aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/test/java/at/gv
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/test/java/at/gv')
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/BooleanStringExpressionEvaluator.java24
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/HalloWeltTask.java19
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/HelloWorldTask.java19
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/ProcessDefinitionParserTest.java137
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/ProcessEngineTest.java67
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/ExpressionContextAdapter.java52
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionForSAML1Authentication.xml54
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionWithExpression1.xml19
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SimplePojo.java41
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest-context.xml30
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest.java66
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionEvaluatorTest-context.xml14
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionEvaluatorTest.java54
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/CreateSAML1AssertionTask.java54
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/GetIdentityLinkTask.java50
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/IdentityLink_Max_Mustermann.xml52
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SAML1Assertion.xml487
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SelectBKUTask.java33
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SignAuthBlockTask.java52
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SignedAuthBlock.xml179
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/ValidateIdentityLinkTask.java42
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/ValidateSignedAuthBlockTask.java46
22 files changed, 756 insertions, 835 deletions
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/BooleanStringExpressionEvaluator.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/BooleanStringExpressionEvaluator.java
new file mode 100644
index 000000000..c51f5fe66
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/BooleanStringExpressionEvaluator.java
@@ -0,0 +1,24 @@
+package at.gv.egovernment.moa.id.process.process_engine.test;
+
+import java.util.Objects;
+
+import org.apache.commons.lang3.BooleanUtils;
+
+import at.gv.egovernment.moa.id.process.api.ExpressionEvaluationContext;
+import at.gv.egovernment.moa.id.process.api.ExpressionEvaluator;
+
+/**
+ * Expression evaluator that guesses the boolean value from a String. Refer to {@link BooleanUtils#toBoolean(String)}
+ * for further information.
+ *
+ * @author tknall
+ *
+ */
+public class BooleanStringExpressionEvaluator implements ExpressionEvaluator {
+
+ @Override
+ public boolean evaluate(ExpressionEvaluationContext expressionContext, String expression) {
+ return BooleanUtils.toBoolean(Objects.requireNonNull(expression, "Expression must not be null."));
+ }
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/HalloWeltTask.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/HalloWeltTask.java
new file mode 100644
index 000000000..1a8de811b
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/HalloWeltTask.java
@@ -0,0 +1,19 @@
+package at.gv.egovernment.moa.id.process.process_engine.test;
+
+import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+import at.gv.egovernment.moa.id.process.api.Task;
+
+/**
+ * Simple task that just outputs a "Hallo World" text to the console.
+ *
+ * @author tknall
+ *
+ */
+public class HalloWeltTask implements Task {
+
+ @Override
+ public void execute(ExecutionContext executionContext) {
+ System.out.println("Hallo Welt");
+ }
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/HelloWorldTask.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/HelloWorldTask.java
new file mode 100644
index 000000000..6ce3091dd
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/HelloWorldTask.java
@@ -0,0 +1,19 @@
+package at.gv.egovernment.moa.id.process.process_engine.test;
+
+import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+import at.gv.egovernment.moa.id.process.api.Task;
+
+/**
+ * Simple task that just outputs a "Hello World" text to the console.
