode 100644 index 000000000..9142a8e42 --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java @@ -0,0 +1,73 @@ +package test.at.gv.egovernment.moa.id.auth.builder; + +import java.text.MessageFormat; + +import junit.framework.TestCase; + +import at.gv.egovernment.moa.id.auth.builder.CertInfoVerifyXMLSignatureRequestBuilder; +import at.gv.egovernment.moa.id.auth.builder.GetIdentityLinkFormBuilder; +import at.gv.egovernment.moa.id.auth.builder.InfoboxReadRequestBuilder; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class GetIdentityLinkFormBuilderTest extends TestCase { + private static String nl = "\n"; + public static String FORM = + "<meta http-equiv=\"content-type\" content=\"text/html; charset=UTF-8\">" + nl + + "<html>" + nl + + "<head>" + nl + + "<title>Auslesen der Personenbindung</title>" + nl + + "</head>" + nl + + "<body>" + nl + + "<form name=\"GetIdentityLinkForm\"" + nl + + " action=\"{0}\"" + nl + + " method=\"post\">" + nl + + " <input type=\"hidden\" " + nl + + " name=\"XMLRequest\"" + nl + + " value=\"{1}\"/>" + nl + + " <input type=\"hidden\" " + nl + + " name=\"DataURL\"" + nl + + " value=\"{2}\"/>" + nl + + " <input type=\"submit\" value=\"Auslesen der Personenbindung\"/>" + nl + + "</form>" + nl + + "<form name=\"CertificateInfoForm\"" + nl + + " action=\"{0}\"" + nl + + " method=\"post\">" + nl + + " <input type=\"hidden\" " + nl + + " name=\"XMLRequest\"" + nl + + " value=\"{3}\"/>" + nl + + " <input type=\"hidden\" " + nl + + " name=\"DataURL\"" + nl + + " value=\"{4}\"/>" + nl + + " <input type=\"submit\" value=\"Information zu Wurzelzertifikaten\"/>" + nl + + "</form>" + nl + + "</body>" + nl + + "</html>"; + public static String BKU = + "http://localhost:3495/http-security-layer-request"; + + public void testBuild() throws Exception { + String xmlRequest = new InfoboxReadRequestBuilder().build(); + String dataURL = "https://1.2.3.4/auth/VerifyIdentityLink?MOASessionID=1234567"; + String infoRequest = new CertInfoVerifyXMLSignatureRequestBuilder().build(); + String infoDataURL = "https://1.2.3.4/auth/StartAuthentication?Target=gb&OA=https://oa.gv.at/"; + String form = new GetIdentityLinkFormBuilder().build(null, null, xmlRequest, dataURL, infoRequest, infoDataURL); + String formShould = MessageFormat.format( + FORM, new Object[] { BKU, xmlRequest, dataURL, infoRequest, infoDataURL }); + assertEquals(formShould, form); + } + public void testBuildCustomBKU() throws Exception { + String xmlRequest = new InfoboxReadRequestBuilder().build(); + String dataURL = "https://1.2.3.4/auth/AuthServlet/StartAuthentication?MOASessionID=1234567"; + String infoRequest = new CertInfoVerifyXMLSignatureRequestBuilder().build(); + String infoDataURL = "https://1.2.3.4/auth/StartAuthentication?Target=gb&OA=https://oa.gv.at/"; + String bkuURL = "http://bku.at/"; + String form = new GetIdentityLinkFormBuilder().build(null, bkuURL, xmlRequest, dataURL, infoRequest, infoDataURL); + String formShould = MessageFormat.format( + FORM, new Object[] { bkuURL, xmlRequest, dataURL, infoRequest, infoDataURL }); + assertEquals(formShould, form); + } + +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilderTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilderTest.java new file mode 100644 index 000000000..b65fc9ecf --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilderTest.java @@ -0,0 +1,29 @@ +package test.at.gv.egovernment.moa.id.auth.builder; + +import org.w3c.dom.Document; +import test.at.gv.egovernment.moa.id.UnitTestCase; + +import at.gv.egovernment.moa.id.auth.builder.InfoboxReadRequestBuilder; +import at.gv.egovernment.moa.util.Constants; +import at.gv.egovernment.moa.util.DOMUtils; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class InfoboxReadRequestBuilderTest extends UnitTestCase implements Constants { + + public InfoboxReadRequestBuilderTest(String name) { + super(name); + } + + public void testBuild() throws Exception { + InfoboxReadRequestBuilder builder = new InfoboxReadRequestBuilder(); + String xmlBuilt = builder.build(); + Document docBuilt = DOMUtils.parseDocument(xmlBuilt, false, ALL_SCHEMA_LOCATIONS, null); + String xmlBuiltSerialized = DOMUtils.serializeNode(docBuilt); + // xmlShould was generated by Hot:Sign Tester + String xmlShould = "<?xml version='1.0' encoding='utf-8'?><sl10:InfoboxReadRequest xmlns:sl10='http://www.buergerkarte.at/namespaces/securitylayer/20020225#'><sl10:InfoboxIdentifier>IdentityLink</sl10:InfoboxIdentifier><sl10:BinaryFileParameters ContentIsXMLEntity='true'/></sl10:InfoboxReadRequest>"; + assertXmlEquals(xmlShould, xmlBuiltSerialized); + } +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilderTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilderTest.java new file mode 100644 index 000000000..504679fd5 --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilderTest.java @@ -0,0 +1,51 @@ +package test.at.gv.egovernment.moa.id.auth.builder; + +import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder; +import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; +import at.gv.egovernment.moa.util.Constants; + +import test.at.gv.egovernment.moa.id.UnitTestCase; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class PersonDataBuilderTest extends UnitTestCase implements Constants { + + /** + * Constructor for PersonDataBuilderTest. + */ + public PersonDataBuilderTest(String arg) { + super(arg); + } + public void testBuild() throws Exception { + String xmlInfoboxReadResponse = readFile("data/test/xmldata/testperson1/InfoboxReadResponse.xml"); + IdentityLink il = new InfoboxReadResponseParser(xmlInfoboxReadResponse).parseIdentityLink(); + String xmlPersonData = new PersonDataBuilder().build(il, true); + String xmlPersonDataShould = "<pr:Person xsi:type=\"pr:PhysicalPersonType\"><pr:Identification><pr:Value>123456789012</pr:Value><pr:Type>http://reference.e-government.gv.at/names/persondata/20020228#zmr-zahl</pr:Type></pr:Identification><pr:Name><pr:GivenName>Hermann</pr:GivenName><pr:FamilyName primary=\"undefined\">Muster</pr:FamilyName></pr:Name><pr:DateOfBirth>1968-10-22</pr:DateOfBirth></pr:Person>"; + assertPersonDataEquals(xmlPersonDataShould, xmlPersonData); + } + public void testBuildNoZMRZahl() throws Exception { + String xmlInfoboxReadResponse = readFile("data/test/xmldata/testperson1/InfoboxReadResponse.xml"); + IdentityLink il = new InfoboxReadResponseParser(xmlInfoboxReadResponse).parseIdentityLink(); + String xmlPersonData = new PersonDataBuilder().build(il, false); + String xmlPersonDataShould = XML_DECL + "<pr:Person xsi:type=\"pr:PhysicalPersonType\"><pr:Name><pr:GivenName>Hermann</pr:GivenName><pr:FamilyName primary=\"undefined\">Muster</pr:FamilyName></pr:Name><pr:DateOfBirth>1968-10-22</pr:DateOfBirth></pr:Person>"; + assertPersonDataEquals(xmlPersonDataShould, xmlPersonData); + } + private void assertPersonDataEquals(String s1, String s2) throws Exception { + String ss1 = insertPrNS(s1); + String ss2 = insertPrNS(s2); + assertXmlEquals(ss1, ss2); + } + private String insertPrNS(String xmlPersonData) { + int startNS = xmlPersonData.indexOf("Person") + "Person".length() + 1; + String s = + xmlPersonData.substring(0, startNS) + + "xmlns:pr=\"" + PD_NS_URI + "\" " + + "xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" " + + xmlPersonData.substring(startNS); + return s; + } + +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java new file mode 100644 index 000000000..3ec73ee4c --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java @@ -0,0 +1,52 @@ +package test.at.gv.egovernment.moa.id.auth.builder; + +import at.gv.egovernment.moa.id.BuildException; +import at.gv.egovernment.moa.id.auth.builder.SAMLArtifactBuilder; +import at.gv.egovernment.moa.util.Base64Utils; + +import test.at.gv.egovernment.moa.id.UnitTestCase; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class SAMLArtifactBuilderTest extends UnitTestCase { + + private static final String AUTH_URL = "https://moa.gv.at/auth/"; + private static final String SESSION_ID_1 = "123456"; + private static final String SESSION_ID_2 = "123457"; + private static final String SESSION_ID_3 = "1234567"; + + private SAMLArtifactBuilder builder; + private byte[] artifact1; + private byte[] artifact2; + private byte[] artifact3; + + public SAMLArtifactBuilderTest(String name) { + super(name); + } + protected void setUp() throws Exception { + builder = new SAMLArtifactBuilder(); + artifact1 = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_1), false); + artifact2 = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_2), false); + artifact3 = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_3), false); + } + + public void testBuildArtifactLength() throws BuildException { + assertEquals(42, artifact1.length); + assertEquals(42, artifact2.length); + assertEquals(42, artifact3.length); + } + public void testBuildSameArtifact() throws Exception { + byte[] artifact1Clone = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_1), false); + assertEquals(new String(artifact1), new String(artifact1Clone)); + } + public void testBuildDifferentArtifacts() throws BuildException { + String msg = "SAML Artifacts should be different"; + assertFalse(msg, new String(artifact1).equals(new String(artifact2))); + assertFalse(msg, new String(artifact1).equals(new String(artifact3))); + assertFalse(msg, new String(artifact3).equals(new String(artifact2))); + } + + +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilderTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilderTest.java new file mode 100644 index 000000000..5b3bb5906 --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilderTest.java @@ -0,0 +1,93 @@ +package test.at.gv.egovernment.moa.id.auth.builder; + +import java.io.FileInputStream; +import java.io.RandomAccessFile; + +import org.w3c.dom.Element; +import test.at.gv.egovernment.moa.id.auth.invoke.MOASPSSTestCase; + +import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; +import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; +import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser; +import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; +import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; +import at.gv.egovernment.moa.id.config.ConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; + + + +/** + * Test case for the signature verification web service. + * + * This test requires a running SignatureVerification web service. + * + * @author Stefan Knirsch + * @version $Id$ + */ +public class VerifyXMLSignatureRequestBuilderTest extends MOASPSSTestCase { + + + private SignatureVerificationInvoker caller; + + public VerifyXMLSignatureRequestBuilderTest(String name) { + super(name); + } + + public void setUp() { + System.setProperty( + ConfigurationProvider.CONFIG_PROPERTY_NAME, + "data/test/conf/ConfigurationTest.xml"); + caller = new SignatureVerificationInvoker(); + } + + public void testVerifyXMLSignatureRequestBuilderIdentityLink() throws Exception { + + RandomAccessFile infoBox = new RandomAccessFile( + "data/test/xmldata/testperson1/InfoboxReadResponse.xml","r"); + byte[] b = new byte[(int) infoBox.length()]; + infoBox.read(b); + infoBox.close(); + String xmlInfoboxReadResponse = new String(b, "UTF-8"); + + + RandomAccessFile vr = new RandomAccessFile( + "data/test/xmldata/standard/VerifyXMLSignatureRequestIdentityLink.xml","r"); + b = new byte[(int) vr.length()]; + vr.read(b); + vr.close(); + String xmlResponse = new String(b, "UTF-8"); + + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(xmlInfoboxReadResponse); + IdentityLink idl = irrp.parseIdentityLink(); + VerifyXMLSignatureRequestBuilder vsrb = new VerifyXMLSignatureRequestBuilder(); + AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance(); + + Element requestBuild = vsrb.build(idl, authConf.getMoaSpIdentityLinkTrustProfileID()); + + assertXmlEquals(requestBuild, xmlResponse); + + } + + public void testVerifyXMLSignature2() throws Exception { + + RandomAccessFile s = new RandomAccessFile("data/test/xmldata/standard/CreateXMLSignatureResponse.xml","r"); + byte[] b = new byte[(int) s.length()]; + s.read(b); + s.close(); + String xmlCreateXMLSignatureResponse = new String(b, "UTF-8"); + + CreateXMLSignatureResponseParser cXMLsrp = new CreateXMLSignatureResponseParser(xmlCreateXMLSignatureResponse); + CreateXMLSignatureResponse csr = cXMLsrp.parseResponse(); + + VerifyXMLSignatureRequestBuilder vsrb = new VerifyXMLSignatureRequestBuilder(); + + AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance(); + + Element request = vsrb.build(csr, authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs(), authConf.getMoaSpIdentityLinkTrustProfileID()); + + // check the result + assertXmlEquals(request, new FileInputStream("data/test/xmldata/standard/VerifyXMLSignatureRequestCreateXML.xml")); + + } + } diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/invoke/MOASPSSTestCase.