aboutsummaryrefslogtreecommitdiff
path: root/id/server
diff options
context:
space:
mode:
Diffstat (limited to 'id/server')
-rw-r--r--id/server/auth-edu/pom.xml19
-rw-r--r--id/server/auth-edu/src/main/resources/logback.xml79
-rw-r--r--id/server/auth-final/pom.xml11
-rw-r--r--id/server/auth-final/src/main/resources/logback.xml (renamed from id/server/data/deploy/conf/moa-id/logback_config.xml)51
-rw-r--r--id/server/data/deploy/conf/moa-id-configuration/logback.xml40
-rw-r--r--id/server/data/deploy/conf/moa-id-configuration/logback_config.xml71
-rw-r--r--id/server/data/deploy/conf/moa-id-oa/logback.xml30
-rw-r--r--id/server/data/deploy/conf/moa-id/log4j.properties62
-rw-r--r--id/server/data/deploy/conf/moa-id/logback.xml79
-rw-r--r--id/server/data/deploy/conf/moa-id/moa-id.properties10
-rw-r--r--id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/a-sign-Test-Premium-Sig-05.20141215-20241209.SerNo165fb8.crt (renamed from id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/a-sign-Test-Premium-Sig-05.20141215-20141209.SerNo165fb8.crt)0
-rw-r--r--id/server/data/deploy/tomcat/unix/tomcat-start.sh3
-rw-r--r--id/server/data/deploy/tomcat/win32/startTomcat.bat3
-rw-r--r--id/server/doc/handbook/install/install.html144
-rw-r--r--id/server/idserverlib/pom.xml30
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java8
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/AbstractEncrytionUtil.java47
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java7
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/AuthenticationDataBuilderTest.java34
-rw-r--r--id/server/moa-id-commons/pom.xml20
-rw-r--r--id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/MOAIDTrustManager.java8
-rw-r--r--id/server/moa-id-frontend-resources/pom.xml2
-rw-r--r--id/server/moa-id-jaxb_classes/pom.xml2
-rw-r--r--id/server/moa-id-spring-initializer/pom.xml2
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/pom.xml2
-rw-r--r--id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml2
-rw-r--r--id/server/modules/moa-id-module-E-ID_connector/pom.xml10
-rw-r--r--id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml6
-rw-r--r--id/server/modules/moa-id-module-dummyAuth/pom.xml42
-rw-r--r--id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/ConfigurationProperties.java58
-rw-r--r--id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/DummyIdentityAuthModule.java152
-rw-r--r--id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/DummyIdentityAuthSpringResourceProvider.java62
-rw-r--r--id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/service/DummyIdentityService.java182
-rw-r--r--id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/task/InjectDummyIdentityInformationTask.java140
-rw-r--r--id/server/modules/moa-id-module-dummyAuth/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider1
-rw-r--r--id/server/modules/moa-id-module-dummyAuth/src/main/resources/dummy_identity_auth.process.xml16
-rw-r--r--id/server/modules/moa-id-module-dummyAuth/src/main/resources/moaid_dummy_identity_auth.beans.xml23
-rw-r--r--id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/BeanCreationTest.java67
-rw-r--r--id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/DummyIdentityAuthModuleTest.java117
-rw-r--r--id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/DummyIdentityAuthSpringResourceProviderTest.java55
-rw-r--r--id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/DummyIdentityServiceTest.java48
-rw-r--r--id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/InjectDummyIdentityInformationTaskTest.java92
-rw-r--r--id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/dummy/DummyAuthConfigMap.java136
-rw-r--r--id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/config1.properties6
-rw-r--r--id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/config2.properties5
-rw-r--r--id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_1.json6
-rw-r--r--id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_2.json6
-rw-r--r--id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_invalid_json_1.json6
-rw-r--r--id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_invalid_json_2.json7
-rw-r--r--id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_invalid_json_3.json8
-rw-r--r--id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_missing_attr.json5
-rw-r--r--id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_wrong_extension.txt6
-rw-r--r--id/server/modules/moa-id-module-dummyAuth/src/test/resources/test_dummy_identity_auth.beans.xml20
-rw-r--r--id/server/modules/moa-id-module-dummyAuth/src/test/resources/test_dummy_identity_auth_lazy.beans.xml27
-rw-r--r--id/server/modules/moa-id-module-eIDAS/pom.xml6
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/pom.xml145
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java61
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthModule.java147
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthSpringResourceProvider.java71
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/AbstractEhvdAttributeBuilder.java51
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdAddressStateAttributeBuilder.java28
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdAddressZipcodeAttributeBuilder.java28
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdFirstnameAttributeBuilder.java22
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdIdAttributeBuilder.java22
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdOtherIdAttributeBuilder.java54
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdSurnameAttributeBuilder.java22
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdTitelAttributeBuilder.java22
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/PvpRoleAttributeBuilder.java57
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/exception/EhvdException.java19
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java321
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/IEhvdCommunication.java20
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/task/InjectEhvdInformationTask.java109
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/main/resources/DefaultAuth_with_ehvd_interaction.process.xml32
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider1
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder5
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/main/resources/moaid_ehvd_service_auth.beans.xml23
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/id_messages.properties7
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/protocol_response_statuscodes.properties9
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/main/resources/wsdl/eHVD.wsdl220
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/BeanCreationTest.java39
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthModuleTest.java101
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthSpringResourceProviderTest.java56
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/AbstractEhvdAttributeBuilderTest.java97
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdAddressStateAttributeBuilderTest.java106
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdAddressZipAttributeBuilderTest.java107
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdFirstnameAttributeBuilderTest.java47
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdIdAttributeBuilderTest.java64
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdOtherIdAttributeBuilderTest.java86
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdSurnameAttributeBuilderTest.java48
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdTitelAttributeBuilderTest.java46
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/PvpRoleAttributeBuilderTest.java159
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/DummyAuthConfigMap.java136
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/TestUtils.java150
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java171
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationTaskTest.java1086
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AttributeBuilderRegistrationTest.java41
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AuthenticationRoleFactoryTest.java65
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/MoaStatusMessagerTest.java55
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/java/com/github/skjolber/mockito/soap/Soap12EndpointRule.java195
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config1.properties11
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config2.properties4
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config_qs_service.properties12
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_qs_service_auth.beans.xml19
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth.beans.xml19
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth_lazy.beans.xml24
-rw-r--r--id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_messager_auth.beans.xml15
-rw-r--r--id/server/modules/moa-id-module-elga_mandate_service/pom.xml2
-rw-r--r--id/server/modules/moa-id-module-openID/pom.xml7
-rw-r--r--id/server/modules/moa-id-module-sl20_authentication/pom.xml17
-rw-r--r--id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/SL20JSONExtractorUtils.java664
-rw-r--r--id/server/modules/moa-id-module-ssoTransfer/pom.xml6
-rw-r--r--id/server/modules/moa-id-modules-federated_authentication/pom.xml2
-rw-r--r--id/server/modules/moa-id-modules-saml1/pom.xml2
-rw-r--r--id/server/modules/module-monitoring/pom.xml2
-rw-r--r--id/server/modules/pom.xml7
-rw-r--r--id/server/pom.xml2
-rw-r--r--id/server/proxy/.gitignore2
-rw-r--r--id/server/proxy/pom.xml152
-rw-r--r--id/server/proxy/src/main/webapp/META-INF/MANIFEST.MF2
-rw-r--r--id/server/proxy/src/main/webapp/WEB-INF/web.xml82
-rw-r--r--id/server/proxy/src/main/webapp/errorpage-proxy.jsp50
-rw-r--r--id/server/proxy/src/main/webapp/message-proxy.jsp20
122 files changed, 6587 insertions, 968 deletions
diff --git a/id/server/auth-edu/pom.xml b/id/server/auth-edu/pom.xml
index 5a743549b..53cbacedf 100644
--- a/id/server/auth-edu/pom.xml
+++ b/id/server/auth-edu/pom.xml
@@ -2,7 +2,7 @@
<parent>
<groupId>MOA.id</groupId>
<artifactId>moa-id</artifactId>
- <version>4.1.5</version>
+ <version>4.2.0</version>
</parent>
<modelVersion>4.0.0</modelVersion>
@@ -207,7 +207,12 @@
<groupId>MOA.id.server.modules</groupId>
<artifactId>moa-id-module-bkaMobilaAuthSAML2Test</artifactId>
</dependency>
-
+
+ <dependency>
+ <groupId>MOA.id.server.modules</groupId>
+ <artifactId>moa-id-module-dummy-authenticatiuon</artifactId>
+ </dependency>
+
<dependency>
<groupId>MOA.id.server.modules</groupId>
<artifactId>moa-id-module-sl20_authentication</artifactId>
@@ -223,6 +228,16 @@
<artifactId>moa-id-module-EID_connector</artifactId>
</dependency>
+ <dependency>
+ <groupId>MOA.id.server.modules</groupId>
+ <artifactId>moa-id-module-ehvd_integration</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>ch.qos.logback</groupId>
+ <artifactId>logback-classic</artifactId>
+ </dependency>
+
<!--
<dependency>
<groupId>org.apache.santuario</groupId>
diff --git a/id/server/auth-edu/src/main/resources/logback.xml b/id/server/auth-edu/src/main/resources/logback.xml
new file mode 100644
index 000000000..582f6d44c
--- /dev/null
+++ b/id/server/auth-edu/src/main/resources/logback.xml
@@ -0,0 +1,79 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+ <appender name="moaid" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
+ <File>${catalina.base}/logs/moa-id.log</File>
+ <encoder>
+ <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n</pattern>
+ </encoder>
+ <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <maxIndex>1</maxIndex>
+ <FileNamePattern>${catalina.base}/logs/moa-id.log.%i.gz</FileNamePattern>
+ </rollingPolicy>
+ <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <MaxFileSize>10000KB</MaxFileSize>
+ </triggeringPolicy>
+ </appender>
+ <appender name="moaspss" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
+ <File>${catalina.base}/logs/moa-spss.log</File>
+ <encoder>
+ <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n</pattern>
+ </encoder>
+ <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <maxIndex>1</maxIndex>
+ <FileNamePattern>${catalina.base}/logs/moa-spss.log.%i.gz</FileNamePattern>
+ </rollingPolicy>
+ <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <MaxFileSize>10000KB</MaxFileSize>
+ </triggeringPolicy>
+ </appender>
+ <appender name="reversion" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
+ <File>${catalina.base}/logs/moa-id-reversion.log</File>
+ <encoder>
+ <pattern>%5p | %d{ISO8601} | %t | %m%n</pattern>
+ </encoder>
+ <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <maxIndex>9999</maxIndex>
+ <FileNamePattern>${catalina.base}/logs/moa-id-reversion.log.%i.gz</FileNamePattern>
+ </rollingPolicy>
+ <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <MaxFileSize>10000KB</MaxFileSize>
+ </triggeringPolicy>
+ </appender>
+ <appender name="stdout" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder>
+ <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} |%20.20c | %10t | %m%n</pattern>
+ </encoder>
+ </appender>
+
+ <logger name="at.gv.egovernment.moa.id" level="info">
+ <appender-ref ref="moaid"/>
+ </logger>
+
+ <logger name="at.gv.egiz.eventlog.plain.all" level="info">
+ <appender-ref ref="reversion"/>
+ </logger>
+
+ <logger name="at.gv.egiz.eaaf" level="info">
+ <appender-ref ref="moaid"/>
+ </logger>
+ <logger name="at.gv.egiz.components.configuration" level="info">
+ <appender-ref ref="CONFIGTOOL"/>
+ </logger>
+
+ <logger name="at.gv.egovernment.moa.spss" level="info">
+ <appender-ref ref="moaspss"/>
+ </logger>
+ <logger name="pki" level="info">
+ <appender-ref ref="moaspss"/>
+ </logger>
+ <logger name="iaik.server" level="info">
+ <appender-ref ref="moaspss"/>
+ </logger>
+
+ <root level="warn">
+ <appender-ref ref="stdout"/>
+ </root>
+</configuration>
diff --git a/id/server/auth-final/pom.xml b/id/server/auth-final/pom.xml
index 72d5b51d7..e83448eec 100644
--- a/id/server/auth-final/pom.xml
+++ b/id/server/auth-final/pom.xml
@@ -2,7 +2,7 @@
<parent>
<groupId>MOA.id</groupId>
<artifactId>moa-id</artifactId>
- <version>4.1.5</version>
+ <version>4.2.0</version>
</parent>
<modelVersion>4.0.0</modelVersion>
@@ -170,7 +170,16 @@
<groupId>MOA.id.server.modules</groupId>
<artifactId>moa-id-module-EID_connector</artifactId>
</dependency>
+
+ <dependency>
+ <groupId>MOA.id.server.modules</groupId>
+ <artifactId>moa-id-module-ehvd_integration</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>ch.qos.logback</groupId>
+ <artifactId>logback-classic</artifactId>
+ </dependency>
<!-- transitive dependencies we don't want to include into the war -->
<dependency>
diff --git a/id/server/data/deploy/conf/moa-id/logback_config.xml b/id/server/auth-final/src/main/resources/logback.xml
index fa221fbc2..0e86d3c68 100644
--- a/id/server/data/deploy/conf/moa-id/logback_config.xml
+++ b/id/server/auth-final/src/main/resources/logback.xml
@@ -1,12 +1,4 @@
<?xml version="1.0" encoding="UTF-8"?>
-
-<!-- For assistance related to logback-translator or configuration -->
-<!-- files in general, please contact the logback user mailing list -->
-<!-- at http://www.qos.ch/mailman/listinfo/logback-user -->
-<!-- -->
-<!-- For professional support please see -->
-<!-- http://www.qos.ch/shop/products/professionalSupport -->
-<!-- -->
<configuration>
<appender name="moaid" class="ch.qos.logback.core.rolling.RollingFileAppender">
<!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
@@ -16,7 +8,7 @@
</encoder>
<rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
<maxIndex>1</maxIndex>
- <FileNamePattern>${catalina.base}/logs/moa-id.log.%i</FileNamePattern>
+ <FileNamePattern>${catalina.base}/logs/moa-id.log.%i.gz</FileNamePattern>
</rollingPolicy>
<triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
<MaxFileSize>10000KB</MaxFileSize>
@@ -30,7 +22,7 @@
</encoder>
<rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
<maxIndex>1</maxIndex>
- <FileNamePattern>${catalina.base}/logs/moa-spss.log.%i</FileNamePattern>
+ <FileNamePattern>${catalina.base}/logs/moa-spss.log.%i.gz</FileNamePattern>
</rollingPolicy>
<triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
<MaxFileSize>10000KB</MaxFileSize>
@@ -44,7 +36,7 @@
</encoder>
<rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
<maxIndex>1</maxIndex>
- <FileNamePattern>${catalina.base}/logs/moa-id-webgui.log.%i</FileNamePattern>
+ <FileNamePattern>${catalina.base}/logs/moa-id-webgui.log.%i.gz</FileNamePattern>
</rollingPolicy>
<triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
<MaxFileSize>10000KB</MaxFileSize>
@@ -52,13 +44,13 @@
</appender>
<appender name="reversion" class="ch.qos.logback.core.rolling.RollingFileAppender">
<!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
- <File>${catalina.base}/moa-id-reversion.log</File>
+ <File>${catalina.base}/logs/moa-id-reversion.log</File>
<encoder>
<pattern>%5p | %d{ISO8601} | %t | %m%n</pattern>
</encoder>
<rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
<maxIndex>9999</maxIndex>
- <FileNamePattern>${catalina.base}/moa-id-reversion.log.%i</FileNamePattern>
+ <FileNamePattern>${catalina.base}/logs/moa-id-reversion.log.%i.gz</FileNamePattern>
</rollingPolicy>
<triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
<MaxFileSize>10000KB</MaxFileSize>
@@ -68,37 +60,40 @@
<encoder>
<pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} |%20.20c | %10t | %m%n</pattern>
</encoder>
- </appender>
- <logger name="at.gv.egiz.eaaf" level="info">
+ </appender>
+
+ <logger name="at.gv.egovernment.moa.id" level="info">
<appender-ref ref="moaid"/>
</logger>
- <logger name="at.gv.egovernment.moa.spss" level="info">
- <appender-ref ref="moaspss"/>
- </logger>
- <logger name="pki" level="info">
- <appender-ref ref="moaspss"/>
- </logger>
- <logger name="at.gv.egovernment.moa.id.commons" level="info">
- <appender-ref ref="CONFIGTOOL"/>
+
+ <logger name="at.gv.egiz.eventlog.plain.all" level="info">
+ <appender-ref ref="reversion"/>
</logger>
+
<logger name="at.gv.egovernment.moa.id.configuration" level="info">
<appender-ref ref="CONFIGTOOL"/>
</logger>
- <logger name="at.gv.egiz.eventlog.plain.all" level="info">
- <appender-ref ref="reversion"/>
- </logger>
<logger name="at.gv.egovernment.moa.id.config.webgui" level="info">
<appender-ref ref="CONFIGTOOL"/>
</logger>
+
+ <logger name="at.gv.egiz.eaaf" level="info">
+ <appender-ref ref="moaid"/>
+ </logger>
<logger name="at.gv.egiz.components.configuration" level="info">
<appender-ref ref="CONFIGTOOL"/>
</logger>
- <logger name="at.gv.egovernment.moa.id" level="info">
- <appender-ref ref="moaid"/>
+
+ <logger name="at.gv.egovernment.moa.spss" level="info">
+ <appender-ref ref="moaspss"/>
</logger>
+ <logger name="pki" level="info">
+ <appender-ref ref="moaspss"/>
+ </logger>
<logger name="iaik.server" level="info">
<appender-ref ref="moaspss"/>
</logger>
+
<root level="warn">
<appender-ref ref="stdout"/>
</root>
diff --git a/id/server/data/deploy/conf/moa-id-configuration/logback.xml b/id/server/data/deploy/conf/moa-id-configuration/logback.xml
new file mode 100644
index 000000000..fc7508598
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-id-configuration/logback.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+ <appender name="CONFIGTOOL" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
+ <File>${catalina.base}/logs/moa-id-webgui.log</File>
+ <encoder>
+ <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n</pattern>
+ </encoder>
+ <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <maxIndex>1</maxIndex>
+ <FileNamePattern>${catalina.base}/logs/moa-id-webgui.log.%i.gz</FileNamePattern>
+ </rollingPolicy>
+ <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <MaxFileSize>10000KB</MaxFileSize>
+ </triggeringPolicy>
+ </appender>
+ <appender name="stdout" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder>
+ <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} |%20.20c | %10t | %m%n</pattern>
+ </encoder>
+ </appender>
+
+ <logger name="at.gv.egovernment.moa.id.configuration" level="info">
+ <appender-ref ref="CONFIGTOOL"/>
+ </logger>
+ <logger name="at.gv.egovernment.moa.id.config.webgui" level="info">
+ <appender-ref ref="CONFIGTOOL"/>
+ </logger>
+
+ <logger name="at.gv.egiz.eaaf" level="info">
+ <appender-ref ref="moaid"/>
+ </logger>
+ <logger name="at.gv.egiz.components.configuration" level="info">
+ <appender-ref ref="CONFIGTOOL"/>
+ </logger>
+
+ <root level="warn">
+ <appender-ref ref="stdout"/>
+ </root>
+</configuration>
diff --git a/id/server/data/deploy/conf/moa-id-configuration/logback_config.xml b/id/server/data/deploy/conf/moa-id-configuration/logback_config.xml
deleted file mode 100644
index c00e62e52..000000000
--- a/id/server/data/deploy/conf/moa-id-configuration/logback_config.xml
+++ /dev/null
@@ -1,71 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<!-- For assistance related to logback-translator or configuration -->
-<!-- files in general, please contact the logback user mailing list -->
-<!-- at http://www.qos.ch/mailman/listinfo/logback-user -->
-<!-- -->
-<!-- For professional support please see -->
-<!-- http://www.qos.ch/shop/products/professionalSupport -->
-<!-- -->
-<configuration>
- <!-- Errors were reported during translation. -->
- <!-- No class found for appender CONFIGTOOL R -->
- <!-- Could not find transformer for null -->
- <appender name="R" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
- <File>${catalina.base}/logs/moa-id.log</File>
- <encoder>
- <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{transactionId} | %t | %m%n</pattern>
- </encoder>
- <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <maxIndex>1</maxIndex>
- <FileNamePattern>${catalina.base}/logs/moa-id.log.%i</FileNamePattern>
- </rollingPolicy>
- <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <MaxFileSize>10000KB</MaxFileSize>
- </triggeringPolicy>
- </appender>
- <appender name="CONFIGTOOL R">
- <!--No layout specified for appender named [CONFIGTOOL R] of class [null]-->
- </appender>
- <appender name="CONFIGTOOL" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
- <File>${catalina.base}/logs/moa-id-webgui.log</File>
- <encoder>
- <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{transactionId} | %t | %m%n</pattern>
- </encoder>
- <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <maxIndex>1</maxIndex>
- <FileNamePattern>${catalina.base}/logs/moa-id-webgui.log.%i</FileNamePattern>
- </rollingPolicy>
- <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <MaxFileSize>10000KB</MaxFileSize>
- </triggeringPolicy>
- </appender>
- <appender name="stdout" class="ch.qos.logback.core.ConsoleAppender">
- <encoder>
- <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{transactionId} |%20.20c | %10t | %m%n</pattern>
- </encoder>
- </appender>
- <logger name="eu.stork" level="info"/>
- <logger name="iaik.server" level="info"/>
- <logger name="at.gv.egovernment.moa.id" level="info">
- <appender-ref ref="R"/>
- </logger>
- <logger name="at.gv.egovernment.moa.id.commons" level="info">
- <appender-ref ref="CONFIGTOOL R"/>
- </logger>
- <logger name="org.hibernate" level="warn"/>
- <logger name="at.gv.egiz.components.configuration" level="info">
- <appender-ref ref="CONFIGTOOL"/>
- </logger>
- <logger name="at.gv.egovernment.moa.id.proxy" level="info"/>
- <logger name="at.gv.egovernment.moa.id.config.webgui" level="info">
- <appender-ref ref="CONFIGTOOL"/>
- </logger>
- <logger name="at.gv.egovernment.moa.spss" level="info"/>
- <logger name="at.gv.egovernment.moa" level="info"/>
- <root level="info">
- <appender-ref ref="stdout"/>
- </root>
-</configuration>
diff --git a/id/server/data/deploy/conf/moa-id-oa/logback.xml b/id/server/data/deploy/conf/moa-id-oa/logback.xml
new file mode 100644
index 000000000..b94b7476a
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-id-oa/logback.xml
@@ -0,0 +1,30 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+ <appender name="DEMO_SP" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
+ <File>${catalina.base}/logs/moa-demo-sp.log</File>
+ <encoder>
+ <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n</pattern>
+ </encoder>
+ <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <maxIndex>1</maxIndex>
+ <FileNamePattern>${catalina.base}/logs/moa-demo-sp.%i.gz</FileNamePattern>
+ </rollingPolicy>
+ <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTrimoa-demo-spggeringPolicy">
+ <MaxFileSize>10000KB</MaxFileSize>
+ </triggeringPolicy>
+ </appender>
+ <appender name="stdout" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder>
+ <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} |%20.20c | %10t | %m%n</pattern>
+ </encoder>
+ </appender>
+
+ <logger name="at.gv.egovernment.moa.id.demoOA" level="info">
+ <appender-ref ref="DEMO_SP"/>
+ </logger>
+
+ <root level="warn">
+ <appender-ref ref="stdout"/>
+ </root>
+</configuration>
diff --git a/id/server/data/deploy/conf/moa-id/log4j.properties b/id/server/data/deploy/conf/moa-id/log4j.properties
deleted file mode 100644
index 2914fcff1..000000000
--- a/id/server/data/deploy/conf/moa-id/log4j.properties
+++ /dev/null
@@ -1,62 +0,0 @@
-# commons-logging setup
-org.apache.commons.logging.LogFactory=org.apache.commons.logging.impl.Log4jFactory
-
-# define log4j root loggers
-log4j.rootLogger=warn,stdout
-
-### MOA-ID process log ###
-log4j.logger.at.gv.egiz.eaaf=info,moaid
-log4j.logger.at.gv.egovernment.moa.id=info,moaid
-log4j.logger.at.gv.egovernment.moa.spss=info,moaid
-
-### process revision log with event-codes ###
-log4j.logger.at.gv.egiz.eventlog.plain.all=info,reversion
-
-### Signature verification and certificate proofing ####
-log4j.logger.at.gv.egovernment.moa.spss=info,moaspss
-log4j.logger.iaik.server=info,moaspss
-log4j.logger.pki=info,moaspss
-
-### ConfigTool Logs ####
-log4j.logger.at.gv.egiz.components.configuration=info,CONFIGTOOL
-log4j.logger.at.gv.egovernment.moa.id.commons=info,CONFIGTOOL
-log4j.logger.at.gv.egovernment.moa.id.config.webgui=info,CONFIGTOOL
-log4j.logger.at.gv.egovernment.moa.id.configuration=info,CONFIGTOOL
-
-
-### Log Appender ####
-# configure the stdout appender
-log4j.appender.stdout=org.apache.log4j.ConsoleAppender
-log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
-log4j.appender.stdout.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} |%20.20c | %10t | %m%n
-
-# configure the rolling file appender (moaid)
-log4j.appender.moaid=org.apache.log4j.RollingFileAppender
-log4j.appender.moaid.File=${catalina.base}/logs/moa-id.log
-log4j.appender.moaid.MaxFileSize=10000KB
-log4j.appender.moaid.MaxBackupIndex=1
-log4j.appender.moaid.layout=org.apache.log4j.PatternLayout
-log4j.appender.moaid.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n
-
-# configure the rolling file appender (moaid)
-log4j.appender.moaspss=org.apache.log4j.RollingFileAppender
-log4j.appender.moaspss.File=${catalina.base}/logs/moa-spss.log
-log4j.appender.moaspss.MaxFileSize=10000KB
-log4j.appender.moaspss.MaxBackupIndex=1
-log4j.appender.moaspss.layout=org.apache.log4j.PatternLayout
-log4j.appender.moaspss.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n
-
-log4j.appender.reversion=org.apache.log4j.RollingFileAppender
-log4j.appender.reversion.File=${catalina.base}/moa-id-reversion.log
-log4j.appender.reversion.MaxFileSize=10000KB
-log4j.appender.reversion.MaxBackupIndex=9999
-log4j.appender.reversion.layout=org.apache.log4j.PatternLayout
-log4j.appender.reversion.layout.ConversionPattern=%5p | %d{ISO8601} | %t | %m%n
-
-# configure the rolling file appender (configtool)
-log4j.appender.CONFIGTOOL=org.apache.log4j.RollingFileAppender
-log4j.appender.CONFIGTOOL.File=${catalina.base}/logs/moa-id-webgui.log
-log4j.appender.CONFIGTOOL.MaxFileSize=10000KB
-log4j.appender.CONFIGTOOL.MaxBackupIndex=1
-log4j.appender.CONFIGTOOL.layout=org.apache.log4j.PatternLayout
-log4j.appender.CONFIGTOOL.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n \ No newline at end of file
diff --git a/id/server/data/deploy/conf/moa-id/logback.xml b/id/server/data/deploy/conf/moa-id/logback.xml
new file mode 100644
index 000000000..3f0d54fe5
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-id/logback.xml
@@ -0,0 +1,79 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+ <appender name="moaid" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
+ <File>${catalina.base}/logs/moa-id.log</File>
+ <encoder>
+ <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n</pattern>
+ </encoder>
+ <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <maxIndex>1</maxIndex>
+ <FileNamePattern>${catalina.base}/logs/moa-id.log.%i.gz</FileNamePattern>
+ </rollingPolicy>
+ <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <MaxFileSize>10000KB</MaxFileSize>
+ </triggeringPolicy>
+ </appender>
+ <appender name="moaspss" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
+ <File>${catalina.base}/logs/moa-spss.log</File>
+ <encoder>
+ <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n</pattern>
+ </encoder>
+ <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <maxIndex>1</maxIndex>
+ <FileNamePattern>${catalina.base}/logs/moa-spss.log.%i.gz</FileNamePattern>
+ </rollingPolicy>
+ <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <MaxFileSize>10000KB</MaxFileSize>
+ </triggeringPolicy>
+ </appender>
+ <appender name="reversion" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
+ <File>${catalina.base}/moa-id-reversion.log</File>
+ <encoder>
+ <pattern>%5p | %d{ISO8601} | %t | %m%n</pattern>
+ </encoder>
+ <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <maxIndex>9999</maxIndex>
+ <FileNamePattern>${catalina.base}/moa-id-reversion.log.%i.gz</FileNamePattern>
+ </rollingPolicy>
+ <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <MaxFileSize>10000KB</MaxFileSize>
+ </triggeringPolicy>
+ </appender>
+ <appender name="stdout" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder>
+ <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} |%20.20c | %10t | %m%n</pattern>
+ </encoder>
+ </appender>
+
+ <logger name="at.gv.egovernment.moa.id" level="info">
+ <appender-ref ref="moaid"/>
+ </logger>
+
+ <logger name="at.gv.egiz.eventlog.plain.all" level="info">
+ <appender-ref ref="reversion"/>
+ </logger>
+
+ <logger name="at.gv.egiz.eaaf" level="info">
+ <appender-ref ref="moaid"/>
+ </logger>
+ <logger name="at.gv.egiz.components.configuration" level="info">
+ <appender-ref ref="CONFIGTOOL"/>
+ </logger>
+
+ <logger name="at.gv.egovernment.moa.spss" level="info">
+ <appender-ref ref="moaspss"/>
+ </logger>
+ <logger name="pki" level="info">
+ <appender-ref ref="moaspss"/>
+ </logger>
+ <logger name="iaik.server" level="info">
+ <appender-ref ref="moaspss"/>
+ </logger>
+
+ <root level="warn">
+ <appender-ref ref="stdout"/>
+ </root>
+</configuration>
diff --git a/id/server/data/deploy/conf/moa-id/moa-id.properties b/id/server/data/deploy/conf/moa-id/moa-id.properties
index 0a579a53d..03640b252 100644
--- a/id/server/data/deploy/conf/moa-id/moa-id.properties
+++ b/id/server/data/deploy/conf/moa-id/moa-id.properties
@@ -226,6 +226,14 @@ modules.elga_mandate.request.sign.password=password
modules.elga_mandate.response.encryption.alias=pvp_assertion
modules.elga_mandate.response.encryption.password=password
+######## EHVD Service module
+modules.ehvd.enabled=false
+#modules.ehvd.sp.1=
+#modules.ehvd.sp.2=
+modules.ehvd.service.url=
+modules.ehvd.service.role.regex=^1\.2\.40\.0\.34\.5\.2\:(100|101|158)$
+modules.ehvd.role.pvp=EPI-GDA()
+
######## SSO Interfederation client module ########
modules.federatedAuth.keystore.path=keys/moa_idp[password].p12
modules.federatedAuth.keystore.password=password
@@ -280,4 +288,4 @@ service.egovutil.szr.ssl.laxhostnameverification=false
## Additonal encryption keys can be added by add a ney configuration line, like
## configuration.foreignsectors.pubkey.BMI+T1=MIICuTCCAaG (VKZ='BMI', Public Target='T1')
########
-#configuration.foreignsectors.pubkey.wbpk+FN+195755b=MIIF2TCCA8GgAw... \ No newline at end of file
+#configuration.foreignsectors.pubkey.wbpk+FN+195755b=MIIF2TCCA8GgAw...