+ *
+ * @author tknall
+ *
+ */
+public class HelloWorldTask implements Task {
+
+ @Override
+ public void execute(ExecutionContext executionContext) {
+ System.out.println("Hello World");
+ }
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/ProcessDefinitionParserTest.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/ProcessDefinitionParserTest.java
new file mode 100644
index 000000000..e20f4bfe8
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/ProcessDefinitionParserTest.java
@@ -0,0 +1,137 @@
+package at.gv.egovernment.moa.id.process.process_engine.test;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertTrue;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+import org.junit.Test;
+
+import at.gv.egovernment.moa.id.process.ProcessDefinitionParser;
+import at.gv.egovernment.moa.id.process.ProcessDefinitionParserException;
+import at.gv.egovernment.moa.id.process.model.EndEvent;
+import at.gv.egovernment.moa.id.process.model.ProcessDefinition;
+import at.gv.egovernment.moa.id.process.model.ProcessNode;
+import at.gv.egovernment.moa.id.process.model.StartEvent;
+import at.gv.egovernment.moa.id.process.model.TaskInfo;
+import at.gv.egovernment.moa.id.process.model.Transition;
+
+public class ProcessDefinitionParserTest {
+
+ @Test(expected = ProcessDefinitionParserException.class)
+ public void testParseInvalidProcessDefinition_MultipleStartEvents() throws IOException, ProcessDefinitionParserException {
+ try (InputStream in = getClass().getResourceAsStream("InvalidProcessDefinition_MultipleStartEvents.xml")) {
+ new ProcessDefinitionParser().parse(in);
+ }
+ }
+
+ @Test(expected = ProcessDefinitionParserException.class)
+ public void testParseInvalidProcessDefinition_TransitionLoop() throws IOException, ProcessDefinitionParserException {
+ try (InputStream in = getClass().getResourceAsStream("InvalidProcessDefinition_TransitionLoop.xml")) {
+ new ProcessDefinitionParser().parse(in);
+ }
+ }
+
+ @Test(expected = ProcessDefinitionParserException.class)
+ public void testParseInvalidProcessDefinition_TransitionStartsFromEndEvent() throws IOException, ProcessDefinitionParserException {
+ try (InputStream in = getClass().getResourceAsStream("InvalidProcessDefinition_TransitionStartsFromEndEvent.xml")) {
+ new ProcessDefinitionParser().parse(in);
+ }
+ }
+
+ @Test(expected = ProcessDefinitionParserException.class)
+ public void testParseInvalidProcessDefinition_TransitionRefsTransition() throws IOException, ProcessDefinitionParserException {
+ try (InputStream in = getClass().getResourceAsStream("InvalidProcessDefinition_TransitionRefsTransition.xml")) {
+ new ProcessDefinitionParser().parse(in);
+ }
+ }
+
+ @Test(expected = ProcessDefinitionParserException.class)
+ public void testParseInvalidProcessDefinition_NoStartEvents() throws IOException, ProcessDefinitionParserException {
+ try (InputStream in = getClass().getResourceAsStream("InvalidProcessDefinition_NoStartEvents.xml")) {
+ new ProcessDefinitionParser().parse(in);
+ }
+ }
+
+ @Test
+ public void testParseSampleProcessDefinition() throws IOException, ProcessDefinitionParserException {
+ try (InputStream in = getClass().getResourceAsStream("SampleProcessDefinition1.xml")) {
+
+ ProcessDefinitionParser parser = new ProcessDefinitionParser();
+ ProcessDefinition pd = parser.parse(in);
+
+ assertNotNull(pd);
+ assertEquals("SampleProcess1", pd.getId());
+
+ // first assert tasks then transitions
+ // start event
+ StartEvent startEvent = pd.getStartEvent();
+ assertNotNull(startEvent);
+ assertEquals("start", startEvent.getId());
+ assertEquals(startEvent, pd.getProcessNode("start"));
+ // task1
+ ProcessNode processNode = pd.getProcessNode("task1");