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/invoke/MOASPSSTestCase.java new file mode 100644 index 000000000..7ae6f70ef --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/auth/invoke/MOASPSSTestCase.java @@ -0,0 +1,38 @@ +package test.at.gv.egovernment.moa.id.auth.invoke; + +import java.security.Security; + +import test.at.gv.egovernment.moa.id.UnitTestCase; + +/** + * Base class for end-to-end tests of MOA web-services. + * + * Initializes the test system and provides some properties. + * + * @author Patrick Peck + * @version $Id$ + */ +public class MOASPSSTestCase extends UnitTestCase { + + public MOASPSSTestCase(String name) { + super(name); + } + + + protected void setupSSL() { + System.setProperty("javax.net.debug", "all"); + Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); + System.setProperty( + "java.protocol.handler.pkgs", + "com.sun.net.ssl.internal.www.protocol"); + System.setProperty( + "javax.net.ssl.keyStore", + "data/test/security/client.keystore"); + System.setProperty("javax.net.ssl.keyStorePassword", "changeit"); + System.setProperty( + "javax.net.ssl.trustStore", + "data/test/security/client.keystore"); + System.setProperty("javax.net.ssl.trustStorePassword", "changeit"); + } + +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationTest.java new file mode 100644 index 000000000..e56dcde91 --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationTest.java @@ -0,0 +1,166 @@ +package test.at.gv.egovernment.moa.id.auth.invoke; + +import java.io.RandomAccessFile; + +import org.w3c.dom.Element; + +import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; +import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; +import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; +import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser; +import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; +import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; +import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; +import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator; +import at.gv.egovernment.moa.id.config.ConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.util.DOMUtils; + + + +/** + * Test case for the signature verification web service. + * + * This test requires a running SignatureVerification web service. + * + * @author Patrick Peck + * @author Fatemeh Philippi + * @version $Id$ + */ +public class SignatureVerificationTest extends MOASPSSTestCase { + + + private SignatureVerificationInvoker caller; + + public SignatureVerificationTest(String name) { + super(name); + } + + public void setUp() { +System.setProperty( + ConfigurationProvider.CONFIG_PROPERTY_NAME, + "data/test/conf/ConfigurationTest.xml"); + caller = new SignatureVerificationInvoker(); + } + +/* public void testVerifyCMSSignature() throws Exception { + Element request = + parseXml("data/test/xml/VCSQ000.xml").getDocumentElement(); + Element result; + + // call the service + result = caller.verifyXMLSignature(request); + + // check the result + assertEquals("VerifyCMSSignatureResponse", result.getTagName()); + }*/ + + public void testVerifyXMLSignature1() throws Exception { + + //Momentan zeigt die Konfiguration als Endpunkt aus localhost:8081 zum + //Protokollieren per TCPMon... der ECHT Endpunkt ist 10.16.46.108:8080 + RandomAccessFile s = + new RandomAccessFile( + "data/test/xmldata/testperson1/InfoboxReadResponse.xml","r"); + byte[] b = new byte[(int) s.length()]; + s.read(b); + String xmlInfoboxReadResponse =new String(b,"UTF8"); + + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(xmlInfoboxReadResponse); + IdentityLink idl = irrp.parseIdentityLink(); + VerifyXMLSignatureRequestBuilder vsrb = new VerifyXMLSignatureRequestBuilder(); + + AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance(); + + Element request = vsrb.build(idl, authConf.getMoaSpIdentityLinkTrustProfileID()); + s =new RandomAccessFile("D://PatricksVerifyXMLSignatureRequestWithInfoboxReadResponse.xml","rw"); + s.write(DOMUtils.serializeNode(request).getBytes("UTF-8")); + s.close(); +// Element request = DOMUtils.parseDocument(vsrb.build(xmlInfoboxReadResponse,"TrustProfile1"),false,null,null).getDocumentElement(); +// Element request = DOMUtils.parseDocument(xmlInfoboxReadResponse,false,null,null).getDocumentElement(); +// call the service + Element response = caller.verifyXMLSignature(request); + VerifyXMLSignatureResponseParser vParser = new VerifyXMLSignatureResponseParser(response); + VerifyXMLSignatureResponse vData = vParser.parseData(); + VerifyXMLSignatureResponseValidator vValidate = VerifyXMLSignatureResponseValidator.getInstance(); + vValidate.validate(vData, authConf.getIdentityLinkX509SubjectNames(), VerifyXMLSignatureResponseValidator.CHECK_IDENTITY_LINK); + vValidate.validateCertificate(vData,idl); + + // check the result + assertXmlEquals(response, request); + + } + + public void testVerifyXMLSignature2() throws Exception { + // Pr�ft den 2. Aufruf mit dem CreateXMLSIgnatureResponse als Parameter + //Momentan zeigt die Konfiguration als Endpunkt aus localhost:8081 zum + //Protokollieren per TCPMon... der ECHT Endpunkt ist 10.16.46.108:8080 + RandomAccessFile s = + new RandomAccessFile( + "data/test/xmldata/standard/CreateXMLSignatureResponse.xml","r"); + byte[] b = new byte[(int) s.length()]; + s.read(b); + String xmlCreateXMLSignatureResponse = new String(b, "UTF8"); + + CreateXMLSignatureResponseParser cXMLsrp = new CreateXMLSignatureResponseParser(xmlCreateXMLSignatureResponse); +// CreateXMLSignatureResponseParser cXMLsrp = new CreateXMLSignatureResponseParser(xmlCreateXMLSignatureResponse); + CreateXMLSignatureResponse csr = cXMLsrp.parseResponse(); + + VerifyXMLSignatureRequestBuilder vsrb = new VerifyXMLSignatureRequestBuilder(); + + AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance(); + + Element request = vsrb.build(csr, authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs(), authConf.getMoaSpIdentityLinkTrustProfileID()); + // Element request = DOMUtils.parseDocument(vsrb.build(xmlInfoboxReadResponse,"TrustProfile1"),false,null,null).getDocumentElement(); +// Element request = DOMUtils.parseDocument(xmlInfoboxReadResponse,false,null,null).getDocumentElement(); + Element result; +/*s =new RandomAccessFile("D://PatricksVerifyXMLSignatureRequestWithAuthBlock.xml","rw"); + s.write(DOMUtils.serializeNode(request).getBytes("UTF-8")); + s.close();*/ + // call the service + result = caller.verifyXMLSignature(request); + // check the result + assertEquals("VerifyXMLSignatureResponse", result.getTagName()); + + } + + + public void testParseCreateXMLSignatureResponse() throws Exception { + + //Sp�ter soll die Datei direkt vom Server geholt werden... + + RandomAccessFile s = + new RandomAccessFile( + "data/test/xmldata/standard/CreateXMLSignatureResponse.xml", + + "r"); + byte[] b = new byte[(int) s.length()]; + s.read(b); + String xmlCreateXMLSignatureResponse = new String(b, "UTF-8"); + + CreateXMLSignatureResponseParser cXMLsrp = new CreateXMLSignatureResponseParser(xmlCreateXMLSignatureResponse); + CreateXMLSignatureResponse csr = cXMLsrp.parseResponse(); + + } + + public void testParseVerifyXMLSignatureResponse() throws Exception { + + //Sp�ter soll die Datei direkt vom Server geholt werden... + + RandomAccessFile s = + new RandomAccessFile( + "data/test/xmldata/standard/VerifyXMLSignaterResponse.xml", + + "r"); + byte[] b = new byte[(int) s.length()]; + s.read(b); + String xmlVerifyXMLSignatureResponse = new String(b, "UTF-8"); + + VerifyXMLSignatureResponseParser vXMLsrp = new VerifyXMLSignatureResponseParser(xmlVerifyXMLSignatureResponse); + VerifyXMLSignatureResponse vsr = vXMLsrp.parseData(); + + } + + + } diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/parser/AllTests.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/parser/AllTests.java new file mode 100644 index 000000000..84f5110b0 --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/auth/parser/AllTests.java @@ -0,0 +1,29 @@ +package test.at.gv.egovernment.moa.id.auth.parser; + +import junit.awtui.TestRunner; +import junit.framework.Test; +import junit.framework.TestSuite; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class AllTests { + + public static Test suite() { + TestSuite suite = new TestSuite(); + + suite.addTestSuite(IdentityLinkAssertionParserTest.class); + suite.addTestSuite(SAMLArtifactParserTest.class); + + return suite; + } + + public static void main(String[] args) { + try { + TestRunner.run(AllTests.class); + } catch (Exception e) { + e.printStackTrace(); + } + } +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParserTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParserTest.java new file mode 100644 index 000000000..77eb360bc --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParserTest.java @@ -0,0 +1,137 @@ +package test.at.gv.egovernment.moa.id.auth.parser; + +import iaik.security.rsa.RSAPublicKey; + +import java.io.FileOutputStream; +import java.io.RandomAccessFile; +import java.security.PublicKey; + +import org.w3c.dom.Document; + +import test.at.gv.egovernment.moa.id.UnitTestCase; + +import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; +import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.parser.ECDSAKeyValueConverter; +import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; +import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; +import at.gv.egovernment.moa.id.auth.validator.IdentityLinkValidator; +import at.gv.egovernment.moa.util.Constants; +import at.gv.egovernment.moa.util.DOMUtils; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class IdentityLinkAssertionParserTest extends UnitTestCase { + + IdentityLinkAssertionParser ilap; + + public IdentityLinkAssertionParserTest(String name) { + super(name); + } + + public void setUp() { + try { + RandomAccessFile s = + new RandomAccessFile( + "data/test/xmldata/testperson1/InfoboxReadResponse.xml", + "r"); + byte[] b = new byte[(int) s.length()]; + s.read(b); + String xmlInfoboxReadResponse = new String(b, "UTF-8"); + + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(xmlInfoboxReadResponse); + ilap = new IdentityLinkAssertionParser(irrp.parseSAMLAssertion()); + } + catch (Exception e) { + e.printStackTrace(); + } + } + + public void testParseIdentityLink() throws Exception { + IdentityLink idl = ilap.parseIdentityLink(); + System.out.println(idl.getGivenName()); + System.out.println(idl.getFamilyName()); + System.out.println(idl.getDateOfBirth()); + System.out.println(idl.getIdentificationValue()); + + VerifyXMLSignatureRequestBuilder vx = new VerifyXMLSignatureRequestBuilder(); + + // Element zur�ck bekommen: vx.build(idl.getSamlAssertion()); + + IdentityLinkValidator idVali = IdentityLinkValidator.getInstance(); + idVali.validate(idl); + + } + + public void testParseIdentityLinkECC() throws Exception { + RandomAccessFile s = + new RandomAccessFile( + "data/test/xmldata/IL.ResponseToRequest.01.ECDSA.xml", + "r"); + byte[] b = new byte[(int) s.length()]; + s.read(b); + String xmlInfoboxReadResponse = new String(b); + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(xmlInfoboxReadResponse); + String SAML = irrp.parseSAMLAssertion(); + ilap = new IdentityLinkAssertionParser(SAML); + IdentityLink idl = ilap.parseIdentityLink(); + System.out.println(idl.getGivenName()); + System.out.println(idl.getFamilyName()); + System.out.println(idl.getDateOfBirth()); + System.out.println(idl.getIdentificationValue()); + + VerifyXMLSignatureRequestBuilder