diff --git a/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/a-sign-Test-Premium-Sig-05.20141215-20141209.SerNo165fb8.crt b/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/a-sign-Test-Premium-Sig-05.20141215-20241209.SerNo165fb8.crt
index ee17cdb80..ee17cdb80 100644
--- a/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/a-sign-Test-Premium-Sig-05.20141215-20141209.SerNo165fb8.crt
+++ b/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/a-sign-Test-Premium-Sig-05.20141215-20241209.SerNo165fb8.crt
diff --git a/id/server/data/deploy/tomcat/unix/tomcat-start.sh b/id/server/data/deploy/tomcat/unix/tomcat-start.sh
index d717ecd25..0ad50ff0e 100644
--- a/id/server/data/deploy/tomcat/unix/tomcat-start.sh
+++ b/id/server/data/deploy/tomcat/unix/tomcat-start.sh
@@ -7,8 +7,7 @@ export CATALINA_BASE=$CATALINA_HOME
FILE_ENCODING=-Dfile.encoding=UTF-8
RAND_FILE=-Djava.security.egd=file:///dev/urandom
-LOGGING_OPT=-Dlog4j.configuration=file:$CATALINA_BASE/conf/moa-id/log4j.properties
-LOGGING_LOGBACK_OPT=-Dlogback.configurationFile=$CATALINA_BASE/conf/moa-id/logback_config.xml
+LOGGING_LOGBACK_OPT=-Dlogback.configurationFile=$CATALINA_BASE/conf/moa-id/logback.xml
CONFIG_OPT=-Dmoa.id.configuration=file:$CATALINA_BASE/conf/moa-id/moa-id.properties
SPSS_OPT=-Dmoa.spss.server.configuration=$CATALINA_BASE/conf/moa-spss/SampleMOASPSSConfiguration.xml
diff --git a/id/server/data/deploy/tomcat/win32/startTomcat.bat b/id/server/data/deploy/tomcat/win32/startTomcat.bat
index afdd907c8..93eb3ea80 100644
--- a/id/server/data/deploy/tomcat/win32/startTomcat.bat
+++ b/id/server/data/deploy/tomcat/win32/startTomcat.bat
@@ -12,8 +12,7 @@ rem ----------------------------------------------------------------------------
set FILE_ENCODING=-Dfile.encoding=UTF-8
set RAND_FILE=-Djava.security.egd=file:///dev/urandom
-set LOGGING_OPT=-Dlog4j.configuration=file:%CATALINA_HOME%/conf/moa-id/log4j.properties
-set LOGGING_LOGBACK_OPT=-Dlogback.configurationFile=%CATALINA_HOME%/conf/moa-id/logback_config.xml
+set LOGGING_LOGBACK_OPT=-Dlogback.configurationFile=%CATALINA_HOME%/conf/moa-id/logback.xml
set CONFIG_OPT_SPSS=-Dmoa.spss.server.configuration=%CATALINA_HOME%/conf/moa-spss/SampleMOASPSSConfiguration.xml
set CONFIG_OPT_ID=-Dmoa.id.configuration=file:%CATALINA_HOME%/conf/moa-id/moa-id.properties
diff --git a/id/server/doc/handbook/install/install.html b/id/server/doc/handbook/install/install.html
index f755fd782..1e55aed78 100644
--- a/id/server/doc/handbook/install/install.html
+++ b/id/server/doc/handbook/install/install.html
@@ -7,7 +7,7 @@
<link rel="stylesheet" href="../common/MOA.css" type="text/css">
<link href='https://fonts.googleapis.com/css?family=Roboto:300,400' rel='stylesheet' type='text/css'>
</head>
-<body link="#990000">
+<body link="#990000">
<div id="headline">
<div class="container">
<a href="http://www.digitales.oesterreich.gv.at/"><img src="../common/logo_digAT.png"/></a>
@@ -16,65 +16,65 @@
</div>
</div>
<div class="container">
-<h1 align="center">Installation</h1>
+<h1 align="center">Installation</h1>
<h2>Inhalt</h2>
- <ol class="index">
- <li>
- <p><a href="#webservice">MOA-ID-Auth und MOA-ID-Configuration</a></p>
- <ol>
- <li><a href="#webservice_basisinstallation">Basisinstallation</a>
- <ol>
- <li><a href="#webservice_basisinstallation_einfuehrung">Einf&uuml;hrung</a></li>
- <li><a href="#webservice_basisinstallation_installation">Installation</a>
- <ol>
- <li><a href="#webservice_basisinstallation_installation_vorbereitung">Vorbereitung</a></li>
- <li><a href="#webservice_basisinstallation_installation_tomcatconfig">Konfiguration von Apache Tomcat</a>
- <ol>
- <li><a href="#webservice_basisinstallation_installation_tomcatconfig_httpconn">Konfiguration des HTTP Connectors</a></li>
- <li><a href="#webservice_basisinstallation_installation_tomcatconfig_httpsconn">Konfiguration des HTTPS Connectors</a></li>
- </ol>
- </li>
+ <ol class="index">
+ <li>
+ <p><a href="#webservice">MOA-ID-Auth und MOA-ID-Configuration</a></p>
+ <ol>
+ <li><a href="#webservice_basisinstallation">Basisinstallation</a>
+ <ol>
+ <li><a href="#webservice_basisinstallation_einfuehrung">Einf&uuml;hrung</a></li>
+ <li><a href="#webservice_basisinstallation_installation">Installation</a>
+ <ol>
+ <li><a href="#webservice_basisinstallation_installation_vorbereitung">Vorbereitung</a></li>
+ <li><a href="#webservice_basisinstallation_installation_tomcatconfig">Konfiguration von Apache Tomcat</a>
+ <ol>
+ <li><a href="#webservice_basisinstallation_installation_tomcatconfig_httpconn">Konfiguration des HTTP Connectors</a></li>
+ <li><a href="#webservice_basisinstallation_installation_tomcatconfig_httpsconn">Konfiguration des HTTPS Connectors</a></li>
+ </ol>
+ </li>
<li><a href="#webservice_basisinstallation_installation_spssdeploy">Einsatz des Moduls MOA-ID-Auth in Tomcat</a></li>
- <li><a href="#moa_id_configuration_deploy">Einsatz des Moduls MOA-ID-Configuration in Tomcat</a></li>
- <li><a href="#webservice_basisinstallation_installation_tomcatstartstop">Starten und Stoppen von Tomcat</a>
- <ol>
- <li><a href="#webservice_basisinstallation_installation_tomcatstartstop_windows">Unter Windows</a></li>
- <li><a href="#webservice_basisinstallation_installation_tomcatstartstop_unix">Unter Unix</a></li>
- <li><a href="#webservice_basisinstallation_installation_tomcatstartstop_verify">Pr&uuml;fen des erfolgreichen Starts</a> </li>
- </ol>
- </li>
- <li><a href="#webservice_basisinstallation_installation_changeonthefly">&Auml;nderung der Konfiguration im laufenden Betrieb</a></li>
- </ol>
- </li>
- <li><a href="#webservice_basisinstallation_logging">Logging</a>
- <ol>
- <li><a href="#webservice_basisinstallation_logging_format">Format der Log-Meldungen</a></li>
- <li><a href="#webservice_basisinstallation_logging_messages">Wichtige Log-Meldungen</a></li>
- </ol>
- </li>
- </ol>
- </li>
- <li><a href="#webservice_erweiterungsmoeglichkeiten">Erweiterungsm&ouml;glichkeiten</a> <ol>
- <li><a href="#webservice_erweiterungsmoeglichkeiten_webserver">Vorgeschalteter Webserver</a> <ol>
- <li><a href="#webservice_erweiterungsmoeglichkeiten_webserver_iis">Microsoft Internet Information Server (MS IIS)</a> <ol>
- <li><a href="#webservice_erweiterungsmoeglichkeiten_webserver_iis_jk">Konfiguration von <span class="term"> mod_jk</span> im MS IIS</a></li>
- <li><a href="#webservice_erweiterungsmoeglichkeiten_webserver_iis_tomcat">Konfiguration von Tomcat</a></li>
- <li><a href="#webservice_erweiterungsmoeglichkeiten_webserver_iis_ssl">Konfiguration von SSL</a></li>
- </ol>
- </li>
- <li><a href="#webservice_erweiterungsmoeglichkeiten_webserver_apache">Apache</a> <ol>
- <li><a href="#webservice_erweiterungsmoeglichkeiten_webserver_apache_jk">Konfiguration von <span class="term"> mod_jk</span> im Apache </a></li>
- <li><a href="#webservice_erweiterungsmoeglichkeiten_webserver_apache_tomcat">Konfiguration von Tomcat</a></li>
- <li><a href="#webservice_erweiterungsmoeglichkeiten_webserver_apache_ssl">Konfiguration von SSL mit <span class="term">mod_SSL</span></a></li>
- </ol>
- </li>
+ <li><a href="#moa_id_configuration_deploy">Einsatz des Moduls MOA-ID-Configuration in Tomcat</a></li>
+ <li><a href="#webservice_basisinstallation_installation_tomcatstartstop">Starten und Stoppen von Tomcat</a>
+ <ol>
+ <li><a href="#webservice_basisinstallation_installation_tomcatstartstop_windows">Unter Windows</a></li>
+ <li><a href="#webservice_basisinstallation_installation_tomcatstartstop_unix">Unter Unix</a></li>
+ <li><a href="#webservice_basisinstallation_installation_tomcatstartstop_verify">Pr&uuml;fen des erfolgreichen Starts</a> </li>
+ </ol>
+ </li>
+ <li><a href="#webservice_basisinstallation_installation_changeonthefly">&Auml;nderung der Konfiguration im laufenden Betrieb</a></li>
+ </ol>
+ </li>
+ <li><a href="#webservice_basisinstallation_logging">Logging</a>
+ <ol>
+ <li><a href="#webservice_basisinstallation_logging_format">Format der Log-Meldungen</a></li>
+ <li><a href="#webservice_basisinstallation_logging_messages">Wichtige Log-Meldungen</a></li>
+ </ol>
+ </li>
+ </ol>
+ </li>
+ <li><a href="#webservice_erweiterungsmoeglichkeiten">Erweiterungsm&ouml;glichkeiten</a> <ol>
+ <li><a href="#webservice_erweiterungsmoeglichkeiten_webserver">Vorgeschalteter Webserver</a> <ol>
+ <li><a href="#webservice_erweiterungsmoeglichkeiten_webserver_iis">Microsoft Internet Information Server (MS IIS)</a> <ol>
+ <li><a href="#webservice_erweiterungsmoeglichkeiten_webserver_iis_jk">Konfiguration von <span class="term"> mod_jk</span> im MS IIS</a></li>
+ <li><a href="#webservice_erweiterungsmoeglichkeiten_webserver_iis_tomcat">Konfiguration von Tomcat</a></li>
+ <li><a href="#webservice_erweiterungsmoeglichkeiten_webserver_iis_ssl">Konfiguration von SSL</a></li>
+ </ol>
+ </li>
+ <li><a href="#webservice_erweiterungsmoeglichkeiten_webserver_apache">Apache</a> <ol>
+ <li><a href="#webservice_erweiterungsmoeglichkeiten_webserver_apache_jk">Konfiguration von <span class="term"> mod_jk</span> im Apache </a></li>
+ <li><a href="#webservice_erweiterungsmoeglichkeiten_webserver_apache_tomcat">Konfiguration von Tomcat</a></li>
+ <li><a href="#webservice_erweiterungsmoeglichkeiten_webserver_apache_ssl">Konfiguration von SSL mit <span class="term">mod_SSL</span></a></li>
+ </ol>
+ </li>
</ol>
</li>
</ol>
</li>
- </ol>
+ </ol>
</ol>
- <ol type="A" class="index">
+ <ol type="A" class="index">
<li><a href="#referenzierte_software">Referenzierte Software</a></li>
</ol>
<h2><a name="uebersicht" id="uebersicht"></a>1 &Uuml;bersicht</h2>
@@ -95,7 +95,7 @@
<li><a href="#referenziertesoftware">Java SE Update SE 7 (neuestes Update) bzw. Java SE 8 (neuestes Update)</a><a href="#referenziertesoftware"></a></li>
<li><a href="#referenziertesoftware">Apache Tomcat 7 (neuestes Update) bzw. Apache Tomcat 8</a><a href="#referenziertesoftware"> (neuestes Update)</a></li>
</ul>
- <p>In diesem Betriebs-Szenario wird das MOA-ID-Auth Webservice und das MOA-ID Konfigurationstool in Tomcat zum Einsatz gebracht. Beide Module k&ouml;nnen sowohl in derselben Tomcat-Instanz, als auch in separaten Tomcat-Instanzen betrieben werden. F&uuml;r den Fall des separaten Betriebs muss die Installation auf beiden Tomcat-Instanzen ausgef&uuml;hrt werden. In beiden F&auml;llen fungiert der Tomcat gleichzeitig als HTTP- und HTTPS-Endpunkt f&uuml;r beide Module. Beide Protokolle werden direkt in Tomcat konfiguriert, wobei MOA-ID-Auth und MOA-ID-Configuration Log4j als Logging Toolkit verwenden.</p>
+ <p>In diesem Betriebs-Szenario wird das MOA-ID-Auth Webservice und das MOA-ID Konfigurationstool in Tomcat zum Einsatz gebracht. Beide Module k&ouml;nnen sowohl in derselben Tomcat-Instanz, als auch in separaten Tomcat-Instanzen betrieben werden. F&uuml;r den Fall des separaten Betriebs muss die Installation auf beiden Tomcat-Instanzen ausgef&uuml;hrt werden. In beiden F&auml;llen fungiert der Tomcat gleichzeitig als HTTP- und HTTPS-Endpunkt f&uuml;r beide Module. Beide Protokolle werden direkt in Tomcat konfiguriert, wobei MOA-ID-Auth und MOA-ID-Configuration LogBack als Logging Toolkit verwenden.</p>
<h4><a name="webservice_basisinstallation_installation" id="webservice_basisinstallation_installation"></a>2.1.2 Installation</h4>
<h5><a name="webservice_basisinstallation_installation_vorbereitung" id="webservice_basisinstallation_installation_vorbereitung"></a>2.1.2.1 Vorbereitung</h5>
<p>Die folgenden Schritte dienen der Vorbereitung der Installation.</p>
@@ -108,9 +108,9 @@
<dd> Entpacken Sie die Datei <code>moa-id-auth-3.0.0.zip</code> in ein beliebiges Verzeichnis. Dieses Verzeichnis wird im weiteren Verlauf als <code>$MOA_ID_AUTH_INST</code> bezeichnet. </dd>
<dt>Installation der Kryptographiebibliotheken von SIC/IAIK</dt>
<dd>
- <p>Kopieren Sie alle Dateien aus dem Verzeichnis <code>$MOA_ID_AUTH_INST/ext</code> in das Verzeichnis <code>$JAVA_HOME/jre/lib/ext</code>. Zus&auml;tzlich m&uuml;ssen Sie die Rechtedateien Ihrer Java SE austauschen. Laden Sie dazu die passenden <span class="term">Unlimited Strength
-
-
+ <p>Kopieren Sie alle Dateien aus dem Verzeichnis <code>$MOA_ID_AUTH_INST/ext</code> in das Verzeichnis <code>$JAVA_HOME/jre/lib/ext</code>. Zus&auml;tzlich m&uuml;ssen Sie die Rechtedateien Ihrer Java SE austauschen. Laden Sie dazu die passenden <span class="term">Unlimited Strength
+
+
Jurisdiction Policy Files</span> von der <a href="http://java.com/download" target="_blank">Java SE Downloadseite </a>und achten Sie darauf die f&uuml;r ihre verwendete Java SE Installation richtige Version zu nehmen. Anschlie&szlig;end folgen Sie der darin enthaltenen Installationsanweisung. </p>
</dd>
<dt>Installation einer Datenbank</dt>
@@ -142,8 +142,7 @@
<li id="klein"><code>moa.id.configuration</code>: Pfad und Name der Basiskonfigurationsdatei f&uuml;r MOA-ID-Auth. Eine beispielhafte Konfigurationsdatei finden Sie <a href="../../../deploy/conf/moa-id/moa-id.properties">hier</a>. Wird ein relativer Pfad angegeben, wird dieser relativ zum Startverzeichnis der <span class="term">Java Virtual Machine</span> interpretiert.</li>
<li><code>moa.spss.server.configuration</code>: Pfad und Name der zentralen Konfigurationsdatei f&uuml;r MOA SP/SS. Eine beispielhafte Konfigurationsdatei finden Sie <a href="../../../conf/moa-spss/SampleMOASPSSConfiguration.xml">hier</a>. Wird ein relativer Pfad angegeben, wird dieser relativ zum Startverzeichnis der <span class="term">Java Virtual Machine</span> interpretiert. Ist diese <span class="term">System Property</span> nicht gesetzt, wird automatisch eine im Webarchiv unter <code>WEB-INF/conf</code> enthaltene Default-Konfiguration herangezogen.</li>
<li><code>eu.stork.samlengine.config.location</code>: Pfad auf den Ordner mit den zentralen Konfigurationsdateien f&uuml;r STORK. Die Beispielkonfiguration f&uuml;r das Modul MOA-ID-Auth enth&auml;lt bereits den<a href="../../../conf/moa-id/stork/"> Ordner f&uuml;r die STORK Konfiguration</a>. </li>
- <li id="klein"><code>log4j.configuration</code>: URL der Log4j Konfigurationsdatei. Eine beispielhafte Log4j-Konfiguration finden Sie <a href="../../../conf/moa-id/log4j.properties">hier</a>. Wird eine relative URL angegeben, wird diese als File-URL relativ zum Startverzeichnis der <span class="term">Java Virtual Machine</span> interpretiert. Ist diese <span class="term">System Property</span> nicht gesetzt, wird automatisch eine im Webarchiv unter <code>WEB-INF/classes</code> enthaltene Default-Konfiguration herangezogen.</li>
- <li><code>-Dlogback.configurationFile</code>: URL der LogBack Konfigurationsdatei. Eine beispielhafte LobBack-Konfiguration finden Sie <a href="../../../conf/moa-id/logback_config.xml">hier</a>. Wird eine relative URL angegeben, wird diese als File-URL relativ zum Startverzeichnis der <span class="term">Java Virtual Machine</span> interpretiert. Ist diese <span class="term">System Property</span> nicht gesetzt, wird automatisch eine im Webarchiv unter <code>WEB-INF/classes</code> enthaltene Default-Konfiguration herangezogen. &Uuml;berdies besteht die M&ouml;glichkeit eine bestehende Log44 Konfigurationsdatei in der LogBack Format zu &uuml;berf&uuml;hren (<a href="http://logback.qos.ch/translator/">http://logback.qos.ch/translator/</a>). </li>
+ <li><code>-Dlogback.configurationFile</code>: URL der LogBack Konfigurationsdatei. Eine beispielhafte LobBack-Konfiguration finden Sie <a href="../../../conf/moa-id/logback.xml">hier</a>. Wird eine relative URL angegeben, wird diese als File-URL relativ zum Startverzeichnis der <span class="term">Java Virtual Machine</span> interpretiert. Ist diese <span class="term">System Property</span> nicht gesetzt, wird automatisch eine im Webarchiv unter <code>WEB-INF/classes</code> enthaltene Default-Konfiguration herangezogen. &Uuml;berdies besteht die M&ouml;glichkeit eine bestehende Log44 Konfigurationsdatei in der LogBack Format zu &uuml;berf&uuml;hren (<a href="http://logback.qos.ch/translator/">http://logback.qos.ch/translator/</a>). </li>
<li id="klein"><code>javax.net.ssl.trustStore</code>: Pfad und Dateiname des <span class="term">Truststores</span> f&uuml;r vertrauensw&uuml;rdige SSL Zertifikate. Die SSL Serverzertifikate der Server von denen mittels https Dateien bezogen werden m&uuml;ssen im Truststore abgelegt werden. Ein relativer Pfad werden relativ zum Startverzeichnis der <span class="term">Java Virtual Machine</span> interpretiert.</li>
<li id="klein"><code>javax.net.ssl.trustStorePassword</code>: Passwort f&uuml;r den <span class="term">Truststore</span> (optional; nur, wenn SSL Client-Authentisierung durchgef&uuml;hrt werden soll). </li>
<li id="klein"><code>javax.net.ssl.trustStoreType</code>: Truststore-Typ (optional; nur, wenn SSL Client-Authentisierung durchgef&uuml;hrt werden soll). Je nach verwendetem Keystore-Typ muss <code>jks</code> (<span class="term">Java Key Store</span>) oder <code>pkcs12</code> (PKCS#12-Datei) angegeben werden.</li>
@@ -162,8 +161,7 @@
<ul>
<li><code>moa.id.webconfig</code>: Pfad und Name der Basiskonfigurationsdatei f&uuml;r MOA-ID-Configuration. Eine beispielhafte Konfigurationsdatei finden Sie <a href="../../../conf/moa-id-configuration/moa-id-configtool.properties">hier</a>. Wird ein relativer Pfad angegeben, wird dieser relativ zum Startverzeichnis der <span class="term">Java Virtual Machine</span> interpretiert.</li>
<li><code>user.properties</code>: Pfad und Name der Basiskonfigurationsdatei f&uuml;r das Usermanagement der Konfigurationsoberfl&auml;che. Eine beispielhafte Konfigurationsdatei finden Sie <a href="../../../conf/moa-id-configuration/userdatabase.properties">hier</a>. Wird ein relativer Pfad angegeben, wird dieser relativ zum Startverzeichnis der <span class="term">Java Virtual Machine</span> interpretiert.</li>
- <li><code>log4j.configuration</code>: URL der Log4j Konfigurationsdatei. Eine beispielhafte Log4j-Konfiguration finden Sie <a href="../../../conf/moa-id/log4j.properties">hier</a>. Wird eine relative URL angegeben, wird diese als File-URL relativ zum Startverzeichnis der <span class="term">Java Virtual Machine</span> interpretiert. Ist diese <span class="term">System Property</span> nicht gesetzt, wird automatisch eine im Webarchiv unter <code>WEB-INF/classes</code> enthaltene Default-Konfiguration herangezogen.</li>
- <li><code>logback.configurationFile</code>: URL der LogBack Konfigurationsdatei. Eine beispielhafte LobBack-Konfiguration finden Sie <a href="../../../conf/moa-id/logback_config.xml">hier</a>. Wird eine relative URL angegeben, wird diese als File-URL relativ zum Startverzeichnis der <span class="term">Java Virtual Machine</span> interpretiert. Ist diese <span class="term">System Property</span> nicht gesetzt, wird automatisch eine im Webarchiv unter <code>WEB-INF/classes</code> enthaltene Default-Konfiguration herangezogen. &Uuml;berdies besteht die M&ouml;glichkeit eine bestehende Log44 Konfigurationsdatei in der LogBack Format zu &uuml;berf&uuml;hren (<a href="http://logback.qos.ch/translator/">http://logback.qos.ch/translator/</a>).</li>
+ <li><code>logback.configurationFile</code>: URL der LogBack Konfigurationsdatei. Eine beispielhafte LobBack-Konfiguration finden Sie <a href="../../../conf/moa-id/logback.xml">hier</a>. Wird eine relative URL angegeben, wird diese als File-URL relativ zum Startverzeichnis der <span class="term">Java Virtual Machine</span> interpretiert. Ist diese <span class="term">System Property</span> nicht gesetzt, wird automatisch eine im Webarchiv unter <code>WEB-INF/classes</code> enthaltene Default-Konfiguration herangezogen. &Uuml;berdies besteht die M&ouml;glichkeit eine bestehende Log44 Konfigurationsdatei in der LogBack Format zu &uuml;berf&uuml;hren (<a href="http://logback.qos.ch/translator/">http://logback.qos.ch/translator/</a>).</li>
<li><code>javax.net.ssl.trustStore</code>: Pfad und Dateiname des <span class="term">Truststores</span> f&uuml;r vertrauensw&uuml;rdige SSL Zertifikate Die SSL Serverzertifikate der Server von denen mittels https Dateien bezogen werden m&uuml;ssen im Truststore abgelegt werden. Ein relativer Pfad werden relativ zum Startverzeichnis der <span class="term">Java Virtual Machine</span> interpretiert.</li>
<li><code>javax.net.ssl.trustStorePassword</code>: Passwort f&uuml;r den <span class="term">Truststore</span> (optional; nur, wenn SSL Client-Authentisierung durchgef&uuml;hrt werden soll). </li>
<li><code>javax.net.ssl.trustStoreType</code>: Truststore-Typ (optional; nur, wenn SSL Client-Authentisierung durchgef&uuml;hrt werden soll). Je nach verwendetem Keystore-Typ muss <code>jks</code> (<span class="term">Java Key Store</span>) oder <code>pkcs12</code> (PKCS#12-Datei) angegeben werden.</li>
@@ -187,7 +185,7 @@ gestartet werden. Das Stoppen von Tomcat erfolgt analog mit
<p>Ein erfolgreicher Start des MOA-ID-Auth Modules ist an folgender Log-Meldung ersichtlich: <br>
</p>
</div>
-<pre>32131 [localhost-startStop-1] INFO moa.id.auth - MOA ID Authentisierung wurde erfolgreich gestartet
+<pre>32131 [localhost-startStop-1] INFO moa.id.auth - MOA ID Authentisierung wurde erfolgreich gestartet
32131 [localhost-startStop-1] INFO moa.id.auth - Dispatcher Servlet initialization finished.</pre>
<p>Analog bei MOA-ID-Configuration</p>
<pre>INFO | 21 10:16:22 | localhost-startStop-1 | Loading config module: MOAIDConfigurationModul</pre>
@@ -203,7 +201,7 @@ https://&lt;host&gt;:&lt;port&gt;/moa-id-auth/
https://&lt;host&gt;:&lt;port&gt;/egiz-configuration-webapp/</pre>
<p>Die Verf&uuml;gbarkeit des Services k&ouml;nnen Sie einfach &uuml;berpr&uuml;fen, indem Sie die Endpunkte mit einem Web-Browser aufgerufen; dies sollte nach erfolgreichem Start zur Anzeige einer Informationsseite f&uuml;hren. </p>
<h5><a name="webservice_basisinstallation_logging" id="webservice_basisinstallation_logging"></a>2.1.3 Logging </h5>
-<p>Beide Module verwenden <a href="#referenziertesoftware">Log4j</a> f&uuml;r die Ausgabe von Log-Meldungen am Bildschirm bzw. in Log-Dateien. Log4j bietet zahlreiche Konfigurationsm&ouml;glichkeiten, die ausf&uuml;hrlich im Log4j Handbuch beschrieben sind. Unter anderem gibt es die M&ouml;glichkeit, folgende Einstellungen vorzunehmen:
+<p>Beide Module verwenden <a href="#referenziertesoftware">LobBack</a> f&uuml;r die Ausgabe von Log-Meldungen am Bildschirm bzw. in Log-Dateien. LogBack bietet zahlreiche Konfigurationsm&ouml;glichkeiten, die ausf&uuml;hrlich im LogBack Handbuch beschrieben sind. Unter anderem gibt es die M&ouml;glichkeit, folgende Einstellungen vorzunehmen:
<ul>
<li id="klein">
<p>Das verwendete Log-Level (<code>DEBUG</code>, <code>INFO</code>, <code>WARN</code>, <code>ERROR</code>, <code>FATAL</code>);</p>
@@ -229,16 +227,16 @@ https://&lt;host&gt;:&lt;port&gt;/egiz-configuration-webapp/</pre>
</li>
<li>
<p><code>at.gv.egiz.eventlog.plain.all</code> f&uuml;r alle Log-Meldungen aus dem MOA-ID EventLog zur Revisionssicherung</p>
- </li>
+ </li>
<li>
<p><code>iaik.server</code> f&uuml;r alle Log-Meldungen aus den SIC/IAIK Kryptographie-Modulen. </p>
</li>
</ul>
-<p>Eine f&uuml;r beide Module passende Konfigurationsdatei f&uuml;r Log4j finden Sie <a href="../../../conf/moa-spss/log4j.properties">hier</a>. Wird diese Datei als Logging-Konfiguration verwendet, so werden alle Log-Meldungen sowohl in die Konsole, als auch in die Dateien <code>moa-id-auth.log</code> und <code>moa-id-configuration.log</code> geschrieben. </p>
+<p>Wird diese Datei als Logging-Konfiguration verwendet, so werden alle Log-Meldungen sowohl in die Konsole, als auch in die Dateien <code>moa-id-auth.log</code> und <code>moa-id-configuration.log</code> geschrieben. </p>
<h5><a name="webservice_basisinstallation_logging_format" id="webservice_basisinstallation_logging_format"></a>2.1.3.1 Format der Log-Meldungen</h5>
- <p> Anhand einer konkreten Log-Meldung wird das Format der MOA SP/SS Log-Meldungen erl&auml;utert: </p>
+ <p> Anhand einer konkreten Log-Meldung wird das Format der MOA-ID-Meldungen erl&auml;utert: </p>
<pre>
- INFO | 2017-09-18 10:29:22,904 | SID-7947921060553739539 | TID-4708232418268334030 | https://sso.demosp.at/handysignatur
+ INFO | 2017-09-18 10:29:22,904 | SID-7947921060553739539 | TID-4708232418268334030 | https://sso.demosp.at/handysignatur
| ajp-nio-28109-exec-7 | No SSO Session cookie found
</pre>
<p> Der Wert <code>INFO</code> besagt, dass die Log-Meldung im Log-Level <code>INFO</code> entstanden ist. Folgende Log-Levels existieren:</p>
@@ -260,19 +258,19 @@ https://&lt;host&gt;:&lt;port&gt;/egiz-configuration-webapp/</pre>
</li>
</ul>
<p>Der n&auml;chste Wert <code>01 21:25:26,540</code> gibt den Zeitpunkt an, zu dem die Log-Meldung generiert wurde (in diesem Fall den 1. Tag im aktuellen Monat, sowie die genaue Uhrzeit). </p>
- <p>Der Wert <code>SID-7947921060553739539</code> bezeichnet die SessionID, welche diesem Request zugeordnet wurde. Eine SessionID ist innerhalb einer SSO auch &uuml;ber mehrere Authentifizierungsrequests eindeutig. Das Loggen der SessionID kann mittels <code>%X{sessionId}</code> in der log4j Konfiguration gesetzt werden</p>
- <p>Der Wert <code>TID-4708232418268334030</code> bezeichnet die TransactionsID, welche diesem Request zugeordnet wurde. Eine TransactionsID ist innerhalb eines Authentifizierungsrequests eindeutig. Das Loggen der TransactionsID kann mittels <code>%X{transactionId}</code> in der log4j Konfiguration gesetzt werden</p>
- <p>Der Wert <code>https://sso.demosp.at/handysignatur</code> bezeichnet die Online Applikation (eindeutiger Identifier dieses Service Providers) f&uuml;r welchen dieser Authentifizierungsrequest durchgef&uuml;hrt wird. Das Loggen des OA Identifiers kann mittels <code>%X{oaId}</code> in der log4j Konfiguration gesetzt werden</p>
+ <p>Der Wert <code>SID-7947921060553739539</code> bezeichnet die SessionID, welche diesem Request zugeordnet wurde. Eine SessionID ist innerhalb einer SSO auch &uuml;ber mehrere Authentifizierungsrequests eindeutig. Das Loggen der SessionID kann mittels <code>%X{sessionId}</code> in der LogBack Konfiguration gesetzt werden</p>
+ <p>Der Wert <code>TID-4708232418268334030</code> bezeichnet die TransactionsID, welche diesem Request zugeordnet wurde. Eine TransactionsID ist innerhalb eines Authentifizierungsrequests eindeutig. Das Loggen der TransactionsID kann mittels <code>%X{transactionId}</code> in der LogBack Konfiguration gesetzt werden</p>
+ <p>Der Wert <code>https://sso.demosp.at/handysignatur</code> bezeichnet die Online Applikation (eindeutiger Identifier dieses Service Providers) f&uuml;r welchen dieser Authentifizierungsrequest durchgef&uuml;hrt wird. Das Loggen des OA Identifiers kann mittels <code>%X{oaId}</code> in der LogBack Konfiguration gesetzt werden</p>
<p>Der Wert <code>ajp-nio-28109-exec-7</code> bezeichnet den Thread, von dem die Anfrage bearbeitet wird.</p>
<p> Der Rest der Zeile einer Log-Meldung ist der eigentliche Text, mit dem das System bestimmte Informationen anzeigt. Im Fehlerfall ist h&auml;ufig ein Java Stack-Trace angef&uuml;gt, der eine genauere Ursachen-Forschung erm&ouml;glicht.</p>
<h5> <a name="webservice_basisinstallation_logging_messages" id="webservice_basisinstallation_logging_messages"></a>2.1.3.2 Wichtige Log-Meldungen</h5>
<p> Neben den im Abschnitt <a href="#webservice_basisinstallation_installation_tomcatstartstop_verify">2.1.2.4.3</a> beschriebenen Log-Meldungen, die anzeigen, ob das Service ordnungsgem&auml;&szlig; gestartet wurde, geben nachfolgenden Log-Meldungen Aufschluss &uuml;ber die Abarbeitung von Anfragen. </p>
<p>Die Entgegennahme einer Anfrage wird angezeigt durch:
-
+
</p>
<pre>125690 [ajp-bio-129.27.142.119-38609-exec-1] INFO moa.id.auth - REQUEST: /moa-id-auth/dispatcher
125690 [ajp-bio-129.27.142.119-38609-exec-1] INFO moa.id.auth - QUERY : mod=id_pvp2x&amp;action=Post&amp;</pre>
-<p>Ein Fehler beim Abarbeiten der Anfrage wird angezeigt durch:
+<p>Ein Fehler beim Abarbeiten der Anfrage wird angezeigt durch:
<pre>2435298 [ajp-bio-129.27.142.119-38609-exec-10] ERROR moa.id.auth - Failed to generate a valid protocol request!</pre>
<div id="block">
<p>In diesem Fall gibt der mitgeloggte Stacktrace Auskunft &uuml;ber die Art des Fehlers.</p>
@@ -319,7 +317,7 @@ https://&lt;host&gt;:&lt;port&gt;/egiz-configuration-webapp/</pre>
<td>Java Standard Edition (Software Development Kit bzw. Java Runtime Environment) </td>
</tr>
<tr>
- <td><a href="http://logging.apache.org/log4j/1.2/" target="_blank"> Log4J </a></td>
+ <td><a href="http://logback.qos.ch/" target="_blank"> LogBack </a></td>
<td>Logging Framework </td>
</tr>
</table>
diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml
index 28d0b3f68..995d15476 100644
--- a/id/server/idserverlib/pom.xml
+++ b/id/server/idserverlib/pom.xml
@@ -4,7 +4,7 @@
<parent>
<groupId>MOA.id</groupId>
<artifactId>moa-id</artifactId>
- <version>4.1.5</version>
+ <version>4.2.0</version>
</parent>
<groupId>MOA.id.server</groupId>
@@ -228,6 +228,10 @@
<artifactId>junit</artifactId>
<scope>test</scope>
</dependency>
+ <dependency>
+ <groupId>commons-beanutils</groupId>
+ <artifactId>commons-beanutils</artifactId>
+ </dependency>
<!-- <dependency>
<groupId>MOA</groupId>
@@ -287,6 +291,10 @@
<artifactId>bcprov-jdk15on</artifactId>
<groupId>org.bouncycastle</groupId>
</exclusion>
+ <exclusion>
+ <groupId>log4j</groupId>
+ <artifactId>log4j</artifactId>
+ </exclusion>
</exclusions>
</dependency>
<dependency>
@@ -321,7 +329,17 @@
<type>test-jar</type>
<classifier>tests</classifier>
<version>1.0.0</version>
- <scope>test</scope>
+ <scope>test</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>log4j</groupId>
+ <artifactId>log4j</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-log4j12</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<!-- <dependency>
<groupId>org.opensaml</groupId>
@@ -495,13 +513,13 @@
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-pool2</artifactId>
- <version>2.9.0</version>
+ <version>2.11.1</version>
</dependency>
<dependency>
<groupId>redis.clients</groupId>
<artifactId>jedis</artifactId>
<!-- version>3.0.1</version -->
- <version>3.3.0</version>
+ <version>3.7.1</version>
</dependency>
<!-- <dependency>
@@ -694,8 +712,8 @@
<artifactId>maven-compiler-plugin</artifactId>
<version>3.6.1</version>
<configuration>
- <source>1.7</source>
- <target>1.7</target>
+ <source>1.8</source>
+ <target>1.8</target>
<encoding>UTF-8</encoding>
</configuration>
</plugin>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
index b0f452861..baf4349e8 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
@@ -77,10 +77,10 @@ public class MOAIDAuthInitializer {
System.setProperty(
"https.cipherSuites",
//high secure RSA bases ciphers
- ",TLS_DHE_RSA_WITH_AES_256_GCM_SHA384" +
- ",TLS_DHE_RSA_WITH_AES_128_GCM_SHA256" +
- ",TLS_DHE_RSA_WITH_AES_256_CBC_SHA256" +
- ",TLS_DHE_RSA_WITH_AES_128_CBC_SHA256" +
+ "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384" +
+ ",TLS_DHE_RSA_WITH_AES_128_GCM_SHA256" +
+ ",TLS_DHE_RSA_WITH_AES_256_CBC_SHA256" +
+ ",TLS_DHE_RSA_WITH_AES_128_CBC_SHA256" +
//high secure ECC bases ciphers
",TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384" +
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/AbstractEncrytionUtil.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/AbstractEncrytionUtil.java
index 8fdf1eab8..1bf240589 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/AbstractEncrytionUtil.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/AbstractEncrytionUtil.java
@@ -33,7 +33,6 @@ import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.GCMParameterSpec;
-import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
@@ -114,27 +113,18 @@ public abstract class AbstractEncrytionUtil {
}
}
- public EncryptedData encrypt(byte[] data) throws BuildException {
- Cipher cipher;
-
+ public EncryptedData encrypt(byte[] data) throws BuildException {
if (secret != null) {
- try {
- final byte[] nonce = Random.nextBytes(GCM_NONCE_LENGTH);
-
-// final byte[] nonce = new byte[GCM_NONCE_LENGTH];
-// SecureRandom.getInstanceStrong().nextBytes(nonce);
-
- GCMParameterSpec spec = new GCMParameterSpec(GCM_TAG_LENGTH * 8, nonce);
-
- cipher = Cipher.getInstance(CIPHER_MODE, "IAIK");
- cipher.init(Cipher.ENCRYPT_MODE, secret, spec);
-
- Logger.debug("Encrypt MOASession");
-
- byte[] encdata = cipher.doFinal(data);
- byte[] iv = cipher.getIV();
-
- return new EncryptedData(encdata, iv);
+ try {
+ final byte[] nonce = Random.nextBytes(GCM_NONCE_LENGTH);
+ final GCMParameterSpec spec = new GCMParameterSpec(GCM_TAG_LENGTH * 8, nonce);
+ final Cipher cipher = Cipher.getInstance(CIPHER_MODE);
+ cipher.init(Cipher.ENCRYPT_MODE, secret, spec);
+
+ final byte[] encdata = cipher.doFinal(data);
+ final byte[] iv = cipher.getIV();
+ Logger.trace("Encrypt MOASession");
+ return new EncryptedData(encdata, iv);
} catch (Exception e) {
Logger.warn("MOASession is not encrypted",e);
@@ -145,17 +135,14 @@ public abstract class AbstractEncrytionUtil {
}
public byte[] decrypt(EncryptedData data) throws BuildException {
- Cipher cipher;
if (secret != null) {
- try {
- IvParameterSpec iv = new IvParameterSpec(data.getIv());
-
- cipher = Cipher.getInstance(CIPHER_MODE, "IAIK");
- cipher.init(Cipher.DECRYPT_MODE, secret, iv);
-
- Logger.debug("Decrypt MOASession");
- return cipher.doFinal(data.getEncData());
+ try {
+ final Cipher cipher = Cipher.getInstance(CIPHER_MODE);
+ final GCMParameterSpec iv = new GCMParameterSpec(GCM_TAG_LENGTH * 8, data.getIv());
+ cipher.init(Cipher.DECRYPT_MODE, secret, iv);
+ Logger.trace("Decrypt MOASession");
+ return cipher.doFinal(data.getEncData());
} catch (Exception e) {
Logger.warn("MOASession is not decrypted",e);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java
index 498f8408b..d4a6ee786 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java
@@ -32,14 +32,15 @@ public class SessionEncrytionUtil extends AbstractEncrytionUtil {
private static String key = null;
public static SessionEncrytionUtil getInstance() {
- if (instance == null) {
+ if (instance == null) {
try {
key = AuthConfigurationProviderFactory.getInstance().getMOASessionEncryptionKey();
- instance = new SessionEncrytionUtil();
+ instance = new SessionEncrytionUtil();
} catch (Exception e) {
Logger.warn("MOASession encryption can not be inizialized.", e);
-
+ throw new RuntimeException("MOASession encryption can not be inizialized.", e);
+
}
}
return instance;
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/AuthenticationDataBuilderTest.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/AuthenticationDataBuilderTest.java
index 645cb601f..a3a717072 100644
--- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/AuthenticationDataBuilderTest.java
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/AuthenticationDataBuilderTest.java
@@ -1,9 +1,12 @@
package at.gv.egovernment.moa.id.config.auth.data;
+import static org.junit.Assert.assertEquals;
+
import java.io.ByteArrayInputStream;
import java.util.Arrays;
import java.util.List;
+import org.apache.commons.lang3.RandomStringUtils;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
@@ -13,6 +16,8 @@ import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import at.gv.egiz.eaaf.core.impl.data.Pair;
import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataBuilder;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
+
import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession;
import at.gv.egovernment.moa.id.data.IMOAAuthData;
@@ -153,6 +158,33 @@ public class AuthenticationDataBuilderTest {
}
+ @Test
+ public void genericDataTransfer() throws Exception {
+ TestRequestImpl pendingReq = new TestRequestImpl();
+ DummyOAConfig oaParam = new DummyOAConfig();
+ oaParam.setHasBaseIdTransferRestriction(false);
+ oaParam.setTarget("urn:publicid:gv.at:cdid+ZP-MH");
+ oaParam.setForeignbPKSectors(Arrays.asList("wbpk+FN+195738a"));
+ pendingReq.setSpConfig(oaParam);
+
+ final AuthenticationSessionWrapper session = pendingReq.getSessionData(
+ AuthenticationSessionWrapper.class);
+ session.setIdentityLink(new IdentityLinkAssertionParser(new ByteArrayInputStream(Base64Utils.decode(DUMMY_IDL_1, false))).parseIdentityLink());
+
+ // set random data to transfer
+ String key = RandomStringUtils.randomAlphabetic(5);
+ String value = RandomStringUtils.randomAlphabetic(5);
+ session.setGenericDataToSession(key, value);
+
+
+ // execute test
+ IMOAAuthData authData = (IMOAAuthData) authBuilder.buildAuthenticationData(pendingReq);
+
+
+ assertEquals("generic data-transfer failed", value, authData.getGenericData(key, String.class));
+
+ }
+
@Test
public void buildAuthDataWithIDLOnly_1() throws Exception {
@@ -166,7 +198,7 @@ public class AuthenticationDataBuilderTest {
IAuthenticationSession session = new DummyAuthSession();
session.setIdentityLink(new IdentityLinkAssertionParser(new ByteArrayInputStream(Base64Utils.decode(DUMMY_IDL_1, false))).parseIdentityLink());
pendingReq.setRawDataToTransaction(session.getKeyValueRepresentationFromAuthSession());
-
+
IMOAAuthData authData = (IMOAAuthData) authBuilder.buildAuthenticationData(pendingReq);
diff --git a/id/server/moa-id-commons/pom.xml b/id/server/moa-id-commons/pom.xml
index 545a9d953..1cb2db257 100644
--- a/id/server/moa-id-commons/pom.xml
+++ b/id/server/moa-id-commons/pom.xml
@@ -6,7 +6,7 @@
<parent>
<groupId>MOA.id</groupId>
<artifactId>moa-id</artifactId>
- <version>4.1.5</version>
+ <version>4.2.0</version>
</parent>
<artifactId>moa-id-commons</artifactId>
<name>moa-id-commons</name>
@@ -167,7 +167,6 @@
<dependency>
<groupId>joda-time</groupId>