+ assertNotNull(processNode);
+ assertTrue(processNode instanceof TaskInfo);
+ TaskInfo task1 = (TaskInfo) processNode;
+ assertEquals("task1", task1.getId());
+ assertFalse(task1.isAsync());
+ // task2
+ processNode = pd.getProcessNode("task2");
+ assertNotNull(processNode);
+ assertTrue(processNode instanceof TaskInfo);
+ TaskInfo task2 = (TaskInfo) processNode;
+ assertEquals("task2", task2.getId());
+ assertTrue(task2.isAsync());
+ // end event
+ processNode = pd.getProcessNode("end");
+ assertNotNull(processNode);
+ assertTrue(processNode instanceof EndEvent);
+ EndEvent endEvent = (EndEvent) processNode;
+ assertEquals("end", endEvent.getId());
+
+ // assert transitions
+ // start event
+ assertNotNull(startEvent.getIncomingTransitions());
+ assertTrue(startEvent.getIncomingTransitions().isEmpty());
+ assertNotNull(startEvent.getOutgoingTransitions());
+ assertEquals(1, startEvent.getOutgoingTransitions().size());
+ // transition from start to task1
+ Transition startToTask1 = startEvent.getOutgoingTransitions().get(0);
+ assertEquals("fromStart", startToTask1.getId());
+ assertEquals(startEvent, startToTask1.getFrom());
+ assertEquals(task1, startToTask1.getTo());
+ assertEquals("true", startToTask1.getConditionExpression());
+ // task1
+ assertNotNull(task1.getIncomingTransitions());
+ assertEquals(1, task1.getIncomingTransitions().size());
+ assertEquals(startToTask1, task1.getIncomingTransitions().get(0));
+ assertNotNull(task1.getOutgoingTransitions());
+ assertEquals(1, task1.getOutgoingTransitions().size());
+ // transition from task1 to task2
+ Transition task1ToTask2 = task1.getOutgoingTransitions().get(0);
+ assertNull(task1ToTask2.getId());
+ assertEquals(task1, task1ToTask2.getFrom());
+ assertEquals(task2, task1ToTask2.getTo());
+ assertNull(task1ToTask2.getConditionExpression());
+ // task2
+ assertNotNull(task2.getIncomingTransitions());
+ assertEquals(1, task2.getIncomingTransitions().size());
+ assertEquals(task1ToTask2, task2.getIncomingTransitions().get(0));
+ assertNotNull(task2.getOutgoingTransitions());
+ assertEquals(1, task2.getOutgoingTransitions().size());
+ // transition from task2 to end
+ Transition task2ToEnd = task2.getOutgoingTransitions().get(0);
+ assertNull(task2ToEnd.getId());
+ assertEquals(task2, task2ToEnd.getFrom());
+ assertEquals(endEvent, task2ToEnd.getTo());
+ assertNull(task2ToEnd.getConditionExpression());
+
+ }
+ }
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/ProcessEngineTest.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/ProcessEngineTest.java
new file mode 100644
index 000000000..04a7a659d
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/ProcessEngineTest.java
@@ -0,0 +1,67 @@
+package at.gv.egovernment.moa.id.process.process_engine.test;
+
+import static at.gv.egovernment.moa.id.process.ProcessInstanceState.ENDED;
+import static at.gv.egovernment.moa.id.process.ProcessInstanceState.NOT_STARTED;
+import static at.gv.egovernment.moa.id.process.ProcessInstanceState.SUSPENDED;
+import static org.junit.Assert.assertEquals;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+import at.gv.egovernment.moa.id.process.ProcessDefinitionParser;
+import at.gv.egovernment.moa.id.process.ProcessDefinitionParserException;
+import at.gv.egovernment.moa.id.process.ProcessEngine;
+import at.gv.egovernment.moa.id.process.ProcessEngineImpl;
+import at.gv.egovernment.moa.id.process.ProcessExecutionException;
+import at.gv.egovernment.moa.id.process.ProcessInstance;
+
+public class ProcessEngineTest {
+
+ private static ProcessEngine pe;
+
+ @BeforeClass
+ public static void init() throws IOException, ProcessDefinitionParserException {