vx = new VerifyXMLSignatureRequestBuilder(); + + // Element zur�ck bekommen: vx.build(idl.getSamlAssertion()); + + IdentityLinkValidator idVali = IdentityLinkValidator.getInstance(); + idVali.validate(idl); + + } + + public void testRSAPublicKeys() throws Exception { + if (ilap.getPublicKeys()[0].getClass().getName().equals("iaik.security.rsa.RSAPublicKey")) + { + + for (int i = 0; i < ilap.getPublicKeys().length; i++) { + RSAPublicKey result = (RSAPublicKey)ilap.getPublicKeys()[i]; + System.out.println("RSA Public Key No" + i); + System.out.println("Modulus: " + result.getModulus()); + System.out.println("Exponent: " + result.getPublicExponent()); + } + + } + } + + public void testECDSAPublicKeys() throws Exception { + + RandomAccessFile s = + new RandomAccessFile( + "data/test/xmldata/ECDSAKeyExample.xml", + "r"); + byte[] b = new byte[(int) s.length()]; + s.read(b); + String ecdsaKey = new String(b, "UTF-8"); + Document e = DOMUtils.parseDocument(ecdsaKey,true,Constants.ALL_SCHEMA_LOCATIONS, null); + PublicKey p = ECDSAKeyValueConverter.element2ECDSAPublicKey(e.getDocumentElement()); + + } + + + public void testDsigCertificates() throws Exception { + + String[] result = ilap.getCertificates(); + for (int i = 0; i < result.length; i++) { + + System.out.println("DSIG Certificate Length: " + result[i].length() + " No" + i + "\n" + result[i]); + FileOutputStream raf = new FileOutputStream("data/test/certs/cert" + i + ".cer"); + raf.write(result[i].getBytes()); + raf.flush(); + raf.close(); + } + + } + +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParserTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParserTest.java new file mode 100644 index 000000000..9a878be2c --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParserTest.java @@ -0,0 +1,67 @@ +package test.at.gv.egovernment.moa.id.auth.parser; + +import java.io.RandomAccessFile; + +import test.at.gv.egovernment.moa.id.UnitTestCase; + +import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; +import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class InfoboxReadResponseParserTest extends UnitTestCase { + + IdentityLinkAssertionParser ilap; + + public InfoboxReadResponseParserTest(String name) { + super(name); + } + + public void setUp() { + } + + public void testParseInfoboxReadResponse() throws Exception { + RandomAccessFile s = + new RandomAccessFile( + "data/test/xmldata/testperson1/InfoboxReadResponse.xml", + "r"); + byte[] b = new byte[(int) s.length()]; + s.read(b); + String xmlInfoboxReadResponse = new String(b, "UTF-8"); + + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(xmlInfoboxReadResponse); + ilap = new IdentityLinkAssertionParser(irrp.parseSAMLAssertion()); + + IdentityLink idl = ilap.parseIdentityLink(); + System.out.println(idl.getGivenName()); + System.out.println(idl.getFamilyName()); + System.out.println(idl.getDateOfBirth()); + System.out.println(idl.getIdentificationValue()); + + } + + public void testParseInfoboxReadResponseError() throws Exception { + RandomAccessFile s = + new RandomAccessFile( + "data/test/xmldata/ErrorResponse.xml", + "r"); + byte[] b = new byte[(int) s.length()]; + s.read(b); + String xmlInfoboxReadResponse = new String(b, "UTF-8"); + + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(xmlInfoboxReadResponse); + ilap = new IdentityLinkAssertionParser(irrp.parseSAMLAssertion()); + + IdentityLink idl = ilap.parseIdentityLink(); + System.out.println(idl.getGivenName()); + System.out.println(idl.getFamilyName()); + System.out.println(idl.getDateOfBirth()); + System.out.println(idl.getIdentificationValue()); + + } + + +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java new file mode 100644 index 000000000..992e799bd --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java @@ -0,0 +1,55 @@ +package test.at.gv.egovernment.moa.id.auth.parser; + +import at.gv.egovernment.moa.id.auth.builder.SAMLArtifactBuilder; +import at.gv.egovernment.moa.id.auth.parser.SAMLArtifactParser; +import at.gv.egovernment.moa.id.util.Random; +import test.at.gv.egovernment.moa.id.UnitTestCase; + +/* + * @author Paul Ivancsics + * @version $Id$ + */ +public class SAMLArtifactParserTest extends UnitTestCase { + + private static String URL1 = "http://moa.gv.at/auth"; + private static String URL2 = "https://moa.gv.at/auth"; + + public SAMLArtifactParserTest(String name) { + super(name); + } + + public void testParseTypeCode() throws Exception { + String sessionID = Random.nextRandom(); + String samlArtifact = new SAMLArtifactBuilder().build(URL1, sessionID); + byte[] typeCode = new SAMLArtifactParser(samlArtifact).parseTypeCode(); + assertEquals(typeCode[0], 0); + assertEquals(typeCode[1], 1); + } + public void testParseAssertionHandleSameSessionID() throws Exception { + // SAML artifacts for different authURL's but same sessionID MUST give same assertion handle + String sessionID = Random.nextRandom(); + String samlArtifact1 = new SAMLArtifactBuilder().build(URL1, sessionID); + String samlArtifact2 = new SAMLArtifactBuilder().build(URL2, sessionID); + String assertionHandle1 = new SAMLArtifactParser(samlArtifact1).parseAssertionHandle(); + String assertionHandle2 = new SAMLArtifactParser(samlArtifact2).parseAssertionHandle(); + assertEquals(assertionHandle1, assertionHandle2); + } + public void testParseAssertionHandleSameURL() throws Exception { + // SAML artifacts for same authURL but different sessionID's MUST give different assertion handles + String sessionID1 = Random.nextRandom(); + String sessionID2 = Random.nextRandom(); + String samlArtifact1 = new SAMLArtifactBuilder().build(URL1, sessionID1); + String samlArtifact2 = new SAMLArtifactBuilder().build(URL1, sessionID2); + String assertionHandle1 = new SAMLArtifactParser(samlArtifact1).parseAssertionHandle(); + String assertionHandle2 = new SAMLArtifactParser(samlArtifact2).parseAssertionHandle(); + assertFalse(assertionHandle1.equals(assertionHandle2)); + } + public void testParseAssertionHandleSameSAMLArtifact() throws Exception { + // SAML artifact parsed twice MUST give same assertion handle each time + String sessionID = Random.nextRandom(); + String samlArtifact = new SAMLArtifactBuilder().build(URL1, sessionID); + String assertionHandle1 = new SAMLArtifactParser(samlArtifact).parseAssertionHandle(); + String assertionHandle2 = new SAMLArtifactParser(samlArtifact).parseAssertionHandle(); + assertEquals(assertionHandle1, assertionHandle2); + } +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/servlet/GetAuthenticationDataServiceTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/servlet/GetAuthenticationDataServiceTest.java new file mode 100644 index 000000000..c78651fdb --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/auth/servlet/GetAuthenticationDataServiceTest.java @@ -0,0 +1,91 @@ +package test.at.gv.egovernment.moa.id.auth.servlet; + +import org.w3c.dom.Element; + +import test.at.gv.egovernment.moa.id.UnitTestCase; + +import at.gv.egovernment.moa.id.auth.servlet.GetAuthenticationDataService; +import at.gv.egovernment.moa.util.Constants; +import at.gv.egovernment.moa.util.DOMUtils; +import at.gv.egovernment.moa.util.XPathUtils; + +/** + * Test case instantiates GetAuthenticationDataService and calls the Request() method. + * It DOES NOT call the web service via Axis. + * + * @author Paul Ivancsics + * @version $Id$ + */ +public class GetAuthenticationDataServiceTest extends UnitTestCase implements Constants { + + private GetAuthenticationDataService service; + + public GetAuthenticationDataServiceTest(String arg0) { + super(arg0); + } + protected void setUp() throws Exception { + service = new GetAuthenticationDataService(); + } + + public void testService2Requests() throws Exception { + String requestString = + "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>" + + "<samlp:Request xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" RequestID=\"123456\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"2003-02-13T13:59:00\">" + + "<saml:AssertionIDReference>123</saml:AssertionIDReference>" + + "</samlp:Request>"; + Element request = DOMUtils.parseDocument(requestString, false, ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); + Element response = service.Request(new Element[] {request, request})[0]; + assertStatus(response, "samlp:Requester", "samlp:TooManyResponses"); + } + public void testServiceNoSAMLArtifact() throws Exception { + String requestString = + "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>" + + "<samlp:Request xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" RequestID=\"123456\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"2003-02-13T13:59:00\">" + + "<saml:AssertionIDReference>123</saml:AssertionIDReference>" + + "</samlp:Request>"; + Element request = DOMUtils.parseDocument(requestString, false, ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); + Element response = service.Request(new Element[] {request})[0]; + assertStatus(response, "samlp:Requester", null); + } + public void testService2SAMLArtifacts() throws Exception { + String requestString = + "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>" + + "<samlp:Request xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" RequestID=\"123456\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"2003-02-13T13:59:00\">" + + "<samlp:AssertionArtifact>123</samlp:AssertionArtifact>" + + "<samlp:AssertionArtifact>456</samlp:AssertionArtifact>" + + "</samlp:Request>"; + Element request = DOMUtils.parseDocument(requestString, false, ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); + Element response = service.Request(new Element[] {request})[0]; + assertStatus(response, "samlp:Requester", "samlp:TooManyResponses"); + } + public void testServiceWrongFormat() throws Exception { + String requestString = + "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>" + + "<samlp:Request xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" RequestID=\"123456\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"2003-02-13T13:59:00\">" + + "</samlp:Request>"; + Element request = DOMUtils.parseDocument(requestString, false, ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); + Element response = service.Request(new Element[] {request})[0]; + assertStatus(response, "samlp:Requester", null); + } + public void testServiceWrongSAMLArtifact() throws Exception { + String requestString = + "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>" + + "<samlp:Request xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" RequestID=\"123456\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"2003-02-13T13:59:00\">" + + "<samlp:AssertionArtifact>WRONGARTIFACT</samlp:AssertionArtifact>" + + "</samlp:Request>"; + Element request = DOMUtils.parseDocument(requestString, false, ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); + Element response = service.Request(new Element[] {request})[0]; + assertStatus(response, "samlp:Requester", "samlp:ResourceNotRecognized"); + } + private void assertStatus(Element response, String statusCodeShould, String subStatusCodeShould) throws Exception { + Element statusCodeNode = (Element)XPathUtils.selectSingleNode(response, "//samlp:StatusCode"); + String statusCode = statusCodeNode.getAttribute("Value"); + Element subStatusCodeNode = (Element)XPathUtils.selectSingleNode(statusCodeNode, "//samlp:StatusCode/samlp:StatusCode"); + String subStatusCode = subStatusCodeNode == null ? null : subStatusCodeNode.getAttribute("Value"); + System.out.println(statusCode + subStatusCode); + assertEquals(statusCodeShould, statusCode); + assertEquals(subStatusCodeShould, subStatusCode); + } + + +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/config/auth/MOAIDAuthConfigurationProviderTest.java b/id.server/src/test/at/gv/egovernment/moa/id/config/auth/MOAIDAuthConfigurationProviderTest.java new file mode 100644 index 000000000..7935c5179 --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/config/auth/MOAIDAuthConfigurationProviderTest.java @@ -0,0 +1,112 @@ +package test.at.gv.egovernment.moa.id.config.auth; + +import java.util.Map; + +import test.at.gv.egovernment.moa.id.UnitTestCase; + +import