<artifactId>joda-time</artifactId>
- <version>${jodatime.version}</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
@@ -182,14 +181,13 @@
<artifactId>jul-to-slf4j</artifactId>
</dependency>
<dependency>
- <groupId>org.slf4j</groupId>
- <artifactId>slf4j-log4j12</artifactId>
+ <groupId>org.apache.logging.log4j</groupId>
+ <artifactId>log4j-1.2-api</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.logging.log4j</groupId>
+ <artifactId>log4j-to-slf4j</artifactId>
</dependency>
- <!-- <dependency> <groupId>log4j</groupId> <artifactId>log4j</artifactId>
- </dependency> -->
- <!-- <dependency> <groupId>org.apache.logging.log4j</groupId> <artifactId>log4j-core</artifactId>
- </dependency> -->
-
<dependency>
<groupId>org.hibernate</groupId>
@@ -347,8 +345,8 @@
<artifactId>maven-compiler-plugin</artifactId>
<version>3.6.1</version>
<configuration>
- <source>1.7</source>
- <target>1.7</target>
+ <source>1.8</source>
+ <target>1.8</target>
<encoding>UTF-8</encoding>
</configuration>
</plugin>
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/MOAIDTrustManager.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/MOAIDTrustManager.java
index dd606ea18..4da6888a9 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/MOAIDTrustManager.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/MOAIDTrustManager.java
@@ -156,8 +156,8 @@ public class MOAIDTrustManager extends IAIKX509TrustManager {
certList.add(cert);
} catch (Exception e) {
- Logger.error("Can NOT initialize SSLTrustManager. Certificate: " + certFile.getPath()
- + " is not loadable, Reason: " + e.getMessage());
+ Logger.warn("Can NOT import Certificate: " + certFile.getPath()
+ + " into SSLTrustManager. Reason: " + e.getMessage());
if (Logger.isDebugEnabled()) {
try {
@@ -171,13 +171,13 @@ public class MOAIDTrustManager extends IAIKX509TrustManager {
}
}
- throw new SSLConfigurationException("config.28", new Object[]{certFile.getPath(), e.getMessage()}, e);
+ //throw new SSLConfigurationException("config.28", new Object[]{certFile.getPath(), e.getMessage()}, e);
} finally {
if (fis != null)
fis.close();
- }
+ }
}
// store acceptedServerCertificates
diff --git a/id/server/moa-id-frontend-resources/pom.xml b/id/server/moa-id-frontend-resources/pom.xml
index 85857cd59..b0dac8718 100644
--- a/id/server/moa-id-frontend-resources/pom.xml
+++ b/id/server/moa-id-frontend-resources/pom.xml
@@ -3,7 +3,7 @@
<parent>
<groupId>MOA.id</groupId>
<artifactId>moa-id</artifactId>
- <version>4.1.5</version>
+ <version>4.2.0</version>
</parent>
<groupId>MOA.id.server</groupId>
diff --git a/id/server/moa-id-jaxb_classes/pom.xml b/id/server/moa-id-jaxb_classes/pom.xml
index 427bab738..293ff0b77 100644
--- a/id/server/moa-id-jaxb_classes/pom.xml
+++ b/id/server/moa-id-jaxb_classes/pom.xml
@@ -3,7 +3,7 @@
<parent>
<groupId>MOA.id</groupId>
<artifactId>moa-id</artifactId>
- <version>4.1.5</version>
+ <version>4.2.0</version>
</parent>
<groupId>MOA.id.server</groupId>
<artifactId>moa-id-jaxb_classes</artifactId>
diff --git a/id/server/moa-id-spring-initializer/pom.xml b/id/server/moa-id-spring-initializer/pom.xml
index e4441dc95..fb638a2c6 100644
--- a/id/server/moa-id-spring-initializer/pom.xml
+++ b/id/server/moa-id-spring-initializer/pom.xml
@@ -3,7 +3,7 @@
<parent>
<groupId>MOA.id</groupId>
<artifactId>moa-id</artifactId>
- <version>4.1.5</version>
+ <version>4.2.0</version>
</parent>
<groupId>MOA.id.server</groupId>
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml b/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml
index b1dd44779..b5d99d53d 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml
@@ -3,7 +3,7 @@
<parent>
<groupId>MOA.id.server.modules</groupId>
<artifactId>moa-id-modules</artifactId>
- <version>4.1.5</version>
+ <version>4.2.0</version>
</parent>
<artifactId>moa-id-modul-citizencard_authentication</artifactId>
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
index b826597e9..8ae8c9a63 100644
--- a/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
@@ -5,7 +5,7 @@
<parent>
<groupId>MOA.id.server.modules</groupId>
<artifactId>moa-id-modules</artifactId>
- <version>4.1.5</version>
+ <version>4.2.0</version>
</parent>
<artifactId>moa-id-module-AT_eIDAS_connector</artifactId>
<name>moa-id-module-AT_eIDAS_connector</name>
diff --git a/id/server/modules/moa-id-module-E-ID_connector/pom.xml b/id/server/modules/moa-id-module-E-ID_connector/pom.xml
index 9764a8ee6..ac08879d3 100644
--- a/id/server/modules/moa-id-module-E-ID_connector/pom.xml
+++ b/id/server/modules/moa-id-module-E-ID_connector/pom.xml
@@ -5,7 +5,7 @@
<parent>
<groupId>MOA.id.server.modules</groupId>
<artifactId>moa-id-modules</artifactId>
- <version>4.1.5</version>
+ <version>4.2.0</version>
</parent>
<artifactId>moa-id-module-EID_connector</artifactId>
<name>moa-id-module-E-ID_connector</name>
@@ -50,7 +50,13 @@
<dependency>
<groupId>at.gv.egiz.eaaf</groupId>
<artifactId>eaaf_module_pvp2_core</artifactId>
- </dependency>
+ <exclusions>
+ <exclusion>
+ <groupId>log4j</groupId>
+ <artifactId>log4j</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
<dependency>
<groupId>at.gv.egiz.eaaf</groupId>
<artifactId>eaaf_module_pvp2_sp</artifactId>
diff --git a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml
index e3cc3cb52..a190c861a 100644
--- a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml
+++ b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml
@@ -3,7 +3,7 @@
<parent>
<groupId>MOA.id.server.modules</groupId>
<artifactId>moa-id-modules</artifactId>
- <version>4.1.5</version>
+ <version>4.2.0</version>
</parent>
<artifactId>moa-id-module-bkaMobilaAuthSAML2Test</artifactId>
<description>BKA MobileAuth Test for SAML2 applications</description>
@@ -12,12 +12,12 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
- <version>1.52</version>
+ <version>1.70</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk15on</artifactId>
- <version>1.52</version>
+ <version>1.70</version>
</dependency>
<!-- JSON JWT implementation -->
diff --git a/id/server/modules/moa-id-module-dummyAuth/pom.xml b/id/server/modules/moa-id-module-dummyAuth/pom.xml
new file mode 100644
index 000000000..7b7e2d77e
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/pom.xml
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>MOA.id.server.modules</groupId>
+ <artifactId>moa-id-modules</artifactId>
+ <version>4.2.0</version>
+ </parent>
+ <artifactId>moa-id-module-dummy-authenticatiuon</artifactId>
+ <version>${moa-id-dummy-auth.version}</version>
+ <description>Module for dummy authentication in MOA-ID</description>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-test</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>at.gv.egiz.eaaf</groupId>
+ <artifactId>eaaf_core_utils</artifactId>
+ <scope>test</scope>
+ <type>test-jar</type>
+ </dependency>
+ <dependency>
+ <groupId>at.gv.egiz.eaaf</groupId>
+ <artifactId>eaaf-core</artifactId>
+ <scope>test</scope>
+ <type>test-jar</type>
+ </dependency>
+ </dependencies>
+
+
+
+</project>
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/ConfigurationProperties.java b/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/ConfigurationProperties.java
new file mode 100644
index 000000000..b42e5b0f7
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/ConfigurationProperties.java
@@ -0,0 +1,58 @@
+/*
+ * Copyright 2021 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.auth.modules.auth.dummy;
+
+import java.util.Collection;
+import java.util.Set;
+
+import com.google.common.collect.Sets;
+
+import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions;
+
+public class ConfigurationProperties {
+
+ // configuration properties
+ private static final String MODULE_PREFIX = "modules.dummyauth.";
+
+ public static final String PROP_MODULE_ENABLED = MODULE_PREFIX + "enabled";
+ public static final String PROP_MODULE_SP_PREFIX = MODULE_PREFIX + "sp";
+ public static final String PROP_MODULE_IDENTITY_STORE_PATH = MODULE_PREFIX + "identity.store.path";
+
+ // http parameter
+ public static final String HTTP_PARAM_START_DUMMY_AUTH = "dummyauth";
+
+ // configuration filetype
+ public static final String ALLOWED_FILE_TYPE = "json";
+
+
+ //minimum required attributes
+ public static final Collection<String> MINIMUM_REQ_ATTRIBUTES = Sets.newHashSet(
+ PVPAttributeDefinitions.BIRTHDATE_NAME,
+ PVPAttributeDefinitions.GIVEN_NAME_NAME,
+ PVPAttributeDefinitions.PRINCIPAL_NAME_NAME,
+ PVPAttributeDefinitions.BPK_NAME);
+
+ private ConfigurationProperties() {
+ // hide constructor or static class
+ }
+}
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/DummyIdentityAuthModule.java b/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/DummyIdentityAuthModule.java
new file mode 100644
index 000000000..e2f550736
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/DummyIdentityAuthModule.java
@@ -0,0 +1,152 @@
+/*
+ * Copyright 2021 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.auth.modules.auth.dummy;
+
+import java.io.Serializable;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.stream.Collectors;
+
+import javax.annotation.PostConstruct;
+
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
+import at.gv.egiz.eaaf.core.api.idp.auth.IAuthenticationManager;
+import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egovernment.moa.logging.Logger;
+
+/**
+ * @author tlenz
+ *
+ */
+public class DummyIdentityAuthModule implements AuthModule {
+
+ private int priority = 2;
+
+ @Autowired(required = true)
+ protected IConfigurationWithSP authConfig;
+ @Autowired(required = true)
+ private IAuthenticationManager authManager;
+
+ private Collection<String> uniqueIDsDummyAuthEnabled;
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getPriority()
+ */
+ @Override
+ public int getPriority() {
+ return priority;
+ }
+
+ /**
+ * Sets the priority of this module. Default value is {@code 0}.
+ *
+ * @param priority The priority.
+ */
+ public void setPriority(int priority) {
+ this.priority = priority;
+ }
+
+ @PostConstruct
+ private void initialDummyAuthWhiteList() {
+ if (authConfig.getBasicConfigurationBoolean(ConfigurationProperties.PROP_MODULE_ENABLED, false)) {
+ Logger.info("AuthModule for 'dummy-identities' is enabled");
+
+ // load allowed service-provider Id's
+ uniqueIDsDummyAuthEnabled = authConfig.getBasicConfigurationWithPrefix(
+ ConfigurationProperties.PROP_MODULE_SP_PREFIX).values().stream()
+ .filter(el -> StringUtils.isNotEmpty(el))
+ .collect(Collectors.toSet());
+
+ if (!uniqueIDsDummyAuthEnabled.isEmpty()) {
+ Logger.info("Dummy authentication is enabled for ....");
+ uniqueIDsDummyAuthEnabled.forEach(el -> Logger.info(" EntityID: " + el));
+
+ }
+
+ // TODO: do we need a selection parameter from external
+ authManager.addParameterNameToWhiteList(ConfigurationProperties.HTTP_PARAM_START_DUMMY_AUTH);
+
+ } else {
+ uniqueIDsDummyAuthEnabled = Collections.emptySet();
+ Logger.info("AuthModule for 'dummy-identities' is disabled");
+
+ }
+
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.
+ * egovernment.moa.id.process.api.ExecutionContext)
+ */
+ @Override
+ public String selectProcess(ExecutionContext context, IRequest pendingReq) {
+
+ if (authConfig.getBasicConfigurationBoolean(ConfigurationProperties.PROP_MODULE_ENABLED, false)) {
+ final String spEntityID = pendingReq.getServiceProviderConfiguration().getUniqueIdentifier();
+ Logger.trace("Check dummy-auth for SP: " + spEntityID);
+ if (uniqueIDsDummyAuthEnabled.contains(spEntityID)) {
+ final Serializable flagObj = context.get(ConfigurationProperties.HTTP_PARAM_START_DUMMY_AUTH);
+ if (flagObj instanceof String && Boolean.valueOf((String) flagObj)) {
+ Logger.info("Starting Dummy-Identity authentication for SP: " + spEntityID);
+ return "dummyIdentityAuthentication";
+
+ } else {
+ Logger.debug("Dummy-Identity authentication flag not 'true'. Skip it ... ");
+
+ }
+
+ } else {
+ Logger.debug("Unique SP-Id: " + spEntityID
+ + " is not in whitelist for Dummy-Identity authentication.");
+
+ }
+
+ } else {
+ Logger.trace("Dummy-Identity authentication is disabled");
+
+ }
+
+ return null;
+
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getProcessDefinitions()
+ */
+ @Override
+ public String[] getProcessDefinitions() {
+ return new String[] { "classpath:/dummy_identity_auth.process.xml" };
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/DummyIdentityAuthSpringResourceProvider.java b/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/DummyIdentityAuthSpringResourceProvider.java
new file mode 100644
index 000000000..d8218b7f1
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/DummyIdentityAuthSpringResourceProvider.java
@@ -0,0 +1,62 @@
+/*
+ * Copyright 2021 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.auth.modules.auth.dummy;
+
+import org.springframework.core.io.ClassPathResource;
+import org.springframework.core.io.Resource;
+
+import at.gv.egiz.components.spring.api.SpringResourceProvider;
+
+/**
+ * @author tlenz
+ *
+ */
+public class DummyIdentityAuthSpringResourceProvider implements SpringResourceProvider {
+
+ /* (non-Javadoc)
+ * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getResourcesToLoad()
+ */
+ @Override
+ public Resource[] getResourcesToLoad() {
+ ClassPathResource authConfig = new ClassPathResource("/moaid_dummy_identity_auth.beans.xml", DummyIdentityAuthSpringResourceProvider.class);
+ return new Resource[] {authConfig};
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getPackagesToScan()
+ */
+ @Override
+ public String[] getPackagesToScan() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getName()
+ */
+ @Override
+ public String getName() {
+ return "Module for 'Dummy Authentication'";
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/service/DummyIdentityService.java b/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/service/DummyIdentityService.java
new file mode 100644
index 000000000..9bb961e47
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/service/DummyIdentityService.java
@@ -0,0 +1,182 @@
+package at.gv.egovernment.moa.id.auth.modules.auth.dummy.service;
+
+import java.io.IOException;
+import java.nio.file.FileVisitOption;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import java.util.stream.Collectors;
+
+import javax.annotation.PostConstruct;
+
+import org.apache.commons.io.FilenameUtils;
+import org.apache.commons.lang3.RandomStringUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import com.fasterxml.jackson.annotation.JsonAutoDetect.Visibility;
+import com.fasterxml.jackson.annotation.PropertyAccessor;
+import com.fasterxml.jackson.databind.DeserializationFeature;
+import com.fasterxml.jackson.databind.ObjectMapper;
+
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.EAAFAuthenticationException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
+import at.gv.egiz.eaaf.core.impl.utils.FileUtils;
+import at.gv.egiz.eaaf.core.impl.utils.Random;
+import at.gv.egovernment.moa.id.auth.modules.auth.dummy.ConfigurationProperties;
+import at.gv.egovernment.moa.logging.Logger;
+
+/**
+ * Service that holdes and selects dummy-identities for dummy-authentication.
+ *
+ * @author tlenz
+ *
+ */
+public class DummyIdentityService {
+
+ @Autowired IConfiguration config;
+
+ private List<Map<String, String>> availableIdentities = new ArrayList<>();
+
+
+ private static ObjectMapper jsonMapper = new ObjectMapper();
+
+ static {
+ // initialize JSON Mapper
+ jsonMapper.configure(DeserializationFeature.FAIL_ON_READING_DUP_TREE_KEY, true);
+ jsonMapper.configure(DeserializationFeature.FAIL_ON_TRAILING_TOKENS, true);
+ jsonMapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, true);
+ jsonMapper.setVisibility(PropertyAccessor.ALL, Visibility.NONE);
+ jsonMapper.setVisibility(PropertyAccessor.GETTER, Visibility.PUBLIC_ONLY);
+ jsonMapper.setVisibility(PropertyAccessor.IS_GETTER, Visibility.PUBLIC_ONLY);
+
+ }
+
+
+ /**
+ * Get an identity randomly from available identities.
+ *
+ * @return Map of identity attributes
+ * @throws EAAFAuthenticationException In case of an empty identity store
+ */
+ public Map<String, String> getIdentityRandomly() throws EAAFAuthenticationException {
+ if (availableIdentities.isEmpty()) {
+ throw new EAAFAuthenticationException("builder.08", new Object[] {"No Dummy-Identity available"});
+
+ }
+
+
+
+ int num = (int) (Math.random() * 1000000) % availableIdentities.size();
+ Logger.debug("Select element: " + num + " from dummy-identity store");
+ return availableIdentities.get(num);
+
+ }
+
+ /**
+ * Get number of available identity sets.
+ *
+ * @return available dummy identities
+ */
+ public int getNumberOfLoadedIdentitySets( ) {
+ return availableIdentities.size();
+
+ }
+
+
+ @PostConstruct
+ private void initialize() throws EAAFException {
+ try {
+ Logger.debug("Initializing Dummy-Identity authentication service ... ");
+
+ //get all files from datastore
+ Set<Path> identityConfigFiles = getAllFilesFromIdentityStore();
+ Logger.debug("Find #" + identityConfigFiles.size() + " files in identity-store. Starting identity extraction ... ");
+
+ //extract identity informations
+ identityConfigFiles.stream()
+ .filter(el -> FilenameUtils.isExtension(el.getFileName().toString(), ConfigurationProperties.ALLOWED_FILE_TYPE))
+ .forEach(el -> loadJson(el));
+
+ Logger.info("Dummy-Identity authentication service contains #" + availableIdentities.size() + " data-sets");
+
+ } catch (EAAFException e) {
+ handleError(e);
+
+ } catch (IOException e) {
+ handleError(new EAAFException("config.05",
+ new Object[] {ConfigurationProperties.PROP_MODULE_IDENTITY_STORE_PATH}, e));
+
+ }
+ }
+
+
+ private void loadJson(Path file) {
+ try {
+ Logger.debug("Reading dummy-identity from file: " + file.getFileName() + " ... ");
+ Map<String, String> dummyEid = jsonMapper.readValue(file.toFile(), Map.class);
+
+ // check minimum required attributes
+ ConfigurationProperties.MINIMUM_REQ_ATTRIBUTES.stream().forEach(
+ el -> {
+ if (!dummyEid.containsKey(el)) {
+ throw new RuntimeException("dummy-identity from file: " + file.getFileName() + " missing attribute: " + el);
+
+ }
+ });
+
+ Logger.debug("Add dummy-identity from file: " + file.getFileName());
+ availableIdentities.add(dummyEid);
+
+
+ } catch (Exception e) {
+ Logger.warn("Can NOT read dummy-identity from file: " + file.getFileName() + " Identity will be skipped", e);
+
+ }
+
+ }
+
+
+ private Set<Path> getAllFilesFromIdentityStore() throws IOException, EAAFConfigurationException {
+ String identityStorePath = config.getBasicConfiguration(ConfigurationProperties.PROP_MODULE_IDENTITY_STORE_PATH);
+ if (StringUtils.isEmpty(identityStorePath)) {
+ throw new EAAFConfigurationException("config.08",
+ new Object[] {ConfigurationProperties.PROP_MODULE_IDENTITY_STORE_PATH});
+
+ }
+
+ String absIdentityStorePath = FileUtils.makeAbsoluteURL(identityStorePath, config.getConfigurationRootDirectory());
+ if (absIdentityStorePath.startsWith("file:")) {
+ absIdentityStorePath = absIdentityStorePath.substring("file:".length());
+
+ }
+
+ return Files.walk(Paths.get(absIdentityStorePath), FileVisitOption.FOLLOW_LINKS)
+ .filter(Files::isRegularFile)
+ .filter(Files::isReadable)
+ .collect(Collectors.toSet());
+
+ }
+
+
+ private void handleError(EAAFException e) throws EAAFException {
+ if (config.getBasicConfigurationBoolean(ConfigurationProperties.PROP_MODULE_ENABLED, false)) {
+ throw e;
+
+ } else {
+ Logger.info("Dummy-Identity authentication is disabled. Ignore exception: " + e.getMessage());
+
+ }
+
+ }
+
+
+}
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/task/InjectDummyIdentityInformationTask.java b/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/task/InjectDummyIdentityInformationTask.java
new file mode 100644
index 000000000..5eb441bc9
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/task/InjectDummyIdentityInformationTask.java
@@ -0,0 +1,140 @@
+/*
+ * Copyright 2021 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.auth.modules.auth.dummy.task;
+
+import java.util.Map;
+import java.util.Map.Entry;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EAAFAuthenticationException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
+import at.gv.egovernment.moa.id.auth.modules.auth.dummy.service.DummyIdentityService;
+import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
+import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
+import at.gv.egovernment.moa.logging.Logger;
+
+/**
+ * @author tlenz
+ *
+ */
+@Component("InjectDummyIdentityInformationTask")
+public class InjectDummyIdentityInformationTask extends AbstractAuthServletTask {
+
+ @Autowired
+ IConfiguration moaAuthConfig;
+ @Autowired
+ DummyIdentityService service;
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask#execute(at.gv.
+ * egovernment.moa.id.process.api.ExecutionContext,
+ * javax.servlet.http.HttpServletRequest,
+ * javax.servlet.http.HttpServletResponse)
+ */
+ @Override
+ public void execute(ExecutionContext executionContext, HttpServletRequest request,
+ HttpServletResponse response)
+ throws TaskExecutionException {
+
+ try {
+ Logger.debug("Injecting user credentials for Dummy-Identity authentication ... ");
+ parseDemoValuesIntoMOASession(pendingReq);
+
+ // set 'needConsent' to false, because user gives consent during authentication
+ pendingReq.setNeedUserConsent(false);
+
+ // set 'authenticated' flag to true
+ pendingReq.setAuthenticated(true);
+
+ // store MOASession into database
+ requestStoreage.storePendingRequest(pendingReq);
+
+ } catch (final MOAIDException e) {
+ throw new TaskExecutionException(pendingReq, e.getMessage(), e);
+
+ } catch (final Exception e) {
+ throw new TaskExecutionException(pendingReq, e.getMessage(), e);
+
+ }
+ }
+
+ /**
+ * @param pendingReq
+ * @param moaSession
+ * @throws MOAIDException
+ * @throws EAAFStorageException
+ * @throws EAAFAuthenticationException
+ */
+ private void parseDemoValuesIntoMOASession(IRequest pendingReq) throws MOAIDException, EAAFStorageException,
+ EAAFAuthenticationException {
+ final AuthenticationSessionWrapper moaSession = pendingReq.getSessionData(
+ AuthenticationSessionWrapper.class);
+ moaSession.setForeigner(false);
+ moaSession.setQAALevel(PVPConstants.EIDAS_QAA_HIGH);
+
+ final Map<String, String> rawIdentity = service.getIdentityRandomly();
+
+ // add attributes into session
+ for (final Entry<String, String> el : rawIdentity.entrySet()) {
+ moaSession.setGenericDataToSession(el.getKey(), el.getValue());
+ Logger.debug("Add PVP-attribute " + el.getKey() + " into MOASession");
+
+ }
+
+ // set BKU URL
+ if (rawIdentity.containsKey(PVPAttributeDefinitions.EID_CCS_URL_NAME)) {
+ moaSession.setBkuURL(rawIdentity.get(PVPAttributeDefinitions.EID_CCS_URL_NAME));
+
+ } else {
+ moaSession.setBkuURL("http://egiz.gv.at/dummy-authentication");
+
+ }
+
+ // check if mandates are included
+ if (rawIdentity.containsKey(PVPAttributeDefinitions.MANDATE_TYPE_NAME)
+ || rawIdentity.containsKey(PVPAttributeDefinitions.MANDATE_TYPE_OID_NAME)) {
+ Logger.debug("Find Mandate-Attributes in E-ID response. Switch to mandate-mode ... ");
+ moaSession.setUseMandates(true);
+
+ } else {
+ moaSession.setUseMandates(false);
+
+ }
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider b/id/server/modules/moa-id-module-dummyAuth/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider
new file mode 100644
index 000000000..a60db29cb
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider
@@ -0,0 +1 @@
+at.gv.egovernment.moa.id.auth.modules.auth.dummy.DummyIdentityAuthSpringResourceProvider \ No newline at end of file
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/main/resources/dummy_identity_auth.process.xml b/id/server/modules/moa-id-module-dummyAuth/src/main/resources/dummy_identity_auth.process.xml
new file mode 100644
index 000000000..d7351fbbd
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/main/resources/dummy_identity_auth.process.xml
@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<pd:ProcessDefinition id="dummyIdentityAuthentication" xmlns:pd="http://reference.e-government.gv.at/namespace/moa/process/definition/v1">
+
+ <pd:Task id="dummyAuth" class="InjectDummyIdentityInformationTask" />
+ <pd:Task id="finalizeAuthentication" class="FinalizeAuthenticationTask" />
+
+ <!-- Process is triggered either by GenerateIFrameTemplateServlet (upon bku selection) or by AuthenticationManager (upon legacy authentication start using legacy parameters. -->
+ <pd:StartEvent id="start" />
+
+ <pd:Transition from="start" to="dummyAuth" />
+ <pd:Transition from="dummyAuth" to="finalizeAuthentication" />
+ <pd:Transition from="finalizeAuthentication" to="end" />
+
+ <pd:EndEvent id="end" />
+
+</pd:ProcessDefinition>
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/main/resources/moaid_dummy_identity_auth.beans.xml b/id/server/modules/moa-id-module-dummyAuth/src/main/resources/moaid_dummy_identity_auth.beans.xml
new file mode 100644
index 000000000..5c2ea1176
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/main/resources/moaid_dummy_identity_auth.beans.xml
@@ -0,0 +1,23 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xmlns:tx="http://www.springframework.org/schema/tx"
+ xmlns:aop="http://www.springframework.org/schema/aop"
+ xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+ http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+ <bean id="dummyIdentityAuthModule" class="at.gv.egovernment.moa.id.auth.modules.auth.dummy.DummyIdentityAuthModule">
+ <property name="priority" value="4" />
+ </bean>
+
+ <bean id="dummyIdentityService"
+ class="at.gv.egovernment.moa.id.auth.modules.auth.dummy.service.DummyIdentityService" />
+
+ <bean id="InjectDummyIdentityInformationTask"
+ class="at.gv.egovernment.moa.id.auth.modules.auth.dummy.task.InjectDummyIdentityInformationTask"
+ scope="prototype"/>
+
+</beans> \ No newline at end of file
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/BeanCreationTest.java b/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/BeanCreationTest.java
new file mode 100644
index 000000000..7fa2eab93
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/BeanCreationTest.java
@@ -0,0 +1,67 @@
+package at.gv.egovernment.moa.id.auth.modules.auth.dummy.test;
+
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
+
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.BeanCreationException;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egovernment.moa.id.auth.modules.auth.dummy.DummyIdentityAuthModule;
+import at.gv.egovernment.moa.id.auth.modules.auth.dummy.service.DummyIdentityService;
+import at.gv.egovernment.moa.id.auth.modules.auth.dummy.test.dummy.DummyAuthConfigMap;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+ "/test_dummy_identity_auth_lazy.beans.xml" })
+public class BeanCreationTest {
+
+ @Autowired DummyAuthConfigMap config;
+ @Autowired ApplicationContext context;
+
+ @Before
+ public void initialize() {
+ // re-set config
+ config.putConfigValue("modules.dummyauth.enabled", String.valueOf(false));
+
+ }
+
+ @Test
+ public void authModuleDeactivated() {
+ assertNotNull("AuthModule", context.getBean(DummyIdentityAuthModule.class));
+
+ }
+
+ @Test
+ @DirtiesContext
+ public void dummyIdentityServiceDisabled() {
+ assertNotNull("IdentityService", context.getBean(DummyIdentityService.class));
+
+ }
+
+ @Test
+ @DirtiesContext
+ public void dummyIdentityServiceEnabled() {
+ config.putConfigValue("modules.dummyauth.enabled", String.valueOf(true));
+
+ try {
+ context.getBean(DummyIdentityService.class);
+ fail("Wrong config not detected");
+
+ } catch (Exception e) {
+ assertTrue("wrong exception", e instanceof BeanCreationException);
+
+ }
+
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/DummyIdentityAuthModuleTest.java b/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/DummyIdentityAuthModuleTest.java
new file mode 100644
index 000000000..37bb0d9b4
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/DummyIdentityAuthModuleTest.java
@@ -0,0 +1,117 @@
+package at.gv.egovernment.moa.id.auth.modules.auth.dummy.test;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.api.data.EAAFConfigConstants;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import at.gv.egovernment.moa.id.auth.modules.auth.dummy.DummyIdentityAuthModule;
+import at.gv.egovernment.moa.id.auth.modules.auth.dummy.test.dummy.DummyAuthConfigMap;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+ "/test_dummy_identity_auth.beans.xml" })
+public class DummyIdentityAuthModuleTest {
+
+ @Autowired DummyAuthConfigMap config;
+ @Autowired DummyIdentityAuthModule module;
+
+ private ExecutionContext context;
+ private TestRequestImpl pendingReq;
+ private Map<String, String> spConfigMap;
+
+ @Before
+ public void initialize() {
+ context = new ExecutionContextImpl();
+
+ spConfigMap = new HashMap<>();
+ spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphanumeric(10));
+
+ ISPConfiguration spConfig = new DummySPConfiguration(spConfigMap, config);
+ pendingReq = new TestRequestImpl();
+ pendingReq.setSpConfig(spConfig);
+
+ // re-set config
+ config.putConfigValue("modules.dummyauth.enabled", String.valueOf(true));
+
+ }
+
+ @Test
+ public void checkProcessDefinition() {
+ String[] def = module.getProcessDefinitions();
+
+ assertNotNull("no process definition", def);
+ Arrays.asList(def).stream().forEach(
+ el -> DummyIdentityAuthModuleTest.class.getResourceAsStream(el));
+
+ }
+
+
+ @Test
+ public void deactivated() {
+ config.putConfigValue("modules.dummyauth.enabled", String.valueOf(false));
+
+ assertNull("wrong authModule selected", module.selectProcess(context, pendingReq));
+
+ }
+
+ @Test
+ public void unknownServiceProvider() {
+ assertNull("wrong authModule selected", module.selectProcess(context, pendingReq));
+
+ }
+
+ @Test
+ public void allowedServiceProviderButNotRequested() {
+ spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, "yyasdfasfsa2323");
+
+ assertNull("wrong authModule selected", module.selectProcess(context, pendingReq));
+
+ }
+
+ @Test
+ public void allowedServiceProviderButWrongRequested() {
+ spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, "yyasdfasfsa2323");
+ context.put("dummyauth", 27);
+
+ assertNull("wrong authModule selected", module.selectProcess(context, pendingReq));
+
+ }
+
+ @Test
+ public void allowedServiceProviderButFalseRequested() {
+ spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, "yyasdfasfsa2323");
+ context.put("dummyauth", "false");
+
+ assertNull("wrong authModule selected", module.selectProcess(context, pendingReq));
+
+ }
+
+ @Test
+ public void allowedServiceProviderAndRequested() {
+ spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, "yyasdfasfsa2323");
+ context.put("dummyauth", "true");
+
+ assertEquals("wrong authmethod identifier", "dummyIdentityAuthentication",
+ module.selectProcess(context, pendingReq));
+
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/DummyIdentityAuthSpringResourceProviderTest.java b/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/DummyIdentityAuthSpringResourceProviderTest.java
new file mode 100644
index 000000000..0e9da9fea
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/DummyIdentityAuthSpringResourceProviderTest.java
@@ -0,0 +1,55 @@
+package at.gv.egovernment.moa.id.auth.modules.auth.dummy.test;
+
+import java.io.IOException;
+import java.io.InputStream;
+import at.gv.egovernment.moa.id.auth.modules.auth.dummy.DummyIdentityAuthSpringResourceProvider;
+
+import org.apache.commons.io.IOUtils;
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.BlockJUnit4ClassRunner;
+import org.springframework.core.io.Resource;
+
+
+
+@RunWith(BlockJUnit4ClassRunner.class)
+public class DummyIdentityAuthSpringResourceProviderTest {
+
+ @Test
+ public void testSpringConfig() {
+ final DummyIdentityAuthSpringResourceProvider test =
+ new DummyIdentityAuthSpringResourceProvider();
+ for (final Resource el : test.getResourcesToLoad()) {
+ try {
+ IOUtils.toByteArray(el.getInputStream());
+
+ } catch (final IOException e) {
+ Assert.fail("Ressouce: " + el.getFilename() + " not found");
+ }
+
+ }
+
+ Assert.assertNotNull("no Name", test.getName());
+ Assert.assertNull("Find package definitions", test.getPackagesToScan());
+
+ }
+
+ @Test
+ public void testSpILoaderConfig() {
+ final InputStream el = this.getClass().getResourceAsStream(
+ "/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider");
+ try {
+ final String spiFile = IOUtils.toString(el, "UTF-8");
+
+ Assert.assertEquals("Wrong classpath in SPI file",
+ DummyIdentityAuthSpringResourceProvider.class.getName(), spiFile);
+
+
+ } catch (final IOException e) {
+ Assert.fail("Ressouce: '/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider' not found");
+
+ }
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/DummyIdentityServiceTest.java b/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/DummyIdentityServiceTest.java
new file mode 100644
index 000000000..19a9fc72e
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/DummyIdentityServiceTest.java
@@ -0,0 +1,48 @@
+package at.gv.egovernment.moa.id.auth.modules.auth.dummy.test;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+
+import java.util.Map;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.exceptions.EAAFAuthenticationException;
+import at.gv.egovernment.moa.id.auth.modules.auth.dummy.service.DummyIdentityService;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+ "/test_dummy_identity_auth.beans.xml" })
+public class DummyIdentityServiceTest {
+
+ @Autowired DummyIdentityService service;
+
+
+ @Test
+ public void numberOfLoadedIdentities() {
+ assertEquals("wrong number of identities in store", 3, service.getNumberOfLoadedIdentitySets());
+
+ }
+
+ @Test
+ public void getRandomIdentity() throws EAAFAuthenticationException {
+ Map<String, String> idl = service.getIdentityRandomly();
+
+ assertNotNull("idl", idl);
+ assertEquals("wrong number of attributes", 4, idl.size());
+
+ }
+
+ @Test
+ public void getManyRandomIdentity() throws EAAFAuthenticationException {
+ for(int i=0; i<50; i++) {
+ assertNotNull("idl", service.getIdentityRandomly());
+
+ }
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/InjectDummyIdentityInformationTaskTest.java b/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/InjectDummyIdentityInformationTaskTest.java
new file mode 100644
index 000000000..5d41496e2
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/InjectDummyIdentityInformationTaskTest.java
@@ -0,0 +1,92 @@
+package at.gv.egovernment.moa.id.auth.modules.auth.dummy.test;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.IRequestStorage;
+import at.gv.egiz.eaaf.core.api.data.EAAFConfigConstants;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
+import at.gv.egovernment.moa.id.auth.modules.auth.dummy.task.InjectDummyIdentityInformationTask;
+import at.gv.egovernment.moa.id.auth.modules.auth.dummy.test.dummy.DummyAuthConfigMap;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+ "/test_dummy_identity_auth.beans.xml" })
+public class InjectDummyIdentityInformationTaskTest {
+
+ @Autowired InjectDummyIdentityInformationTask task;
+ @Autowired DummyAuthConfigMap config;
+ @Autowired IRequestStorage storage;
+
+ protected MockHttpServletRequest httpReq;
+ protected MockHttpServletResponse httpResp;
+ private ExecutionContext context;
+ private TestRequestImpl pendingReq;
+ private Map<String, String> spConfigMap;
+
+ @Before
+ public void initialize() {
+ httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+ httpResp = new MockHttpServletResponse();
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+ context = new ExecutionContextImpl();
+
+ spConfigMap = new HashMap<>();
+ spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphanumeric(10));
+
+ ISPConfiguration spConfig = new DummySPConfiguration(spConfigMap, config);
+ pendingReq = new TestRequestImpl();
+ pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10));
+ pendingReq.setSpConfig(spConfig);
+
+ // re-set config
+ config.putConfigValue("modules.dummyauth.enabled", String.valueOf(true));
+
+ }
+
+ @Test
+ public void injectIdentityData() throws TaskExecutionException, PendingReqIdValidationException {
+
+ task.execute(pendingReq, context);
+
+ // validate state
+ IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId());
+ assertNotNull("pendingReq not stored", storedReq);
+
+ final AuthenticationSessionWrapper moaSession = storedReq.getSessionData(
+ AuthenticationSessionWrapper.class);
+
+ assertFalse("foreign", moaSession.isForeigner());
+ assertFalse("mandate", moaSession.isMandateUsed());
+ assertNotNull("bkuUrl", moaSession.getBkuURL());
+ assertEquals("missing attributes", 4, moaSession.getGenericSessionDataStorage().size());
+
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/dummy/DummyAuthConfigMap.java b/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/dummy/DummyAuthConfigMap.java
new file mode 100644
index 000000000..3c0f9edf1
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/dummy/DummyAuthConfigMap.java
@@ -0,0 +1,136 @@
+package at.gv.egovernment.moa.id.auth.modules.auth.dummy.test.dummy;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.URI;
+import java.net.URL;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Properties;
+
+import org.apache.commons.lang3.StringUtils;
+
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
+import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
+
+/**
+ * Dummy Application-configuration implementation for jUnit tests.