+ ProcessDefinitionParser pdp = new ProcessDefinitionParser();
+ pe = new ProcessEngineImpl();
+ ((ProcessEngineImpl) pe).setTransitionConditionExpressionEvaluator(new BooleanStringExpressionEvaluator());
+ try (InputStream in = ProcessEngineTest.class.getResourceAsStream("SampleProcessDefinition1.xml")) {
+ ((ProcessEngineImpl) pe).registerProcessDefinition(pdp.parse(in));
+ }
+ try (InputStream in = ProcessEngineTest.class.getResourceAsStream("SampleProcessDefinition2.xml")) {
+ ((ProcessEngineImpl) pe).registerProcessDefinition(pdp.parse(in));
+ }
+ }
+
+ @Test
+ public void testSampleProcess1() throws IOException, ProcessDefinitionParserException, ProcessExecutionException {
+ ProcessInstance pi = pe.createProcessInstance("SampleProcess1");
+ assertEquals(NOT_STARTED, pi.getState());
+ // start process
+ pe.start(pi);
+ assertEquals(SUSPENDED, pi.getState());
+ System.out.println("Do something asynchronously");
+ pe.signal(pi);
+ assertEquals(ENDED, pi.getState());
+ }
+
+ @Test
+ public void testSampleProcess2() throws IOException, ProcessDefinitionParserException, ProcessExecutionException {
+ ProcessInstance pi = pe.createProcessInstance("SampleProcess2");
+ assertEquals(NOT_STARTED, pi.getState());
+ // start process
+ pe.start(pi);
+ assertEquals(SUSPENDED, pi.getState());
+ System.out.println("Do something asynchronously");
+ pe.signal(pi);
+ assertEquals(ENDED, pi.getState());
+ }
+
+ @Test(expected = IllegalArgumentException.class)
+ public void testProcessInstanceDoesNotExist() {
+ pe.getProcessInstance("does not exist");
+ }
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/ExpressionContextAdapter.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/ExpressionContextAdapter.java
new file mode 100644
index 000000000..c26236619
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/ExpressionContextAdapter.java
@@ -0,0 +1,52 @@
+package at.gv.egovernment.moa.id.process.spring.test;
+
+
+import java.io.Serializable;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Map;
+
+import at.gv.egovernment.moa.id.process.api.ExpressionEvaluationContext;
+
+/**
+ * Adapter class for {@link ExpressionEvaluationContext}. Intended to be used for testing purposes.
+ *
+ * @author tknall
+ *
+ */
+public class ExpressionContextAdapter implements ExpressionEvaluationContext {
+
+ private static final long serialVersionUID = 1L;
+
+ private Map<String, Serializable> ctxData = Collections.synchronizedMap(new HashMap<String, Serializable>());
+
+ /**
+ * Returns a certain {@link Serializable} object associated with a certain {@code key}.
+ *
+ * @param key
+ * The key.
+ * @return The object or {@code null} if no object was found stored with that key or if a {@code null} value was
+ * stored.
+ */
+ Serializable get(String key) {
+ return ctxData.get(key);
+ }
+
+ /**
+ * Stores a {@link Serializable} with a certain {@code key}.
+ *
+ * @param key
+ * The key.
+ * @param object
+ * The object.
+ */
+ void put(String key, Serializable object) {
+ ctxData.put(key, object);
+ }
+
+ @Override
+ public Map<String, Serializable> getCtx() {
+ return Collections.unmodifiableMap(ctxData);
+ }
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionForSAML1Authentication.xml b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionForSAML1Authentication.xml
deleted file mode 100644
index 6525fb0cd..000000000
--- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionForSAML1Authentication.xml
+++ /dev/null
@@ -1,54 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<pd:ProcessDefinition xmlns:pd="http://www.datentechnik.com/process-engine/processdefinition/v1"