at.gv.egovernment.moa.id.config.ConnectionParameter; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; + +/** + * @author Stefan Knirsch + * @version $Id$ + */ +public class MOAIDAuthConfigurationProviderTest extends UnitTestCase { + private AuthConfigurationProvider provider; + + /** + * Constructor for MOAAuthConfigTest. + * @param name + */ + public MOAIDAuthConfigurationProviderTest(String name) { + super(name); + } + + protected void setUp() throws Exception { + + provider = + new AuthConfigurationProvider(TESTDATA_ROOT + "conf/ConfigurationTest.xml"); + + } + public void testGetTransformsInfoFileNames() { + String[] transformsInfoFileNames; + transformsInfoFileNames = provider.getTransformsInfoFileNames(); +// for (int i = 0; i < transformsInfoFileNames.length; i++) { +// System.out.println( +// "getTransformsInfoFileNames: " + transformsInfoFileNames[i]); + assertEquals(transformsInfoFileNames[0],"http://StringsecLayerTranformsInfo1"); + assertEquals(transformsInfoFileNames[1],"http://StringsecLayerTranformsInfo2"); +// } + + } + + public void testGetMOASPConnectionParameters() { + ConnectionParameter cp; + cp = provider.getMoaSpConnectionParameter(); + assertEquals(cp.getUrl(),"MOA-SP-URL"); + assertEquals(cp.getAcceptedServerCertificates(),"http://AcceptedServerCertificates"); + assertEquals(cp.getClientKeyStorePassword(),"Keystore Pass"); + assertEquals(cp.getClientKeyStore(),"URLtoClientKeystoreAUTH"); +/* System.out.println(); + System.out.println("getMoaSpConnectionParameter :" + cp.getUrl()); + System.out.println( + "getMoaSpConnectionParameter :" + cp.getAcceptedServerCertificates()); + System.out.println( + "getMoaSpConnectionParameter :" + cp.getClientKeyStorePassword()); + System.out.println( + "getMoaSpConnectionParameter :" + cp.getClientKeyStore());*/ + } + public void testGetMoaSpIdentityLinkTrustProfileID() { + + assertEquals(provider.getMoaSpIdentityLinkTrustProfileID(),"StringVerifyIdentiyLinkTrustID"); + + } + public void testGetMoaSpAuthBlockTrustProfileID() { + assertEquals(provider.getMoaSpAuthBlockTrustProfileID(),"StringVerifyAuthBlockTransformID"); + } + + public void testGetMoaSpAuthBlockVerifyTransformsInfoIDs() { + String[] result = provider.getMoaSpAuthBlockVerifyTransformsInfoIDs(); + assertEquals(result[0],"StringVerifyTransformsInfoID1"); + assertEquals(result[1],"StringVerifyTransformsInfoID2"); + + } + + public void testGetOnlineApplicationAuthParameter() { + OAAuthParameter[] result = provider.getOnlineApplicationParameters(); + + assertEquals(result[0].getPublicURLPrefix(),"StringOALoginURL"); + assertEquals(result[0].getProvideZMRZahl(),false); + assertEquals(result[0].getProvideAuthBlock(),false); + assertEquals(result[0].getProvideIdentityLink(),false); + + assertEquals(result[1].getPublicURLPrefix(),"StringOALoginURL2"); + assertEquals(result[1].getProvideZMRZahl(),true); + assertEquals(result[1].getProvideAuthBlock(),true); + assertEquals(result[1].getProvideIdentityLink(),true); + + +/* for (int i = 0; i < result.length; i++) { + System.out.println(); + System.out.println("getOnlineApplicationParameters Url: " + result[i].getUrl()); + System.out.println("getOnlineApplicationParameters ProvideZMRZahl: " + result[i].getProvideZMRZahl()); + System.out.println("getOnlineApplicationParameters ProvideAuthBlock: " + result[i].getProvideAuthBlock()); + System.out.println("getOnlineApplicationParameters ProvideIdentityLink: " + result[i].getProvideIdentityLink()); + }*/ + } + + public void testGetGenericConfiguration() { + Map result = provider.getGenericConfiguration(); + assertEquals(result.containsKey("Generic Name 1"),true); + assertEquals(result.containsKey("Generic Name 2"),true); + assertEquals(result.get("Generic Name 1"),"Value1"); + assertEquals(result.get("Generic Name 2"),"Value2"); + /* for (Iterator iter = result.keySet().iterator(); iter.hasNext();) { + String element = (String) iter.next(); + System.out.println("getGenericConfiguration Key:" + element); + System.out.println("getGenericConfiguration Value:" + result.get(element)); + }*/ + } + +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/config/proxy/MOAIDProxyConfigurationProviderTest.java b/id.server/src/test/at/gv/egovernment/moa/id/config/proxy/MOAIDProxyConfigurationProviderTest.java new file mode 100644 index 000000000..12eddf8c3 --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/config/proxy/MOAIDProxyConfigurationProviderTest.java @@ -0,0 +1,127 @@ +package test.at.gv.egovernment.moa.id.config.proxy; + +import java.util.Map; + +import at.gv.egovernment.moa.id.config.ConnectionParameter; +import at.gv.egovernment.moa.id.config.proxy.OAConfiguration; +import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider; +import at.gv.egovernment.moa.id.config.proxy.OAProxyParameter; + +import test.at.gv.egovernment.moa.id.UnitTestCase; + + + +/** + * @author Stefan Knirsch + * @version $Id$ + */ +public class MOAIDProxyConfigurationProviderTest extends UnitTestCase { + private ProxyConfigurationProvider provider; + + /** + * Constructor for MOAProxyConfigTest. + * @param name + */ + public MOAIDProxyConfigurationProviderTest(String name) { + super(name); + } + + protected void setUp() throws Exception { + + provider = +// new ProxyConfigurationProvider(TESTDATA_ROOT + "conf/ConfigurationTest.xml"); + new ProxyConfigurationProvider("data/deploy/conf/moa-id/ConfigurationTest.xml"); + } + public void testGetAuthComponentConnectionParameter() + { + ConnectionParameter cp; + cp = provider.getAuthComponentConnectionParameter(); + assertEquals(cp.getUrl(),"AuthComponentURL"); + assertEquals( cp.getAcceptedServerCertificates(),"http://www.altova.com"); + assertEquals(cp.getClientKeyStorePassword(),"String"); + assertEquals(cp.getClientKeyStore(),"http://www.altova.com"); + /* System.out.println(); + System.out.println("getProxyComponentConnectionParameter :" + cp.getUrl()); + System.out.println( + "getProxyComponentConnectionParameter :" + cp.getAcceptedServerCertificates()); + System.out.println( + "getProxyComponentConnectionParameter :" + cp.getClientKeyStorePassword()); + System.out.println( + "getProxyComponentConnectionParameter :" + cp.getClientKeyStore());*/ +} + + public void testGetOAProxyParameter() { + OAProxyParameter[] result = provider.getOnlineApplicationParameters(); + + assertEquals("http://localhost:9080/", result[0].getPublicURLPrefix()); + assertEquals("file:data/test/conf/OAConfParamAuth.xml", result[0].getConfigFileURL()); + assertEquals(10, result[0].getSessionTimeOut()); + assertEquals("StringloginParameterResolverImpl1", result[0].getLoginParameterResolverImpl()); + assertEquals("StringconnectionBuilderImpl1", result[0].getConnectionBuilderImpl()); + + assertEquals("ProxyComponentURL", result[0].getConnectionParameter().getUrl()); + assertEquals("url:AcceptedServerCertificates", result[0].getConnectionParameter().getAcceptedServerCertificates()); + assertEquals("URL:toClientKeystoreOA", result[0].getConnectionParameter().getClientKeyStore()); + assertEquals("ClientKeystoreOAPAss", result[0].getConnectionParameter().getClientKeyStorePassword()); + + assertEquals("StringOALoginURL2", result[1].getPublicURLPrefix()); + assertEquals("file:data/test/conf/OAConfHeaderAuth.xml", result[1].getConfigFileURL()); + assertEquals(20, result[1].getSessionTimeOut()); + assertEquals("StringloginParameterResolverImpl2",result[1].getLoginParameterResolverImpl()); + assertEquals("StringconnectionBuilderImpl2", result[1].getConnectionBuilderImpl()); + + assertEquals("ProxyComponentURL2", result[1].getConnectionParameter().getUrl()); + assertEquals("url:AcceptedServerCertificates2", result[1].getConnectionParameter().getAcceptedServerCertificates()); + assertEquals("URL:toClientKeystoreOA2", result[1].getConnectionParameter().getClientKeyStore()); + assertEquals("ClientKeystoreOAPAss2", result[1].getConnectionParameter().getClientKeyStorePassword()); + + assertEquals("StringOALoginURL3", result[2].getPublicURLPrefix()); + assertEquals("file:data/test/conf/OAConfBasicAuth.xml", result[2].getConfigFileURL()); + assertEquals(20, result[2].getSessionTimeOut()); + assertEquals("StringloginParameterResolverImpl3",result[2].getLoginParameterResolverImpl()); + assertEquals("StringconnectionBuilderImpl3", result[2].getConnectionBuilderImpl()); + + assertEquals("ProxyComponentURL3", result[2].getConnectionParameter().getUrl()); + assertEquals("url:AcceptedServerCertificates3", result[2].getConnectionParameter().getAcceptedServerCertificates()); + assertEquals("URL:toClientKeystoreOA3", result[2].getConnectionParameter().getClientKeyStore()); + assertEquals("ClientKeystoreOAPAss3", result[2].getConnectionParameter().getClientKeyStorePassword()); + } + + public void testGetGenericConfiguration() { + Map result = provider.getGenericConfiguration(); + assertEquals(true, result.containsKey("authenticationSessionTimeOut")); + assertEquals(true, result.containsKey("authenticationDataTimeOut")); + assertEquals("600", result.get("authenticationSessionTimeOut")); + assertEquals("120", result.get("authenticationDataTimeOut")); + } + + public void testOAConfigurationProvider() throws Exception + { + OAProxyParameter[] result = provider.getOnlineApplicationParameters(); + // f�r jeden Parameter m�sste theoretisch bereits ein Provider instanziiert worden sein, + // aus diesem Grund braucht man NICHT mehr die File-URL anzugeben, PublicURLPrefix reicht + + // sollte ParamAuth sein + OAConfiguration oac1 = result[0].getOaConfiguration(); + assertEquals(OAConfiguration.PARAM_AUTH, oac1.getAuthType()); + assertEquals("MOADateOfBirth", oac1.getParamAuthMapping().get("Param1")); + assertEquals("MOAVPK", oac1.getParamAuthMapping().get("Param2")); + // sollte HeaderAuth sein + OAConfiguration oac2 = result[1].getOaConfiguration(); + assertEquals(OAConfiguration.HEADER_AUTH, oac2.getAuthType()); + assertEquals("MOAPublicAuthority", oac2.getHeaderAuthMapping().get("Param1")); + assertEquals("MOABKZ", oac2.getHeaderAuthMapping().get("Param2")); + assertEquals("MOAQualifiedCertificate", oac2.getHeaderAuthMapping().get("Param3")); + assertEquals("MOAZMRZahl", oac2.getHeaderAuthMapping().get("Param4")); + assertEquals("MOAIPAddress", oac2.getHeaderAuthMapping().get("Param5")); + + // sollte BasicAuth sein + OAConfiguration oac3 = result[2].getOaConfiguration(); + assertEquals(OAConfiguration.BASIC_AUTH, oac3.getAuthType()); + assertEquals("MOAGivenName", oac3.getBasicAuthUserIDMapping()); + assertEquals("MOAFamilyName", oac3.getBasicAuthPasswordMapping()); + //Fehlerfall: + + + } +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/proxy/AllTests.java b/id.server/src/test/at/gv/egovernment/moa/id/proxy/AllTests.java new file mode 100644 index 000000000..2dd6cd35e --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/proxy/AllTests.java @@ -0,0 +1,31 @@ +package test.at.gv.egovernment.moa.id.proxy; + +import test.at.gv.egovernment.moa.id.proxy.builder.SAMLRequestBuilderTest; +import test.at.gv.egovernment.moa.id.proxy.parser.SAMLResponseParserTest; +import junit.awtui.TestRunner; +import junit.framework.Test; +import junit.framework.TestSuite; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class AllTests { + + public static Test suite() { + TestSuite suite = new TestSuite(); + + suite.addTestSuite(SAMLRequestBuilderTest.class); + suite.addTestSuite(SAMLResponseParserTest.class); + + return suite; + } + + public static void main(String[] args) { + try { + TestRunner.run(AllTests.class); + } catch (Exception e) { + e.printStackTrace(); + } + } +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/proxy/builder/DOMTreeCompare.java b/id.server/src/test/at/gv/egovernment/moa/id/proxy/builder/DOMTreeCompare.java new file mode 100644 index 000000000..aec14ce1c --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/proxy/builder/DOMTreeCompare.java @@ -0,0 +1,462 @@ +package test.at.gv.egovernment.moa.id.proxy.builder; + +import java.io.PrintStream; +import java.util.ArrayList; + +import org.w3c.dom.Element; +import org.w3c.dom.NamedNodeMap; +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; +import org.w3c.dom.Text; + +import