+ *
+ * @author tlenz
+ *
+ */
+public class DummyAuthConfigMap implements IConfigurationWithSP {
+
+ private Map<String, String> config = new HashMap<>();
+
+ public DummyAuthConfigMap() {
+
+ }
+
+ /**
+ * Dummy Application-configuration.
+ *
+ * @param configIs Property based configuration
+ * @throws IOException In case of an configuration read error
+ */
+ public DummyAuthConfigMap(final InputStream configIs) throws IOException {
+
+ final Properties props = new Properties();
+ props.load(configIs);
+
+ config = KeyValueUtils.convertPropertiesToMap(props);
+
+ }
+
+ /**
+ * Dummy Application-configuration.
+ *
+ * @param path Path to property based configuration
+ * @throws IOException In case of an configuration read error
+ */
+ public DummyAuthConfigMap(final String path) throws IOException {
+
+ final Properties props = new Properties();
+ props.load(this.getClass().getResourceAsStream(path));
+
+ config = KeyValueUtils.convertPropertiesToMap(props);
+
+ }
+
+
+ @Override
+ public String getBasicConfiguration(final String key) {
+ return config.get(key);
+
+ }
+
+ @Override
+ public String getBasicConfiguration(final String key, final String defaultValue) {
+ final String value = getBasicConfiguration(key);
+ if (StringUtils.isEmpty(value)) {
+ return defaultValue;
+ } else {
+ return value;
+ }
+
+ }
+
+ @Override
+ public Boolean getBasicConfigurationBoolean(final String key) {
+ final String value = getBasicConfiguration(key);
+ if (StringUtils.isEmpty(value)) {
+ return false;
+ } else {
+ return Boolean.valueOf(value);
+ }
+ }
+
+ @Override
+ public boolean getBasicConfigurationBoolean(final String key, final boolean defaultValue) {
+ return Boolean.parseBoolean(getBasicConfiguration(key, String.valueOf(defaultValue)));
+
+ }
+
+ @Override
+ public Map<String, String> getBasicConfigurationWithPrefix(final String prefix) {
+ return KeyValueUtils.getSubSetWithPrefix(config, prefix);
+
+ }
+
+ @Override
+ public ISPConfiguration getServiceProviderConfiguration(final String uniqueID)
+ throws EAAFConfigurationException {
+ return null;
+ }
+
+ @Override
+ public <T> T getServiceProviderConfiguration(final String spIdentifier, final Class<T> decorator)
+ throws EAAFConfigurationException {
+ return null;
+ }
+
+ @Override
+ public URI getConfigurationRootDirectory() {
+ return new java.io.File(".").toURI();
+
+ }
+
+ @Override
+ public String validateIDPURL(final URL authReqUrl) throws EAAFException {
+ return null;
+ }
+
+ public void putConfigValue(final String key, final String value) {
+ config.put(key, value);
+ }
+
+ public void removeConfigValue(final String key) {
+ config.remove(key);
+
+ }
+
+
+}
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/config1.properties b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/config1.properties
new file mode 100644
index 000000000..18bd21df1
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/config1.properties
@@ -0,0 +1,6 @@
+modules.dummyauth.enabled=true
+modules.dummyauth.identity.store.path=src/test/resources/config/idlstore/
+modules.dummyauth.sp.1=aaabbccddeeffgg
+modules.dummyauth.sp.2=yyasdfasfsa2323
+modules.dummyauth.sp.3=
+modules.dummyauth.sp.4=435344534egewgegf
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/config2.properties b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/config2.properties
new file mode 100644
index 000000000..d38ba692b
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/config2.properties
@@ -0,0 +1,5 @@
+modules.dummyauth.enabled=false
+modules.dummyauth.identity.store.path=notexit
+modules.dummyauth.sp.1=aaabbccddeeffgg
+modules.dummyauth.sp.2=yyasdfasfsa2323
+modules.dummyauth.sp.3=435344534egewgegf
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_1.json b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_1.json
new file mode 100644
index 000000000..4d927b7ad
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_1.json
@@ -0,0 +1,6 @@
+{
+ "urn:oid:2.5.4.42": "Max",
+ "urn:oid:1.2.40.0.10.2.1.1.261.20": "Mustermann",
+ "urn:oid:1.2.40.0.10.2.1.1.55": "1940-01-01",
+ "urn:oid:1.2.40.0.10.2.1.1.149": "GH:aaabbccddeeffgg"
+} \ No newline at end of file
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_2.json b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_2.json
new file mode 100644
index 000000000..1cffdd696
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_2.json
@@ -0,0 +1,6 @@
+{
+ "urn:oid:2.5.4.42": "Susi",
+ "urn:oid:1.2.40.0.10.2.1.1.261.20": "Musterfrau",
+ "urn:oid:1.2.40.0.10.2.1.1.55": "1950-02-02",
+ "urn:oid:1.2.40.0.10.2.1.1.149": "GH:zzyyxx99887dd"
+}
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_invalid_json_1.json b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_invalid_json_1.json
new file mode 100644
index 000000000..ec1a4ba49
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_invalid_json_1.json
@@ -0,0 +1,6 @@
+{
+ "urn:oid:2.5.4.42": "Max"
+ "urn:oid:1.2.40.0.10.2.1.1.261.20": "Mustermann",
+ "urn:oid:1.2.40.0.10.2.1.1.55": "1940-01-01",
+ "urn:oid:1.2.40.0.10.2.1.1.149": "GH:aaabbccddeeffgg"
+}
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_invalid_json_2.json b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_invalid_json_2.json
new file mode 100644
index 000000000..71c2f654e
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_invalid_json_2.json
@@ -0,0 +1,7 @@
+{
+ "urn:oid:2.5.4.42": {
+ "urn:oid:1.2.40.0.10.2.1.1.261.20": "Mustermann"
+ },
+ "urn:oid:1.2.40.0.10.2.1.1.55": "1940-01-01",
+ "urn:oid:1.2.40.0.10.2.1.1.149": "GH:aaabbccddeeffgg"
+}
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_invalid_json_3.json b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_invalid_json_3.json
new file mode 100644
index 000000000..29a245ca4
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_invalid_json_3.json
@@ -0,0 +1,8 @@
+{
+ "urn:oid:2.5.4.42": {
+ "urn:oid:1.2.40.0.10.2.1.1.261.20": "Mustermann"
+ },
+ "urn:oid:1.2.40.0.10.2.1.1.261.20": "Mustermann",
+ "urn:oid:1.2.40.0.10.2.1.1.55": "1940-01-01",
+ "urn:oid:1.2.40.0.10.2.1.1.149": "GH:aaabbccddeeffgg"
+}
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_missing_attr.json b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_missing_attr.json
new file mode 100644
index 000000000..2f241c291
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_missing_attr.json
@@ -0,0 +1,5 @@
+{
+ "urn:oid:2.5.4.42": "Max",
+ "urn:oid:1.2.40.0.10.2.1.1.55": "1940-01-01",
+ "urn:oid:1.2.40.0.10.2.1.1.149": "GH:aaabbccddeeffgg"
+}
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_wrong_extension.txt b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_wrong_extension.txt
new file mode 100644
index 000000000..4d927b7ad
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_wrong_extension.txt
@@ -0,0 +1,6 @@
+{
+ "urn:oid:2.5.4.42": "Max",
+ "urn:oid:1.2.40.0.10.2.1.1.261.20": "Mustermann",
+ "urn:oid:1.2.40.0.10.2.1.1.55": "1940-01-01",
+ "urn:oid:1.2.40.0.10.2.1.1.149": "GH:aaabbccddeeffgg"
+} \ No newline at end of file
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/resources/test_dummy_identity_auth.beans.xml b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/test_dummy_identity_auth.beans.xml
new file mode 100644
index 000000000..cca27822e
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/test_dummy_identity_auth.beans.xml
@@ -0,0 +1,20 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xmlns:tx="http://www.springframework.org/schema/tx"
+ xmlns:aop="http://www.springframework.org/schema/aop"
+ xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+ http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+ <import resource="classpath:/SpringTest-context_authManager.xml" />
+ <import resource="classpath:/moaid_dummy_identity_auth.beans.xml" />
+
+ <bean id="dummyConfig" class="at.gv.egovernment.moa.id.auth.modules.auth.dummy.test.dummy.DummyAuthConfigMap">
+ <constructor-arg name="path" value="/config/config1.properties" />
+ </bean>
+
+
+</beans> \ No newline at end of file
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/resources/test_dummy_identity_auth_lazy.beans.xml b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/test_dummy_identity_auth_lazy.beans.xml
new file mode 100644
index 000000000..e818bd29c
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/test_dummy_identity_auth_lazy.beans.xml
@@ -0,0 +1,27 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xmlns:tx="http://www.springframework.org/schema/tx"
+ xmlns:aop="http://www.springframework.org/schema/aop"
+ xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+ http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+ <import resource="classpath:/SpringTest-context_authManager.xml" />
+
+ <bean id="dummyConfig" class="at.gv.egovernment.moa.id.auth.modules.auth.dummy.test.dummy.DummyAuthConfigMap">
+ <constructor-arg name="path" value="/config/config2.properties" />
+ </bean>
+
+ <beans default-lazy-init="true">
+ <bean id="dummyIdentityAuthModule" class="at.gv.egovernment.moa.id.auth.modules.auth.dummy.DummyIdentityAuthModule">
+ <property name="priority" value="4" />
+ </bean>
+
+ <bean id="dummyIdentityService"
+ class="at.gv.egovernment.moa.id.auth.modules.auth.dummy.service.DummyIdentityService" />
+ </beans>
+
+</beans> \ No newline at end of file
diff --git a/id/server/modules/moa-id-module-eIDAS/pom.xml b/id/server/modules/moa-id-module-eIDAS/pom.xml
index 45fd97508..fc73206a7 100644
--- a/id/server/modules/moa-id-module-eIDAS/pom.xml
+++ b/id/server/modules/moa-id-module-eIDAS/pom.xml
@@ -3,7 +3,7 @@
<parent>
<groupId>MOA.id.server.modules</groupId>
<artifactId>moa-id-modules</artifactId>
- <version>4.1.5</version>
+ <version>4.2.0</version>
</parent>
<artifactId>moa-id-module-eIDAS</artifactId>
<name>MOA-ID eIDAS Module</name>
@@ -237,14 +237,14 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
- <version>1.52</version>
+ <version>1.70</version>
<!-- <scope>provided</scope> -->
</dependency>
<dependency>
<groupId>com.ibm.icu</groupId>
<artifactId>icu4j</artifactId>
- <version>58.2</version>
+ <version>70.1</version>
</dependency>
diff --git a/id/server/modules/moa-id-module-ehvd_integration/pom.xml b/id/server/modules/moa-id-module-ehvd_integration/pom.xml
new file mode 100644
index 000000000..15edb681e
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/pom.xml
@@ -0,0 +1,145 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>MOA.id.server.modules</groupId>
+ <artifactId>moa-id-modules</artifactId>
+ <version>4.2.0</version>
+ </parent>
+ <artifactId>moa-id-module-ehvd_integration</artifactId>
+ <version>${moa-id-ehvd_integration.version}</version>
+ <description>Module to integrate information from EHVD into MOA-ID response</description>
+
+ <dependencies>
+ <dependency>
+ <groupId>MOA.id.server.modules</groupId>
+ <artifactId>moa-id-modul-citizencard_authentication</artifactId>
+ <exclusions>
+ <exclusion>
+ <groupId>*</groupId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+
+ <dependency>
+ <groupId>MOA.id.server</groupId>
+ <artifactId>moa-id-lib</artifactId>
+ <scope>provided</scope>
+ </dependency>
+
+ <dependency>
+ <groupId>javax.servlet</groupId>
+ <artifactId>javax.servlet-api</artifactId>
+ <scope>provided</scope>
+ </dependency>
+
+ <dependency>
+ <groupId>org.apache.cxf</groupId>
+ <artifactId>cxf-rt-frontend-jaxws</artifactId>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.cxf</groupId>
+ <artifactId>cxf-rt-transports-http</artifactId>
+ <scope>provided</scope>
+ </dependency>
+
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-test</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>at.gv.egiz.eaaf</groupId>
+ <artifactId>eaaf_core_utils</artifactId>
+ <scope>test</scope>
+ <type>test-jar</type>
+ </dependency>
+ <dependency>
+ <groupId>at.gv.egiz.eaaf</groupId>
+ <artifactId>eaaf-core</artifactId>
+ <scope>test</scope>
+ <type>test-jar</type>
+ </dependency>
+ <dependency>
+ <groupId>com.github.skjolber</groupId>
+ <artifactId>mockito-soap-cxf</artifactId>
+ <version>1.2.0</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.cxf</groupId>
+ <artifactId>cxf-rt-transports-http-jetty</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.cxf</groupId>
+ <artifactId>cxf-rt-rs-extension-providers</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.tomcat</groupId>
+ <artifactId>tomcat-servlet-api</artifactId>
+ <version>9.0.56</version>
+ <scope>test</scope>
+ </dependency>
+ </dependencies>
+
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.cxf</groupId>
+ <artifactId>cxf-codegen-plugin</artifactId>
+ <version>3.3.12</version>
+ <dependencies>
+ <dependency>
+ <groupId>xerces</groupId>
+ <artifactId>xercesImpl</artifactId>
+ <version>2.8.1</version>
+ </dependency>
+ <dependency>
+ <groupId>com.sun.xml.bind</groupId>
+ <artifactId>jaxb-impl</artifactId>
+ <version>2.2.5</version>
+ </dependency>
+ <dependency>
+ <groupId>com.sun.xml.bind</groupId>
+ <artifactId>jaxb-xjc</artifactId>
+ <version>2.2.5</version>
+ </dependency>
+ </dependencies>
+ <executions>
+ <execution>
+ <id>generate-sources</id>
+ <phase>generate-sources</phase>
+ <configuration>
+ <sourceRoot>${project.build.directory}/generated/cxf</sourceRoot>
+ <wsdlOptions>
+ <wsdlOption>
+ <wsdl>${basedir}/src/main/resources/wsdl/eHVD.wsdl</wsdl>
+ <packagenames>
+ <packagename>eHVD=at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl</packagename>
+ </packagenames>
+ <extraargs>
+ <extraarg>-verbose </extraarg>
+ </extraargs>
+ </wsdlOption>
+ </wsdlOptions>
+ </configuration>
+ <goals>
+ <goal>wsdl2java</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
+
+</project>
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java
new file mode 100644
index 000000000..6cb9c08e3
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java
@@ -0,0 +1,61 @@
+/*
+ * Copyright 2021 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.auth.modules.ehvd;
+
+import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
+
+public class ConfigurationProperties {
+
+ // configuration properties
+ private static final String MODULE_PREFIX = "modules.ehvd.";
+
+ public static final String PROP_MODULE_ENABLED = MODULE_PREFIX + "enabled";
+ public static final String PROP_MODULE_SP_PREFIX = MODULE_PREFIX + "sp";
+
+ public static final String PROP_MODULE_SERVICE_TARGET = MODULE_PREFIX + "service.bpk.target";
+ public static final String PROP_MODULE_SERVICE_ENDPOINT = MODULE_PREFIX + "service.url";
+ public static final String PROP_MODULE_EHVD_ROLE_REGEX = MODULE_PREFIX + "service.role.regex";
+ public static final String PROP_MODULE_EHVD_OTHERID_PREFIX = MODULE_PREFIX + "service.otherid.prefix";
+
+ public static final String PROP_MODULE_PVP_ROLE = MODULE_PREFIX + "role.pvp";
+
+ public static final String PROP_MODULE_PROXY_SOCKS_PORT = MODULE_PREFIX + "proxy.socks.port";
+
+ public static final String DEFAULT_EHVD_SERVICE_TARGET = EAAFConstants.URN_PREFIX_CDID + "GH";
+
+
+ //TODO: define custom EHVD SAML2 attributes
+ public static final String ATTRIBUTE_URN_EHVD_PREFIX = "urn:brzgvat:attributes.ehvd.";
+ public static final String ATTRIBUTE_URN_EHVD_TITLE = ATTRIBUTE_URN_EHVD_PREFIX + "title";
+ public static final String ATTRIBUTE_URN_EHVD_FIRSTNAME = ATTRIBUTE_URN_EHVD_PREFIX + "firstname";
+ public static final String ATTRIBUTE_URN_EHVD_SURNAME = ATTRIBUTE_URN_EHVD_PREFIX + "surname";
+ public static final String ATTRIBUTE_URN_EHVD_ZIPCODE = ATTRIBUTE_URN_EHVD_PREFIX + "zip";
+ public static final String ATTRIBUTE_URN_EHVD_STATE = ATTRIBUTE_URN_EHVD_PREFIX + "state";
+ public static final String ATTRIBUTE_URN_EHVD_ID = ATTRIBUTE_URN_EHVD_PREFIX + "id";
+ public static final String ATTRIBUTE_URN_EHVD_OTHERID = ATTRIBUTE_URN_EHVD_PREFIX + "otherid";
+
+
+ private ConfigurationProperties() {
+ // hide constructor or static class
+ }
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthModule.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthModule.java
new file mode 100644
index 000000000..d087b9fe2
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthModule.java
@@ -0,0 +1,147 @@
+/*
+ * Copyright 2021 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.auth.modules.ehvd;
+
+import java.util.Collection;
+import java.util.Collections;
+import java.util.stream.Collectors;
+
+import javax.annotation.PostConstruct;
+
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egovernment.moa.id.auth.modules.internal.DefaultCitizenCardAuthModuleImpl;
+import at.gv.egovernment.moa.logging.Logger;
+
+/**
+ * @author tlenz
+ *
+ */
+public class EhvdServiceAuthModule extends DefaultCitizenCardAuthModuleImpl {
+
+ private int priority = 2;
+
+ @Autowired(required = true)
+ protected IConfigurationWithSP authConfig;
+
+ private Collection<String> uniqueIDsEnabled;
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getPriority()
+ */
+ @Override
+ public int getPriority() {
+ return priority;
+
+ }
+
+ /**
+ * Sets the priority of this module. Default value is {@code 0}.
+ *
+ * @param priority The priority.
+ */
+ public void setPriority(int priority) {
+ this.priority = priority;
+
+ }
+
+ @PostConstruct
+ private void initialDummyAuthWhiteList() {
+ if (authConfig.getBasicConfigurationBoolean(ConfigurationProperties.PROP_MODULE_ENABLED, false)) {
+ Logger.info("AuthModule for 'EHVD injection' is enabled");
+
+ // load allowed service-provider Id's
+ uniqueIDsEnabled = authConfig.getBasicConfigurationWithPrefix(
+ ConfigurationProperties.PROP_MODULE_SP_PREFIX).values().stream()
+ .filter(el -> StringUtils.isNotEmpty(el))
+ .collect(Collectors.toSet());
+
+ if (!uniqueIDsEnabled.isEmpty()) {
+ Logger.info("EHVD communication is enabled for ....");
+ uniqueIDsEnabled.forEach(el -> Logger.info(" EntityID: " + el));
+
+ }
+
+ } else {
+ uniqueIDsEnabled = Collections.emptySet();
+ Logger.info("AuthModule for 'EHVD injection' is disabled");
+
+ }
+
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.
+ * egovernment.moa.id.process.api.ExecutionContext)
+ */
+ @Override
+ public String selectProcess(ExecutionContext context, IRequest pendingReq) {
+
+ if (authConfig.getBasicConfigurationBoolean(ConfigurationProperties.PROP_MODULE_ENABLED, false)) {
+ final String spEntityID = pendingReq.getServiceProviderConfiguration().getUniqueIdentifier();
+ Logger.trace("Checking EHVD communication for SP: " + spEntityID + " ....");
+ final boolean ccAuthRequested = StringUtils.isNotEmpty(super.selectProcess(context, pendingReq));
+ if (uniqueIDsEnabled.contains(spEntityID) && ccAuthRequested) {
+ Logger.debug("EHVD communication is allowed for SP: " + spEntityID);
+ return "DefaultAuthenticationWithEHVDInteraction";
+
+ } else {
+ if (Logger.isDebugEnabled()) {
+ if (ccAuthRequested) {
+ Logger.debug("Unique SP-Id: " + spEntityID + " is not in whitelist for EHVD communication.");
+
+ } else {
+ Logger.trace("No CititzenCard authentication requested. EHVD communication skipped too");
+
+ }
+ }
+ }
+
+ } else {
+ Logger.trace("'EHVD injection' authentication is disabled");
+
+ }
+
+ return null;
+
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getProcessDefinitions()
+ */
+ @Override
+ public String[] getProcessDefinitions() {
+ return new String[] { "classpath:/DefaultAuth_with_ehvd_interaction.process.xml" };
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthSpringResourceProvider.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthSpringResourceProvider.java
new file mode 100644
index 000000000..589a316fe
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthSpringResourceProvider.java
@@ -0,0 +1,71 @@
+/*
+ * Copyright 2021 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.auth.modules.ehvd;
+
+import org.springframework.core.io.ClassPathResource;
+import org.springframework.core.io.Resource;
+
+import at.gv.egiz.components.spring.api.SpringResourceProvider;
+
+/**
+ * @author tlenz
+ *
+ */
+public class EhvdServiceAuthSpringResourceProvider implements SpringResourceProvider {
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egiz.components.spring.api.SpringResourceProvider#getResourcesToLoad()
+ */
+ @Override
+ public Resource[] getResourcesToLoad() {
+ final ClassPathResource authConfig = new ClassPathResource("/moaid_ehvd_service_auth.beans.xml",
+ EhvdServiceAuthSpringResourceProvider.class);
+ return new Resource[] { authConfig };
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egiz.components.spring.api.SpringResourceProvider#getPackagesToScan()
+ */
+ @Override
+ public String[] getPackagesToScan() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getName()
+ */
+ @Override
+ public String getName() {
+ return "Module for 'Dummy Authentication'";
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/AbstractEhvdAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/AbstractEhvdAttributeBuilder.java
new file mode 100644
index 000000000..af413ffc3
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/AbstractEhvdAttributeBuilder.java
@@ -0,0 +1,51 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes;
+
+import org.apache.commons.lang3.StringUtils;
+
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IPVPAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+import at.gv.egovernment.moa.logging.Logger;
+
+public abstract class AbstractEhvdAttributeBuilder implements IPVPAttributeBuilder {
+
+ @Override
+ public <ATT> ATT build(ISPConfiguration spConfig, IAuthData authData, IAttributeGenerator<ATT> g)
+ throws AttributeBuilderException {
+ try {
+ GdaDescriptor fullGdaInfo =
+ authData.getGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, GdaDescriptor.class);
+
+ if (fullGdaInfo != null) {
+ String attrValue = generateAttributeValue(fullGdaInfo);
+ Logger.debug(StringUtils.isEmpty(attrValue) ? "Skip" : "Build"
+ + "attribute: " + getName());
+ return g.buildStringAttribute(getName(), getName(),
+ StringUtils.isNotEmpty(attrValue) ? attrValue : null);
+
+ } else {
+ Logger.trace("Skipping attr: " + getName() + " because no GDA info available");
+ return null;
+
+ }
+
+ } catch (ClassCastException e) {
+ Logger.trace("Skipping attr: " + getName() + " because no GDA info available");
+ return null;
+
+ }
+ }
+
+ @Override
+ public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) {
+ return g.buildEmptyAttribute(getName(), getName());
+
+ }
+
+ protected abstract String generateAttributeValue(GdaDescriptor fullGdaInfo);
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdAddressStateAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdAddressStateAttributeBuilder.java
new file mode 100644
index 000000000..7056c3099
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdAddressStateAttributeBuilder.java
@@ -0,0 +1,28 @@
+//package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes;
+//
+//import java.util.stream.Collectors;
+//
+//import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+//
+//@PVPMETADATA
+//public class EhvdAddressStateAttributeBuilder extends AbstractEhvdAttributeBuilder {
+//
+// private static final String ATTR_VALUE_DELIMITER = "|";
+//
+// @Override
+// public String getName() {
+// return ConfigurationProperties.ATTRIBUTE_URN_EHVD_STATE;
+//
+// }
+//
+// @Override
+// protected String generateAttributeValue(GdaDescriptor fullGdaInfo) {
+// return fullGdaInfo.getAddress().stream()
+// .map(el -> el.getState() != null ? el.getState() : "")
+// .collect(Collectors.joining(ATTR_VALUE_DELIMITER));
+//
+// }
+//
+//}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdAddressZipcodeAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdAddressZipcodeAttributeBuilder.java
new file mode 100644
index 000000000..98a0567f2
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdAddressZipcodeAttributeBuilder.java
@@ -0,0 +1,28 @@
+//package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes;
+//
+//import java.util.stream.Collectors;
+//
+//import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+//
+//@PVPMETADATA
+//public class EhvdAddressZipcodeAttributeBuilder extends AbstractEhvdAttributeBuilder {
+//
+// private static final String ATTR_VALUE_DELIMITER = "|";
+//
+// @Override
+// public String getName() {
+// return ConfigurationProperties.ATTRIBUTE_URN_EHVD_ZIPCODE;
+//
+// }
+//
+// @Override
+// protected String generateAttributeValue(GdaDescriptor fullGdaInfo) {
+// return fullGdaInfo.getAddress().stream()
+// .map(el -> el.getZip() != null ? el.getZip() : "")
+// .collect(Collectors.joining(ATTR_VALUE_DELIMITER));
+//
+// }
+//
+//}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdFirstnameAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdFirstnameAttributeBuilder.java
new file mode 100644
index 000000000..1bb923cf4
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdFirstnameAttributeBuilder.java
@@ -0,0 +1,22 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes;
+
+import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+
+@PVPMETADATA
+public class EhvdFirstnameAttributeBuilder extends AbstractEhvdAttributeBuilder {
+
+ @Override
+ public String getName() {
+ return ConfigurationProperties.ATTRIBUTE_URN_EHVD_FIRSTNAME;
+
+ }
+
+ @Override
+ protected String generateAttributeValue(GdaDescriptor fullGdaInfo) {
+ return fullGdaInfo.getFirstname();
+
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdIdAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdIdAttributeBuilder.java
new file mode 100644
index 000000000..918b02c2e
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdIdAttributeBuilder.java
@@ -0,0 +1,22 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes;
+
+import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+
+@PVPMETADATA
+public class EhvdIdAttributeBuilder extends AbstractEhvdAttributeBuilder {
+
+ @Override
+ public String getName() {
+ return ConfigurationProperties.ATTRIBUTE_URN_EHVD_ID;
+
+ }
+
+ @Override
+ protected String generateAttributeValue(GdaDescriptor fullGdaInfo) {
+ return fullGdaInfo.getId() != null ? fullGdaInfo.getId().getId() : null;
+
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdOtherIdAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdOtherIdAttributeBuilder.java
new file mode 100644
index 000000000..2d0e20c9c
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdOtherIdAttributeBuilder.java
@@ -0,0 +1,54 @@
+//package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes;
+//
+//import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+//import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
+//import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
+//import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
+//import at.gv.egovernment.moa.logging.Logger;
+//
+//@PVPMETADATA
+//public class EhvdOtherIdAttributeBuilder extends AbstractEhvdAttributeBuilder {
+//
+// private static final String DEFAULT_ID_PREFIX = "1.2.40.0.34.4.18:";
+//
+// private String idPrefix;
+//
+// public EhvdOtherIdAttributeBuilder() {
+// try {
+// AuthConfiguration config = AuthConfigurationProviderFactory.getInstance();
+// if (config != null) {
+// idPrefix = config.getBasicConfiguration(
+// ConfigurationProperties.PROP_MODULE_EHVD_OTHERID_PREFIX, DEFAULT_ID_PREFIX);
+//
+// } else {
+// idPrefix = DEFAULT_ID_PREFIX;
+//
+// }
+// } catch (ConfigurationException e) {
+// idPrefix = DEFAULT_ID_PREFIX;
+//
+// }
+//
+// Logger.info(" Set-up " + getName() + " with otherId prefix: " + idPrefix);
+//
+// }
+//
+// @Override
+// public String getName() {
+// return ConfigurationProperties.ATTRIBUTE_URN_EHVD_OTHERID;
+//
+// }
+//
+// @Override
+// protected String generateAttributeValue(GdaDescriptor fullGdaInfo) {
+// return fullGdaInfo.getOtherID().stream()
+// .filter(el -> el.startsWith(idPrefix))
+// .findFirst()
+// .map(el -> el.substring(idPrefix.length()))
+// .orElse(null);
+//
+// }
+//
+//}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdSurnameAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdSurnameAttributeBuilder.java
new file mode 100644
index 000000000..db8de397b
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdSurnameAttributeBuilder.java
@@ -0,0 +1,22 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes;
+
+import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+
+@PVPMETADATA
+public class EhvdSurnameAttributeBuilder extends AbstractEhvdAttributeBuilder {
+
+ @Override
+ public String getName() {
+ return ConfigurationProperties.ATTRIBUTE_URN_EHVD_SURNAME;
+
+ }
+
+ @Override
+ protected String generateAttributeValue(GdaDescriptor fullGdaInfo) {
+ return fullGdaInfo.getSurname();
+
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdTitelAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdTitelAttributeBuilder.java
new file mode 100644
index 000000000..c978d4dd2
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdTitelAttributeBuilder.java
@@ -0,0 +1,22 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes;
+
+import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+
+@PVPMETADATA
+public class EhvdTitelAttributeBuilder extends AbstractEhvdAttributeBuilder {
+
+ @Override
+ public String getName() {
+ return ConfigurationProperties.ATTRIBUTE_URN_EHVD_TITLE;
+
+ }
+
+ @Override
+ protected String generateAttributeValue(GdaDescriptor fullGdaInfo) {
+ return fullGdaInfo.getTitle();
+
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/PvpRoleAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/PvpRoleAttributeBuilder.java
new file mode 100644
index 000000000..a79aa86dd
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/PvpRoleAttributeBuilder.java
@@ -0,0 +1,57 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes;
+
+import java.util.stream.Collectors;
+
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IPVPAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA;
+import at.gv.egovernment.moa.id.data.IMOAAuthData;
+import at.gv.egovernment.moa.logging.Logger;
+
+@PVPMETADATA
+public class PvpRoleAttributeBuilder implements IPVPAttributeBuilder {
+
+ private static final String ROLE_NAME_DELIMITER = ";";
+
+ @Override
+ public <ATT> ATT build(ISPConfiguration oaParam, IAuthData authData,
+ IAttributeGenerator<ATT> g) throws AttributeBuilderException {
+ if (authData instanceof IMOAAuthData) {
+ final IMOAAuthData moaAuthData = (IMOAAuthData) authData;
+ if (moaAuthData.getAuthenticationRoles() != null
+ && !moaAuthData.getAuthenticationRoles().isEmpty()) {
+ return g.buildStringAttribute(ROLES_FRIENDLY_NAME, ROLES_NAME,
+ moaAuthData.getAuthenticationRoles().stream()
+ .map(el -> el.getRawRoleString())
+ .collect(Collectors.joining(ROLE_NAME_DELIMITER)));
+
+ } else {
+ Logger.trace("No PVP roles available. Skipping attribute: " + ROLES_FRIENDLY_NAME);
+
+ }
+
+ } else {
+ Logger.info("Attribute: " + ROLES_FRIENDLY_NAME + " is only available in MOA-ID context");
+
+ }
+
+ return null;
+
+ }
+
+ @Override
+ public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) {
+ return g.buildEmptyAttribute(ROLES_FRIENDLY_NAME, ROLES_NAME);
+
+ }
+
+ @Override
+ public String getName() {
+ return ROLES_NAME;
+
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/exception/EhvdException.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/exception/EhvdException.java
new file mode 100644
index 000000000..f621d1bb4
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/exception/EhvdException.java
@@ -0,0 +1,19 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.exception;
+
+import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+
+public class EhvdException extends AuthenticationException {
+
+ private static final long serialVersionUID = 380654627005502948L;
+
+ public EhvdException(String messageId, Object[] parameters) {
+ super(messageId, parameters);
+
+ }
+
+ public EhvdException(String messageId, Object[] parameters, Throwable e) {
+ super(messageId, parameters, e);
+
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java
new file mode 100644
index 000000000..b165d05e2
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java
@@ -0,0 +1,321 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.service;
+
+import java.net.URL;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+import java.util.Optional;
+import java.util.Set;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+import javax.annotation.Nonnull;
+import javax.annotation.PostConstruct;
+import javax.xml.ws.BindingProvider;
+import javax.xml.ws.handler.Handler;
+import javax.xml.ws.soap.SOAPFaultException;
+
+import org.apache.commons.lang3.StringUtils;
+import org.apache.cxf.endpoint.Client;
+import org.apache.cxf.frontend.ClientProxy;
+import org.apache.cxf.transport.http.HTTPConduit;
+import org.apache.cxf.transports.http.configuration.ProxyServerType;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import com.google.common.collect.Sets;
+
+import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
+import at.gv.egiz.eaaf.core.exceptions.EAAFBuilderException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
+import at.gv.egiz.eaaf.core.impl.data.Pair;
+import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BPKBuilder;
+import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
+import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.EHVD;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.EHVDService;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaIndexResponse;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GetGdaDescriptors;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.InstanceIdentifier;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.exception.EhvdException;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.util.LoggingHandler;
+
+/**
+ * Implement interaction with EHVD service to get GDA information.