- id="SampleProcessDefinitionForSAML1Authentication">
-
- <!--
- returns String 'bkuURL'
- -->
- <pd:Task id="bkuSelectionTask" class="com.datentechnik.process_engine.spring.test.task.SelectBKUTask" />
-
- <!--
- requires 'bkuURL'
- returns String 'IdentityLink'
- -->
- <pd:Task id="getIdentityLinkTask" class="com.datentechnik.process_engine.spring.test.task.GetIdentityLinkTask" />
-
- <!--
- requires 'IdentityLink'
- returns Boolean 'isIdentityLinkValidated'
- -->
- <pd:Task id="validateIdentityLinkTask" class="com.datentechnik.process_engine.spring.test.task.ValidateIdentityLinkTask" />
-
- <!--
- requires 'IdentityLink', 'isIdentityLinkValidated', 'bkuURL'
- returns String 'SignedAuthBlock'
- -->
- <pd:Task id="signAuthBlockTask" class="com.datentechnik.process_engine.spring.test.task.SignAuthBlockTask" />
-
- <!--
- requires 'IdentityLink', 'isIdentityLinkValidated', 'SignedAuthBlock'
- returns Boolean 'isSignedAuthBlockValidated'
- -->
- <pd:Task id="validateSignedAuthBlockTask" class="com.datentechnik.process_engine.spring.test.task.ValidateSignedAuthBlockTask" />
-
- <!--
- requires 'IdentityLink', 'isIdentityLinkValidated', 'SignedAuthBlock', 'isSignedAuthBlockValidated';
- returns 'SAML1Assertion'
- -->
- <pd:Task id="createAssertionTask" class="com.datentechnik.process_engine.spring.test.task.CreateSAML1AssertionTask" />
-
- <pd:StartEvent id="start" />
- <pd:EndEvent id="end" />
-
- <pd:Transition from="start" to="bkuSelectionTask" conditionExpression="ctx['bkuURL'] == null" />
- <pd:Transition from="start" to="getIdentityLinkTask" />
-
- <pd:Transition from="bkuSelectionTask" to="getIdentityLinkTask" />
- <pd:Transition from="getIdentityLinkTask" to="validateIdentityLinkTask" />
- <pd:Transition from="validateIdentityLinkTask" to="signAuthBlockTask" conditionExpression="ctx['isIdentityLinkValidated']" />
- <pd:Transition from="signAuthBlockTask" to="validateSignedAuthBlockTask" />
- <pd:Transition from="validateSignedAuthBlockTask" to="createAssertionTask" conditionExpression="ctx['isSignedAuthBlockValidated']" />
-
- <pd:Transition from="createAssertionTask" to="end" />
-
-</pd:ProcessDefinition>
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionWithExpression1.xml b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionWithExpression1.xml
deleted file mode 100644
index ef71026ec..000000000
--- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionWithExpression1.xml
+++ /dev/null
@@ -1,19 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<pd:ProcessDefinition xmlns:pd="http://www.datentechnik.com/process-engine/processdefinition/v1"
- id="SampleProcessWithExpression1">
-
- <pd:Task id="task1" />
- <pd:Task id="task2" />
- <pd:Task id="task3" />
- <pd:Task id="task4" />
-
- <pd:StartEvent id="start" />
- <pd:EndEvent id="end" />
-
- <pd:Transition from="start" to="task1" conditionExpression="'true'" />
- <pd:Transition from="task1" to="task2" conditionExpression="'true'" />
- <pd:Transition from="task2" to="task3" conditionExpression="'true'" />
- <pd:Transition from="task3" to="task4" conditionExpression="'true'" />
- <pd:Transition from="task4" to="end" conditionExpression="'true'" />
-
-</pd:ProcessDefinition>
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SimplePojo.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SimplePojo.java
new file mode 100644
index 000000000..89f3c0383
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SimplePojo.java
@@ -0,0 +1,41 @@
+package at.gv.egovernment.moa.id.process.spring.test;
+
+import at.gv.egovernment.moa.id.process.api.ExpressionEvaluator;
+
+/**
+ * A dummy pojo used to test {@link ExpressionEvaluator} with Spring EL referencing Spring beans.