at.gv.egovernment.moa.util.Base64Utils; + +/** + * @author Administrator + * + * To change this generated comment edit the template variable "typecomment": + * Window>Preferences>Java>Templates. + * To enable and disable the creation of type comments go to + * Window>Preferences>Java>Code Generation. + */ +public class DOMTreeCompare { + + boolean debug = true; + + private static PrintStream Log = null; + + static + { + Log = System.out; + } + + public boolean compareElements(Element root1, Element root2) + { + //Log.println("----- Compare Elements:"+root1.getNodeName()+" "+root2.getNodeName()); + filterTree(root1); + filterTree(root2); + return compareNodes(root1,root2,0,"root/",false); + } + + private boolean compareNodes(Node n1, Node n2, int level,String path,boolean attribute) + { + /*try { + Log.println(DOMUtils.serializeNode(n1)); + } + catch(Exception e) + { + e.printStackTrace(); + }*/ + boolean equal = false; + //Log.println("----- Compare Node "+level+":"+n1+" "+n2); + //Log.println("----- Compare Node "+level+":"+n1.getNodeName()+" "+n2.getNodeName()); + //Log.println("----- Checking:"+path+getPathString(n1)); + NodeList nl1 = n1.getChildNodes(); + NodeList nl2 = n2.getChildNodes(); + + int size1 = nl1.getLength(); + int size2 = nl2.getLength(); + + if(debug)display_one(n1); + if(debug)display_one(n2); + + + if(debug) + if(n1.getNodeName().equals("Base64Content") && n2.getNodeName().equals("Base64Content")) + { + try { + Log.println("CONT:"+new String(Base64Utils.decode(strip(n1.getChildNodes().item(0).getNodeValue()),false))); + Log.println("CONT:"+new String(Base64Utils.decode(strip(n2.getChildNodes().item(0).getNodeValue()),false))); + } + catch(Exception e) + { + e.printStackTrace(); + } + } + + if(size1 != size2) + { + Log.println("----- Anzahl der Kinder nicht gleich:"+path+getPathString(n1)+":"+getPathString(n2)); + return false; + } + + equal = compareNodeExact(n1,n2,level,path+getPathString(n1)+"/"); + if(!equal) + { + Log.println("----- Knoten sind nicht identisch:"+path+getPathString(n1)); + return false; + } + + if(n1.hasAttributes() || n2.hasAttributes()) + { + equal = compareNodeAttriubtes(n1,n2,level+1,path+getPathString(n1)+"/(a)"); + if(!equal) + { + Log.println("----- Attribute stimmen nicht �berein:"+path+getPathString(n1)); + return false; + } + } + if(size1==0) + { + return true; + } + + for(int counter=0;counter<size1;counter++) + { + boolean found = false; + Node comp_n1 = nl1.item(counter); + + //if(comp_n1==null) return false; + + Node comp_n2 = null; + size2 = nl2.getLength(); + for(int counter2=0;counter2<size2;counter2++) + { + comp_n2 = nl2.item(counter2); + + /*equal = compareNodeExact(comp_n1,comp_n2,level+1); + if(equal) return false;*/ + //Log.println("COMP_N1:"+comp_n1); + //Log.println("COMP_N2:"+comp_n2); + equal = compareNodes(comp_n1,comp_n2,level+1,path+getPathString(comp_n1)+"/",false); + if(equal) + { + n2.removeChild(comp_n2); + counter2=size2; + nl2 = n2.getChildNodes(); + size2 = nl2.getLength(); + } + + } + + if(!equal) + { + Log.println("----- Keine �bereinstimmung gefunden:"+path+getPathString(comp_n1)); + return false; + } + } + return true; + } + + private boolean compareNodeExact(Node n1,Node n2,int level,String path) + { + if(n1.getNodeType() == Node.TEXT_NODE) + { + Text textnode = (Text)n1; + /*Log.println("----- *****"+textnode.getNodeName()); + Log.println("----- *****"+textnode.getParentNode().getNodeName()); + Log.println("----- *****"+textnode.getNodeValue());*/ + } + + //Log.println("----- Checking:"+path); + String n1_name = n1.getNodeName(); + String n2_name = n2.getNodeName(); + /*Log.println("----- !!!!!"+n1.getNodeName()); + Log.println("----- !!!!!"+n1.getNodeValue()); + Log.println("----- !!!!!"+n1.getLocalName()); + Log.println("----- !!!!!"+n1.getPrefix()); + Log.println("----- !!!!!"+n1.getNextSibling()); + Log.println("----- !!!!!"+n1.getPreviousSibling());*/ + + //Log.println("----- Compare Node "+level+":"+n1_name+" "+n2_name); + if(!((n1_name==null && n2_name==null) || + (n1_name!=null && n2_name!=null && n1_name.equals(n2_name)))) + { + Log.println("----- Name stimmt nicht �berein:"+path); + return false; + } + + //Log.println("----- Compare Node "+level+":"+n1.getNodeType()+" "+n2.getNodeType()); + if(n1.getNodeType() != n2.getNodeType()) + { + Log.println("----- Knotentyp stimmt nicht �berein:"+path); + return false; + } + + String n1_ns = n1.getPrefix(); + String n2_ns = n2.getPrefix(); + //Log.println("----- Compare Node "+level+":"+n1_ns+" "+n2_ns); + if(!((n1_ns==null && n2_ns==null) || + (n1_ns!=null && n2_ns!=null && n1_ns.equals(n2_ns)))) + { + Log.println("----- NameSpace stimmt nicht �berein:"+path); + return false; + } + + String n1_value = n1.getNodeValue(); + String n2_value = n2.getNodeValue(); + + boolean special = false; + special = specialValues(n1_value,n2_value,path); + if(special) return true; + + //Log.println("----- Compare Node "+level+":"+n1_value+" "+n2_value); + if(!((n1_value==null && n2_value==null) || + (n1_value!=null && n2_value!=null && n1_value.equals(n2_value)))) + { + Log.println("----- Wert stimmt nicht �berein:"+path); + Log.println("----- Value1:\n"+n1_value); + Log.println("----- Value2:\n"+n2_value); + return false; + } + + + return true; + } + + private boolean compareNodeAttriubtesWithoutSize(Node n1, Node n2, int level,String path) + { + return true; + } + + private boolean compareNodeAttriubtes(Node n1, Node n2, int level,String path) + { + //Log.println("----- Compare NodeAttributes "+level+":"+n1.getNodeName()+" "+n2.getNodeName()); + Element n1elem = (Element)n1; + Element n2elem = (Element)n2; + + NamedNodeMap nnm1 = n1.getAttributes(); + NamedNodeMap nnm2 = n2.getAttributes(); + + int size1 = 0; + int size2 = 0; + + boolean specialattrs = specialAttributesSize(path); + + if(!specialattrs) + { + + if(nnm1==null && nnm2==null) return true; + if(nnm1==null || nnm2==null) + { + Log.println("----- Anzahl der Attribute nicht gleich:"+path+":"+getPathString(n1)); + return false; + } + size1 = nnm1.getLength(); + size2 = nnm2.getLength(); + + if(size1 != size2) + { + Log.println("----- Anzahl der Attribute nicht gleich:"+path+":"+getPathString(n1)); + return false; + } + + } + else + { + return compareNodeAttriubtesWithoutSize(n1,n2,level,path); + } + + for(int counter=0;counter<size1;counter++) + { + Node attribute_node1 = nnm1.item(counter); + Node attribute_node2 = nnm2.item(counter); + + String attr1_name = attribute_node1.getNodeName(); + String attr2_name = attribute_node2.getNodeName(); + + String value1 = n1elem.getAttribute(attr1_name); + String value2 = n2elem.getAttribute(attr2_name); + + boolean special = false; + + special = specialAttributes(path,attr1_name,value1,attr2_name,value2); + if(special) + { + return special; + } + + if(!value1.equals(value2)) + { + Log.println("----- Keine �bereinstimmung gefunden:"+path+getPathString(n1)); + return false; + } + } + + return true; + } + + private boolean checkNode(Node base,String name) + { + if(base.getNodeName().equals(name)) + { + return true; + } + + NodeList children = base.getChildNodes(); + int size = children.getLength(); + for(int counter=0;counter<size;counter++) + { + boolean found = checkNode(children.item(counter),name); + if(found) return true; + } + return false; + } + + private void display_one(Node base) + { + int att_size=0; + if(base.getAttributes()!=null) + { + att_size=base.getAttributes().getLength(); + } + if(base.getNodeName().equals("#text")) + Log.println(base.getNodeName()+base.getChildNodes().getLength()+":"+att_size+" ("+base.getNodeValue()+")"); + else + Log.println(base.getNodeName()+base.getChildNodes().getLength()+":"+att_size); + } + + private void display(Node base) + { + display(base,1); + } + + private void display(Node base,int level) + { + String spacer = ""; + for(int counter=0;counter<level;counter++) + { + spacer+=" "; + } + + int att_size=0; + if(base.getAttributes()!=null) + { + att_size=base.getAttributes().getLength(); + } + if(base.getNodeName().equals("#text")) + Log.println(spacer+base.getNodeName()+base.getChildNodes().getLength()+":"+att_size+" ("+base.getNodeValue()+")"); + else + Log.println(spacer+base.getNodeName()+base.getChildNodes().getLength()+":"+att_size); + + NodeList children = base.getChildNodes(); + int size = children.getLength(); + for(int counter=0;counter<size;counter++) + { + display(children.item(counter),level+1); + } + } + + private void filterTree(Node base) + { + ArrayList removeList = new ArrayList(); + + NodeList children = base.getChildNodes(); + int size = children.getLength(); + for(int counter=0;counter<size;counter++) + { + Node child1 = children.item(counter); + if(child1.getNodeType() == Node.TEXT_NODE && child1.getNodeValue().trim().equals("")) + { + removeList.add(child1); + } + } + + size = removeList.size(); + for(int counter=0;counter<size;counter++) + { + base.removeChild((Node)removeList.get(counter)); + } + + children = base.getChildNodes(); + size = children.getLength(); + for(int counter=0;counter<size;counter++) + { + filterTree(children.item(counter)); + } + + } + + private String getPathString(Node n) + { + if(n.getNodeType()==Node.TEXT_NODE) + { + return n.getParentNode().getNodeName()+"(text)"; + } + else + { + return n.getNodeName(); + } + + } + + public boolean specialAttributes(String path,String attr1_name,String value1,String attr2_name,String value2) + { + //if(value1.startsWith("reference-") && value2.startsWith("reference-")) return true; + //if(value1.startsWith("signature-") && value2.startsWith("signature-")) return true; + + return false; + } + + public boolean specialAttributesSize(String path) + { + //if(path.endsWith("/xsl:template/(a)")) return true; + return false; + } + + public boolean specialValues(String value1,String value2,String path) + { + + //Log.println(path); + /*if(ignoreSignatureValue) + { + if(path.endsWith("/dsig:SignatureValue(text)/")) + { + return true; + } + } + else + { + if(path.endsWith("/dsig:SignatureValue(text)/")) + { + String stripped_1 = strip(value1); + String stripped_2 = strip(value2); + return stripped_1.equals(stripped_2); + } + }*/ + + return false; + } + + private String strip(String input) + { + String output = replaceStringAll(input," ",""); + output = replaceStringAll(output,"\n",""); + output = replaceStringAll(output,"\r",""); + return output; + } + + private static String replaceStringAll( + String input, + String oldPart, + String newPart) + { + + String erg = null; + + int pos = input.indexOf(oldPart); + if(pos==-1) return input; + + while(true) + { + + //First Part + pos = input.indexOf(oldPart); + if(pos==-1) break; + erg = input.substring(0, pos); + + //Insert new Part + erg += newPart; + + //insert REST + erg + += input.substring( + input.indexOf(oldPart) + oldPart.length(), + input.length()); + + input = erg; + } + return erg; + } + +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilderTest.java b/id.server/src/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilderTest.java new file mode 100644 index 000000000..b6eda3c39 --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilderTest.java @@ -0,0 +1,32 @@ +package test.at.gv.egovernment.moa.id.proxy.builder; + +import org.w3c.dom.Element; + +import test.at.gv.egovernment.moa.id.UnitTestCase; +import at.gv.egovernment.moa.id.auth.builder.SAMLArtifactBuilder; +import at.gv.egovernment.moa.id.proxy.builder.SAMLRequestBuilder; +import at.gv.egovernment.moa.util.DOMUtils; + +/* + * @author Paul Ivancsics + * @version $Id$ + */ +public class SAMLRequestBuilderTest extends UnitTestCase { + + public SAMLRequestBuilderTest(String arg0) { + super(arg0); + } + + public void testBuild() throws Exception { + String requestID = "123"; + String samlArtifact = new SAMLArtifactBuilder().build("https://moa.gv.at/auth/", "12345678901234567890"); + String REQUEST_SHOULD = "<samlp:Request xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" RequestID=\"" + + requestID + "\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"IGNORE\">" + + "<samlp:AssertionArtifact>" + samlArtifact + "</samlp:AssertionArtifact>" + + "</samlp:Request>"; + Element request = new SAMLRequestBuilder().build(requestID, samlArtifact); + Element requestShould = DOMUtils.parseDocument(REQUEST_SHOULD, false, ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); + assertTrue(new SAMLRequestCompare().compareElements(requestShould, request)); + } + +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestCompare.java b/id.server/src/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestCompare.java new file mode 100644 index 000000000..5685129a1 --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestCompare.java @@ -0,0 +1,19 @@ +package test.at.gv.egovernment.moa.id.proxy.builder; + +/* + * @author Paul Ivancsics + * @version $Id$ + */ +public class SAMLRequestCompare extends test.at.gv.egovernment.moa.id.proxy.builder.DOMTreeCompare { + + + /* + * @see at.gv.egovernment.moa.util.SAMLRequestCompare#specialAttributes(java.lang.String, java.lang.String) + */ + public boolean specialAttributes(String path,String attr1_name,String value1,String attr2_name,String value2) { + if(attr1_name.equals("IssueInstant")) + return true; + return false; + } + +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParserTest.java b/id.server/src/test/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParserTest.java new file mode 100644 index 000000000..39e7240d1 --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParserTest.java @@ -0,0 +1,180 @@ +package test.at.gv.egovernment.moa.id.proxy.parser; + +import org.w3c.dom.Element; + +import test.at.gv.egovernment.moa.id.UnitTestCase; + +import at.gv.egovernment.moa.id.data.AuthenticationData; +import at.gv.egovernment.moa.id.data.SAMLStatus; +import at.gv.egovernment.moa.id.proxy.parser.SAMLResponseParser; +import at.gv.egovernment.moa.util.Constants; +import at.gv.egovernment.moa.util.DOMUtils; + +/* + * @author Paul Ivancsics + * @version $Id$ + */ +public class SAMLResponseParserTest extends UnitTestCase { + + public SAMLResponseParserTest(String arg0) { + super(arg0); + } + + public void testParse() throws Exception { + String samlResponse = + "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" + + "<samlp:Response xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\"" + + " ResponseID=\"\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"2003-03-29T06:00:00+02:00\">" + + "<samlp:Status>" + + "<samlp:StatusCode Value=\"samlp:Success\"><samlp:StatusCode Value=\"samlp:Success\"></samlp:StatusCode></samlp:StatusCode>" + + "<samlp:StatusMessage>Ollas leiwand</samlp:StatusMessage>" + + "</samlp:Status>" + +"<saml:Assertion xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:pr=\"http://reference.e-government.gv.at/namespace/persondata/20020228#\" xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" MajorVersion=\"1\" MinorVersion=\"0\" AssertionID=\"-4633313027464114584\" Issuer=\"http://localhost:8080/moa-id-auth/\" IssueInstant=\"2003-04-02T14:55:42+02:00\">" + + "<saml:AttributeStatement>" + + "<saml:Subject>" + + "<saml:NameIdentifier NameQualifier=\"http://reference.e-government.gv.at/names/vpk/20020221#\">MTk2OC0xMC0yMmdi</saml:NameIdentifier>" + + "<saml:SubjectConfirmation>" + + "<saml:ConfirmationMethod>http://reference.e-government.gv.at/namespace/moa/20020822#cm</saml:ConfirmationMethod>" + + "<saml:SubjectConfirmationData>" + + "<saml:Assertion xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" MajorVersion=\"1\" MinorVersion=\"0\" AssertionID=\"any\" Issuer=\"Hermann Muster\" IssueInstant=\"2003-04-02T14:55:27+02:00\">" + + "<saml:AttributeStatement>" + + "<saml:Subject>" + + "<saml:NameIdentifier>http://localhost:8080/moa-id-auth/</saml:NameIdentifier>" + + "</saml:Subject>" + + "<saml:Attribute AttributeName=\"Gesch�ftsbereich\" AttributeNamespace=\"http://reference.e-government.gv.at/namespace/moa/20020822#\">" + + "<saml:AttributeValue>gb</saml:AttributeValue>" + + "</saml:Attribute>" + + "<saml:Attribute AttributeName=\"OA\" AttributeNamespace=\"http://reference.e-government.gv.at/namespace/moa/20020822#\">" + + "<saml:AttributeValue>https://localhost:9443/</saml:AttributeValue>" + + "</saml:Attribute>" + + "</saml:AttributeStatement>" + + "</saml:Assertion>" + + "<saml:Assertion AssertionID=\"zmr.bmi.gv.at-AssertionID-2003-02-12T20:28:34.474\" IssueInstant=\"2003-02-12T20:28:34.474\" Issuer=\"http://zmr.bmi.gv.at/zmra/names#Issuer\" MajorVersion=\"1\" MinorVersion=\"0\" xmlns:pr=\"http://reference.e-government.gv.at/namespace/persondata/20020228#\" xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\">" + + "<saml:AttributeStatement>" + + "<saml:Subject>" + + "<saml:SubjectConfirmation>" + + "<saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod>" + + "<saml:SubjectConfirmationData>" + + "<pr:Person xsi:type=\"pr:PhysicalPersonType\">" + + "<pr:Identification>" + + "<pr:Value>123456789012</pr:Value>" + + "<pr:Type>http://reference.e-government.gv.at/names/persondata/20020228#zmr-zahl</pr:Type>" + + "</pr:Identification>" + + "<pr:Name>" + + "<pr:GivenName>Hermann</pr:GivenName>" + + "<pr:FamilyName primary=\"undefined\">Muster</pr:FamilyName>" + + "</pr:Name>" + + "<pr:DateOfBirth>1968-10-22</pr:DateOfBirth>" + + "</pr:Person>" + + "</saml:SubjectConfirmationData>" + + "</saml:SubjectConfirmation>" + + "</saml:Subject>" + + "<saml:Attribute AttributeName=\"CitizenPublicKey\" AttributeNamespace=\"http://www.buergerkarte.at/namespaces/personenbindung/20020506#\">" + + "<saml:AttributeValue>" + + "<dsig:RSAKeyValue xmlns:dsig=\"http://www.w3.org/2000/09/xmldsig#\">" + + "<dsig:Modulus>0v1Ftf7WXgoexx0Jo/GrlExHOHnQIEQ5FFSjptLRd5BN1mZYRg2S9KfOMbHSCsiPm8AwjAEwE5EM A6P18Z/YyTIuP7fNGzckbB5PYIgNMHL8/TYJhHA8CjamsBrEfYDXivE8iAvALg5I9RMLZADmzL7a f2daYYuO8dycQw3xg6U=</dsig:Modulus>" + + "<dsig:Exponent>AQAB</dsig:Exponent>" + + "</dsig:RSAKeyValue>" + + "</saml:AttributeValue>" + + "</saml:Attribute>" + + "<saml:Attribute AttributeName=\"CitizenPublicKey\" AttributeNamespace=\"http://www.buergerkarte.at/namespaces/personenbindung/20020506#\">" + + "<saml:AttributeValue>" + + "<dsig:RSAKeyValue xmlns:dsig=\"http://www.w3.org/2000/09/xmldsig#\">" + + "<dsig:Modulus>i2qa56X4fpYeXqFLXAcQljGU3+DWnVgNrAxI9gn2bMeFWtLXE2SFa6qvl9EymUl0noBlFn0q9DWp AsyeLnRhzCAXJeSxiwsUEloOvcQCV0DfW2UVq0Y9bVlJ8KifJ2AS+5BxZ21mkc/VYx5Qz6EYjPrn pIpdAwR9sw5xnIvTySc=</dsig:Modulus>" + + "<dsig:Exponent>AQAB</dsig:Exponent>" + + "</dsig:RSAKeyValue>" + + "</saml:AttributeValue>" + + "</saml:Attribute>" + + "</saml:AttributeStatement>" + + "<dsig:Signature xmlns:dsig=\"http://www.w3.org/2000/09/xmldsig#\">" + + "<dsig:SignedInfo>" + + "<dsig:CanonicalizationMethod Algorithm=\"http://www.w3.org/TR/2001/REC-xml-c14n-20010315\"/>" + + "<dsig:SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\"/>" + + "<dsig:Reference URI=\"\">" + + "<dsig:Transforms>" + + "<dsig:Transform Algorithm=\"http://www.w3.org/TR/1999/REC-xpath-19991116\">" + + "<dsig:XPath>not(ancestor-or-self::pr:Identification)</dsig:XPath>" + + "</dsig:Transform>" + + "<dsig:Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\"/>" + + "</dsig:Transforms>" + + "<dsig:DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\"/>" + + "<dsig:DigestValue>s7TfoZrYo36OMdlxGxuIfAw/wr8=</dsig:DigestValue>" + + "</dsig:Reference>" + + "<dsig:Reference Type=\"http://www.w3.org/2000/09/xmldsig#Manifest\" URI=\"\">" + + "<dsig:Transforms>" + + "<dsig:Transform Algorithm=\"http://www.w3.org/TR/1999/REC-xpath-19991116\">" + + "<dsig:XPath>ancestor-or-self::dsig:Manifest</dsig:XPath>" + + "</dsig:Transform>" + + "</dsig:Transforms>" + + "<dsig:DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\"/>" + + "<dsig:DigestValue>dO+RSn4xLHT3cuq8uopFtZyUBqo=</dsig:DigestValue>" + + "</dsig:Reference>" + + "</dsig:SignedInfo>" + + "<dsig:SignatureValue>MFbZ5wA5cq0UezYFDXted5uqXubWFxxRwZawGh73XEAGxAbJsT/IEQmrTQThPRHNWW5RPGxVlPDz 5BmjberdaWlgJlbyKf3b/WpNNJYptQ7ijrXlsQoCzjfiQy37NEfvHEcxHQOA6sa42C+dFKsKIvmP 3mZkRYWJDxxsVzI7E+Y=</dsig:SignatureValue>" + + "<dsig:KeyInfo>" + + "<dsig:X509Data>" + + "<dsig:X509Certificate>MIIDaDCCAtWgAwIBAgIBADAJBgUrDgMCHQUAMIGOMQswCQYDVQQGEwJBVDE9MDsG A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx GzAZBgNVBAMTEk1PQSBUZXN0IENBIC0gUm9vdDAeFw0wMzAyMTExNTE5NDRaFw0w MzEyMzEyMjU5MzBaMIGOMQswCQYDVQQGEwJBVDE9MDsGA1UEChQ0QnVuZGVzbWlu aXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5nIHVuZCBTcG9ydDEjMCEG A1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMxGzAZBgNVBAMTEk1PQSBU ZXN0IENBIC0gUm9vdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAjHuFphE3 +UkTe2OcIFWUDLzhPl1j2dH4sMPAhDK09/0i+aWrdtQW9yHktu/7+LTiCiPeevT0 lGMGDcWMSoSm66tYmpxei6YojCFIaVdJFtXZ7x1o7e7jTDVRLMfdZ5lI1sQ7loIY hOE0OmlYOkn4AI6xMtJtsca45rV8wW7qm8kCAwEAAaOB2zCB2DAPBgNVHRMBAf8E BTADAQH/MA4GA1UdDwEB/wQEAwIBBjBdBgNVHSAEVjBUMFIGDCsGAQQBlRIBAnsB ATBCMEAGCCsGAQUFBwICMDQaMkRpZXNlcyBaZXJ0aWZpa2F0IGlzdCBudXIgZvxy IFRlc3R6d2Vja2UgZ2VlaWduZXQuMB0GA1UdDgQWBBRDC612dCgZetTmAKyV6DII NkOoYTAWBgcqKAAKAQEBBAsMCUJNT0xTLUlLVDAfBgNVHSMEGDAWgBRDC612dCgZ etTmAKyV6DIINkOoYTAJBgUrDgMCHQUAA4GBAHj0xBNWGYLijaocjOX1AkL+r+G2 fZsX4z3S/2eEvtUp+EUHaOPMLTS0MIP1nwj5f4ZluAIrDLXihqMdi4xRv0W6QYbN aDxICNz3/QbrzMlFPeC8odesdRlT+GGswX0ZGUtVIZm1HVhxRk5ZEW2pr2afo5c0 Btxup/kgjGMnnS7C</dsig:X509Certificate>" + + "<dsig:X509Certificate>MIIDiTCCAvagAwIBAgIBADAJBgUrDgMCHQUAMIGOMQswCQYDVQQGEwJBVDE9MDsG A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx GzAZBgNVBAMTEk1PQSBUZXN0IENBIC0gUm9vdDAeFw0wMzAyMTExNTI1MTRaFw0w MzEyMzEyMjU5MzBaMIGZMQswCQYDVQQGEwJBVDE9MDsGA1UEChQ0QnVuZGVzbWlu aXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5nIHVuZCBTcG9ydDEjMCEG A1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMxJjAkBgNVBAMTHU1PQSBU ZXN0IENBIC0gU2lnbmF0dXJkaWVuc3RlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB iQKBgQCw7ULOYSNji09Ein7Ar4j3Rjxjq05spBmZDmbSomEZMnGEtVTyIRzKc8ia 2kcXUMz5MEoFaVmvqRim31m20T21uvHFIs86gqzC/prOAz7V7HWok5F+9M/5gR1S BvpdqiEAXYeRXFPiOe8XSmpwhic7+n2jfuoBeYiRBEMGoP1DkwIDAQABo4HxMIHu MBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgHGMBEGCWCGSAGG+EIB AQQEAwIBAjBdBgNVHSAEVjBUMFIGDCsGAQQBlRIBAgMBATBCMEAGCCsGAQUFBwIC MDQaMkRpZXNlcyBaZXJ0aWZpa2F0IGlzdCBudXIgZvxyIFRlc3R6d2Vja2UgZ2Vl aWduZXQuMB0GA1UdDgQWBBSeRWvUfxEjKZSfxImJr/fpBDtMmTAWBgcqKAAKAQEB BAsMCUJNT0xTLUlLVDAfBgNVHSMEGDAWgBRDC612dCgZetTmAKyV6DIINkOoYTAJ BgUrDgMCHQUAA4GBAIMa4C2z3SbkcjEiMNAsHKaKUCJkBbMtNaab6U/cwwYmG6nl ga7xyEmbfY2SKzOqkcIwuv83Tma3rcr1f+OLUeGUaGLHt2Pl1a/s8BZGQZHWvLXv 7hV4RceEUHzVGAfvDD8iBJqBmfq/z/fBPFsgSup4nO1YECkDYfQ+sqCIP4ik</dsig:X509Certificate>" + + "<dsig:X509Certificate>MIIDZzCCAtSgAwIBAgIBADAJBgUrDgMCHQUAMIGZMQswCQYDVQQGEwJBVDE9MDsG A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx JjAkBgNVBAMTHU1PQSBUZXN0IENBIC0gU2lnbmF0dXJkaWVuc3RlMB4XDTAzMDIx MTE1MzI0NVoXDTAzMDgxMTE0MzI0NVowgYUxCzAJBgNVBAYTAkFUMSYwJAYDVQQK FB1CdW5kZXNtaW5pc3Rlcml1bSBm/HIgSW5uZXJlczEgMB4GA1UECxMXWmVudHJh bGVzIE1lbGRlcmVnaXN0ZXIxLDAqBgNVBAMTI1Rlc3QgU2lnbmF0dXJkaWVuc3Qg UGVyc29uZW5iaW5kdW5nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEzkpk QjbGjZwssN1+vMBE/ALMcA8LWFcILI3uxXaTSWGfTiLo9ECfzjuwYJG7FjEaeWrW nPEcp4VfMNocrm3T7Hw/ikpE5/+FsfTzD4MpIwwUPd/CUfA5vDNXK5CiP7qKKR1e vATO2s6lfDul+CS/eEbwzKmUQvZGrJggxg2m5wIDAQABo4HYMIHVMAwGA1UdEwEB /wQCMAAwDgYDVR0PAQH/BAQDAgbAMF0GA1UdIARWMFQwUgYMKwYBBAGVEgECAwEB MEIwQAYIKwYBBQUHAgIwNBoyRGllc2VzIFplcnRpZmlrYXQgaXN0IG51ciBm/HIg VGVzdHp3ZWNrZSBnZWVpZ25ldC4wHQYDVR0OBBYEFIpEyv43H3EtiGr4I7Z34bWj v2z6MBYGByooAAoBAQEECwwJQk1PTFMtSUtUMB8GA1UdIwQYMBaAFJ5Fa9R/ESMp lJ/EiYmv9+kEO0yZMAkGBSsOAwIdBQADgYEAfMBJRy/kp8HQa0lGIBfFrWNpxVPv RsIu+N4IiFrswrsoQoMAh6IqNyzSdq7rJC08xsDkXe5HOwkb+2zGKYoC3aQ/J/zr BGkg6ec4tOaS/VSdEQeTL1L30r2faTffWLUV3GrzL7pM7jN470hB1w8F6Hc3LCI7 kFfp23o/juVtJNw=</dsig:X509Certificate>" + + "</dsig:X509Data>" + + "</dsig:KeyInfo>" + + "<dsig:Object>" + + "<dsig:Manifest>" + + "<dsig:Reference URI=\"\">" + + "<dsig:Transforms>" + + "<dsig:Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\"/>" + + "</dsig:Transforms>" + + "<dsig:DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\"/>" + + "<dsig:DigestValue>BqzfCB7dNg4G3u4YaxpD1tALdKI=</dsig:DigestValue>" + + "</dsig:Reference>" + + "</dsig:Manifest>" + + "</dsig:Object>" + + "</dsig:Signature>" + + "</saml:Assertion>" + + "</saml:SubjectConfirmationData>" + + "</saml:SubjectConfirmation>" + + "</saml:Subject>" + + "<saml:Attribute AttributeName=\"PersonData\" AttributeNamespace=\"http://reference.e-government.gv.at/namespace/persondata/20020228#\">" + + "<saml:AttributeValue>" + + "<pr:Person xsi:type=\"pr:PhysicalPersonType\">" + + "<pr:Identification>" + + "<pr:Value>123456789012</pr:Value>" + + "<pr:Type>http://reference.e-government.gv.at/names/persondata/20020228#zmr-zahl</pr:Type>" + + "</pr:Identification>" + + "<pr:Name>" + + "<pr:GivenName>Hermann</pr:GivenName>" + + "<pr:FamilyName primary=\"undefined\">Muster</pr:FamilyName>" + + "</pr:Name>" + + "<pr:DateOfBirth>1968-10-22</pr:DateOfBirth>" + + "</pr:Person>" + + "</saml:AttributeValue>" + + "</saml:Attribute>" + + "<saml:Attribute AttributeName=\"isQualifiedCertificate\" AttributeNamespace=\"http://reference.e-government.gv.at/namespace/moa/20020822#\">" + + "<saml:AttributeValue>true</saml:AttributeValue>" + + "</saml:Attribute>" + + "</saml:AttributeStatement>" + +"</saml:Assertion>" + + "</samlp:Response>"; + + Element samlResponseElem = + DOMUtils.parseDocument(samlResponse, true, Constants.ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); + SAMLResponseParser parser = new SAMLResponseParser(samlResponseElem); + SAMLStatus status = parser.parseStatusCode(); + assertEquals("samlp:Success", status.getStatusCode()); + assertEquals("samlp:Success", status.getSubStatusCode()); + assertEquals("Ollas leiwand", status.getStatusMessage()); + AuthenticationData authData = parser.parseAuthenticationData(); + assertEquals(1, authData.getMajorVersion()); + assertEquals(0, authData.getMinorVersion()); + assertEquals("-4633313027464114584", authData.getAssertionID()); + assertEquals("http://localhost:8080/moa-id-auth/", authData.getIssuer()); + assertEquals("2003-04-02T14:55:42+02:00", authData.getIssueInstant()); + assertEquals("123456789012", authData.getIdentificationValue()); + assertEquals("MTk2OC0xMC0yMmdi", authData.getVPK()); + assertEquals("Hermann", authData.getGivenName()); + assertEquals("Muster", authData.getFamilyName()); + assertEquals("1968-10-22", authData.getDateOfBirth()); + assertTrue(authData.isQualifiedCertificate()); + assertFalse(authData.isPublicAuthority()); + } +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/util/SSLUtilsTest.java b/id.server/src/test/at/gv/egovernment/moa/id/util/SSLUtilsTest.java new file mode 100644 index 000000000..351ca0bd5 --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/util/SSLUtilsTest.java @@ -0,0 +1,92 @@ +package test.at.gv.egovernment.moa.id.util; + +import iaik.pki.jsse.IAIKX509TrustManager; + +import java.net.URL; +import java.security.Security; + +import javax.net.ssl.SSLException; +import javax.net.ssl.SSLSocketFactory; + +import com.sun.net.ssl.HttpsURLConnection; + +import at.gv.egovernment.moa.id.config.ConfigurationProvider; +import at.gv.egovernment.moa.id.config.ConnectionParameter; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.proxy.OAProxyParameter; +import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider; +import at.gv.egovernment.moa.id.iaik.config.LoggerConfigImpl; +import at.gv.egovernment.moa.id.util.SSLUtils; +import test.at.gv.egovernment.moa.id.UnitTestCase; + +/* + * @author Paul Ivancsics + * @version $Id$ + */ +public class SSLUtilsTest extends UnitTestCase { + + public SSLUtilsTest(String name) { + super(name); + } + + protected void setUp() throws Exception { + //System.setProperty("javax.net.debug", "all"); + Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); + System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol"); + IAIKX509TrustManager.initLog(new LoggerConfigImpl("file:" + TESTDATA_ROOT + "conf/log4j.properties")); + System.setProperty("https.cipherSuites", "SSL_DHE_DSS_WITH_DES_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA,SSL_RSA_WITH_DES_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_RSA_EXPORT_WITH_RC4_40_MD5"); + } + + public void testVerisignOK() throws Exception { + doTestOA("conf/ConfigurationTest.xml", "http://verisign.moa.gv.at/", true, null); + } + public void testATrustOK() throws Exception { + doTestOA("conf/ConfigurationTest.xml", "http://a-trust.moa.gv.at/", true, null); + } + public void testBaltimoreOK() throws Exception { + doTestOA("conf/ConfigurationTest.xml", "http://baltimore.moa.gv.at/", true, null); + } + public void testCIOOK() throws Exception { + doTestOA("conf/ConfigurationTest.xml", "http://cio.moa.gv.at/", true, null); + } + public void testMOASPOK() throws Exception { + System.setProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME, + TESTDATA_ROOT + "conf/ConfigurationTest.xml"); + ConnectionParameter connParam = AuthConfigurationProvider.getInstance().getMoaSpConnectionParameter(); + doTest(connParam, true, null); + } + private void doTestOA(String configFile, String publicURLPrefix, boolean shouldOK, String exMessageFragment) throws Exception { + System.setProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME, + TESTDATA_ROOT + configFile); + ProxyConfigurationProvider proxyConf = + ProxyConfigurationProvider.getInstance(); + OAProxyParameter oaParam = proxyConf.getOnlineApplicationParameter(publicURLPrefix); + ConnectionParameter connParam = oaParam.getConnectionParameter(); + doTest(connParam, shouldOK, exMessageFragment); + } + private void doTest(ConnectionParameter connParam, boolean shouldOK, String exMessageFragment) throws Exception { + SSLUtils.initialize(); + AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance(); + SSLSocketFactory ssf = SSLUtils.getSSLSocketFactory(authConf, connParam); + URL url = new URL(connParam.getUrl()); + HttpsURLConnection conn = (HttpsURLConnection)url.openConnection(); + conn.setRequestMethod("GET"); + conn.setDoInput(true); + conn.setDoOutput(true); + conn.setUseCaches(false); + conn.setAllowUserInteraction(false); + conn.setSSLSocketFactory(ssf); + try { + conn.connect(); + assertTrue(shouldOK); + assertEquals(200, conn.getResponseCode()); + conn.disconnect(); + } + catch (SSLException ex) { + ex.printStackTrace(); + assertFalse(shouldOK); + assertTrue(ex.getMessage().indexOf(exMessageFragment) >= 0); + } + } + +} diff --git a/id.server/src/test/lasttest/Dispatcher.java b/id.server/src/test/lasttest/Dispatcher.java new file mode 100644 index 000000000..ad8f10fb4 --- /dev/null +++ b/id.server/src/test/lasttest/Dispatcher.java @@ -0,0 +1,64 @@ +package test.lasttest; + +/** + * @author Stefan Knirsch + * @version $Id$ + * + */ +public class Dispatcher extends Thread { + private LasttestClient parent = null; + private int max; + private int turns; + private int turn_counter; + private int turn; + private int time; + private long sum; + private int turnnum; + + public Dispatcher(LasttestClient parent, int max, int turns, int time, long sum) { + this.parent = parent; + this.max = max; + this.turns = turns; + this.time = time; + this.sum = sum; + turnnum=0; + } + + public void run() { + this.setPriority(Thread.NORM_PRIORITY + 1); + System.out.println("Dispatcher wird gestartet..."); + TestThread[] old_reqs = buildRequests(0); + for (turn_counter = 0; turns == 0 ? true : (turn_counter < turns); turn_counter++) { + try { +// LasttestClient.Log.write(("Starte Durchlauf " + turn_counter + "\n").getBytes()); + } + catch (Exception e) {} + +// System.out.println("Starte Durchlauf " + turn_counter); + turn = turn_counter; + if (turns == 0) + turn_counter--; + TestThread[] reqs = buildRequests(turn_counter); + for (int counter = 0; counter < max; counter++) { + old_reqs[counter].start(); + } + old_reqs = reqs; + try { + Thread.sleep(time); + } + catch (Exception e) { + e.printStackTrace(); + } + } + parent.stop = true; + } + + public TestThread[] buildRequests(int turnNo) { + TestThread[] ret = new TestThread[max]; + for (int counter = 0; counter < max; counter++) { +// turnnum ++; + ret[counter] = new TestThread(parent, turnNo); + } + return ret; + } +} diff --git a/id.server/src/test/lasttest/HostnameVerifierHack.java b/id.server/src/test/lasttest/HostnameVerifierHack.java new file mode 100644 index 000000000..cf34b621a --- /dev/null +++ b/id.server/src/test/lasttest/HostnameVerifierHack.java @@ -0,0 +1,13 @@ +package test.lasttest; + +import com.sun.net.ssl.HostnameVerifier; + +/** + * @author Stefan Knirsch + * @version $Id$ + * + */ +public class HostnameVerifierHack implements HostnameVerifier{ + public boolean verify(String arg0, String arg1) { + return true; + }} diff --git a/id.server/src/test/lasttest/LasttestClient.java b/id.server/src/test/lasttest/LasttestClient.java new file mode 100644 index 000000000..bad5161ba --- /dev/null +++ b/id.server/src/test/lasttest/LasttestClient.java @@ -0,0 +1,218 @@ +package test.lasttest; + +import java.io.FileOutputStream; +import java.io.OutputStream; +import java.io.PrintStream; +import java.security.Security; +import java.util.Date; + +import org.w3c.dom.Element; + +import at.gv.egovernment.moa.id.auth.AuthenticationServer; +import at.gv.egovernment.moa.id.config.ConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.proxy.builder.SAMLRequestBuilder; +import at.gv.egovernment.moa.util.DOMUtils; +import at.gv.egovernment.moa.util.StreamUtils; +import at.gv.egovernment.moa.util.URLDecoder; +import at.gv.egovernment.moa.util.URLEncoder; +import com.sun.net.ssl.HttpsURLConnection; + +/** + * @author Sven + * + * To change this generated comment edit the template variable "typecomment": + * Window>Preferences>Java>Templates. + * To enable and disable the creation of type comments go to + * Window>Preferences>Java>Code Generation. + * + * Aufruf: Requestdatei (==null), ServerURL, Anzahl der Requests pro Sekunde, Anzahl der Wiederholungen + * z.b. "data/CX0/TestGeneratorCX0.001.Req.xml" "http://127.0.0.1:8080/" 5 100 + * + * ==> GE�NDERT: ersten 2 Parameter gekillt... nur noch 5 100 + */ +public class LasttestClient { + + protected static final String TESTDATA_ROOT = "data/abnahme-test/"; + protected static final String MOA_AUTH_SERVER = "https://localhost:8443/moa-id-auth/"; + protected AuthenticationServer server; + + public int max_thread_count = 300; + public int thread_counter = 0; + public int error_count = 0; + public int turns = 0; + public long sum = 0; + public long max = 0; + public long min = Long.MAX_VALUE; + + public static PrintStream Log = null; + + public boolean stop = false; + + public static final String trustStore = "javax.net.ssl.trustStore"; + public static final String trustStorePassword = "javax.net.ssl.trustStorePassword"; + public static final String handler = "java.protocol.handler.pkgs"; + + public void startTest(int req_per_second, int turns, int time) throws Exception { + Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); + + System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol"); + System.setProperty("javax.net.ssl.trustStore", "C:/Programme/ApacheGroup/abnahme/server.keystore"); + System.setProperty("javax.net.ssl.trustStorePassword", "changeit"); + + System.setProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME, TESTDATA_ROOT + "xmldata/L000/Configuration.xml"); + + AuthConfigurationProvider.reload(); + + this.turns = turns; + + boolean result = new TestThread(this,0).doRequest(0);// doTestRequest(); + if (result) { + System.out.println("TestRequest OK. Lasttest wird gestartet."); + sum=0; + max=0; + Dispatcher dp = new Dispatcher(this, req_per_second, turns, time, sum); + dp.start(); + while (!stop) { + try { + Log.println(new String(("Checking Stop Condition ...(Running " + thread_counter + ", Min " + (min) + ", Max " + (max) + ", " + new Date(System.currentTimeMillis()) + ")"))); + Log.flush(); + } + catch (Exception e) {} + + System.out.println("Checking Stop Condition ...