+ *
+ * @author tlenz
+ *
+ */
+public class EhvdCommunicationService implements IEhvdCommunication {
+
+ private static final String GDA_RESP_STATUS_ACTIVE = "Aktiv";
+
+ private static final String ERROR_EHVD_00 = "ehvd.00";
+ private static final String ERROR_EHVD_01 = "ehvd.01";
+ private static final String ERROR_EHVD_02 = "ehvd.02";
+ private static final String ERROR_EHVD_03 = "ehvd.03";
+ private static final String ERROR_EHVD_04 = "ehvd.04";
+ private static final String ERROR_CONFIG_05 = "config.05";
+
+ private static final Set<String> SERVICE_ERRORS_LOG_INFO = Sets.newHashSet("6002");
+
+ @Autowired
+ IConfiguration config;
+
+ private String ehvdBpkTarget;
+
+ private EHVD ehvdClient;
+ private Pattern ehvdRolePattern;
+
+ private List<String> ehvhPvpRoleList;
+
+ /**
+ * Get user's GDA roles from EHVD Service.
+ *
+ * @param identityLink IdentityLink of the user
+ * @return {@link List} of Roles that are received from EHVD
+ * @throws AuthenticationException In case of an EHVD communication error
+ * @throws EAAFBuilderException In case of a bPK generation error
+ */
+ @Override
+ @Nonnull
+ public EhvdResponseHolder getRoles(IIdentityLink identityLink) throws AuthenticationException,
+ EAAFBuilderException {
+
+ // get bPK for EHVD request
+ final Pair<String, String> ehvdBpk = BPKBuilder.generateAreaSpecificPersonIdentifier(
+ identityLink.getIdentificationValue(),
+ identityLink.getIdentificationType(),
+ ehvdBpkTarget);
+
+ // request EHVD and handle errors
+ final GdaIndexResponse gdaResp = requestingGda(ehvdBpk.getFirst());
+
+ // parse roles from response
+ return EhvdResponseHolder.getInstance(gdaResp.getGda(), parseGdaResponse(gdaResp));
+
+ }
+
+ @Nonnull
+ private GdaIndexResponse requestingGda(String bpk) throws EhvdException {
+ try {
+ final GetGdaDescriptors gdaReq = buildGdaRequest(bpk);
+ Logger.debug("Requesting EHVD to get GDA status ... ");
+ final GdaIndexResponse gdaResp = ehvdClient.getGDA(gdaReq);
+ Logger.debug("Receive GDA status. Starting response validation ... ");
+ return gdaResp;
+
+ } catch (final SOAPFaultException e) {
+ throw handleSoapFaultError(e);
+
+ } catch (final Exception e) {
+ Logger.error("EHVD communication failed with generic error: " + e.getMessage(), e);
+ throw new EhvdException(ERROR_EHVD_01, new Object[] {}, e);
+
+ }
+
+ }
+
+ private EhvdException handleSoapFaultError(SOAPFaultException e) {
+ // extract reason for this error
+ final String errorMsg = e.getFault() != null
+ ? StringUtils.isNotEmpty(e.getFault().getFaultString()) ? e.getFault().getFaultString()
+ : e.getMessage()
+ : e.getMessage();
+
+ if (SERVICE_ERRORS_LOG_INFO.stream()
+ .filter(el -> errorMsg.contains(el))
+ .findFirst()
+ .isPresent()) {
+ Logger.info("EHVD communication failed with SOAP response: " + errorMsg);
+ return new EhvdException(ERROR_EHVD_03, new Object[] { errorMsg });
+
+ } else {
+ Logger.warn("EHVD communication failed with SOAP response: " + errorMsg, e);
+ return new EhvdException(ERROR_EHVD_02, new Object[] { errorMsg });
+
+ }
+
+
+
+ }
+
+ private List<String> parseGdaResponse(GdaIndexResponse ehvdResp) throws EhvdException {
+ if (ehvdResp.getGda() != null) {
+ final GdaDescriptor gdaInfo = ehvdResp.getGda();
+ if (GDA_RESP_STATUS_ACTIVE.equals(gdaInfo.getStatus().getEhvdstatus())) {
+ Logger.debug("Find #" + gdaInfo.getRoles().getRole().size() + " roles");
+
+ // match roles with regex from configuration
+ final Optional<String> validGdaRole = gdaInfo.getRoles().getRole().stream()
+ .filter(el -> matchGdaRole(el))
+ .findFirst();
+
+ if (validGdaRole.isPresent()) {
+ Logger.info("Find valid GDA role: " + validGdaRole.get() + " Set PVP Role: "
+ + StringUtils.join(ehvhPvpRoleList, ",") + " into Session");
+
+ // set role into response
+ return ehvhPvpRoleList;
+
+ } else {
+ Logger.info("No valid GDA role in EHVD response");
+ throw new EhvdException(ERROR_EHVD_04, null);
+
+ }
+
+ } else {
+ Logger.info("GDA is marked as 'inactive'. Stopping process with an error ... ");
+ throw new EhvdException(ERROR_EHVD_00, null);
+
+ }
+
+ } else {
+ Logger.info("Receive empty GDA response");
+ throw new EhvdException(ERROR_EHVD_03, new Object[] {});
+
+ }
+ }
+
+ private boolean matchGdaRole(String role) {
+ final Matcher matcher = ehvdRolePattern.matcher(role);
+ final boolean matches = matcher.matches();
+ Logger.trace(matches ? "EHVD role: " + role + " matches"
+ : "EHVD role: " + role + " does not matche to pattern: " + matcher.toString());
+ return matches;
+
+ }
+
+ private GetGdaDescriptors buildGdaRequest(String bPK) {
+ final GetGdaDescriptors req = new GetGdaDescriptors();
+ final InstanceIdentifier gdaIdentifier = new InstanceIdentifier();
+ gdaIdentifier.setOidIssuingAuthority(PVPAttributeDefinitions.BPK_OID);
+ gdaIdentifier.setId(bPK);
+ req.setHcIdentifier(gdaIdentifier);
+ return req;
+
+ }
+
+ @PostConstruct
+ private void initialize() throws EAAFConfigurationException {
+ if (config.getBasicConfigurationBoolean(ConfigurationProperties.PROP_MODULE_ENABLED, false)) {
+ initializeEhvdClient();
+
+ // load EHVD bPK target
+ ehvdBpkTarget = config.getBasicConfiguration(
+ ConfigurationProperties.PROP_MODULE_SERVICE_TARGET,
+ ConfigurationProperties.DEFAULT_EHVD_SERVICE_TARGET);
+ Logger.info("Set-up EHVD Client with bPK target: " + ehvdBpkTarget);
+
+ // load Regex to match EHVD Roles to PVP Roles
+ final String ehvdRoleRegex = config.getBasicConfiguration(
+ ConfigurationProperties.PROP_MODULE_EHVD_ROLE_REGEX);
+ checkConfigPropertyNotNull(ehvdRoleRegex, ConfigurationProperties.PROP_MODULE_EHVD_ROLE_REGEX);
+ ehvdRolePattern = Pattern.compile(ehvdRoleRegex);
+
+ Logger.info("Set-up EHVD Client with Role regex: " + ehvdRolePattern.toString());
+
+ // load PVP Roles for EHVD integration
+ final String ehvdPvpRole = config.getBasicConfiguration(
+ ConfigurationProperties.PROP_MODULE_PVP_ROLE);
+ checkConfigPropertyNotNull(ehvdPvpRole, ConfigurationProperties.PROP_MODULE_PVP_ROLE);
+ ehvhPvpRoleList = KeyValueUtils.getListOfCSVValues(ehvdPvpRole);
+ Logger.info("Set-up EHVD module with PVP Role: " + StringUtils.join(ehvhPvpRoleList, ","));
+
+ } else {
+ Logger.info("Skipping EHVD client because it's not active");
+
+ }
+ }
+
+ private void checkConfigPropertyNotNull(String valueToCheck, String configPropName)
+ throws EAAFConfigurationException {
+ if (StringUtils.isEmpty(valueToCheck)) {
+ Logger.error("Missing configuration for EHVD module. "
+ + "(Property: " + configPropName + ")");
+ throw new EAAFConfigurationException(ERROR_CONFIG_05,
+ new Object[] { configPropName });
+
+ }
+
+ }
+
+ private void initializeEhvdClient() throws EAAFConfigurationException {
+ Logger.debug("Initializing EHVD client ... ");
+ final URL url = EhvdCommunicationService.class.getResource("/wsdl/eHVD.wsdl");
+ final EHVDService service = new EHVDService(url);
+ ehvdClient = service.getEHVDPort12();
+
+ // load service end-point URL from configuration
+ final String ehvdEndpointUrl = config.getBasicConfiguration(
+ ConfigurationProperties.PROP_MODULE_SERVICE_ENDPOINT);
+ if (StringUtils.isEmpty(ehvdEndpointUrl)) {
+ Logger.error("Missing configuration for EHVD WebService endpoint. "
+ + "(Property: " + ConfigurationProperties.PROP_MODULE_SERVICE_ENDPOINT + ")");
+ throw new EAAFConfigurationException(ERROR_CONFIG_05,
+ new Object[] { ConfigurationProperties.PROP_MODULE_SERVICE_ENDPOINT });
+
+ }
+
+ // inject service end-point URL
+ final Map<String, Object> requestContext = ((BindingProvider) ehvdClient).getRequestContext();
+ requestContext.put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, ehvdEndpointUrl);
+
+ // inject Logging handler
+ List<Handler> handlerList = ((BindingProvider) ehvdClient).getBinding().getHandlerChain();
+ if (handlerList == null) {
+ handlerList = new ArrayList<>();
+
+ }
+
+ handlerList.add(new LoggingHandler());
+ ((BindingProvider) ehvdClient).getBinding().setHandlerChain(handlerList);
+
+ Logger.info("Initialize EHVD Client with service end-point: " + ehvdEndpointUrl);
+
+ // these code is only for local testing
+ final String socksPort = config.getBasicConfiguration(
+ ConfigurationProperties.PROP_MODULE_PROXY_SOCKS_PORT);
+ if (StringUtils.isNotEmpty(socksPort)) {
+ Logger.warn("Injecting SOCKS5 Proxy for service communication!");
+ final Client client = ClientProxy.getClient(ehvdClient);
+ final HTTPConduit http = (HTTPConduit) client.getConduit();
+ http.getClient().setProxyServerType(ProxyServerType.SOCKS);
+ http.getClient().setProxyServer("127.0.0.1");
+ http.getClient().setProxyServerPort(Integer.valueOf(socksPort));
+
+ }
+ }
+
+ public static class EhvdResponseHolder {
+ final List<String> roles;
+ final GdaDescriptor fullGdaResponse;
+
+
+ public static EhvdResponseHolder getInstance(GdaDescriptor gdaInfo, List<String> processedRoles) {
+ return new EhvdResponseHolder(gdaInfo, processedRoles);
+
+ }
+
+ private EhvdResponseHolder(GdaDescriptor gdaInfo, List<String> processedRoles) {
+ this.roles = processedRoles;
+ this.fullGdaResponse = gdaInfo;
+
+ }
+
+ public List<String> getRoles() {
+ return roles;
+ }
+
+ public GdaDescriptor getFullGdaResponse() {
+ return fullGdaResponse;
+ }
+
+
+
+ }
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/IEhvdCommunication.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/IEhvdCommunication.java
new file mode 100644
index 000000000..6b7c7e2f5
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/IEhvdCommunication.java
@@ -0,0 +1,20 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.service;
+
+import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
+import at.gv.egiz.eaaf.core.exceptions.EAAFBuilderException;
+import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.service.EhvdCommunicationService.EhvdResponseHolder;
+
+public interface IEhvdCommunication {
+
+ /**
+ * Get user's GDA roles from EHVD Service.
+ *
+ * @param identityLink IdentityLink of the user
+ * @return {@link EhvdResponseHolder} that contains the Roles received from EHVD and the full GDA response
+ * @throws AuthenticationException In case of an EHVD communication error
+ * @throws EAAFBuilderException In case of a bPK generation error
+ */
+ EhvdResponseHolder getRoles(IIdentityLink identityLink) throws AuthenticationException, EAAFBuilderException;
+
+} \ No newline at end of file
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/task/InjectEhvdInformationTask.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/task/InjectEhvdInformationTask.java
new file mode 100644
index 000000000..ee5dbb2fd
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/task/InjectEhvdInformationTask.java
@@ -0,0 +1,109 @@
+/*
+ * Copyright 2021 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.auth.modules.ehvd.task;
+
+import java.util.List;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
+import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.service.EhvdCommunicationService.EhvdResponseHolder;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.service.IEhvdCommunication;
+import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
+import at.gv.egovernment.moa.logging.Logger;
+
+/**
+ * @author tlenz
+ *
+ */
+@Component("InjectEhvdInformationTask")
+public class InjectEhvdInformationTask extends AbstractAuthServletTask {
+
+ @Autowired
+ IEhvdCommunication ehvdService;
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask#execute(at.gv.
+ * egovernment.moa.id.process.api.ExecutionContext,
+ * javax.servlet.http.HttpServletRequest,
+ * javax.servlet.http.HttpServletResponse)
+ */
+ @Override
+ public void execute(ExecutionContext executionContext, HttpServletRequest request,
+ HttpServletResponse response)
+ throws TaskExecutionException {
+ try {
+ final AuthenticationSessionWrapper session = pendingReq.getSessionData(
+ AuthenticationSessionWrapper.class);
+
+ // validate internal state
+ validateInternalState(session);
+
+ // requesting roles from EHVD
+ final EhvdResponseHolder ehvdResponse = ehvdService.getRoles(session.getIdentityLink());
+
+ // inject EHVD roles
+ session.setGenericDataToSession(PVPAttributeDefinitions.ROLES_NAME,
+ StringUtils.join(ehvdResponse.getRoles(), ";"));
+
+ // inject full EHVD response
+ session.setGenericDataToSession(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX,
+ ehvdResponse.getFullGdaResponse());
+
+ // store MOASession into database
+ requestStoreage.storePendingRequest(pendingReq);
+
+ } catch (final MOAIDException e) {
+ throw new TaskExecutionException(pendingReq, e.getMessage(), e);
+
+ } catch (final Exception e) {
+ throw new TaskExecutionException(pendingReq, e.getMessage(), e);
+
+ }
+ }
+
+ private void validateInternalState(AuthenticationSessionWrapper session) throws AuthenticationException {
+ // check if identityLink is available
+ if (session.getIdentityLink() == null) {
+ Logger.error("No IdentityLink in session. There is an internal error in process definition");
+ throw new AuthenticationException("process.04", null);
+
+ }
+
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/DefaultAuth_with_ehvd_interaction.process.xml b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/DefaultAuth_with_ehvd_interaction.process.xml
new file mode 100644
index 000000000..2ff0d552f
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/DefaultAuth_with_ehvd_interaction.process.xml
@@ -0,0 +1,32 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<pd:ProcessDefinition id="DefaultAuthenticationWithEHVDInteraction" xmlns:pd="http://reference.e-government.gv.at/namespace/moa/process/definition/v1">
+
+ <!-- Tasks involved in this authentication flow -->
+ <pd:Task id="initializeBKUAuthentication" class="InitializeBKUAuthenticationTask" />
+ <pd:Task id="createIdentityLinkForm" class="CreateIdentityLinkFormTask" />
+ <pd:Task id="verifyIdentityLink" class="VerifyIdentityLinkTask" async="true" />
+ <pd:Task id="prepareAuthBlockSignature" class="PrepareAuthBlockSignatureTask" />
+ <pd:Task id="verifyAuthBlock" class="VerifyAuthenticationBlockTask" async="true" />
+
+ <pd:Task id="injectEhvdInformation" class="InjectEhvdInformationTask" />
+ <pd:Task id="userRestrictionTask" class="UserRestrictionTask" />
+
+ <pd:Task id="finalizeAuthentication" class="FinalizeAuthenticationTask" />
+
+
+ <!-- definition of the authentication flow -->
+ <pd:StartEvent id="start" />
+
+ <pd:Transition from="start" to="initializeBKUAuthentication" />
+ <pd:Transition from="initializeBKUAuthentication" to="createIdentityLinkForm" />
+ <pd:Transition from="createIdentityLinkForm" to="verifyIdentityLink" />
+ <pd:Transition from="verifyIdentityLink" to="prepareAuthBlockSignature" />
+ <pd:Transition from="prepareAuthBlockSignature" to="verifyAuthBlock" />
+ <pd:Transition from="verifyAuthBlock" to="userRestrictionTask" />
+ <pd:Transition from="userRestrictionTask" to="injectEhvdInformation" />
+ <pd:Transition from="injectEhvdInformation" to="finalizeAuthentication" />
+ <pd:Transition from="finalizeAuthentication" to="end" />
+
+ <pd:EndEvent id="end" />
+
+</pd:ProcessDefinition>
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider
new file mode 100644
index 000000000..6985f2b7d
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider
@@ -0,0 +1 @@
+at.gv.egovernment.moa.id.auth.modules.ehvd.EhvdServiceAuthSpringResourceProvider \ No newline at end of file
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder
new file mode 100644
index 000000000..44f8d26cf
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder
@@ -0,0 +1,5 @@
+at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.PvpRoleAttributeBuilder
+at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder
+at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdFirstnameAttributeBuilder
+at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdSurnameAttributeBuilder
+at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdIdAttributeBuilder
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/moaid_ehvd_service_auth.beans.xml b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/moaid_ehvd_service_auth.beans.xml
new file mode 100644
index 000000000..4ef523ec8
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/moaid_ehvd_service_auth.beans.xml
@@ -0,0 +1,23 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xmlns:tx="http://www.springframework.org/schema/tx"
+ xmlns:aop="http://www.springframework.org/schema/aop"
+ xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+ http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+ <bean id="ehvdServiceAuthModule" class="at.gv.egovernment.moa.id.auth.modules.ehvd.EhvdServiceAuthModule">
+ <property name="priority" value="4" />
+ </bean>
+
+ <bean id="ehvdCommunicationService"
+ class="at.gv.egovernment.moa.id.auth.modules.ehvd.service.EhvdCommunicationService"/>
+
+ <bean id="InjectEhvdInformationTask"
+ class="at.gv.egovernment.moa.id.auth.modules.ehvd.task.InjectEhvdInformationTask"
+ scope="prototype"/>
+
+</beans> \ No newline at end of file
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/id_messages.properties b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/id_messages.properties
new file mode 100644
index 000000000..b4a752a2d
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/id_messages.properties
@@ -0,0 +1,7 @@
+ehvd.00=Für den abgefragtem GDA liegt keine Berechtigung vor
+ehvd.01=Technischer Fehler bei der Abfrage von GDA Informationen. Ursache: {0}
+ehvd.02=Fehler bei der Abfrage von GDA Informationen. Ursache: {0}
+ehvd.03=Antwort des EHVD Service beinhaltet keine GDA Informationen
+ehvd.04=Keine gültige EHVD Role gefunden
+
+ehvd.99=Allgemeiner Fehler bei der Abfrage des EHVD Service
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/protocol_response_statuscodes.properties b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/protocol_response_statuscodes.properties
new file mode 100644
index 000000000..d3ba65c11
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/protocol_response_statuscodes.properties
@@ -0,0 +1,9 @@
+test.01=aabbccdd
+test.02=zzzyyyxxx
+
+ehvd.00=7000
+ehvd.01=7001
+ehvd.02=7001
+ehvd.03=7003
+ehvd.04=7002
+ehvd.99=7099 \ No newline at end of file
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/wsdl/eHVD.wsdl b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/wsdl/eHVD.wsdl
new file mode 100644
index 000000000..a1138f068
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/wsdl/eHVD.wsdl
@@ -0,0 +1,220 @@
+<?xml version="1.0" encoding="UTF-8"?><wsdl:definitions xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:tns="eHVD" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:mime="http://www.w3.org/2003/01/wsdl/mime" targetNamespace="eHVD">
+
+ <wsdl:documentation>
+ Service: eHVD
+ Version: 2
+ Owner: BRZ
+ </wsdl:documentation>
+
+ <wsdl:types>
+ <xs:schema xmlns:ehvd="eHVD" xmlns:jaxb="http://java.sun.com/xml/ns/jaxb" xmlns:xjc="http://java.sun.com/xml/ns/jaxb/xjc" xmlns:xs="http://www.w3.org/2001/XMLSchema" jaxb:extensionBindingPrefixes="xjc" jaxb:version="2.0" elementFormDefault="qualified" targetNamespace="eHVD" version="1.0">
+ <xs:annotation>
+ <xs:appinfo>
+ <jaxb:globalBindings>
+ <jaxb:serializable uid="1"/>
+ </jaxb:globalBindings>
+ </xs:appinfo>
+ </xs:annotation>
+
+ <xs:complexType name="InstanceIdentifier">
+ <xs:sequence>
+ <xs:element maxOccurs="1" minOccurs="0" name="oidIssuingAuthority" type="xs:string"/>
+ <xs:element maxOccurs="1" minOccurs="1" name="id" type="xs:string"/>
+ </xs:sequence>
+ </xs:complexType>
+
+ <xs:complexType name="InstanceIdentifierSearch">
+ <xs:sequence>
+ <xs:element maxOccurs="1" minOccurs="0" name="firstname" type="xs:string"/>
+ <xs:element maxOccurs="1" minOccurs="1" name="surname" type="xs:string"/>
+ <xs:element maxOccurs="1" minOccurs="0" name="rolecode" type="xs:string"/>
+ <xs:element maxOccurs="1" minOccurs="0" name="postcode" type="xs:string"/>
+ <xs:element maxOccurs="1" minOccurs="0" name="streetNumber" type="xs:string"/>
+ <xs:element maxOccurs="1" minOccurs="0" name="streetName" type="xs:string"/>
+ <xs:element maxOccurs="1" minOccurs="0" name="city" type="xs:string"/>
+ <xs:element maxOccurs="1" minOccurs="0" name="state" type="xs:string"/>
+ <xs:element maxOccurs="1" minOccurs="1" name="maxResults" type="xs:integer"/>
+ <xs:element maxOccurs="1" minOccurs="0" name="ehvdstatus" type="xs:string"/>
+ <xs:element maxOccurs="1" minOccurs="0" name="elgastatus" type="xs:string"/>
+ <xs:element maxOccurs="1" minOccurs="0" name="description" type="xs:string"/>
+ </xs:sequence>
+ </xs:complexType>
+
+ <xs:complexType name="GDAStatus">
+ <xs:sequence>
+ <xs:element maxOccurs="1" minOccurs="1" name="ehvdstatus" type="xs:string"/>
+ <xs:element maxOccurs="1" minOccurs="1" name="elgastatus" type="xs:string"/>
+ </xs:sequence>
+ </xs:complexType>
+
+ <xs:complexType name="GDARoles">
+ <xs:sequence>
+ <xs:element maxOccurs="unbounded" minOccurs="0" name="role" type="xs:string"/>
+ <xs:element maxOccurs="unbounded" minOccurs="0" name="elgaRole" type="xs:string"/>
+ <xs:element maxOccurs="unbounded" minOccurs="0" name="specialisation" type="xs:string"/>
+ </xs:sequence>
+ </xs:complexType>
+
+ <xs:complexType name="GdaAddress">
+ <xs:sequence>
+ <xs:element maxOccurs="1" minOccurs="0" name="streetNumber" type="xs:string"/>
+ <xs:element maxOccurs="1" minOccurs="0" name="streetName" type="xs:string"/>
+ <xs:element maxOccurs="1" minOccurs="0" name="city" type="xs:string"/>
+ <xs:element maxOccurs="1" minOccurs="0" name="state" type="xs:string"/>
+ <xs:element maxOccurs="1" minOccurs="0" name="zip" type="xs:string"/>
+ <xs:element maxOccurs="1" minOccurs="0" name="country" type="xs:string"/>
+ </xs:sequence>
+ </xs:complexType>
+
+ <xs:complexType name="GDARelationship">
+ <xs:sequence>
+ <xs:element maxOccurs="unbounded" minOccurs="0" name="memberof" type="xs:string"/>
+ <xs:element maxOccurs="unbounded" minOccurs="0" name="ownerof" type="xs:string"/>
+ </xs:sequence>
+ </xs:complexType>
+
+ <xs:complexType name="GDADBTimestamps">
+ <xs:sequence>
+ <xs:element maxOccurs="1" minOccurs="0" name="add" type="xs:string"/>
+ <xs:element maxOccurs="1" minOccurs="0" name="modify" type="xs:string"/>
+ </xs:sequence>
+ </xs:complexType>
+
+ <xs:complexType name="GdaDescriptor">
+ <xs:sequence>
+ <xs:element maxOccurs="1" minOccurs="1" name="id" type="ehvd:InstanceIdentifier"/>
+ <xs:element maxOccurs="unbounded" minOccurs="0" name="otherID" type="xs:string"/>
+ <xs:element maxOccurs="1" minOccurs="1" name="status" type="ehvd:GDAStatus"/>
+ <xs:element maxOccurs="1" minOccurs="0" name="firstname" type="xs:string"/>
+ <xs:element maxOccurs="1" minOccurs="1" name="surname" type="xs:string"/>
+ <xs:element maxOccurs="1" minOccurs="0" name="gender" type="xs:string"/>
+ <xs:element maxOccurs="1" minOccurs="0" name="title" type="xs:string"/>
+ <xs:element maxOccurs="unbounded" minOccurs="0" name="knownname" type="xs:string"/>
+ <xs:element maxOccurs="unbounded" minOccurs="0" name="address" type="ehvd:GdaAddress"/>
+ <xs:element maxOccurs="unbounded" minOccurs="1" name="description" type="xs:string"/>
+ <xs:element maxOccurs="1" minOccurs="1" name="roles" type="ehvd:GDARoles"/>
+ <xs:element maxOccurs="1" minOccurs="0" name="relations" type="ehvd:GDARelationship"/>
+ <xs:element maxOccurs="1" minOccurs="0" name="tel" type="xs:string"/>
+ <xs:element maxOccurs="1" minOccurs="0" name="fax" type="xs:string"/>
+ <xs:element maxOccurs="1" minOccurs="0" name="web" type="xs:string"/>
+ <xs:element maxOccurs="1" minOccurs="0" name="mail" type="xs:string"/>
+ <xs:element maxOccurs="1" minOccurs="1" name="timestamps" type="ehvd:GDADBTimestamps"/>
+ </xs:sequence>
+ </xs:complexType>
+
+ <xs:element name="GetGdaSearch">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element maxOccurs="1" minOccurs="1" name="hcIdentifierSearch" type="ehvd:InstanceIdentifierSearch"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name="GetGdaDescriptors">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element maxOccurs="1" minOccurs="1" name="hcIdentifier" type="ehvd:InstanceIdentifier"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name="GdaIndexResponse">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element maxOccurs="1" minOccurs="0" name="gda" type="ehvd:GdaDescriptor"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name="GdaIndexResponseList">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element maxOccurs="unbounded" minOccurs="0" name="gda" type="ehvd:GdaDescriptor"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+ </xs:schema>
+ </wsdl:types>
+
+ <wsdl:message name="GetGdaDescriptors">
+ <wsdl:part element="tns:GetGdaDescriptors" name="GetGdaDescriptors">
+ </wsdl:part>
+ </wsdl:message>
+
+ <wsdl:message name="GetGdaSearch">
+ <wsdl:part element="tns:GetGdaSearch" name="GetGdaSearch">
+ </wsdl:part>
+ </wsdl:message>
+
+
+ <wsdl:message name="GdaIndexResponse">
+ <wsdl:part element="tns:GdaIndexResponse" name="GdaIndexResponse">
+ </wsdl:part>
+ </wsdl:message>
+
+ <wsdl:message name="GdaIndexResponseList">
+ <wsdl:part element="tns:GdaIndexResponseList" name="GdaIndexResponseList">
+ </wsdl:part>
+ </wsdl:message>
+
+ <wsdl:portType name="eHVD">
+
+ <wsdl:documentation>eHVD Service Interfaces
+ </wsdl:documentation>
+
+ <wsdl:operation name="GetGDA">
+ <wsdl:input message="tns:GetGdaDescriptors" name="GetGdaDescriptors">
+ </wsdl:input>
+ <wsdl:output message="tns:GdaIndexResponse" name="GdaIndexResponse">
+ </wsdl:output>
+ </wsdl:operation>
+
+ <wsdl:operation name="GdaSearch">
+ <wsdl:input message="tns:GetGdaSearch" name="GetGdaSearch">
+ </wsdl:input>
+ <wsdl:output message="tns:GdaIndexResponseList" name="GdaIndexResponseList">
+ </wsdl:output>
+ </wsdl:operation>
+
+ </wsdl:portType>
+
+ <wsdl:binding name="eHVDSOAPBinding12" type="tns:eHVD">
+ <wsdl:documentation>SOAP 1.2 Binding</wsdl:documentation>
+
+ <soap12:binding transport="http://schemas.xmlsoap.org/soap/http" style="document"/>
+
+ <wsdl:operation name="GetGDA">
+ <soap12:operation soapAction="eHVD/GetGDA"/>
+ <wsdl:input name="GetGdaDescriptors">
+ <mime:content type="application/soap+xml"/>
+ <soap12:body use="literal"/>
+ </wsdl:input>
+ <wsdl:output name="GdaIndexResponse">
+ <soap12:body use="literal"/>
+ </wsdl:output>
+ </wsdl:operation>
+
+ <wsdl:operation name="GdaSearch">
+ <soap12:operation soapAction="eHVD/GdaSearch"/>
+ <wsdl:input name="GetGdaSearch">
+ <mime:content type="application/soap+xml"/>
+ <soap12:body use="literal"/>
+ </wsdl:input>
+ <wsdl:output name="GdaIndexResponseList">
+ <soap12:body use="literal"/>
+ </wsdl:output>
+ </wsdl:operation>
+
+ </wsdl:binding>
+
+ <wsdl:service name="eHVDService">
+ <wsdl:documentation>eHVD Service</wsdl:documentation>
+
+ <wsdl:port name="eHVDPort12" binding="tns:eHVDSOAPBinding12">
+ <soap12:address location="https://ehvdws.gesundheit.gv.at"/>
+ </wsdl:port>
+
+ </wsdl:service>
+
+</wsdl:definitions> \ No newline at end of file
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/BeanCreationTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/BeanCreationTest.java
new file mode 100644
index 000000000..91bf67b2d
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/BeanCreationTest.java
@@ -0,0 +1,39 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test;
+
+import static org.junit.Assert.assertNotNull;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egovernment.moa.id.auth.modules.ehvd.EhvdServiceAuthModule;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+ "/test_ehvd_service_auth_lazy.beans.xml" })
+public class BeanCreationTest {
+
+ @Autowired
+ DummyAuthConfigMap config;
+ @Autowired
+ ApplicationContext context;
+
+ @Before
+ public void initialize() {
+ // re-set config
+ config.putConfigValue("modules.ehvd.enabled", String.valueOf(false));
+
+ }
+
+ @Test
+ public void authModuleDeactivated() {
+ assertNotNull("AuthModule", context.getBean(EhvdServiceAuthModule.class));
+
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthModuleTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthModuleTest.java
new file mode 100644
index 000000000..4a7c98803
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthModuleTest.java
@@ -0,0 +1,101 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.api.data.EAAFConfigConstants;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.EhvdServiceAuthModule;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap;
+import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+ "/test_ehvd_service_auth.beans.xml" })
+public class EhvdServiceAuthModuleTest {
+
+ @Autowired DummyAuthConfigMap config;
+ @Autowired EhvdServiceAuthModule module;
+
+ private ExecutionContext context;
+ private TestRequestImpl pendingReq;
+ private Map<String, String> spConfigMap;
+
+ @Before
+ public void initialize() {
+ context = new ExecutionContextImpl();
+
+ spConfigMap = new HashMap<>();
+ spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphanumeric(10));
+
+ ISPConfiguration spConfig = new DummySPConfiguration(spConfigMap, config);
+ pendingReq = new TestRequestImpl();
+ pendingReq.setSpConfig(spConfig);
+
+ // re-set config
+ config.putConfigValue("modules.ehvd.enabled", String.valueOf(true));
+
+ context.put(MOAIDAuthConstants.PROCESSCONTEXT_PERFORM_BKUSELECTION, String.valueOf(false));
+ context.put(MOAIDAuthConstants.PARAM_BKU, RandomStringUtils.randomAlphabetic(5));
+
+ }
+
+ @Test
+ public void checkProcessDefinition() {
+ String[] def = module.getProcessDefinitions();
+
+ assertNotNull("no process definition", def);
+ Arrays.asList(def).stream().forEach(
+ el -> EhvdServiceAuthModuleTest.class.getResourceAsStream(el));
+
+ }
+
+ @Test
+ public void bkuSelectionActiv() {
+ context.put(MOAIDAuthConstants.PROCESSCONTEXT_PERFORM_BKUSELECTION, String.valueOf(true));
+
+ assertNull("wrong authModule selected", module.selectProcess(context, pendingReq));
+
+ }
+
+ @Test
+ public void deactivated() {
+ config.putConfigValue("modules.ehvd.enabled", String.valueOf(false));
+
+ assertNull("wrong authModule selected", module.selectProcess(context, pendingReq));
+
+ }
+
+ @Test
+ public void unknownServiceProvider() {
+ assertNull("wrong authModule selected", module.selectProcess(context, pendingReq));
+
+ }
+
+ @Test
+ public void allowedServiceProviderAndRequested() {
+ spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, "yyasdfasfsa2323");
+
+ assertEquals("wrong authmethod identifier", "DefaultAuthenticationWithEHVDInteraction",
+ module.selectProcess(context, pendingReq));
+
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthSpringResourceProviderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthSpringResourceProviderTest.java
new file mode 100644
index 000000000..b584e8753
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthSpringResourceProviderTest.java
@@ -0,0 +1,56 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+import org.apache.commons.io.IOUtils;
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.BlockJUnit4ClassRunner;
+import org.springframework.core.io.Resource;
+
+import at.gv.egovernment.moa.id.auth.modules.ehvd.EhvdServiceAuthSpringResourceProvider;
+
+
+
+@RunWith(BlockJUnit4ClassRunner.class)
+public class EhvdServiceAuthSpringResourceProviderTest {
+
+ @Test
+ public void testSpringConfig() {
+ final EhvdServiceAuthSpringResourceProvider test =
+ new EhvdServiceAuthSpringResourceProvider();
+ for (final Resource el : test.getResourcesToLoad()) {
+ try {
+ IOUtils.toByteArray(el.getInputStream());
+
+ } catch (final IOException e) {
+ Assert.fail("Ressouce: " + el.getFilename() + " not found");
+ }
+
+ }
+
+ Assert.assertNotNull("no Name", test.getName());
+ Assert.assertNull("Find package definitions", test.getPackagesToScan());
+
+ }
+
+ @Test
+ public void testSpILoaderConfig() {
+ final InputStream el = this.getClass().getResourceAsStream(
+ "/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider");
+ try {
+ final String spiFile = IOUtils.toString(el, "UTF-8");
+
+ Assert.assertEquals("Wrong classpath in SPI file",
+ EhvdServiceAuthSpringResourceProvider.class.getName(), spiFile);
+
+
+ } catch (final IOException e) {
+ Assert.fail("Ressouce: '/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider' not found");
+
+ }
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/AbstractEhvdAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/AbstractEhvdAttributeBuilderTest.java
new file mode 100644
index 000000000..b1ac7d99a
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/AbstractEhvdAttributeBuilderTest.java
@@ -0,0 +1,97 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+
+import java.util.Collections;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Before;
+import org.junit.Test;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
+import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData;
+import at.gv.egiz.eaaf.core.impl.idp.builder.SimpleStringAttributeGenerator;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration;
+import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PVPAttributeBuilder;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaAddress;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+
+public abstract class AbstractEhvdAttributeBuilderTest {
+
+ @Autowired
+ protected IConfiguration basicConfig;
+
+ protected DummySPConfiguration oaParam;
+ protected AuthenticationData authData;
+ protected IAttributeGenerator<String> g = new SimpleStringAttributeGenerator();
+
+ protected abstract String expectedAttrName();
+ protected abstract IAttributeBuilder getAttributeBuilderUnderTest();
+
+ protected GdaAddress generateAddress(String zip, String state) {
+ GdaAddress addr = new GdaAddress();
+ addr.setZip(zip);
+ addr.setState(state);
+ return addr;
+
+ }
+
+ @Before
+ public void initialize() {
+ oaParam = new DummySPConfiguration(Collections.emptyMap(), basicConfig);
+ authData = new AuthenticationData();
+
+ }
+
+ @Test
+ public void checkAttributeRegistration() {
+ assertNotNull("Attribute: " + expectedAttrName() + " not registrated",
+ PVPAttributeBuilder.getAttributeBuilder(expectedAttrName()));
+
+ }
+
+ @Test
+ public void checkName() {
+ assertEquals("wrong attr. name", expectedAttrName(), getAttributeBuilderUnderTest().getName());
+
+ }
+
+ @Test
+ public void checkEmptyAttribute() {
+ assertNull("wrong empty attr.", getAttributeBuilderUnderTest().buildEmpty(g));
+
+ }
+
+ @Test
+ public void noGdaInfos() throws AttributeBuilderException {
+ IAuthData authData = new AuthenticationData();
+ assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g));
+
+ }
+
+ @Test
+ public void wrongGdaInfos() throws AttributeBuilderException, EAAFStorageException {
+ AuthenticationData authData = new AuthenticationData();
+ authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, RandomStringUtils.randomAlphabetic(10));
+ assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g));
+
+ }
+
+ @Test
+ public void emptyGdaInfos() throws AttributeBuilderException, EAAFStorageException {
+ AuthenticationData authData = new AuthenticationData();
+ authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, new GdaDescriptor());
+ assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g));
+
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdAddressStateAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdAddressStateAttributeBuilderTest.java
new file mode 100644
index 000000000..d342d331b
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdAddressStateAttributeBuilderTest.java
@@ -0,0 +1,106 @@
+//package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes;
+//
+//import static org.junit.Assert.assertEquals;
+//import static org.junit.Assert.assertNull;
+//
+//import org.apache.commons.lang3.RandomStringUtils;
+//import org.junit.Test;
+//import org.junit.runner.RunWith;
+//import org.springframework.test.context.ContextConfiguration;
+//import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+//
+//import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+//import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+//import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdAddressStateAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdAddressZipcodeAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdFirstnameAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdOtherIdAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdSurnameAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaAddress;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.InstanceIdentifier;
+//
+//@RunWith(SpringJUnit4ClassRunner.class)
+//@ContextConfiguration({
+// "/test_ehvd_service_auth.beans.xml" })
+//public class EhvdAddressStateAttributeBuilderTest extends AbstractEhvdAttributeBuilderTest {
+//
+// @Override
+// protected String expectedAttrName() {
+// return "urn:brzgvat:attributes.ehvd.state";
+//
+// }
+//
+// @Override
+// protected IAttributeBuilder getAttributeBuilderUnderTest() {
+// return new EhvdAddressStateAttributeBuilder();
+//
+// }
+//
+// @Test
+// public void checkMissing() throws EAAFStorageException, AttributeBuilderException {
+// final GdaDescriptor gdaInfo = new GdaDescriptor();
+// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+// assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+// }
+//
+// @Test
+// public void singleAddress() throws EAAFStorageException, AttributeBuilderException {
+// String state = RandomStringUtils.randomAlphabetic(5);
+// final GdaDescriptor gdaInfo = new GdaDescriptor();
+// gdaInfo.getAddress().add(generateAddress(RandomStringUtils.randomNumeric(5), state));
+//
+// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+// assertEquals("wrong empty attr.", state,
+// getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+// }
+//
+// @Test
+// public void multiAddress() throws EAAFStorageException, AttributeBuilderException {
+// String state1 = RandomStringUtils.randomAlphabetic(4);
+// String state2 = RandomStringUtils.randomAlphabetic(4);
+// final GdaDescriptor gdaInfo = new GdaDescriptor();
+// gdaInfo.getAddress().add(generateAddress(RandomStringUtils.randomNumeric(4), state1));
+// gdaInfo.getAddress().add(generateAddress(RandomStringUtils.randomNumeric(4), state2));
+//
+// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+// assertEquals("wrong empty attr.", state1 + "|" + state2,
+// getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+// }
+//
+// @Test
+// public void multiAddressNullBefore() throws EAAFStorageException, AttributeBuilderException {
+// String state1 = null;
+// String state2 = RandomStringUtils.randomAlphabetic(4);
+// final GdaDescriptor gdaInfo = new GdaDescriptor();
+// gdaInfo.getAddress().add(generateAddress(RandomStringUtils.randomNumeric(4), state1));
+// gdaInfo.getAddress().add(generateAddress(RandomStringUtils.randomNumeric(4), state2));
+//
+// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+// assertEquals("wrong empty attr.", "|" + state2,
+// getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+// }
+//
+// @Test
+// public void multiAddressNullAfter() throws EAAFStorageException, AttributeBuilderException {
+// String state1 = RandomStringUtils.randomAlphabetic(4);
+// String state2 = null;
+// final GdaDescriptor gdaInfo = new GdaDescriptor();
+// gdaInfo.getAddress().add(generateAddress(RandomStringUtils.randomNumeric(4), state1));
+// gdaInfo.getAddress().add(generateAddress(RandomStringUtils.randomNumeric(4), state2));
+//
+// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+// assertEquals("wrong empty attr.", state1 + "|",
+// getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+// }
+//
+//
+//}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdAddressZipAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdAddressZipAttributeBuilderTest.java
new file mode 100644
index 000000000..69d17f8c3
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdAddressZipAttributeBuilderTest.java
@@ -0,0 +1,107 @@
+//package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes;
+//
+//import static org.junit.Assert.assertEquals;
+//import static org.junit.Assert.assertNull;
+//
+//import org.apache.commons.lang3.RandomStringUtils;
+//import org.junit.Test;
+//import org.junit.runner.RunWith;
+//import org.springframework.test.context.ContextConfiguration;
+//import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+//
+//import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+//import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+//import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdAddressZipcodeAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdFirstnameAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdOtherIdAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdSurnameAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaAddress;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.InstanceIdentifier;
+//
+//@RunWith(SpringJUnit4ClassRunner.class)
+//@ContextConfiguration({
+// "/test_ehvd_service_auth.beans.xml" })
+//public class EhvdAddressZipAttributeBuilderTest extends AbstractEhvdAttributeBuilderTest {
+//
+// @Override
+// protected String expectedAttrName() {
+// return "urn:brzgvat:attributes.ehvd.zip";
+//
+// }
+//
+// @Override
+// protected IAttributeBuilder getAttributeBuilderUnderTest() {
+// return new EhvdAddressZipcodeAttributeBuilder();
+//
+// }
+//
+// @Test
+// public void checkMissing() throws EAAFStorageException, AttributeBuilderException {
+// final GdaDescriptor gdaInfo = new GdaDescriptor();
+// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+// assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+// }
+//
+// @Test
+// public void singleAddress() throws EAAFStorageException, AttributeBuilderException {
+// String zip = RandomStringUtils.randomNumeric(4);
+// final GdaDescriptor gdaInfo = new GdaDescriptor();
+// gdaInfo.getAddress().add(generateAddress(
+// zip,
+// RandomStringUtils.randomAlphabetic(5)));
+//
+// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+// assertEquals("wrong empty attr.", zip,
+// getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+// }
+//
+// @Test
+// public void multiAddress() throws EAAFStorageException, AttributeBuilderException {
+// String zip1 = RandomStringUtils.randomNumeric(4);
+// String zip2 = RandomStringUtils.randomNumeric(4);
+// final GdaDescriptor gdaInfo = new GdaDescriptor();
+// gdaInfo.getAddress().add(generateAddress(zip1, RandomStringUtils.randomAlphabetic(5)));
+// gdaInfo.getAddress().add(generateAddress(zip2, RandomStringUtils.randomAlphabetic(5)));
+//
+// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+// assertEquals("wrong empty attr.", zip1 + "|" + zip2,
+// getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+// }
+//
+// @Test
+// public void multiAddressNullBefore() throws EAAFStorageException, AttributeBuilderException {
+// String zip1 = null;
+// String zip2 = RandomStringUtils.randomNumeric(4);
+// final GdaDescriptor gdaInfo = new GdaDescriptor();
+// gdaInfo.getAddress().add(generateAddress(zip1, RandomStringUtils.randomAlphabetic(5)));
+// gdaInfo.getAddress().add(generateAddress(zip2, RandomStringUtils.randomAlphabetic(5)));
+//
+// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+// assertEquals("wrong empty attr.", "|" + zip2,
+// getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+// }
+//
+// @Test
+// public void multiAddressNullAfter() throws EAAFStorageException, AttributeBuilderException {
+// String zip1 = RandomStringUtils.randomNumeric(4);
+// String zip2 = null;
+// final GdaDescriptor gdaInfo = new GdaDescriptor();
+// gdaInfo.getAddress().add(generateAddress(zip1, RandomStringUtils.randomAlphabetic(5)));
+// gdaInfo.getAddress().add(generateAddress(zip2, RandomStringUtils.randomAlphabetic(5)));
+//
+// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+// assertEquals("wrong empty attr.", zip1 + "|",
+// getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+// }
+//
+//
+//}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdFirstnameAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdFirstnameAttributeBuilderTest.java
new file mode 100644
index 000000000..66f1b5028
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdFirstnameAttributeBuilderTest.java
@@ -0,0 +1,47 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes;
+
+import static org.junit.Assert.assertEquals;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdFirstnameAttributeBuilder;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+ "/test_ehvd_service_auth.beans.xml" })
+public class EhvdFirstnameAttributeBuilderTest extends AbstractEhvdAttributeBuilderTest {
+
+ @Override
+ protected String expectedAttrName() {
+ return "urn:brzgvat:attributes.ehvd.firstname";
+
+ }
+
+ @Override
+ protected IAttributeBuilder getAttributeBuilderUnderTest() {
+ return new EhvdFirstnameAttributeBuilder();
+
+ }
+
+ @Test
+ public void checkValid() throws EAAFStorageException, AttributeBuilderException {
+ final GdaDescriptor gdaInfo = new GdaDescriptor();
+ gdaInfo.setFirstname(RandomStringUtils.randomAlphabetic(5));
+
+ authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+ assertEquals("wrong empty attr.", gdaInfo.getFirstname(),
+ getAttributeBuilderUnderTest().build(oaParam, authData, g));
+
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdIdAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdIdAttributeBuilderTest.java
new file mode 100644
index 000000000..db73f9191
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdIdAttributeBuilderTest.java
@@ -0,0 +1,64 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNull;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdFirstnameAttributeBuilder;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdIdAttributeBuilder;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdSurnameAttributeBuilder;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.InstanceIdentifier;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+ "/test_ehvd_service_auth.beans.xml" })
+public class EhvdIdAttributeBuilderTest extends AbstractEhvdAttributeBuilderTest {
+
+ @Override
+ protected String expectedAttrName() {
+ return "urn:brzgvat:attributes.ehvd.id";
+
+ }
+
+ @Override
+ protected IAttributeBuilder getAttributeBuilderUnderTest() {
+ return new EhvdIdAttributeBuilder();
+
+ }
+
+ @Test
+ public void checkMissingId() throws EAAFStorageException, AttributeBuilderException {
+ final GdaDescriptor gdaInfo = new GdaDescriptor();
+ InstanceIdentifier id = new InstanceIdentifier();
+ gdaInfo.setId(id );
+
+ authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+ assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g));
+
+ }
+
+ @Test
+ public void checkValid() throws EAAFStorageException, AttributeBuilderException {
+ final GdaDescriptor gdaInfo = new GdaDescriptor();
+ InstanceIdentifier id = new InstanceIdentifier();
+ id.setId(RandomStringUtils.randomAlphabetic(5));
+ gdaInfo.setId(id );
+
+ authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+ assertEquals("wrong empty attr.", id.getId(),
+ getAttributeBuilderUnderTest().build(oaParam, authData, g));
+
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdOtherIdAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdOtherIdAttributeBuilderTest.java
new file mode 100644
index 000000000..bce8924d9
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdOtherIdAttributeBuilderTest.java
@@ -0,0 +1,86 @@
+//package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes;
+//
+//import static org.junit.Assert.assertEquals;
+//import static org.junit.Assert.assertNull;
+//
+//import org.apache.commons.lang3.RandomStringUtils;
+//import org.junit.Test;
+//import org.junit.runner.RunWith;
+//import org.springframework.test.context.ContextConfiguration;
+//import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+//
+//import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+//import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+//import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdFirstnameAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdOtherIdAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdSurnameAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.InstanceIdentifier;
+//
+//@RunWith(SpringJUnit4ClassRunner.class)
+//@ContextConfiguration({
+// "/test_ehvd_service_auth.beans.xml" })
+//public class EhvdOtherIdAttributeBuilderTest extends AbstractEhvdAttributeBuilderTest {
+//
+// @Override
+// protected String expectedAttrName() {
+// return "urn:brzgvat:attributes.ehvd.otherid";
+//
+// }
+//
+// @Override
+// protected IAttributeBuilder getAttributeBuilderUnderTest() {
+// return new EhvdOtherIdAttributeBuilder();
+//
+// }
+//
+// @Test
+// public void checkMissingId() throws EAAFStorageException, AttributeBuilderException {
+// final GdaDescriptor gdaInfo = new GdaDescriptor();
+// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+// assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+// }
+//
+// @Test
+// public void checkWrongId() throws EAAFStorageException, AttributeBuilderException {
+// final GdaDescriptor gdaInfo = new GdaDescriptor();
+// gdaInfo.getOtherID().add(RandomStringUtils.randomAlphabetic(10));
+//
+// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+// assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+// }
+//
+// @Test
+// public void checkValidRandom() throws EAAFStorageException, AttributeBuilderException {
+// String value = RandomStringUtils.randomAlphabetic(5);
+// final GdaDescriptor gdaInfo = new GdaDescriptor();
+// gdaInfo.getOtherID().add(RandomStringUtils.randomAlphabetic(10));
+// gdaInfo.getOtherID().add("1.2.40.0.34.4.18:" + value);
+//
+//
+// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+// assertEquals("wrong empty attr.", value,
+// getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+// }
+//
+// @Test
+// public void checkValidBrzReal() throws EAAFStorageException, AttributeBuilderException {
+// final GdaDescriptor gdaInfo = new GdaDescriptor();
+// gdaInfo.getOtherID().add(RandomStringUtils.randomAlphabetic(10));
+// gdaInfo.getOtherID().add("1.2.40.0.34.4.18:1234-12");
+// gdaInfo.getOtherID().add("1.2.40.0.34.4.17:aabbccdd");
+//
+//
+// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+// assertEquals("wrong empty attr.", "1234-12",
+// getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+// }
+//
+//}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdSurnameAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdSurnameAttributeBuilderTest.java
new file mode 100644
index 000000000..af9e60cb7
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdSurnameAttributeBuilderTest.java
@@ -0,0 +1,48 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes;
+
+import static org.junit.Assert.assertEquals;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdFirstnameAttributeBuilder;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdSurnameAttributeBuilder;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+ "/test_ehvd_service_auth.beans.xml" })
+public class EhvdSurnameAttributeBuilderTest extends AbstractEhvdAttributeBuilderTest {
+
+ @Override
+ protected String expectedAttrName() {
+ return "urn:brzgvat:attributes.ehvd.surname";
+
+ }
+
+ @Override
+ protected IAttributeBuilder getAttributeBuilderUnderTest() {
+ return new EhvdSurnameAttributeBuilder();
+
+ }
+
+ @Test
+ public void checkValid() throws EAAFStorageException, AttributeBuilderException {
+ final GdaDescriptor gdaInfo = new GdaDescriptor();
+ gdaInfo.setSurname(RandomStringUtils.randomAlphabetic(5));
+
+ authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+ assertEquals("wrong empty attr.", gdaInfo.getSurname(),
+ getAttributeBuilderUnderTest().build(oaParam, authData, g));
+
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdTitelAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdTitelAttributeBuilderTest.java
new file mode 100644
index 000000000..2863c3508
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdTitelAttributeBuilderTest.java
@@ -0,0 +1,46 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes;
+
+import static org.junit.Assert.assertEquals;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+ "/test_ehvd_service_auth.beans.xml" })
+public class EhvdTitelAttributeBuilderTest extends AbstractEhvdAttributeBuilderTest {
+
+ @Override
+ protected String expectedAttrName() {
+ return "urn:brzgvat:attributes.ehvd.title";
+
+ }
+
+ @Override
+ protected IAttributeBuilder getAttributeBuilderUnderTest() {
+ return new EhvdTitelAttributeBuilder();
+
+ }
+
+ @Test
+ public void checkTitelValid() throws EAAFStorageException, AttributeBuilderException {
+ final GdaDescriptor gdaInfo = new GdaDescriptor();
+ gdaInfo.setTitle(RandomStringUtils.randomAlphabetic(5));
+
+ authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+ assertEquals("wrong empty attr.", gdaInfo.getTitle(),
+ getAttributeBuilderUnderTest().build(oaParam, authData, g));
+
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/PvpRoleAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/PvpRoleAttributeBuilderTest.java
new file mode 100644
index 000000000..624abff5f
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/PvpRoleAttributeBuilderTest.java
@@ -0,0 +1,159 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.BlockJUnit4ClassRunner;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData;
+import at.gv.egiz.eaaf.core.impl.idp.builder.SimpleStringAttributeGenerator;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration;
+import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PVPAttributeBuilder;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.PvpRoleAttributeBuilder;
+import at.gv.egovernment.moa.id.data.AuthenticationRole;
+import at.gv.egovernment.moa.id.data.AuthenticationRoleFactory;
+import at.gv.egovernment.moa.id.data.MOAAuthenticationData;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+ "/test_ehvd_service_auth.beans.xml" })
+public class PvpRoleAttributeBuilderTest {
+
+ @Autowired
+ private IConfiguration basicConfig;
+
+ private PvpRoleAttributeBuilder toTest = new PvpRoleAttributeBuilder();
+ private IAttributeGenerator<String> g = new SimpleStringAttributeGenerator();
+ private ISPConfiguration oaParam;
+
+
+ @Before
+ public void initialize() {
+ oaParam = new DummySPConfiguration(Collections.emptyMap(), basicConfig);
+
+ }
+
+ @Test
+ public void checkAttributeRegistration() {
+ assertNotNull("Attribute: urn:oid:1.2.40.0.10.2.1.1.261.30 not registrated",
+ PVPAttributeBuilder.getAttributeBuilder("urn:oid:1.2.40.0.10.2.1.1.261.30"));
+
+ }
+
+ @Test
+ public void checkName() {
+ assertEquals("wrong attr. name", "urn:oid:1.2.40.0.10.2.1.1.261.30", toTest.getName());
+
+ }
+
+ @Test
+ public void checkEmptyAttribute() {
+ assertNull("wrong empty attr.", toTest.buildEmpty(g));
+
+ }
+
+ @Test
+ public void wrongAuthData() throws AttributeBuilderException {
+ IAuthData authData = new AuthenticationData();
+ assertNull("wrong attr. value", toTest.build(oaParam, authData, g));
+
+ }
+
+ @Test
+ public void noRoles() throws AttributeBuilderException {
+ IAuthData authData = generateAuthData(null);
+ assertNull("wrong attr. value", toTest.build(oaParam, authData, g));
+
+ }
+
+ @Test
+ public void emptyRoles() throws AttributeBuilderException {
+ IAuthData authData = generateAuthData(Collections.emptyList());
+ assertNull("wrong attr. value", toTest.build(oaParam, authData, g));
+
+ }
+
+ @Test
+ public void randomRoles() throws AttributeBuilderException {
+ String role1 = RandomStringUtils.randomAlphabetic(5);
+ String role2 = RandomStringUtils.randomAlphabetic(5);
+ String role3 = RandomStringUtils.randomAlphabetic(5);
+ String role4 = RandomStringUtils.randomAlphabetic(5);
+
+ IAuthData authData = generateAuthData(Arrays.asList(
+ new AuthenticationRole(role1, role1),
+ new AuthenticationRole(role2, role2),
+ new AuthenticationRole(role3, role3 + "()"),
+ new AuthenticationRole(role4, role4 + "(\"aaa\"=\"bbb\")")
+ ));
+
+ // perform test
+ String attrValue = toTest.build(oaParam, authData, g);
+
+ // validate state
+ assertNotNull("wrong attr. value", attrValue);
+ assertFalse("List delimiter after last element" ,attrValue.endsWith(";"));
+
+
+ String[] el = attrValue.split(";");
+ assertEquals("wrong role count", 4, el.length);
+ assertEquals("wrong 1. role", role1, el[0]);
+ assertEquals("wrong 2. role", role2, el[1]);
+ assertEquals("wrong 3. role", role3 + "()", el[2]);
+ assertEquals("wrong 4. role", role4 + "(\"aaa\"=\"bbb\")", el[3]);
+
+
+ }
+
+ @Test
+ public void brzProductionRole() throws AttributeBuilderException {
+
+ IAuthData authData = generateAuthData(Arrays.asList(
+ AuthenticationRoleFactory.buildFormPVPole("EPI-GDA()")));
+
+ // perform test
+ String attrValue = toTest.build(oaParam, authData, g);
+
+ // validate state
+ assertNotNull("wrong attr. value", attrValue);
+ assertFalse("List delimiter after last element" ,attrValue.endsWith(";"));
+
+
+ String[] el = attrValue.split(";");
+ assertEquals("wrong role count", 1, el.length);
+ assertEquals("wrong 1. role", "EPI-GDA()", el[0]);
+
+ assertEquals("wrong role attr. value", "EPI-GDA()", attrValue);
+
+ }
+
+ private IAuthData generateAuthData(List<AuthenticationRole> roles) {
+ MOAAuthenticationData authData = new MOAAuthenticationData(null);
+ if (roles != null) {
+ roles.forEach(el -> authData.addAuthenticationRole(el));
+
+ }
+
+ return authData;
+
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/DummyAuthConfigMap.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/DummyAuthConfigMap.java
new file mode 100644
index 000000000..865cf7157
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/DummyAuthConfigMap.java
@@ -0,0 +1,136 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.URI;
+import java.net.URL;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Properties;
+
+import org.apache.commons.lang3.StringUtils;
+
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
+import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
+
+/**
+ * Dummy Application-configuration implementation for jUnit tests.
+ *
+ * @author tlenz
+ *
+ */
+public class DummyAuthConfigMap implements IConfigurationWithSP {
+
+ private Map<String, String> config = new HashMap<>();
+
+ public DummyAuthConfigMap() {
+
+ }
+
+ /**
+ * Dummy Application-configuration.
+ *
+ * @param configIs Property based configuration
+ * @throws IOException In case of an configuration read error
+ */
+ public DummyAuthConfigMap(final InputStream configIs) throws IOException {
+
+ final Properties props = new Properties();
+ props.load(configIs);
+
+ config = KeyValueUtils.convertPropertiesToMap(props);
+
+ }
+
+ /**
+ * Dummy Application-configuration.
+ *
+ * @param path Path to property based configuration
+ * @throws IOException In case of an configuration read error
+ */
+ public DummyAuthConfigMap(final String path) throws IOException {
+
+ final Properties props = new Properties();
+ props.load(this.getClass().getResourceAsStream(path));
+
+ config = KeyValueUtils.convertPropertiesToMap(props);
+
+ }
+
+
+ @Override
+ public String getBasicConfiguration(final String key) {
+ return config.get(key);
+
+ }
+
+ @Override
+ public String getBasicConfiguration(final String key, final String defaultValue) {
+ final String value = getBasicConfiguration(key);
+ if (StringUtils.isEmpty(value)) {
+ return defaultValue;
+ } else {
+ return value;
+ }
+
+ }
+
+ @Override
+ public Boolean getBasicConfigurationBoolean(final String key) {
+ final String value = getBasicConfiguration(key);
+ if (StringUtils.isEmpty(value)) {
+ return false;
+ } else {
+ return Boolean.valueOf(value);
+ }
+ }
+
+ @Override
+ public boolean getBasicConfigurationBoolean(final String key, final boolean defaultValue) {
+ return Boolean.parseBoolean(getBasicConfiguration(key, String.valueOf(defaultValue)));
+
+ }
+
+ @Override
+ public Map<String, String> getBasicConfigurationWithPrefix(final String prefix) {
+ return KeyValueUtils.getSubSetWithPrefix(config, prefix);
+
+ }
+
+ @Override
+ public ISPConfiguration getServiceProviderConfiguration(final String uniqueID)
+ throws EAAFConfigurationException {
+ return null;
+ }
+
+ @Override
+ public <T> T getServiceProviderConfiguration(final String spIdentifier, final Class<T> decorator)
+ throws EAAFConfigurationException {
+ return null;
+ }
+
+ @Override
+ public URI getConfigurationRootDirectory() {
+ return new java.io.File(".").toURI();
+
+ }
+
+ @Override
+ public String validateIDPURL(final URL authReqUrl) throws EAAFException {
+ return null;
+ }
+
+ public void putConfigValue(final String key, final String value) {
+ config.put(key, value);
+ }
+
+ public void removeConfigValue(final String key) {
+ config.remove(key);
+
+ }
+
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/TestUtils.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/TestUtils.java
new file mode 100644
index 000000000..9ab52a27e
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/TestUtils.java
@@ -0,0 +1,150 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy;
+
+import java.io.IOException;
+import java.security.PublicKey;
+
+import javax.xml.transform.TransformerException;
+
+import org.w3c.dom.Element;
+
+import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
+
+public class TestUtils {
+
+ public static IIdentityLink generateDummyIdl(String baseId, String baseIdType) {
+ return new IIdentityLink() {
+
+ @Override
+ public void setSamlAssertion(Element samlAssertion) throws TransformerException, IOException {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void setPublicKey(PublicKey[] publicKey) {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void setPrPerson(Element prPerson) {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void setIssueInstant(String issueInstant) {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void setIdentificationValue(String identificationValue) {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void setIdentificationType(String identificationType) {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void setGivenName(String givenName) {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void setFamilyName(String familyName) {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void setDsigReferenceTransforms(Element[] dsigReferenceTransforms) {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void setDateOfBirth(String dateOfBirth) {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public String getSerializedSamlAssertion() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Element getSamlAssertion() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public PublicKey[] getPublicKey() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Element getPrPerson() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getName() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getIssueInstant() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getIdentificationValue() {
+ return baseId;
+
+ }
+
+ @Override
+ public String getIdentificationType() {
+ return baseIdType;
+
+ }
+
+ @Override
+ public String getGivenName() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getFamilyName() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Element[] getDsigReferenceTransforms() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getDateOfBirth() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+ };
+ }
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java
new file mode 100644
index 000000000..8bccefc8d
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java
@@ -0,0 +1,171 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.tasks;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.fail;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.when;
+
+import java.net.SocketTimeoutException;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Locale;
+import java.util.Map;
+
+import javax.xml.namespace.QName;
+import javax.xml.soap.Detail;
+import javax.xml.soap.Name;
+import javax.xml.soap.SOAPElement;
+import javax.xml.soap.SOAPException;
+import javax.xml.soap.SOAPFault;
+import javax.xml.ws.soap.SOAPFaultException;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.annotation.IfProfileValue;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.util.Assert;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+import org.w3c.dom.Attr;
+import org.w3c.dom.DOMException;
+import org.w3c.dom.Document;
+import org.w3c.dom.NamedNodeMap;
+import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
+import org.w3c.dom.TypeInfo;
+import org.w3c.dom.UserDataHandler;
+
+import com.github.skjolber.mockito.soap.Soap12EndpointRule;
+
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.IRequestStorage;
+import at.gv.egiz.eaaf.core.api.data.EAAFConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFParserException;
+import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
+import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.EHVD;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GDARoles;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GDAStatus;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaIndexResponse;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.task.InjectEhvdInformationTask;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.TestUtils;
+import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+ "/test_ehvd_qs_service_auth.beans.xml" })
+@IfProfileValue(name = "spring.profiles.active", value = "devEnvironment")
+public class InjectEhvdIdentityInformationQsSystemTest {
+
+ @Autowired
+ InjectEhvdInformationTask task;
+ @Autowired
+ DummyAuthConfigMap config;
+ @Autowired
+ IRequestStorage storage;
+
+ protected MockHttpServletRequest httpReq;
+ protected MockHttpServletResponse httpResp;
+ private ExecutionContext context;
+ private TestRequestImpl pendingReq;
+ private Map<String, String> spConfigMap;
+
+ @BeforeClass
+ public static void classInitializer() {
+ System.setProperty(
+ "https.cipherSuites",
+ //high secure RSA bases ciphers
+ "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384" +
+ ",TLS_DHE_RSA_WITH_AES_128_GCM_SHA256" +
+ ",TLS_DHE_RSA_WITH_AES_256_CBC_SHA256" +
+ ",TLS_DHE_RSA_WITH_AES_128_CBC_SHA256" +
+
+ //high secure ECC bases ciphers
+ ",TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384" +
+ ",TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384" +
+ ",TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256" +
+ ",TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256" +
+ ",TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384" +
+ ",TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384" +
+ ",TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256" +
+ ",TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256" +
+
+ //secure backup chipers
+ ",TLS_DHE_RSA_WITH_AES_256_CBC_SHA" +
+ ",TLS_DHE_RSA_WITH_AES_128_CBC_SHA" +
+ ",TLS_RSA_WITH_AES_128_CBC_SHA" +
+ ",TLS_RSA_WITH_AES_256_CBC_SHA"
+ );
+
+ }
+
+ @Before
+ public void initialize() throws EAAFParserException {
+ httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+ httpResp = new MockHttpServletResponse();
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+ context = new ExecutionContextImpl();
+
+ spConfigMap = new HashMap<>();
+ spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphanumeric(10));
+
+ final ISPConfiguration spConfig = new DummySPConfiguration(spConfigMap, config);
+ pendingReq = new TestRequestImpl();
+ pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10));
+ pendingReq.setSpConfig(spConfig);
+
+ // re-set config
+ config.putConfigValue("modules.dummyauth.enabled", String.valueOf(true));
+
+ }
+
+ @Test
+ public void validateState() throws TaskExecutionException, PendingReqIdValidationException {
+ // inject identityLink
+ final AuthenticationSessionWrapper moaSession = pendingReq.getSessionData(
+ AuthenticationSessionWrapper.class);
+ moaSession.setIdentityLink(TestUtils.generateDummyIdl(
+ "SUTFhJ/FXHmLGfTFchYnnWG/e3A=",
+ EAAFConstants.URN_PREFIX_CDID + "GH"));
+
+ task.execute(pendingReq, context);
+
+ // validate state
+ final IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId());
+ assertNotNull("pendingReq not stored", storedReq);
+
+ final AuthenticationSessionWrapper moaSessionStored = storedReq.getSessionData(
+ AuthenticationSessionWrapper.class);
+
+ assertFalse("foreign", moaSessionStored.isForeigner());
+ assertFalse("mandate", moaSessionStored.isMandateUsed());
+ assertEquals("missing attributes", 1, moaSessionStored.getGenericSessionDataStorage().size());
+ assertNotNull("no Role attr", moaSessionStored.getGenericDataFromSession(PVPConstants.ROLES_NAME));
+
+ }
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationTaskTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationTaskTest.java
new file mode 100644
index 000000000..818a2c34b
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationTaskTest.java
@@ -0,0 +1,1086 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.tasks;
+
+import static org.hamcrest.CoreMatchers.instanceOf;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.when;
+
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Locale;
+import java.util.Map;
+
+import javax.xml.namespace.QName;
+import javax.xml.soap.Detail;
+import javax.xml.soap.Name;
+import javax.xml.soap.SOAPElement;
+import javax.xml.soap.SOAPException;
+import javax.xml.soap.SOAPFault;
+import javax.xml.ws.soap.SOAPFaultException;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Before;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.util.Assert;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+import org.w3c.dom.Attr;
+import org.w3c.dom.DOMException;
+import org.w3c.dom.Document;
+import org.w3c.dom.NamedNodeMap;
+import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
+import org.w3c.dom.TypeInfo;
+import org.w3c.dom.UserDataHandler;
+
+import com.github.skjolber.mockito.soap.Soap12EndpointRule;
+
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.IRequestStorage;
+import at.gv.egiz.eaaf.core.api.data.EAAFConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFParserException;
+import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
+import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.EHVD;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GDARoles;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GDAStatus;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaAddress;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaIndexResponse;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.InstanceIdentifier;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.task.InjectEhvdInformationTask;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.TestUtils;
+import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+ "/test_ehvd_service_auth.beans.xml" })
+public class InjectEhvdIdentityInformationTaskTest {
+
+ @Autowired
+ InjectEhvdInformationTask task;
+ @Autowired
+ DummyAuthConfigMap config;
+ @Autowired
+ IRequestStorage storage;
+
+ @Rule
+ public final Soap12EndpointRule soap = Soap12EndpointRule.newInstance();
+
+ protected MockHttpServletRequest httpReq;
+ protected MockHttpServletResponse httpResp;
+ private ExecutionContext context;
+ private TestRequestImpl pendingReq;
+ private Map<String, String> spConfigMap;
+
+ private EHVD ehvdService;
+
+ @Before
+ public void initialize() throws EAAFParserException {
+ httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+ httpResp = new MockHttpServletResponse();
+ RequestContextHolder.resetRequestAttributes();
+ RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+ context = new ExecutionContextImpl();
+
+ spConfigMap = new HashMap<>();
+ spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphanumeric(10));
+
+ final ISPConfiguration spConfig = new DummySPConfiguration(spConfigMap, config);
+ pendingReq = new TestRequestImpl();
+ pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10));
+ pendingReq.setSpConfig(spConfig);
+
+ // re-set config
+ config.putConfigValue("modules.dummyauth.enabled", String.valueOf(true));
+
+ // inject identityLink
+ final AuthenticationSessionWrapper moaSession = pendingReq.getSessionData(
+ AuthenticationSessionWrapper.class);
+ moaSession.setIdentityLink(TestUtils.generateDummyIdl(
+ RandomStringUtils.randomAlphanumeric(10),
+ EAAFConstants.URN_PREFIX_BASEID));
+
+ // mock EHVD service
+ ehvdService = soap.mock(EHVD.class, "http://localhost:1234/ehvd");
+
+ }
+
+ @Test
+ public void noIdentityLinkInSession() {
+ final AuthenticationSessionWrapper moaSession = pendingReq.getSessionData(
+ AuthenticationSessionWrapper.class);
+ moaSession.setIdentityLink(null);
+
+ try {
+ task.execute(pendingReq, context);
+ fail("wrong state not detected");
+
+ } catch (final TaskExecutionException e) {
+ Assert.isInstanceOf(AuthenticationException.class, e.getOriginalException(), "wrong execpetion");
+ assertEquals("wrong errorCode", "process.04", ((EAAFException) e.getOriginalException()).getErrorId());
+
+ }
+ }
+
+ @Test
+ public void noActiveGda() throws TaskExecutionException, PendingReqIdValidationException {
+ // set-up EHVD response
+ String role1 = RandomStringUtils.randomAlphabetic(10);
+ when(ehvdService.getGDA(any())).thenReturn(generateGdaResponse(false, Arrays.asList(role1)));
+
+ try {
+ task.execute(pendingReq, context);
+ fail("wrong state not detected");
+
+ } catch (final TaskExecutionException e) {
+ Assert.isInstanceOf(AuthenticationException.class, e.getOriginalException(), "wrong execpetion");
+ assertEquals("wrong errorCode", "ehvd.00", ((EAAFException) e.getOriginalException()).getErrorId());
+
+ }
+ }
+
+ @Test
+ public void gdaGenericServiceError() throws TaskExecutionException, PendingReqIdValidationException {
+ // set-up EHVD response
+ when(ehvdService.getGDA(any())).thenThrow(new RuntimeException("No anwser from Service"));
+
+ try {
+ task.execute(pendingReq, context);
+ fail("wrong state not detected");
+
+ } catch (final TaskExecutionException e) {
+ Assert.isInstanceOf(AuthenticationException.class, e.getOriginalException(), "wrong execpetion");
+ assertEquals("wrong errorCode", "ehvd.02", ((EAAFException) e.getOriginalException()).getErrorId());
+