+ *
+ * @author tknall
+ *
+ */
+public class SimplePojo {
+
+ private Boolean booleanValue;
+ private String stringValue;
+ private Integer integerValue;
+
+ public Boolean getBooleanValue() {
+ return booleanValue;
+ }
+
+ public void setBooleanValue(Boolean booleanValue) {
+ this.booleanValue = booleanValue;
+ }
+
+ public String getStringValue() {
+ return stringValue;
+ }
+
+ public void setStringValue(String stringValue) {
+ this.stringValue = stringValue;
+ }
+
+ public Integer getIntegerValue() {
+ return integerValue;
+ }
+
+ public void setIntegerValue(Integer integerValue) {
+ this.integerValue = integerValue;
+ }
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest-context.xml b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest-context.xml
deleted file mode 100644
index eb62d1ae2..000000000
--- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest-context.xml
+++ /dev/null
@@ -1,30 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xmlns:task="http://www.springframework.org/schema/task"
- xsi:schemaLocation="http://www.springframework.org/schema/task http://www.springframework.org/schema/task/spring-task.xsd
- http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">
-
- <bean id="springElAwareExpressionEvaluator" class="com.datentechnik.process_engine.spring.SpringExpressionEvaluator" />
-
- <bean id="processEngine" class="com.datentechnik.process_engine.ProcessEngineImpl">
- <property name="transitionConditionExpressionEvaluator" ref="springElAwareExpressionEvaluator" />
- <property name="processInstanceMaxIdleTimeSeconds" value="600" />
- <property name="processDefinitions">
- <list>
- <bean class="com.datentechnik.process_engine.spring.ProcessDefinitionFactoryBean">
- <property name="resource" value="classpath:com/datentechnik/process_engine/spring/test/SampleProcessDefinitionWithExpression1.xml" />
- </bean>
- <bean class="com.datentechnik.process_engine.spring.ProcessDefinitionFactoryBean">
- <property name="resource" value="classpath:com/datentechnik/process_engine/spring/test/SampleProcessDefinitionForSAML1Authentication.xml" />
- </bean>
- </list>
- </property>
- </bean>
-
- <task:scheduler id="taskScheduler" pool-size="1" />
- <task:scheduled-tasks scheduler="taskScheduler">
- <task:scheduled ref="processEngine" method="cleanup" fixed-delay="60000" />
- </task:scheduled-tasks>
-
-</beans>
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest.java
new file mode 100644
index 000000000..4022a7a15
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest.java
@@ -0,0 +1,66 @@
+package at.gv.egovernment.moa.id.process.spring.test;
+
+import static at.gv.egovernment.moa.id.process.ProcessInstanceState.ENDED;
+import static at.gv.egovernment.moa.id.process.ProcessInstanceState.NOT_STARTED;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+
+import java.io.IOException;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egovernment.moa.id.process.ProcessDefinitionParserException;
+import at.gv.egovernment.moa.id.process.ProcessEngine;
+import at.gv.egovernment.moa.id.process.ProcessExecutionException;
+import at.gv.egovernment.moa.id.process.ProcessInstance;
+import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+
+/**
+ * Tests the process engine using processes based on Spring EL referencing the process context and further Spring beans.
+ *
+ * @author tknall
+ *
+ */
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration
+public class SpringExpressionAwareProcessEngineTest {
+
+ @Autowired
+ private ProcessEngine pe;
+
+ @Test
+ public void testSampleProcessDefinitionWithExpression1() throws IOException, ProcessDefinitionParserException,
+ ProcessExecutionException {
+ ProcessInstance pi = pe.createProcessInstance("SampleProcessWithExpression1");
+ assertEquals(NOT_STARTED, pi.getState());
+ // start process
+ pe.start(pi);
+ assertEquals(ENDED, pi.getState());
+ }
+
+ @Test
+ public void testSampleProcessDefinitionForSAML1Authentication() throws IOException,
+ ProcessDefinitionParserException, ProcessExecutionException {
+ ProcessInstance pi = pe.createProcessInstance("SampleProcessDefinitionForSAML1Authentication");
+ assertEquals(NOT_STARTED, pi.getState());
+ // start process
+ pe.start(pi);
+ assertEquals(ENDED, pi.getState());
+
+ ExecutionContext ec = pi.getExecutionContext();
+ assertNotNull(ec);
+ System.out.println(ec.keySet());
+
+ assertNotNull(ec.get("bkuURL"));
+ assertNotNull(ec.get("IdentityLink"));
+ assertNotNull(ec.get("isIdentityLinkValidated"));
+ assertNotNull(ec.get("SignedAuthBlock"));
+ assertNotNull(ec.get("isSignedAuthBlockValidated"));
+ assertNotNull(ec.get("SAML1Assertion"));
+ }
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionEvaluatorTest-context.xml b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionEvaluatorTest-context.xml
deleted file mode 100644
index dadc6bf81..000000000
--- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionEvaluatorTest-context.xml
+++ /dev/null
@@ -1,14 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">
-
- <bean id="simplePojo" class="com.datentechnik.process_engine.spring.test.SimplePojo">
- <property name="booleanValue" value="true" />
- <property name="integerValue" value="42" />
- <property name="stringValue" value="HelloWorld" />
- </bean>
-
- <bean id="expressionEvaluator" class="com.datentechnik.process_engine.spring.SpringExpressionEvaluator" />
-
-</beans>
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionEvaluatorTest.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionEvaluatorTest.java
new file mode 100644
index 000000000..bc9d1d399
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionEvaluatorTest.java
@@ -0,0 +1,54 @@
+package at.gv.egovernment.moa.id.process.spring.test;
+
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egovernment.moa.id.process.api.ExpressionEvaluator;
+
+/**
+ * Tests the {@link ExpressionEvaluator} using a Spring EL based implementation capable of dereferencing Spring beans.