(Running " + thread_counter + ", Min " + (min) + ", Max " + (max) + ", " + new Date(System.currentTimeMillis()) + ")"); + Thread.sleep(10000); + } + System.out.println("Fehler:" + error_count + " (Running " + thread_counter + ", Min " + (min) + ", Max " + (max) + ", " + new Date(System.currentTimeMillis()) + ")"); + } + else { + System.out.println("TestRequest lieferte einen Fehler. Lasttest wird nicht gestartet."); + } + } + + + public boolean doTestRequest() throws Exception { + + try { + + TestThread tt = new TestThread(null,0); + + // Anmelden + String URL = tt.getURL(MOA_AUTH_SERVER, "gb", "http://10.16.126.28:9080/moa-id-proxy/"); + HttpsURLConnection conn = tt.giveConnection(URL, "GET"); + + conn.connect(); + String result = new String(StreamUtils.readStream(conn.getInputStream())); + String MOASessionID = tt.parseSessionIDFromForm(result); + conn.disconnect(); + + URL = tt.parseDataURL(result); + // Verify Identity Link + conn = tt.giveConnection(URL, "POST"); + conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); + String infoboxReadResponse = tt.readXmldata("InfoboxReadResponse.xml"); + OutputStream out = conn.getOutputStream(); + out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); + out.flush(); + out.close(); + conn.connect(); + String redirectLoc = conn.getHeaderField("Location"); + conn.disconnect(); + //Verify Auth Block + conn = tt.giveConnection(redirectLoc, "POST"); + String createXMLSignatureResponse = URLEncoder.encode(tt.readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8"); + out = conn.getOutputStream(); + out.write(("XMLResponse=" + createXMLSignatureResponse).getBytes("UTF-8")); + out.flush(); + out.close(); + conn.connect(); + redirectLoc = conn.getHeaderField("Location"); + String samlArtifact = tt.parseSamlArtifact(redirectLoc); + System.out.println("SamlArtifact: " + samlArtifact); + + conn.disconnect(); + + conn = null; + + SAMLRequestBuilder srb = new SAMLRequestBuilder(); + + Element erg = tt.doCall(srb.build(MOASessionID, URLDecoder.decode(samlArtifact, "UTF-8")),MOA_AUTH_SERVER); + result = DOMUtils.serializeNode(erg); + if (result.indexOf("saml:Assertion")<0) + { + System.err.println("Falsche Antwort vom Webservice:\n" + result); + throw new Exception("Falsche Antwort vom Webservice"); + + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN LASTTEST :" + e.getLocalizedMessage()); + throw e; + } + + return true; + + } + + public String replaceString(String input, String oldPart, String newPart) throws Exception { + String erg = null; + + //First Part + erg = input.substring(0, input.indexOf(oldPart)); + //Insert new Part + erg += newPart; + + //insert REST + erg += input.substring(input.indexOf(oldPart) + oldPart.length(), input.length()); + + return erg; + } + + public static void main(String[] args) throws Exception { + Log = new PrintStream(new FileOutputStream("C:/Lasttest.log")); + int time = 0; + int sek = 0; + int turns = 0; + + if (args.length != 3) { + System.out.println("Parameteranzahl falsch. Bitte verwenden Sie die Syntax <Request_pro_Zeiteinheit(Zahl)> <Anzahl_der_Durchl�ufe(Zahl oder INF)> <Zeit_zwischen_Aufrufen_in_ms(Zahl)>"); + return; + } + + try { + sek = Integer.parseInt(args[0]); + time = Integer.parseInt(args[2]); + if (args[1].equals("INF")) { + turns = 0; + } + else + turns = Integer.parseInt(args[1]); + } + catch (NumberFormatException e) { + System.out.println("Einer der Parameter (Requestanzahl oder Testanzahl) ist keine Zahl !"); + return; + } + + System.out.println("Starte Lastest mit folgenden Parametern ..."); + System.out.println("ServerURL: " + MOA_AUTH_SERVER); + double reqPerSek = sek*1000; + System.out.println("Requests pro Sekunde: " + reqPerSek/time); + System.out.println("Durchl�ufe: " + (turns == 0 ? "INF" : turns + "")); + + Log.println("Starte Lastest mit folgenden Parametern ..."); + Log.println("ServerURL: " + MOA_AUTH_SERVER); + Log.println("Requests pro Sekunde: " + reqPerSek / time); + Log.println("Durchl�ufe: " + (turns == 0 ? "INF" : turns + "")); + + + try { + LasttestClient lc = new LasttestClient(); + //lc.startTest("data/CX0/TestGeneratorCX0.001.Req.xml","http://161.106.2.255:8080/",10,1000); + lc.startTest(sek, turns, time); + } + catch (Exception e) { + e.printStackTrace(); + } + } +} + diff --git a/id.server/src/test/lasttest/TestThread.java b/id.server/src/test/lasttest/TestThread.java new file mode 100644 index 000000000..0d2973c7f --- /dev/null +++ b/id.server/src/test/lasttest/TestThread.java @@ -0,0 +1,251 @@ +package test.lasttest; + +import java.io.OutputStream; +import java.net.URL; +import java.util.Vector; + +import javax.xml.namespace.QName; +import javax.xml.rpc.Call; +import javax.xml.rpc.Service; +import javax.xml.rpc.ServiceFactory; + +import org.apache.axis.message.SOAPBodyElement; +import org.w3c.dom.Element; + +import at.gv.egovernment.moa.id.proxy.builder.SAMLRequestBuilder; +import at.gv.egovernment.moa.id.util.AxisSecureSocketFactory; +import at.gv.egovernment.moa.util.FileUtils; +import at.gv.egovernment.moa.util.StreamUtils; +import at.gv.egovernment.moa.util.URLDecoder; +import at.gv.egovernment.moa.util.URLEncoder; +import com.sun.net.ssl.HttpsURLConnection; + +/** + * @author Stefan Knirsch + * @version $Id$ + * + */ +public class TestThread extends Thread { + private LasttestClient parent = null; + private int turn_no; + private Dispatcher disp = null; + + public TestThread( LasttestClient parent, int durchlauf_nr) { + turn_no = durchlauf_nr; + this.parent = parent; + + } + + protected Element doCall(Element request, String server) throws Exception { + + /* QName serviceName = new QName("GetAuthenticationData"); + + String endPoint = server + "services/GetAuthenticationData"; + Service service = ServiceFactory.newInstance().createService(serviceName); + Call call = service.createCall(); + SOAPBodyElement body = new SOAPBodyElement(request); + SOAPBodyElement[] params = new SOAPBodyElement[] { body }; + Vector responses; + SOAPBodyElement response; + + + System.out.println(DOMUtils.serializeNode(body.getAsDOM())); + call.setTargetEndpointAddress(endPoint); + System.out.println("Rufe WS auf: " + endPoint); + responses = (Vector) call.invoke(params); + System.out.println("WS aufgerufen."); + response = (SOAPBodyElement) responses.get(0); + System.out.println(DOMUtils.serializeNode(response.getAsDOM())); + return response.getAsDOM();*/ + + QName serviceName = new QName("GetAuthenticationData"); + String endPoint = server + "services/GetAuthenticationData"; + Service service = ServiceFactory.newInstance().createService(serviceName); + Call call = service.createCall(); + + System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol"); + System.setProperty("javax.net.ssl.trustStore", "C:/Programme/ApacheGroup/abnahme/server.keystore"); + System.setProperty("javax.net.ssl.trustStorePassword", "changeit"); + SOAPBodyElement body = new SOAPBodyElement(request); + SOAPBodyElement[] params = new SOAPBodyElement[] { body }; + Vector responses; + SOAPBodyElement response; + + call.setTargetEndpointAddress(endPoint); + responses = (Vector) call.invoke(params); + response = (SOAPBodyElement) responses.get(0); + return response.getAsDOM(); + } + + public boolean doRequest(int turnNo) throws Exception { + long start = System.currentTimeMillis(); + + try { + LasttestClient.Log.write(("Starte Durchlauf " + turnNo + "\n").getBytes()); + } + catch (Exception e) {} + + System.out.println("Starte Durchlauf " + turnNo); + // Anmelden + String URL = getURL(LasttestClient.MOA_AUTH_SERVER, "gb", "http://10.16.126.28:9080/moa-id-proxy/"); + HttpsURLConnection conn = giveConnection(URL, "GET"); + conn.connect(); + String result = new String(StreamUtils.readStream(conn.getInputStream())); + /* + * FOR DEBUG ONLY + */ + // System.out.println(URL); + // System.out.println(result); + //---------------- + + String MOASessionID = parseSessionIDFromForm(result); + conn.disconnect(); + + URL = parseDataURL(result); + // Verify Identity Link + conn = giveConnection(URL, "POST"); + conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); + String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); + OutputStream out = conn.getOutputStream(); + out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); + out.flush(); + out.close(); + conn.connect(); + + /* + * FOR DEBUG ONLY + */ + // System.out.println(URL); + // System.out.println(new String(StreamUtils.readStream(conn.getInputStream()))); + //---------------- + + String redirectLoc = conn.getHeaderField("Location"); + conn.disconnect(); + //Verify Auth Block + conn = giveConnection(redirectLoc, "POST"); + String createXMLSignatureResponse = URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8"); + out = conn.getOutputStream(); + out.write(("XMLResponse=" + createXMLSignatureResponse).getBytes("UTF-8")); + out.flush(); + out.close(); + conn.connect(); + redirectLoc = conn.getHeaderField("Location"); + + /* + * FOR DEBUG ONLY + */ + // System.out.println(redirectLoc); + // System.out.println(new String(StreamUtils.readStream(conn.getInputStream()))); + //---------------- + String samlArtifact = parseSamlArtifact(redirectLoc); + + // System.out.println("SamlArtifact: " + samlArtifact); + + AxisSecureSocketFactory.initialize(conn.getSSLSocketFactory()); + conn.disconnect(); + + conn = null; + + SAMLRequestBuilder srb = new SAMLRequestBuilder(); + + doCall(srb.build(MOASessionID, URLDecoder.decode(samlArtifact, "UTF-8")), LasttestClient.MOA_AUTH_SERVER); + // writeXmldata("GetAuthenticationDataWebServiceResponse.xml", result.getBytes("UTF-8")); + + long end = System.currentTimeMillis(); + long diff = end - start; + parent.sum +=diff; + if (parent.max < diff) { + parent.max = diff; + } + if (parent.min > diff) { + parent.min = diff; + } + if (turnNo>0) { + long totalmem = Runtime.getRuntime().totalMemory(); + long freemem = Runtime.getRuntime().freeMemory(); + try { + LasttestClient.Log.write(new String("Ende Durchlauf: " + turnNo + " ==> Dauer:" + diff + " Schnitt: " + (parent.sum/turnNo/2) + " Total-Mem: " + totalmem + " Free-Mem: " + freemem + "\n").getBytes()); + LasttestClient.Log.flush(); + } + catch (Exception e) {} + System.out.println(new String("Ende Durchlauf: " + turnNo + " ==> Dauer:" + diff + " Schnitt: " + (parent.sum/turnNo/2) + " Total-Mem: " + totalmem + " Free-Mem: " + freemem)); + } + return true; + + } + + public String getSubString(String input, String startsWith, String endsWith) { + return input.substring(input.indexOf(startsWith) + startsWith.length(), input.indexOf(endsWith, input.indexOf(startsWith) + startsWith.length())); + } + + public String getURL(String authURL, String target, String oaURL) { + return authURL + "StartAuthentication?Target=" + target + "&OA=" + oaURL; + } + + public HttpsURLConnection giveConnection(String targetURL, String requestMethod) throws Exception { + HttpsURLConnection conn = (HttpsURLConnection) new URL(targetURL).openConnection(); + conn.setRequestMethod(requestMethod); + conn.setDoInput(true); + conn.setDoOutput(true); + conn.setUseCaches(false); + conn.setAllowUserInteraction(false); + conn.setHostnameVerifier(new HostnameVerifierHack()); + return conn; + } + + public String killInclusive(String input, String startsWith, String endsWith, String newValue) { + int start = 0; + int ende; + String result; + result = input; + do { + start = result.indexOf(startsWith, start) + startsWith.length(); + ende = result.indexOf(endsWith, start); + result = result.substring(0, start - startsWith.length()) + newValue + result.substring(ende + endsWith.length(), result.length()); + start++; + } + while (result.indexOf(startsWith, ende + 1) > 0); + + return result; + } + + public String parseDataURL(String input) { + return getSubString(input.substring(input.indexOf("DataURL"), input.length()), "value=\"", "\""); + } + + public String parseSamlArtifact(String input) { +// System.out.println(input); + return getSubString(input + "@@@", "SAMLArtifact=", "@@@"); + } + + public String parseSessionIDFromForm(String htmlForm) { + String parName = "MOASessionID="; + int i1 = htmlForm.indexOf(parName) + parName.length(); + int i2 = htmlForm.indexOf("\"", i1); + return htmlForm.substring(i1, i2); + } + + public String readXmldata(String filename) throws Exception { + + return FileUtils.readFile(LasttestClient.TESTDATA_ROOT + "xmldata/L000/" + filename, "UTF-8"); + } + + /** + * @see java.lang.Runnable#run() + */ + public void run() { + parent.thread_counter++; + + try { + if (!doRequest(turn_no)) { + parent.error_count++; + } + } + catch (Exception e) { + e.printStackTrace(); + parent.error_count++; + } + parent.thread_counter--; + } + +} |