+ }
+ }
+
+ @Test
+ public void gdaServiceError() throws TaskExecutionException, PendingReqIdValidationException {
+ // set-up EHVD response
+ String msg = RandomStringUtils.randomAlphabetic(10);
+ SOAPFault fault = generateSoaFault(msg);
+ SOAPFaultException error = new SOAPFaultException(fault );
+ when(ehvdService.getGDA(any())).thenThrow(error);
+
+ try {
+ task.execute(pendingReq, context);
+ fail("wrong state not detected");
+
+ } catch (final TaskExecutionException e) {
+ Assert.isInstanceOf(AuthenticationException.class, e.getOriginalException(), "wrong execpetion");
+ assertEquals("wrong errorCode", "ehvd.02", ((EAAFException) e.getOriginalException()).getErrorId());
+
+ }
+ }
+
+ @Test
+ public void noGdaInfosInResponse() throws TaskExecutionException, PendingReqIdValidationException {
+ // set-up EHVD response
+ GdaIndexResponse gdaResponse = new GdaIndexResponse();
+ when(ehvdService.getGDA(any())).thenReturn(gdaResponse);
+
+ try {
+ task.execute(pendingReq, context);
+ fail("wrong state not detected");
+
+ } catch (final TaskExecutionException e) {
+ Assert.isInstanceOf(AuthenticationException.class, e.getOriginalException(), "wrong execpetion");
+ assertEquals("wrong errorCode", "ehvd.03", ((EAAFException) e.getOriginalException()).getErrorId());
+
+ }
+ }
+
+
+ @Test
+ public void noValidGdaRole() throws TaskExecutionException, PendingReqIdValidationException {
+ // set-up EHVD response
+ String role1 = RandomStringUtils.randomAlphabetic(10);
+ String role2 = RandomStringUtils.randomAlphabetic(10);
+ when(ehvdService.getGDA(any())).thenReturn(generateGdaResponse(true, Arrays.asList(role1, role2)));
+
+ try {
+ task.execute(pendingReq, context);
+ fail("wrong state not detected");
+
+ } catch (final TaskExecutionException e) {
+ Assert.isInstanceOf(AuthenticationException.class, e.getOriginalException(), "wrong execpetion");
+ assertEquals("wrong errorCode", "ehvd.04", ((EAAFException) e.getOriginalException()).getErrorId());
+
+ }
+ }
+
+
+ @Test
+ public void validateStateWithRandomData() throws TaskExecutionException, PendingReqIdValidationException {
+ // set-up EHVD response
+ String role1 = RandomStringUtils.randomAlphabetic(10);
+ String role2 = "1.2.40.0.34.5.2:101";
+ String role3 = RandomStringUtils.randomAlphabetic(10);
+ when(ehvdService.getGDA(any())).thenReturn(generateGdaResponse(true, Arrays.asList(role1, role2, role3)));
+
+ task.execute(pendingReq, context);
+
+ // validate state
+ final IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId());
+ assertNotNull("pendingReq not stored", storedReq);
+
+ final AuthenticationSessionWrapper moaSession = storedReq.getSessionData(
+ AuthenticationSessionWrapper.class);
+
+ assertFalse("foreign", moaSession.isForeigner());
+ assertFalse("mandate", moaSession.isMandateUsed());
+ assertEquals("missing attributes", 2, moaSession.getGenericSessionDataStorage().size());
+ assertNotNull("no Role attr", moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME));
+ assertEquals("wrong role attr",
+ "EPI-GDA()",
+ moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME, String.class));
+
+ }
+
+ @Test
+ public void validateState() throws TaskExecutionException, PendingReqIdValidationException {
+ // set-up EHVD response
+ String role1 = "1.2.40.0.33.5.2.101";
+ String role2 = "1.2.40.0.34.5.2:100";
+ String role3 = RandomStringUtils.randomAlphabetic(10);
+ when(ehvdService.getGDA(any())).thenReturn(generateGdaResponse(true, Arrays.asList(role1, role2, role3)));
+
+ task.execute(pendingReq, context);
+
+ // validate state
+ final IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId());
+ assertNotNull("pendingReq not stored", storedReq);
+
+ final AuthenticationSessionWrapper moaSession = storedReq.getSessionData(
+ AuthenticationSessionWrapper.class);
+
+ assertFalse("foreign", moaSession.isForeigner());
+ assertFalse("mandate", moaSession.isMandateUsed());
+ assertEquals("missing attributes", 2, moaSession.getGenericSessionDataStorage().size());
+ assertNotNull("no Role attr", moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME));
+ assertEquals("wrong role attr",
+ "EPI-GDA()",
+ moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME, String.class));
+
+ }
+
+ @Test
+ public void validateStateSecondOid() throws TaskExecutionException, PendingReqIdValidationException {
+ // set-up EHVD response
+ String role1 = "1.2.40.0.33.5.2.101";
+ String role2 = "1.2.40.0.34.5.2:158";
+ String role3 = RandomStringUtils.randomAlphabetic(10);
+ GdaIndexResponse gdaResponse = generateGdaResponse(true, Arrays.asList(role1, role2, role3));
+ when(ehvdService.getGDA(any())).thenReturn(gdaResponse);
+
+ task.execute(pendingReq, context);
+
+ // validate state
+ final IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId());
+ assertNotNull("pendingReq not stored", storedReq);
+
+ final AuthenticationSessionWrapper moaSession = storedReq.getSessionData(
+ AuthenticationSessionWrapper.class);
+
+ assertFalse("foreign", moaSession.isForeigner());
+ assertFalse("mandate", moaSession.isMandateUsed());
+ assertEquals("missing attributes", 2, moaSession.getGenericSessionDataStorage().size());
+ assertNotNull("no Role attr", moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME));
+ assertEquals("wrong role attr",
+ "EPI-GDA()",
+ moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME, String.class));
+
+ assertNotNull("no full GDA response",
+ moaSession.getGenericDataFromSession(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX));
+ assertTrue("wrong GDA response type",
+ moaSession.getGenericDataFromSession(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX) instanceof GdaDescriptor);
+
+
+ }
+
+ private GdaIndexResponse generateGdaResponse(boolean isActive, List<String> roles) {
+ GdaIndexResponse resp = new GdaIndexResponse();
+ GdaDescriptor gda = new GdaDescriptor();
+ resp.setGda(gda);
+
+ GDAStatus status = new GDAStatus();
+ gda.setStatus(status);
+ status.setEhvdstatus(isActive ? "Aktiv" : "Inaktiv");
+
+ gda.setFirstname(RandomStringUtils.randomAlphabetic(5));
+ gda.setSurname(RandomStringUtils.randomAlphabetic(5));
+ gda.setTitle(RandomStringUtils.randomAlphabetic(5));
+
+ InstanceIdentifier id = new InstanceIdentifier();
+ id.setId(RandomStringUtils.randomAlphabetic(5));
+ gda.setId(id);
+
+ gda.getOtherID().add(RandomStringUtils.randomAlphabetic(5));
+ gda.getOtherID().add(RandomStringUtils.randomAlphabetic(5));
+
+ gda.getAddress().add(generateAddress());
+ gda.getAddress().add(generateAddress());
+
+ GDARoles gdaRoles = new GDARoles();
+ gda.setRoles(gdaRoles);
+ gdaRoles.getRole().addAll(roles);
+
+ return resp;
+ }
+
+ private GdaAddress generateAddress() {
+ GdaAddress address = new GdaAddress();
+ address.setZip(RandomStringUtils.randomNumeric(4));
+ address.setState(RandomStringUtils.randomAlphabetic(10));
+ return address;
+
+ }
+
+ private SOAPFault generateSoaFault(String msg) {
+ return new SOAPFault() {
+
+ @Override
+ public void setIdAttributeNode(Attr idAttr, boolean isId) throws DOMException {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void setIdAttributeNS(String namespaceURI, String localName, boolean isId) throws DOMException {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void setIdAttribute(String name, boolean isId) throws DOMException {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public Attr setAttributeNodeNS(Attr newAttr) throws DOMException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Attr setAttributeNode(Attr newAttr) throws DOMException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public void setAttributeNS(String namespaceURI, String qualifiedName, String value) throws DOMException {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void setAttribute(String name, String value) throws DOMException {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public Attr removeAttributeNode(Attr oldAttr) throws DOMException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public void removeAttributeNS(String namespaceURI, String localName) throws DOMException {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void removeAttribute(String name) throws DOMException {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public boolean hasAttributeNS(String namespaceURI, String localName) throws DOMException {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+ @Override
+ public boolean hasAttribute(String name) {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+ @Override
+ public String getTagName() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public TypeInfo getSchemaTypeInfo() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public NodeList getElementsByTagNameNS(String namespaceURI, String localName) throws DOMException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public NodeList getElementsByTagName(String name) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Attr getAttributeNodeNS(String namespaceURI, String localName) throws DOMException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Attr getAttributeNode(String name) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getAttributeNS(String namespaceURI, String localName) throws DOMException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getAttribute(String name) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Object setUserData(String key, Object data, UserDataHandler handler) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public void setTextContent(String textContent) throws DOMException {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void setPrefix(String prefix) throws DOMException {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void setNodeValue(String nodeValue) throws DOMException {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public Node replaceChild(Node newChild, Node oldChild) throws DOMException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Node removeChild(Node oldChild) throws DOMException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public void normalize() {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public String lookupPrefix(String namespaceURI) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String lookupNamespaceURI(String prefix) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public boolean isSupported(String feature, String version) {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+ @Override
+ public boolean isSameNode(Node other) {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+ @Override
+ public boolean isEqualNode(Node arg) {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+ @Override
+ public boolean isDefaultNamespace(String namespaceURI) {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+ @Override
+ public Node insertBefore(Node newChild, Node refChild) throws DOMException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public boolean hasChildNodes() {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+ @Override
+ public boolean hasAttributes() {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+ @Override
+ public Object getUserData(String key) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getTextContent() throws DOMException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Node getPreviousSibling() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getPrefix() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Node getParentNode() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Document getOwnerDocument() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getNodeValue() throws DOMException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public short getNodeType() {
+ // TODO Auto-generated method stub
+ return 0;
+ }
+
+ @Override
+ public String getNodeName() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Node getNextSibling() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getNamespaceURI() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getLocalName() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Node getLastChild() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Node getFirstChild() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Object getFeature(String feature, String version) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public NodeList getChildNodes() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getBaseURI() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public NamedNodeMap getAttributes() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public short compareDocumentPosition(Node other) throws DOMException {
+ // TODO Auto-generated method stub
+ return 0;
+ }
+
+ @Override
+ public Node cloneNode(boolean deep) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Node appendChild(Node newChild) throws DOMException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public void setValue(String value) {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void setParentElement(SOAPElement parent) throws SOAPException {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void recycleNode() {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public String getValue() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public SOAPElement getParentElement() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public void detachNode() {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void setEncodingStyle(String encodingStyle) throws SOAPException {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public SOAPElement setElementQName(QName newName) throws SOAPException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public boolean removeNamespaceDeclaration(String prefix) {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+ @Override
+ public void removeContents() {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public boolean removeAttribute(QName qname) {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+ @Override
+ public boolean removeAttribute(Name name) {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+ @Override
+ public Iterator getVisibleNamespacePrefixes() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getNamespaceURI(String prefix) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Iterator getNamespacePrefixes() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getEncodingStyle() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public QName getElementQName() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Name getElementName() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Iterator getChildElements(QName qname) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Iterator getChildElements(Name name) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Iterator getChildElements() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getAttributeValue(QName qname) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getAttributeValue(Name name) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Iterator getAllAttributesAsQNames() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Iterator getAllAttributes() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public QName createQName(String localName, String prefix) throws SOAPException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public SOAPElement addTextNode(String text) throws SOAPException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public SOAPElement addNamespaceDeclaration(String prefix, String uri) throws SOAPException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public SOAPElement addChildElement(String localName, String prefix, String uri) throws SOAPException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public SOAPElement addChildElement(String localName, String prefix) throws SOAPException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public SOAPElement addChildElement(SOAPElement element) throws SOAPException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public SOAPElement addChildElement(String localName) throws SOAPException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public SOAPElement addChildElement(QName qname) throws SOAPException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public SOAPElement addChildElement(Name name) throws SOAPException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public SOAPElement addAttribute(QName qname, String value) throws SOAPException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public SOAPElement addAttribute(Name name, String value) throws SOAPException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public void setFaultString(String faultString, Locale locale) throws SOAPException {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void setFaultString(String faultString) throws SOAPException {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void setFaultRole(String uri) throws SOAPException {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void setFaultNode(String uri) throws SOAPException {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void setFaultCode(String faultCode) throws SOAPException {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void setFaultCode(QName faultCodeQName) throws SOAPException {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void setFaultCode(Name faultCodeQName) throws SOAPException {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void setFaultActor(String faultActor) throws SOAPException {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void removeAllFaultSubcodes() {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public boolean hasDetail() {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+ @Override
+ public Iterator getFaultSubcodes() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Locale getFaultStringLocale() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getFaultString() {
+ return msg;
+
+ }
+
+ @Override
+ public String getFaultRole() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Iterator getFaultReasonTexts() throws SOAPException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getFaultReasonText(Locale locale) throws SOAPException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Iterator getFaultReasonLocales() throws SOAPException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getFaultNode() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public QName getFaultCodeAsQName() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Name getFaultCodeAsName() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getFaultCode() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getFaultActor() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Detail getDetail() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public void appendFaultSubcode(QName subcode) throws SOAPException {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void addFaultReasonText(String text, Locale locale) throws SOAPException {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public Detail addDetail() throws SOAPException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+ };
+
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AttributeBuilderRegistrationTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AttributeBuilderRegistrationTest.java
new file mode 100644
index 000000000..5ff8ffba7
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AttributeBuilderRegistrationTest.java
@@ -0,0 +1,41 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.utils;
+
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+
+import java.util.List;
+
+import org.junit.Assert;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.BlockJUnit4ClassRunner;
+import org.opensaml.saml2.core.Attribute;
+import org.opensaml.xml.ConfigurationException;
+
+import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions;
+import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PVPAttributeBuilder;
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EAAFDefaultSAML2Bootstrap;
+
+@RunWith(BlockJUnit4ClassRunner.class)
+public class AttributeBuilderRegistrationTest {
+
+ @BeforeClass
+ public static void classInitializer() throws ConfigurationException {
+ EAAFDefaultSAML2Bootstrap.bootstrap();
+
+ }
+
+ @Test
+ public void checkRegistratedAttributeBuilder() {
+
+ List<Attribute> supportedAttributes = PVPAttributeBuilder.buildSupportedEmptyAttributes();
+
+ assertFalse("Registered Attribute-Builder is empty", supportedAttributes.isEmpty());
+ assertTrue("No role attribute registrated", supportedAttributes.stream()
+ .filter(el -> PVPAttributeDefinitions.ROLES_NAME.equals(el.getName()))
+ .findFirst()
+ .isPresent());
+
+ }
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AuthenticationRoleFactoryTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AuthenticationRoleFactoryTest.java
new file mode 100644
index 000000000..6d39b926e
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AuthenticationRoleFactoryTest.java
@@ -0,0 +1,65 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.utils;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.BlockJUnit4ClassRunner;
+
+import at.gv.egovernment.moa.id.data.AuthenticationRole;
+import at.gv.egovernment.moa.id.data.AuthenticationRoleFactory;
+
+@RunWith(BlockJUnit4ClassRunner.class)
+public class AuthenticationRoleFactoryTest {
+
+ @Test
+ public void simpleRole() {
+ String role = RandomStringUtils.randomAlphabetic(5);
+
+ AuthenticationRole toCheck = AuthenticationRoleFactory.buildFormPVPole(role);
+
+ assertEquals("wrong role name", role, toCheck.getRoleName());
+ assertEquals("wrong raw role", role, toCheck.getRawRoleString());
+ assertNull("wrong role attr", toCheck.getParams());
+
+ }
+
+ @Test
+ public void complexeRoleEmptyParams() {
+ String role = RandomStringUtils.randomAlphabetic(5);
+ String fullRole = role + "()";
+
+ AuthenticationRole toCheck = AuthenticationRoleFactory.buildFormPVPole(fullRole);
+
+ assertEquals("wrong role name", role, toCheck.getRoleName());
+ assertEquals("wrong raw role", fullRole, toCheck.getRawRoleString());
+ assertNull("wrong role attr", toCheck.getParams());
+
+ }
+
+ @Test
+ public void complexeRoleWithParams() {
+ String p1 = RandomStringUtils.randomAlphabetic(5);
+ String v1 = RandomStringUtils.randomAlphabetic(5);
+ String p2 = RandomStringUtils.randomAlphabetic(5);
+ String v2 = RandomStringUtils.randomAlphabetic(5);
+
+ String role = RandomStringUtils.randomAlphabetic(5);
+ String fullRole = role + "(\""
+ + p1 + "\"=\"" + v1 + "\","
+ + p2 + "\"=\"" + v2 + "\""
+ +")";
+
+ AuthenticationRole toCheck = AuthenticationRoleFactory.buildFormPVPole(fullRole);
+
+ assertEquals("wrong role name", role, toCheck.getRoleName());
+ assertEquals("wrong raw role", fullRole, toCheck.getRawRoleString());
+ assertNotNull("wrong role attr", toCheck.getParams());
+ assertEquals("wrong param size", 2, toCheck.getParams().size());
+
+ }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/MoaStatusMessagerTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/MoaStatusMessagerTest.java
new file mode 100644
index 000000000..387aca540
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/MoaStatusMessagerTest.java
@@ -0,0 +1,55 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.utils;
+
+import static org.junit.Assert.assertEquals;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.api.IStatusMessenger;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({"/test_ehvd_service_messager_auth.beans.xml"})
+public class MoaStatusMessagerTest {
+
+ @Autowired IStatusMessenger messager;
+
+
+ @Test
+ public void checkErrorCodeMapper() {
+ assertEquals("default errorcode", "9199",
+ messager.getResponseErrorCode(new NullPointerException()));
+
+
+ assertEquals("new errorCode file", "aabbccdd",
+ messager.mapInternalErrorToExternalError("test.01"));
+ assertEquals("new errorCode file", "zzzyyyxxx",
+ messager.mapInternalErrorToExternalError("test.02"));
+
+ assertEquals("existing errorCode file", "4401",
+ messager.mapInternalErrorToExternalError("auth.34"));
+ assertEquals("existing errorCode file", "1101",
+ messager.mapInternalErrorToExternalError("parser.07"));
+
+ }
+
+ @Test
+ public void checkErrorMessages() {
+ assertEquals("new error msg",
+ "Für den abgefragtem GDA liegt keine Berechtigung vor", messager.getMessage("ehvd.00", null));
+ assertEquals("new error msg",
+ "Allgemeiner Fehler bei der Abfrage des EHVD Service", messager.getMessage("ehvd.99", null));
+
+
+ assertEquals("existing error msg",
+ "Zertifikat konnte nicht ausgelesen werden.", messager.getMessage("auth.14", null));
+ assertEquals("existing error msg",
+ "\"Issuer\" im AUTH-Block nicht vorhanden.", messager.getMessage("validator.32", null));
+
+ }
+
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/com/github/skjolber/mockito/soap/Soap12EndpointRule.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/com/github/skjolber/mockito/soap/Soap12EndpointRule.java
new file mode 100644
index 000000000..547401cc3
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/com/github/skjolber/mockito/soap/Soap12EndpointRule.java
@@ -0,0 +1,195 @@
+package com.github.skjolber.mockito.soap;
+
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import javax.xml.ws.soap.SOAPBinding;
+import javax.xml.ws.spi.Provider;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.endpoint.EndpointException;
+import org.apache.cxf.endpoint.ServerImpl;
+import org.apache.cxf.jaxws.EndpointImpl;
+import org.apache.cxf.jaxws.JaxWsServerFactoryBean;
+import org.apache.cxf.jaxws.support.JaxWsServiceFactoryBean;
+import org.apache.cxf.service.ServiceImpl;
+import org.apache.cxf.service.model.EndpointInfo;
+import org.apache.cxf.transport.ChainInitiationObserver;
+import org.apache.cxf.transport.Destination;
+import org.apache.cxf.transport.DestinationFactory;
+import org.apache.cxf.transport.DestinationFactoryManager;
+
+
+/**
+ * Fork of {@link SoapEndpointRule} that set <i>endpoint.setBindingUri(SOAPBinding.SOAP12HTTP_BINDING)</i>
+ * into {@link EndpointImpl}.
+ *
+ * @author tlenz
+ *
+ */
+public class Soap12EndpointRule extends SoapServerRule {
+ private static final int PORT_RANGE_START = 1024 + 1;
+ private static final int PORT_RANGE_END = PortManager.PORT_RANGE_MAX;
+
+ public static Soap12EndpointRule newInstance() {
+ return new Soap12EndpointRule();
+ }
+
+ private final Map<String, EndpointImpl> endpoints = new HashMap<>();
+
+ private PortManager<Destination> portManager;
+
+ public Soap12EndpointRule() {
+ this(PORT_RANGE_START, PORT_RANGE_END);
+ }
+
+ public Soap12EndpointRule(String... portNames) {
+ this(PORT_RANGE_START, PORT_RANGE_END, portNames);
+ }
+
+ public Soap12EndpointRule(int portRangeStart, int portRangeEnd, String... portNames) {
+ portManager = new PortManager<Destination>(portRangeStart, portRangeEnd) {
+ @Override
+ public Destination reserve(int port) throws Exception {
+ return createDestination(port);
+ }
+
+ @Override
+ public void release(Destination destination) {
+ destination.shutdown();
+ }
+ };
+
+ portManager.add(portNames);
+ }
+
+ /**
+ * Returns the port number that was reserved for the given name.
+ *
+ * @param portName port name
+ * @return a valid port number if the port has been reserved, -1 otherwise
+ */
+ public int getPort(String portName) {
+ return portManager.getPort(portName);
+ }
+
+ /**
+ * Returns all port names and respective port numbers.
+ *
+ * @return a map of port name and port value (a valid port number if the port
+ * has been reserved, or -1 otherwise)
+ */
+ public Map<String, Integer> getPorts() {
+ return portManager.getPorts();
+ }
+
+ /**
+ * Attempt to reserve a port by starting a server.
+ *
+ * @param port port to reserve
+ * @return destination if successful
+ * @throws IOException
+ * @throws EndpointException
+ */
+ private Destination createDestination(int port) throws IOException, EndpointException {
+ final JaxWsServiceFactoryBean jaxWsServiceFactoryBean = new JaxWsServiceFactoryBean();
+
+ final JaxWsServerFactoryBean serverFactoryBean = new JaxWsServerFactoryBean(jaxWsServiceFactoryBean);
+ final Bus bus = serverFactoryBean.getBus();
+
+ final String address = "http://localhost:" + port;
+ serverFactoryBean.setAddress(address);
+
+ final DestinationFactory destinationFactory = bus.getExtension(DestinationFactoryManager.class)
+ .getDestinationFactoryForUri(address);
+
+ final EndpointInfo ei = new EndpointInfo(null, Integer.toString(port));
+ ei.setAddress(address);
+
+ final Destination destination = destinationFactory.getDestination(ei, bus);
+
+ final ServiceImpl serviceImpl = new ServiceImpl();
+
+ final org.apache.cxf.endpoint.Endpoint endpoint = new org.apache.cxf.endpoint.EndpointImpl(bus,
+ serviceImpl, ei);
+ destination.setMessageObserver(new ChainInitiationObserver(endpoint, bus));
+ return destination;
+ }
+
+ @Override
+ public <T> void proxy(T target, Class<T> port, String address, String wsdlLocation,
+ List<String> schemaLocations, Map<String, Object> properties) {
+ assertValidParams(target, port, address);
+
+ if (endpoints.containsKey(address)) {
+ throw new IllegalArgumentException("Endpoint " + address + " already exists");
+ }
+
+ final T serviceInterface = SoapServiceProxy.newInstance(target);
+
+ final EndpointImpl endpoint = (EndpointImpl) Provider.provider().createEndpoint(null, serviceInterface);
+ endpoint.setBindingUri(SOAPBinding.SOAP12HTTP_BINDING);
+
+ if (wsdlLocation != null) {
+ endpoint.setWsdlLocation(wsdlLocation);
+ }
+
+ if (schemaLocations != null) {
+ endpoint.setSchemaLocations(schemaLocations);
+ }
+
+ endpoint.setProperties(processProperties(properties, wsdlLocation, schemaLocations));
+
+ final Destination destination = portManager.getData(parsePort(address));
+ if (destination != null) {
+ final ServerImpl server = endpoint.getServer();
+ server.setDestination(destination);
+ }
+
+ endpoint.publish(address);
+
+ endpoints.put(address, endpoint);
+ }
+
+ @Override
+ protected void before() {
+ // reserve all ports
+ portManager.start();
+ }
+
+ @Override
+ protected void after() {
+ destroy();
+ }
+
+ /**
+ * Stop and remove endpoints, keeping port reservations.
+ */
+ public void clear() {
+ endpoints.values().forEach(EndpointImpl::stop);
+ endpoints.clear();
+ }
+
+ @Override
+ public void destroy() {
+ endpoints.values().forEach(endpoint -> {
+ endpoint.stop();
+ endpoint.getBus().shutdown(true);
+ });
+ endpoints.clear();
+ portManager.stop();
+ }
+
+ @Override
+ public void stop() {
+ endpoints.values().forEach(endpoint -> endpoint.getServer().stop());
+ }
+
+ @Override
+ public void start() {
+ // republish
+ endpoints.values().forEach(endpoint -> endpoint.getServer().start());
+ }
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config1.properties b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config1.properties
new file mode 100644
index 000000000..580af5559
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config1.properties
@@ -0,0 +1,11 @@
+modules.ehvd.enabled=true
+modules.ehvd.sp.1=aaabbccddeeffgg
+modules.ehvd.sp.2=yyasdfasfsa2323
+modules.ehvd.sp.3=
+modules.ehvd.sp.4=435344534egewgegf
+
+modules.ehvd.service.url=http://localhost:1234/ehvd
+#modules.ehvd.service.url=https://ehvdwsqs.gesundheit.gv.at
+
+modules.ehvd.role.pvp=EPI-GDA()
+modules.ehvd.service.role.regex=^1\.2\.40\.0\.34\.5\.2\:(100|101|158)$
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config2.properties b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config2.properties
new file mode 100644
index 000000000..4e666c204
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config2.properties
@@ -0,0 +1,4 @@
+modules.ehvd.enabled=false
+modules.ehvd.sp.1=aaabbccddeeffgg
+modules.ehvd.sp.2=yyasdfasfsa2323
+modules.ehvd.sp.3=435344534egewgegf
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config_qs_service.properties b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config_qs_service.properties
new file mode 100644
index 000000000..dc8fe54d5
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config_qs_service.properties
@@ -0,0 +1,12 @@
+modules.ehvd.enabled=true
+modules.ehvd.sp.1=aaabbccddeeffgg
+modules.ehvd.sp.2=yyasdfasfsa2323
+modules.ehvd.sp.3=
+modules.ehvd.sp.4=435344534egewgegf
+
+modules.ehvd.service.url=https://ehvdwsqs.gesundheit.gv.at
+#modules.ehvd.service.bpk.target=
+modules.ehvd.proxy.socks.port=12345
+modules.ehvd.role.pvp=EPI-GDA()
+modules.ehvd.service.role.regex=^1\.2\.40\.0\.34\.5\.2\:(100|101|158)$
+#modules.ehvd.service.otherid.prefix=1.2.40.0.34.4.18: \ No newline at end of file
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_qs_service_auth.beans.xml b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_qs_service_auth.beans.xml
new file mode 100644
index 000000000..0595d4eb4
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_qs_service_auth.beans.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xmlns:tx="http://www.springframework.org/schema/tx"
+ xmlns:aop="http://www.springframework.org/schema/aop"
+ xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+ http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+ <import resource="classpath:/SpringTest-context_authManager.xml" />
+ <import resource="classpath:/moaid_ehvd_service_auth.beans.xml" />
+
+ <bean id="dummyConfig" class="at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap">
+ <constructor-arg name="path" value="/config/config_qs_service.properties" />
+ </bean>
+
+</beans> \ No newline at end of file
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth.beans.xml b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth.beans.xml
new file mode 100644
index 000000000..b499ad395
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth.beans.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xmlns:tx="http://www.springframework.org/schema/tx"
+ xmlns:aop="http://www.springframework.org/schema/aop"
+ xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+ http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+ <import resource="classpath:/SpringTest-context_authManager.xml" />
+ <import resource="classpath:/moaid_ehvd_service_auth.beans.xml" />
+
+ <bean id="dummyConfig" class="at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap">
+ <constructor-arg name="path" value="/config/config1.properties" />
+ </bean>
+
+</beans> \ No newline at end of file
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth_lazy.beans.xml b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth_lazy.beans.xml
new file mode 100644
index 000000000..7116034b7
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth_lazy.beans.xml
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xmlns:tx="http://www.springframework.org/schema/tx"
+ xmlns:aop="http://www.springframework.org/schema/aop"
+ xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+ http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+ <import resource="classpath:/SpringTest-context_authManager.xml" />
+
+ <bean id="dummyConfig" class="at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap">
+ <constructor-arg name="path" value="/config/config2.properties" />
+ </bean>
+
+ <beans default-lazy-init="true">
+ <bean id="ehvdServiceAuthModule" class="at.gv.egovernment.moa.id.auth.modules.ehvd.EhvdServiceAuthModule">
+ <property name="priority" value="4" />
+ </bean>
+
+ </beans>
+</beans> \ No newline at end of file
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_messager_auth.beans.xml b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_messager_auth.beans.xml
new file mode 100644
index 000000000..5d8e03fb5
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_messager_auth.beans.xml
@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xmlns:tx="http://www.springframework.org/schema/tx"
+ xmlns:aop="http://www.springframework.org/schema/aop"
+ xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+ http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+ <bean id="testMsgProvider"
+ class="at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider"/>
+
+</beans> \ No newline at end of file
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/pom.xml b/id/server/modules/moa-id-module-elga_mandate_service/pom.xml
index 46b645403..41da7ff51 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/pom.xml
+++ b/id/server/modules/moa-id-module-elga_mandate_service/pom.xml
@@ -3,7 +3,7 @@
<parent>
<groupId>MOA.id.server.modules</groupId>
<artifactId>moa-id-modules</artifactId>
- <version>4.1.5</version>
+ <version>4.2.0</version>
</parent>
<artifactId>moa-id-module-elga_mandate_service</artifactId>
<version>${moa-id-module-elga_mandate_client}</version>
diff --git a/id/server/modules/moa-id-module-openID/pom.xml b/id/server/modules/moa-id-module-openID/pom.xml
index 131ae455b..f9ff3333b 100644
--- a/id/server/modules/moa-id-module-openID/pom.xml
+++ b/id/server/modules/moa-id-module-openID/pom.xml
@@ -3,7 +3,7 @@
<parent>
<groupId>MOA.id.server.modules</groupId>
<artifactId>moa-id-modules</artifactId>
- <version>4.1.5</version>
+ <version>4.2.0</version>
</parent>
<artifactId>moa-id-module-openID</artifactId>
@@ -38,13 +38,13 @@
<dependency>
<groupId>com.google.http-client</groupId>
<artifactId>google-http-client-jackson2</artifactId>
- <version>1.22.0</version>
+ <version>1.40.1</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>com.google.oauth-client</groupId>
<artifactId>google-oauth-client-jetty</artifactId>
- <version>1.22.0</version>
+ <version>1.32.1</version>
<scope>test</scope>
<exclusions>
<exclusion>
@@ -78,7 +78,6 @@
<dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
- <version>19.0</version>
</dependency>
<!-- TestNG -->
diff --git a/id/server/modules/moa-id-module-sl20_authentication/pom.xml b/id/server/modules/moa-id-module-sl20_authentication/pom.xml
index 0dccba648..d3a2cc94e 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/pom.xml
+++ b/id/server/modules/moa-id-module-sl20_authentication/pom.xml
@@ -5,7 +5,7 @@
<parent>
<groupId>MOA.id.server.modules</groupId>
<artifactId>moa-id-modules</artifactId>
- <version>4.1.5</version>
+ <version>4.2.0</version>
</parent>
<artifactId>moa-id-module-sl20_authentication</artifactId>
<name>moa-id-module-sl20_authentication</name>
@@ -53,20 +53,19 @@
<dependency>
<groupId>com.google.code.gson</groupId>
<artifactId>gson</artifactId>
- <version>2.8.2</version>
+ <version>2.8.9</version>
</dependency>
<dependency>
<groupId>org.bitbucket.b_c</groupId>
<artifactId>jose4j</artifactId>
- <version>0.6.3</version>
+ <version>0.7.9</version>
</dependency>
- <dependency>
- <groupId>org.bouncycastle</groupId>
- <artifactId>bcprov-jdk15on</artifactId>
- <version>1.52</version>
- <!-- <scope>provided</scope> -->
-</dependency>
+ <dependency>
+ <groupId>org.bouncycastle</groupId>
+ <artifactId>bcprov-jdk15on</artifactId>
+ <version>1.70</version>
+ </dependency>
<!-- Dependencies for testing -->
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/SL20JSONExtractorUtils.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/SL20JSONExtractorUtils.java
index 759d9c838..6bf297a4e 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/SL20JSONExtractorUtils.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/SL20JSONExtractorUtils.java
@@ -13,7 +13,6 @@ import org.apache.http.Header;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.utils.URIBuilder;
-import org.apache.log4j.Logger;
import org.jose4j.base64url.Base64Url;
import com.google.gson.JsonElement;
@@ -23,328 +22,347 @@ import com.google.gson.JsonParser;
import at.gv.egovernment.moa.id.auth.modules.sl20_auth.data.VerificationResult;
import at.gv.egovernment.moa.id.auth.modules.sl20_auth.exceptions.SL20Exception;
import at.gv.egovernment.moa.id.auth.modules.sl20_auth.exceptions.SLCommandoParserException;
+import lombok.extern.slf4j.Slf4j;
+@Slf4j
public class SL20JSONExtractorUtils {
- private static final Logger log = Logger.getLogger(SL20JSONExtractorUtils.class);
-
- /**
- * Extract String value from JSON
- *
- * @param input
- * @param keyID
- * @param isRequired
- * @return
- * @throws SLCommandoParserException
- */
- public static String getStringValue(JsonObject input, String keyID, boolean isRequired) throws SLCommandoParserException {
- try {
- JsonElement internal = getAndCheck(input, keyID, isRequired);
-
- if (internal != null)
- return internal.getAsString();
- else
- return null;
-
- } catch (SLCommandoParserException e) {
- throw e;
-
- } catch (Exception e) {
- throw new SLCommandoParserException("Can not extract String value with keyId: " + keyID, e);
-
- }
- }
-
- /**
- * Extract Boolean value from JSON
- *
- * @param input
- * @param keyID
- * @param isRequired
- * @return
- * @throws SLCommandoParserException
- */
- public static boolean getBooleanValue(JsonObject input, String keyID, boolean isRequired, boolean defaultValue) throws SLCommandoParserException {
- try {
- JsonElement internal = getAndCheck(input, keyID, isRequired);
-
- if (internal != null)
- return internal.getAsBoolean();
- else
- return defaultValue;
-
- } catch (SLCommandoParserException e) {
- throw e;
-
- } catch (Exception e) {
- throw new SLCommandoParserException("Can not extract Boolean value with keyId: " + keyID, e);
-
- }
- }
-
- /**
- * Extract JSONObject value from JSON
- *
- * @param input
- * @param keyID
- * @param isRequired
- * @return
- * @throws SLCommandoParserException
- */
- public static JsonObject getJSONObjectValue(JsonObject input, String keyID, boolean isRequired) throws SLCommandoParserException {
- try {
- JsonElement internal = getAndCheck(input, keyID, isRequired);
-
- if (internal != null)
- return internal.getAsJsonObject();
- else
- return null;
-
- } catch (SLCommandoParserException e) {
- throw e;
-
- } catch (Exception e) {
- throw new SLCommandoParserException("Can not extract Boolean value with keyId: " + keyID, e);
-
- }
- }
-
- /**
- * Extract a List of String elements from a JSON element
- *
- * @param input
- * @return
- * @throws SLCommandoParserException
- */
- public static List<String> getListOfStringElements(JsonElement input) throws SLCommandoParserException {
- List<String> result = new ArrayList<String>();
- if (input != null) {
- if (input.isJsonArray()) {
- Iterator<JsonElement> arrayIterator = input.getAsJsonArray().iterator();
- while(arrayIterator.hasNext()) {
- JsonElement next = arrayIterator.next();
- if (next.isJsonPrimitive())
- result.add(next.getAsString());
- }
-
- } else if (input.isJsonPrimitive()) {
- result.add(input.getAsString());
-
- } else {
- log.warn("JSON Element IS NOT a JSON array or a JSON Primitive");
- throw new SLCommandoParserException("JSON Element IS NOT a JSON array or a JSON Primitive");
-
- }
- }
-
- return result;
- }
-
- /**
- * Extract Map of Key/Value pairs from a JSON Element
- *
- * @param input parent JSON object
- * @param keyID KeyId of the child that should be parsed
- * @param isRequired
- * @return
- * @throws SLCommandoParserException
- */
- public static Map<String, String> getMapOfStringElements(JsonObject input, String keyID, boolean isRequired) throws SLCommandoParserException {
- JsonElement internal = getAndCheck(input, keyID, isRequired);
- return getMapOfStringElements(internal);
-
- }
-
- /**
- * Extract Map of Key/Value pairs from a JSON Element
- *
- * @param input
- * @return
- * @throws SLCommandoParserException
- */
- public static Map<String, String> getMapOfStringElements(JsonElement input) throws SLCommandoParserException {
- Map<String, String> result = new HashMap<String, String>();
-
- if (input != null) {
- if (input.isJsonArray()) {
- Iterator<JsonElement> arrayIterator = input.getAsJsonArray().iterator();
- while(arrayIterator.hasNext()) {
- JsonElement next = arrayIterator.next();
- Iterator<Entry<String, JsonElement>> entry = next.getAsJsonObject().entrySet().iterator();
- entitySetToMap(result, entry);
-
- }
-
- } else if (input.isJsonObject()) {
- Iterator<Entry<String, JsonElement>> objectKeys = input.getAsJsonObject().entrySet().iterator();
- entitySetToMap(result, objectKeys);
-
- } else
- throw new SLCommandoParserException("JSON Element IS NOT a JSON array or a JSON object");
-
- }
-
- return result;
- }
-
- private static void entitySetToMap(Map<String, String> result, Iterator<Entry<String, JsonElement>> entry) {
- while (entry.hasNext()) {
- Entry<String, JsonElement> el = entry.next();
- if (result.containsKey(el.getKey()))
- log.info("Attr. Map already contains Element with Key: " + el.getKey() + ". Overwrite element ... ");
-
- result.put(el.getKey(), el.getValue().getAsString());
-
- }
-
- }
-
-
- public static JsonElement extractSL20Result(JsonObject command, IJOSETools decrypter, boolean mustBeEncrypted) throws SL20Exception {
- JsonElement result = command.get(SL20Constants.SL20_COMMAND_CONTAINER_RESULT);
- JsonElement encryptedResult = command.get(SL20Constants.SL20_COMMAND_CONTAINER_ENCRYPTEDRESULT);
-
- if (result == null && encryptedResult == null)
- throw new SLCommandoParserException("NO result OR encryptedResult FOUND.");
-
- else if (encryptedResult == null && mustBeEncrypted)
- throw new SLCommandoParserException("result MUST be signed.");
-
- else if (encryptedResult != null && encryptedResult.isJsonPrimitive()) {
- try {
- return decrypter.decryptPayload(encryptedResult.getAsString());
-
- } catch (Exception e) {
- log.info("Can NOT decrypt SL20 result. Reason:" + e.getMessage());
- if (!mustBeEncrypted) {
- log.warn("Decrypted results are disabled by configuration. Parse result in plain if it is possible");
-
- //dummy code
- try {
- String[] signedPayload = encryptedResult.toString().split("\\.");
- JsonElement payLoad = new JsonParser().parse(new String(Base64.getUrlDecoder().decode(signedPayload[1])));
- return payLoad;
-
- } catch (Exception e1) {
- log.debug("DummyCode FAILED, Reason: " + e1.getMessage() + " Ignore it ...");
- throw new SL20Exception(e.getMessage(), null, e);
-
- }
-
- } else
- throw e;
-
- }
-
- } else if (result != null) {
- return result;
-
- } else
- throw new SLCommandoParserException("Internal build error");
-
-
- }
-
- /**
- * Extract payLoad from generic transport container
- *
- * @param container
- * @param joseTools
- * @return
- * @throws SLCommandoParserException
- */
- public static VerificationResult extractSL20PayLoad(JsonObject container, IJOSETools joseTools, boolean mustBeSigned) throws SL20Exception {
-
- JsonElement sl20Payload = container.get(SL20Constants.SL20_PAYLOAD);
- JsonElement sl20SignedPayload = container.get(SL20Constants.SL20_SIGNEDPAYLOAD);
-
- if (mustBeSigned && joseTools == null)
- throw new SLCommandoParserException("'joseTools' MUST be set if 'mustBeSigned' is 'true'");
-
- if (sl20Payload == null && sl20SignedPayload == null)
- throw new SLCommandoParserException("NO payLoad OR signedPayload FOUND.");
-
- else if (sl20SignedPayload == null && mustBeSigned)
- throw new SLCommandoParserException("payLoad MUST be signed.");
-
- else if (joseTools != null && sl20SignedPayload != null && sl20SignedPayload.isJsonPrimitive()) {
- return joseTools.validateSignature(sl20SignedPayload.getAsString());
-
- } else if (sl20Payload != null)
- return new VerificationResult(sl20Payload.getAsJsonObject());
-
- else
- throw new SLCommandoParserException("Internal build error");
-
-
- }
-
-
- /**
- * Extract generic transport container from httpResponse
- *
- * @param httpResp
- * @return
- * @throws SLCommandoParserException
- */
- public static JsonObject getSL20ContainerFromResponse(HttpResponse httpResp) throws SLCommandoParserException {
- try {
- JsonObject sl20Resp = null;
- if (httpResp.getStatusLine().getStatusCode() == 307) {
- Header[] locationHeader = httpResp.getHeaders("Location");
- if (locationHeader == null)
- throw new SLCommandoParserException("Find Redirect statuscode but not Location header");
-
- String sl20RespString = new URIBuilder(locationHeader[0].getValue()).getQueryParams().get(0).getValue();
- sl20Resp = new JsonParser().parse(Base64Url.encode((sl20RespString.getBytes()))).getAsJsonObject();
-
- } else if (httpResp.getStatusLine().getStatusCode() == 200) {
- if (!httpResp.getEntity().getContentType().getValue().startsWith("application/json"))
- throw new SLCommandoParserException("SL20 response with a wrong ContentType: " + httpResp.getEntity().getContentType().getValue());
- sl20Resp = parseSL20ResultFromResponse(httpResp.getEntity());
-
- } else if ( (httpResp.getStatusLine().getStatusCode() == 500) ||
- (httpResp.getStatusLine().getStatusCode() == 401) ||
- (httpResp.getStatusLine().getStatusCode() == 400) ) {
- log.info("SL20 response with http-code: " + httpResp.getStatusLine().getStatusCode()
- + ". Search for error message");
- sl20Resp = parseSL20ResultFromResponse(httpResp.getEntity());
-
-
- } else
- throw new SLCommandoParserException("SL20 response with http-code: " + httpResp.getStatusLine().getStatusCode());
-
- log.info("Find JSON object in http response");
- return sl20Resp;
-
- } catch (Exception e) {
- throw new SLCommandoParserException("SL20 response parsing FAILED! Reason: " + e.getMessage(), e);
-
- }
- }
-
- private static JsonObject parseSL20ResultFromResponse(HttpEntity resp) throws Exception {
- if (resp != null && resp.getContent() != null) {
- JsonElement sl20Resp = new JsonParser().parse(new InputStreamReader(resp.getContent()));
- if (sl20Resp != null && sl20Resp.isJsonObject()) {
- return sl20Resp.getAsJsonObject();
-
- } else
- throw new SLCommandoParserException("SL2.0 can NOT parse to a JSON object");
-
-
- } else
- throw new SLCommandoParserException("Can NOT find content in http response");
-
- }
-
-
- private static JsonElement getAndCheck(JsonObject input, String keyID, boolean isRequired) throws SLCommandoParserException {
- JsonElement internal = input.get(keyID);
-
- if (internal == null && isRequired)
- throw new SLCommandoParserException("REQUIRED Element with keyId: " + keyID + " does not exist");
-
- return internal;
-
- }
+
+ /**
+ * Extract String value from JSON
+ *
+ * @param input
+ * @param keyID
+ * @param isRequired
+ * @return
+ * @throws SLCommandoParserException
+ */
+ public static String getStringValue(JsonObject input, String keyID, boolean isRequired)
+ throws SLCommandoParserException {
+ try {
+ final JsonElement internal = getAndCheck(input, keyID, isRequired);
+
+ if (internal != null) {
+ return internal.getAsString();
+ } else {
+ return null;
+ }
+
+ } catch (final SLCommandoParserException e) {
+ throw e;
+
+ } catch (final Exception e) {
+ throw new SLCommandoParserException("Can not extract String value with keyId: " + keyID, e);
+
+ }
+ }
+
+ /**
+ * Extract Boolean value from JSON
+ *
+ * @param input
+ * @param keyID
+ * @param isRequired
+ * @return
+ * @throws SLCommandoParserException
+ */
+ public static boolean getBooleanValue(JsonObject input, String keyID, boolean isRequired,
+ boolean defaultValue) throws SLCommandoParserException {
+ try {
+ final JsonElement internal = getAndCheck(input, keyID, isRequired);
+
+ if (internal != null) {
+ return internal.getAsBoolean();
+ } else {
+ return defaultValue;
+ }
+
+ } catch (final SLCommandoParserException e) {
+ throw e;
+
+ } catch (final Exception e) {
+ throw new SLCommandoParserException("Can not extract Boolean value with keyId: " + keyID, e);
+
+ }
+ }
+
+ /**
+ * Extract JSONObject value from JSON
+ *
+ * @param input
+ * @param keyID
+ * @param isRequired
+ * @return
+ * @throws SLCommandoParserException
+ */
+ public static JsonObject getJSONObjectValue(JsonObject input, String keyID, boolean isRequired)
+ throws SLCommandoParserException {
+ try {
+ final JsonElement internal = getAndCheck(input, keyID, isRequired);
+
+ if (internal != null) {
+ return internal.getAsJsonObject();
+ } else {
+ return null;
+ }
+
+ } catch (final SLCommandoParserException e) {
+ throw e;
+
+ } catch (final Exception e) {
+ throw new SLCommandoParserException("Can not extract Boolean value with keyId: " + keyID, e);
+
+ }
+ }
+
+ /**
+ * Extract a List of String elements from a JSON element
+ *
+ * @param input
+ * @return
+ * @throws SLCommandoParserException
+ */
+ public static List<String> getListOfStringElements(JsonElement input) throws SLCommandoParserException {
+ final List<String> result = new ArrayList<>();
+ if (input != null) {
+ if (input.isJsonArray()) {
+ final Iterator<JsonElement> arrayIterator = input.getAsJsonArray().iterator();
+ while (arrayIterator.hasNext()) {
+ final JsonElement next = arrayIterator.next();
+ if (next.isJsonPrimitive()) {
+ result.add(next.getAsString());
+ }
+ }
+
+ } else if (input.isJsonPrimitive()) {
+ result.add(input.getAsString());
+
+ } else {
+ log.warn("JSON Element IS NOT a JSON array or a JSON Primitive");
+ throw new SLCommandoParserException("JSON Element IS NOT a JSON array or a JSON Primitive");
+
+ }
+ }
+
+ return result;
+ }
+
+ /**
+ * Extract Map of Key/Value pairs from a JSON Element
+ *
+ * @param input parent JSON object
+ * @param keyID KeyId of the child that should be parsed
+ * @param isRequired
+ * @return
+ * @throws SLCommandoParserException
+ */
+ public static Map<String, String> getMapOfStringElements(JsonObject input, String keyID, boolean isRequired)
+ throws SLCommandoParserException {
+ final JsonElement internal = getAndCheck(input, keyID, isRequired);
+ return getMapOfStringElements(internal);
+
+ }
+
+ /**
+ * Extract Map of Key/Value pairs from a JSON Element
+ *
+ * @param input
+ * @return
+ * @throws SLCommandoParserException
+ */
+ public static Map<String, String> getMapOfStringElements(JsonElement input)
+ throws SLCommandoParserException {
+ final Map<String, String> result = new HashMap<>();
+
+ if (input != null) {
+ if (input.isJsonArray()) {
+ final Iterator<JsonElement> arrayIterator = input.getAsJsonArray().iterator();
+ while (arrayIterator.hasNext()) {
+ final JsonElement next = arrayIterator.next();
+ final Iterator<Entry<String, JsonElement>> entry = next.getAsJsonObject().entrySet().iterator();
+ entitySetToMap(result, entry);
+
+ }
+
+ } else if (input.isJsonObject()) {
+ final Iterator<Entry<String, JsonElement>> objectKeys = input.getAsJsonObject().entrySet().iterator();
+ entitySetToMap(result, objectKeys);
+
+ } else {
+ throw new SLCommandoParserException("JSON Element IS NOT a JSON array or a JSON object");
+ }
+
+ }
+
+ return result;
+ }
+
+ private static void entitySetToMap(Map<String, String> result, Iterator<Entry<String, JsonElement>> entry) {
+ while (entry.hasNext()) {
+ final Entry<String, JsonElement> el = entry.next();
+ if (result.containsKey(el.getKey())) {
+ log.info("Attr. Map already contains Element with Key: " + el.getKey() + ". Overwrite element ... ");
+ }
+
+ result.put(el.getKey(), el.getValue().getAsString());
+
+ }
+
+ }
+
+ public static JsonElement extractSL20Result(JsonObject command, IJOSETools decrypter,
+ boolean mustBeEncrypted) throws SL20Exception {
+ final JsonElement result = command.get(SL20Constants.SL20_COMMAND_CONTAINER_RESULT);
+ final JsonElement encryptedResult = command.get(SL20Constants.SL20_COMMAND_CONTAINER_ENCRYPTEDRESULT);
+
+ if (result == null && encryptedResult == null) {
+ throw new SLCommandoParserException("NO result OR encryptedResult FOUND.");
+ } else if (encryptedResult == null && mustBeEncrypted) {
+ throw new SLCommandoParserException("result MUST be signed.");
+ } else if (encryptedResult != null && encryptedResult.isJsonPrimitive()) {
+ try {
+ return decrypter.decryptPayload(encryptedResult.getAsString());
+
+ } catch (final Exception e) {
+ log.info("Can NOT decrypt SL20 result. Reason:" + e.getMessage());
+ if (!mustBeEncrypted) {
+ log.warn(
+ "Decrypted results are disabled by configuration. Parse result in plain if it is possible");
+
+ // dummy code
+ try {
+ final String[] signedPayload = encryptedResult.toString().split("\\.");
+ final JsonElement payLoad = new JsonParser().parse(new String(Base64.getUrlDecoder().decode(
+ signedPayload[1])));
+ return payLoad;
+
+ } catch (final Exception e1) {
+ log.debug("DummyCode FAILED, Reason: " + e1.getMessage() + " Ignore it ...");
+ throw new SL20Exception(e.getMessage(), null, e);
+
+ }
+
+ } else {
+ throw e;
+ }
+
+ }
+
+ } else if (result != null) {
+ return result;
+
+ } else {
+ throw new SLCommandoParserException("Internal build error");
+ }
+
+ }
+
+ /**
+ * Extract payLoad from generic transport container
+ *
+ * @param container
+ * @param joseTools
+ * @return
+ * @throws SLCommandoParserException
+ */
+ public static VerificationResult extractSL20PayLoad(JsonObject container, IJOSETools joseTools,
+ boolean mustBeSigned) throws SL20Exception {
+
+ final JsonElement sl20Payload = container.get(SL20Constants.SL20_PAYLOAD);
+ final JsonElement sl20SignedPayload = container.get(SL20Constants.SL20_SIGNEDPAYLOAD);
+
+ if (mustBeSigned && joseTools == null) {
+ throw new SLCommandoParserException("'joseTools' MUST be set if 'mustBeSigned' is 'true'");
+ }
+
+ if (sl20Payload == null && sl20SignedPayload == null) {
+ throw new SLCommandoParserException("NO payLoad OR signedPayload FOUND.");
+ } else if (sl20SignedPayload == null && mustBeSigned) {
+ throw new SLCommandoParserException("payLoad MUST be signed.");
+ } else if (joseTools != null && sl20SignedPayload != null && sl20SignedPayload.isJsonPrimitive()) {
+ return joseTools.validateSignature(sl20SignedPayload.getAsString());
+
+ } else if (sl20Payload != null) {
+ return new VerificationResult(sl20Payload.getAsJsonObject());
+ } else {
+ throw new SLCommandoParserException("Internal build error");
+ }
+
+ }
+
+ /**
+ * Extract generic transport container from httpResponse
+ *
+ * @param httpResp
+ * @return
+ * @throws SLCommandoParserException
+ */
+ public static JsonObject getSL20ContainerFromResponse(HttpResponse httpResp)
+ throws SLCommandoParserException {
+ try {
+ JsonObject sl20Resp = null;
+ if (httpResp.getStatusLine().getStatusCode() == 307) {
+ final Header[] locationHeader = httpResp.getHeaders("Location");
+ if (locationHeader == null) {
+ throw new SLCommandoParserException("Find Redirect statuscode but not Location header");
+ }
+
+ final String sl20RespString = new URIBuilder(locationHeader[0].getValue()).getQueryParams().get(0)
+ .getValue();
+ sl20Resp = new JsonParser().parse(Base64Url.encode(sl20RespString.getBytes())).getAsJsonObject();
+
+ } else if (httpResp.getStatusLine().getStatusCode() == 200) {
+ if (!httpResp.getEntity().getContentType().getValue().startsWith("application/json")) {
+ throw new SLCommandoParserException("SL20 response with a wrong ContentType: " + httpResp
+ .getEntity().getContentType().getValue());
+ }
+ sl20Resp = parseSL20ResultFromResponse(httpResp.getEntity());
+
+ } else if (httpResp.getStatusLine().getStatusCode() == 500 ||
+ httpResp.getStatusLine().getStatusCode() == 401 ||
+ httpResp.getStatusLine().getStatusCode() == 400) {
+ log.info("SL20 response with http-code: " + httpResp.getStatusLine().getStatusCode()
+ + ". Search for error message");
+ sl20Resp = parseSL20ResultFromResponse(httpResp.getEntity());
+
+ } else {
+ throw new SLCommandoParserException("SL20 response with http-code: " + httpResp.getStatusLine()
+ .getStatusCode());
+ }
+
+ log.info("Find JSON object in http response");
+ return sl20Resp;
+
+ } catch (final Exception e) {
+ throw new SLCommandoParserException("SL20 response parsing FAILED! Reason: " + e.getMessage(), e);
+
+ }
+ }
+
+ private static JsonObject parseSL20ResultFromResponse(HttpEntity resp) throws Exception {
+ if (resp != null && resp.getContent() != null) {
+ final JsonElement sl20Resp = new JsonParser().parse(new InputStreamReader(resp.getContent()));
+ if (sl20Resp != null && sl20Resp.isJsonObject()) {
+ return sl20Resp.getAsJsonObject();
+
+ } else {
+ throw new SLCommandoParserException("SL2.0 can NOT parse to a JSON object");
+ }
+
+ } else {
+ throw new SLCommandoParserException("Can NOT find content in http response");
+ }
+
+ }
+
+ private static JsonElement getAndCheck(JsonObject input, String keyID, boolean isRequired)
+ throws SLCommandoParserException {
+ final JsonElement internal = input.get(keyID);
+
+ if (internal == null && isRequired) {
+ throw new SLCommandoParserException("REQUIRED Element with keyId: " + keyID + " does not exist");
+ }
+
+ return internal;
+
+ }
}
diff --git a/id/server/modules/moa-id-module-ssoTransfer/pom.xml b/id/server/modules/moa-id-module-ssoTransfer/pom.xml
index d0869994b..70db729e1 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/pom.xml
+++ b/id/server/modules/moa-id-module-ssoTransfer/pom.xml
@@ -3,7 +3,7 @@
<parent>
<groupId>MOA.id.server.modules</groupId>
<artifactId>moa-id-modules</artifactId>
- <version>4.1.5</version>
+ <version>4.2.0</version>
</parent>
<artifactId>moa-id-module-ssoTransfer</artifactId>
<name>MOA-ID_SSO_Transfer_modul</name>
@@ -36,14 +36,14 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
- <version>1.52</version>
+ <version>1.70</version>
<!-- <scope>provided</scope> -->
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk15on</artifactId>
- <version>1.52</version>
+ <version>1.70</version>
</dependency>
<dependency>
diff --git a/id/server/modules/moa-id-modules-federated_authentication/pom.xml b/id/server/modules/moa-id-modules-federated_authentication/pom.xml
index 1148ab31c..4e72ede0c 100644
--- a/id/server/modules/moa-id-modules-federated_authentication/pom.xml
+++ b/id/server/modules/moa-id-modules-federated_authentication/pom.xml
@@ -3,7 +3,7 @@
<parent>
<groupId>MOA.id.server.modules</groupId>
<artifactId>moa-id-modules</artifactId>
- <version>4.1.5</version>
+ <version>4.2.0</version>
</parent>
<artifactId>moa-id-modules-federated_authentication</artifactId>
<description>PVP2 ServiceProvider implementation for federated authentication</description>
diff --git a/id/server/modules/moa-id-modules-saml1/pom.xml b/id/server/modules/moa-id-modules-saml1/pom.xml
index d2cd5686e..a05794be6 100644
--- a/id/server/modules/moa-id-modules-saml1/pom.xml
+++ b/id/server/modules/moa-id-modules-saml1/pom.xml
@@ -3,7 +3,7 @@
<parent>
<groupId>MOA.id.server.modules</groupId>
<artifactId>moa-id-modules</artifactId>
- <version>4.1.5</version>
+ <version>4.2.0</version>
</parent>
<artifactId>moa-id-module-saml1</artifactId>
diff --git a/id/server/modules/module-monitoring/pom.xml b/id/server/modules/module-monitoring/pom.xml
index 5b19d44c0..cd9c1087e 100644
--- a/id/server/modules/module-monitoring/pom.xml
+++ b/id/server/modules/module-monitoring/pom.xml
@@ -5,7 +5,7 @@
<parent>
<groupId>MOA.id.server.modules</groupId>
<artifactId>moa-id-modules</artifactId>
- <version>4.1.5</version>
+ <version>4.2.0</version>
</parent>
<artifactId>moa-id-module-monitoring</artifactId>
diff --git a/id/server/modules/pom.xml b/id/server/modules/pom.xml
index d2bce7b0d..7fd7107e9 100644
--- a/id/server/modules/pom.xml
+++ b/id/server/modules/pom.xml
@@ -5,7 +5,7 @@
<parent>
<groupId>MOA.id</groupId>
<artifactId>moa-id</artifactId>
- <version>4.1.5</version>
+ <version>4.2.0</version>
</parent>
<groupId>MOA.id.server.modules</groupId>
@@ -36,7 +36,10 @@
<module>moa-id-module-sl20_authentication</module>
<module>moa-id-module-AT_eIDAS_connector</module>
- <module>moa-id-module-E-ID_connector</module>
+ <module>moa-id-module-E-ID_connector</module>
+ <module>moa-id-module-dummyAuth</module>
+ <module>moa-id-module-ehvd_integration</module>
+
</modules>
<dependencies>
diff --git a/id/server/pom.xml b/id/server/pom.xml
index e9fb44b80..8e9d1a14c 100644
--- a/id/server/pom.xml
+++ b/id/server/pom.xml
@@ -4,7 +4,7 @@
<parent>
<groupId>MOA</groupId>
<artifactId>id</artifactId>
- <version>4.1.5</version>
+ <version>4.2.0</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/id/server/proxy/.gitignore b/id/server/proxy/.gitignore
deleted file mode 100644
index 4dc009173..000000000
--- a/id/server/proxy/.gitignore
+++ /dev/null
@@ -1,2 +0,0 @@
-/target
-/bin
diff --git a/id/server/proxy/pom.xml b/id/server/proxy/pom.xml
deleted file mode 100644
index 4a18f6b2e..000000000
--- a/id/server/proxy/pom.xml
+++ /dev/null
@@ -1,152 +0,0 @@
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <parent>
- <groupId>MOA.id</groupId>
- <artifactId>moa-id</artifactId>
- <version>4.0.1-snapshot</version>
- </parent>
-
- <properties>
- <repositoryPath>${basedir}/../../../repository</repositoryPath>
- </properties>
-
- <repositories>
- <repository>
- <id>shibboleth.internet2.edu</id>
- <name>Internet2</name>
- <url>https://apps.egiz.gv.at/shibboleth_nexus/</url>
- </repository>
- </repositories>
-
- <modelVersion>4.0.0</modelVersion>
- <groupId>MOA.id.server</groupId>
- <artifactId>moa-id-proxy</artifactId>
- <version>${moa-id-proxy-version}</version>
- <packaging>war</packaging>
- <name>MOA ID-Proxy WebService</name>
-
- <build>
- <plugins>
-<!-- <plugin>
- <groupId>org.codehaus.mojo</groupId>
- <artifactId>properties-maven-plugin</artifactId>
- <version>1.0-alpha-2</version>
- <executions>
- <execution>
- <phase>initialize</phase>
- <goals>
- <goal>read-project-properties</goal>
- </goals>
- <configuration>
- <files>
- <file>${basedir}/../../../moa-id.properties</file>
- </files>
- </configuration>
- </execution>
- </executions>
- </plugin> -->
-
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-war-plugin</artifactId>
- <version>2.1.1</version>
- <!-- <version>2.0.2</version>-->
- <configuration>
- <archive>
- <manifest>
- <addDefaultSpecificationEntries>false</addDefaultSpecificationEntries>
- <addDefaultImplementationEntries>true</addDefaultImplementationEntries>
- </manifest>
- <addMavenDescriptor>false</addMavenDescriptor>
- </archive>
-<!--
- <webResources>
- <resource>
- <directory>${basedir}/../resources</directory>
- <targetPath>WEB-INF/classes/resources</targetPath>
- </resource>
- <resource>
- <directory>${basedir}/../services</directory>
- <targetPath>WEB-INF/classes/META-INF/services</targetPath>
- </resource>
- </webResources>
--->
- </configuration>
- </plugin>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-compiler-plugin</artifactId>
- <configuration>
- <source>1.7</source>
- <target>1.7</target>
- </configuration>
- </plugin>
- </plugins>
- </build>
-
- <dependencies>
- <!-- we need Axis 1.1 here, 1.0 is included in SPSS -->
- <dependency>
- <groupId>axis</groupId>
- <artifactId>axis</artifactId>
- </dependency>
- <dependency>
- <groupId>MOA.spss.server</groupId>
- <artifactId>moa-spss-lib</artifactId>
- </dependency>
- <dependency>
- <groupId>MOA.id.server</groupId>
- <artifactId>moa-id-lib</artifactId>
- <!--version>${project.version}</version-->
- </dependency>
- <!-- transitive dependencies we don't want to include into the war -->
- <dependency>
- <groupId>iaik.prod</groupId>
- <artifactId>iaik_jce_full</artifactId>
- <!-- should be in the ext directory of the jre -->
- <scope>provided</scope>
- </dependency>
- <dependency>
- <groupId>iaik.prod</groupId>
- <artifactId>iaik_ecc</artifactId>
- <!-- should be in the ext directory of the jre -->
- <scope>provided</scope>
- </dependency>
- <dependency>
- <groupId>iaik.prod</groupId>
- <artifactId>iaik_Pkcs11Provider</artifactId>
- <!-- should be in the ext directory of the jre -->
- <scope>provided</scope>
- </dependency>
- <dependency>
- <groupId>iaik.prod</groupId>
- <artifactId>iaik_Pkcs11Wrapper</artifactId>
- <!-- should be in the ext directory of the jre -->
- <scope>provided</scope>
- </dependency>
- <dependency>
- <groupId>xalan-bin-dist</groupId>
- <artifactId>xalan</artifactId>
- <!-- should be provided by the container or jre -->
- <scope>provided</scope>
- </dependency>
- <dependency>
- <groupId>xerces</groupId>
- <artifactId>xercesImpl</artifactId>
- <!-- should be provided by the container or jre -->
- <scope>provided</scope>
- </dependency>
- <dependency>
- <groupId>xalan-bin-dist</groupId>
- <artifactId>xml-apis</artifactId>
- <!-- should be provided by the container or jre -->
- <scope>provided</scope>
- </dependency>
- <dependency>
- <groupId>xalan-bin-dist</groupId>
- <artifactId>serializer</artifactId>
- <!-- should be provided by the container or jre -->
- <scope>provided</scope>
- </dependency>
- </dependencies>
-
-</project>
diff --git a/id/server/proxy/src/main/webapp/META-INF/MANIFEST.MF b/id/server/proxy/src/main/webapp/META-INF/MANIFEST.MF
deleted file mode 100644
index 58630c02e..000000000
--- a/id/server/proxy/src/main/webapp/META-INF/MANIFEST.MF
+++ /dev/null
@@ -1,2 +0,0 @@
-Manifest-Version: 1.0
-
diff --git a/id/server/proxy/src/main/webapp/WEB-INF/web.xml b/id/server/proxy/src/main/webapp/WEB-INF/web.xml
deleted file mode 100644
index 57926f207..000000000
--- a/id/server/proxy/src/main/webapp/WEB-INF/web.xml
+++ /dev/null
@@ -1,82 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE web-app PUBLIC '-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN' 'http://java.sun.com/dtd/web-app_2_3.dtd'>
-<web-app>
- <display-name>MOA ID Proxy</display-name>
- <description>MOA ID Proxy Service</description>
-
- <filter>
- <filter-name>ParameterInOrder Filter</filter-name>
- <filter-class>at.gv.egovernment.moa.id.util.ParameterInOrderFilter</filter-class>
- </filter>
- <filter-mapping>
- <filter-name>ParameterInOrder Filter</filter-name>
- <url-pattern>/*</url-pattern>
- </filter-mapping>
-
- <servlet>
- <servlet-name>Proxy</servlet-name>
- <display-name>Proxy</display-name>
- <description>Forwards requests to the online application</description>
- <servlet-class>at.gv.egovernment.moa.id.proxy.servlet.ProxyServlet</servlet-class>
- <load-on-startup>0</load-on-startup>
- </servlet>
- <servlet>
- <servlet-name>ConfigurationUpdate</servlet-name>
- <display-name>ConfigurationUpdate</display-name>
- <description>Update MOA-ID Proxy configuration from the configuration file</description>
- <servlet-class>at.gv.egovernment.moa.id.proxy.servlet.ConfigurationServlet</servlet-class>
- </servlet>
-
- <!-- JSP servlet -->
- <servlet>
- <servlet-name>jspservlet</servlet-name>
- <servlet-class>org.apache.jasper.servlet.JspServlet</servlet-class>
- </servlet>
-
- <!-- servlet mapping for jsp pages -->
- <!-- errorpage.jsp (customizeable) -->
- <servlet-mapping>
- <servlet-name>jspservlet</servlet-name>
- <url-pattern>/errorpage-proxy.jsp</url-pattern>
- </servlet-mapping>
- <!-- message-proxy.jsp (customizeable) used for non error messages (e.g. ConfigurationUpdate) -->
- <servlet-mapping>
- <servlet-name>jspservlet</servlet-name>
- <url-pattern>/message-proxy.jsp</url-pattern>
- </servlet-mapping>
-
- <servlet-mapping>
- <servlet-name>ConfigurationUpdate</servlet-name>
- <url-pattern>/ConfigurationUpdate</url-pattern>
- </servlet-mapping>
- <servlet-mapping>
- <servlet-name>Proxy</servlet-name>
- <url-pattern>/*</url-pattern>
- </servlet-mapping>
- <session-config>
- <session-timeout>30</session-timeout>
- </session-config>
- <error-page>
- <error-code>500</error-code>
- <location>/errorpage-proxy.jsp</location>
- </error-page>
- <security-constraint>
- <web-resource-collection>
- <web-resource-name>ConfigurationUpdate</web-resource-name>
- <url-pattern>/ConfigurationUpdate</url-pattern>
- </web-resource-collection>
- <auth-constraint>
- <role-name>moa-admin</role-name>
- </auth-constraint>
- </security-constraint>
- <login-config>
- <auth-method>BASIC</auth-method>
- <realm-name>UserDatabase</realm-name>
- </login-config>
- <security-role>
- <description>
- The role that is required to log in to the moa Application
- </description>
- <role-name>moa-admin</role-name>
- </security-role>
-</web-app>
diff --git a/id/server/proxy/src/main/webapp/errorpage-proxy.jsp b/id/server/proxy/src/main/webapp/errorpage-proxy.jsp
deleted file mode 100644
index 07f3e7f69..000000000
--- a/id/server/proxy/src/main/webapp/errorpage-proxy.jsp
+++ /dev/null
@@ -1,50 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
-<%@ page contentType="text/html; charset=UTF-8" %>
-<html>
-<head>
-<title>Ein Fehler ist aufgetreten</title>
-</head>
-<% Throwable exceptionThrown = (Throwable)request.getAttribute("ExceptionThrown");
- String errorMessage = (String)request.getAttribute("ErrorMessage");
- String wrongParameters = (String)request.getAttribute("WrongParameters");
-%>
-
-<body>
-<h1>Fehler bei der Anmeldung</h1>
-<p>Bei der Anmeldung ist ein Fehler aufgetreten.</p>
-
-<% if (errorMessage != null) { %>
-<p>
-<%= errorMessage%><br>
-</p>
-<% } %>
-<% if (exceptionThrown != null) { %>
-<p>
-<%= exceptionThrown.getMessage()%>
-</p>
-<% } %>
-<% if (wrongParameters != null) { %>
-<p>Die Angabe der Parameter ist unvollst&auml;ndig.<br></p>
-<b> <%= wrongParameters %> </b><br>
-<p>
- Beispiele f&uuml;r korrekte Links zur MOA-ID Authentisierung sind:
-</p>
-<p>
-<tt>&lt;a href="https://&lt;MOA-URL&gt;/StartAuthentication?Target=&lt;Gesch&auml;ftsbereich&gt;&amp;OA=&lt;OA-URL&gt;&amp;Template=&lt;Template-URL&gt;&quot;&gt;</tt>
-</p>
-<p>
-<tt>&lt;a href="https://&lt;MOA-URL&gt;/SelectBKU?Target=&lt;Gesch&auml;ftsbereich&gt;&amp;OA=&lt;OA-URL&gt;&amp;Template=&lt;Template-URL&gt;&amp;BKUSelectionTemplate=&lt;BKU-Template-URL&gt;&quot;&gt;</tt>
-</p>
-<p>
-Im Falle einer Applikation aus dem privatwirtschaftlichen Bereich (type="businessService") entf&auml;llt die Angabe des <i>Target</i> Parameters:
-</p>
-<p>
-<tt>&lt;a href="https://&lt;MOA-URL&gt;/StartAuthentication?OA=&lt;OA-URL&gt;&amp;Template=&lt;Template-URL&gt;&quot;&gt;</tt>
-</p>
-<p>
-<tt>&lt;a href="https://&lt;MOA-URL&gt;/SelectBKU?OA=&lt;OA-URL&gt;&amp;Template=&lt;Template-URL&gt;&amp;BKUSelectionTemplate=&lt;BKU-Template-URL&gt;&quot;&gt;</tt>
-</p>
-<p>Die Angabe der Parameter <tt>&quot;Template&quot;</tt> und <tt>&quot;BKUSelectionTemplate&quot;</tt> ist optional.</p>
-<% } %>
-</body>
-</html> \ No newline at end of file
diff --git a/id/server/proxy/src/main/webapp/message-proxy.jsp b/id/server/proxy/src/main/webapp/message-proxy.jsp
deleted file mode 100644
index 0d970898a..000000000
--- a/id/server/proxy/src/main/webapp/message-proxy.jsp
+++ /dev/null
@@ -1,20 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
-<%@ page contentType="text/html; charset=UTF-8" %>
-<html>
-<head>
-<title>MOA-ID Proxy</title>
-</head>
-<% String message = (String)request.getAttribute("Message");
-%>
-
-<body>
-<h1>MOA-ID Proxy</h1>
-
-<% if (message != null) { %>
-<p>
-<%= message%><br>
-</p>
-<% } %>
-
-</body>
-</html> \ No newline at end of file