+ *
+ * @author tknall
+ *
+ */
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration
+public class SpringExpressionEvaluatorTest {
+
+ private ExpressionContextAdapter ctx;
+
+ @Autowired
+ private ExpressionEvaluator expressionEvaluator;
+
+ @Before
+ public void prepareTest() {
+ ctx = new ExpressionContextAdapter();
+ }
+
+ @Test
+ public void testEvaluateSimpleExpression() {
+ assertTrue(expressionEvaluator.evaluate(ctx, "'true'"));
+ }
+
+ @Test
+ public void testEvaluateExpressionWithCtx() {
+ ctx.put("myProperty", false);
+ assertFalse(expressionEvaluator.evaluate(ctx, "ctx['myProperty']"));
+ }
+
+ @Test
+ public void testEvaluateExpressionWithBeanReference() {
+ assertTrue(expressionEvaluator.evaluate(ctx, "@simplePojo.booleanValue"));
+ assertTrue(expressionEvaluator.evaluate(ctx, "'HelloWorld'.equals(@simplePojo.stringValue)"));
+ assertTrue(expressionEvaluator.evaluate(ctx, "@simplePojo.integerValue == 42"));
+ assertTrue(expressionEvaluator.evaluate(ctx, "@simplePojo.stringValue.length() == 10"));
+ }
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/CreateSAML1AssertionTask.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/CreateSAML1AssertionTask.java
new file mode 100644
index 000000000..7e56071bd
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/CreateSAML1AssertionTask.java
@@ -0,0 +1,54 @@
+package at.gv.egovernment.moa.id.process.spring.test.task;
+
+import java.io.InputStream;
+import java.nio.charset.Charset;
+import java.util.Objects;
+
+import org.apache.commons.io.IOUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+import at.gv.egovernment.moa.id.process.api.Task;
+
+/**
+ * A dummy task simulating the creation of a SAML1 assertion.
+ * <p>
+ * Requires context data:
+ * <ul>
+ * <li>{@code IdentityLink}</li>
+ * <li>{@code isIdentityLinkValidated}</li>
+ * <li>{@code SignedAuthBlock}</li>
+ * <li>{@code isSignedAuthBlockValidated}</li>
+ * </ul>
+ * </p>
+ * <p>
+ * Enriches context data with:
+ * <ul>
+ * <li>{@code SAML1Assertion}</li>
+ * </ul>
+ * </p>
+ *
+ * @author tknall
+ *
+ */
+public class CreateSAML1AssertionTask implements Task {
+
+ private Logger log = LoggerFactory.getLogger(getClass());
+
+ @Override
+ public void execute(ExecutionContext executionContext) throws Exception {
+ Objects.requireNonNull(executionContext.get("IdentityLink"));
+ assert (Boolean.TRUE.equals(Objects.requireNonNull(executionContext.get("isIdentityLinkValidated"))));
+ Objects.requireNonNull(executionContext.get("SignedAuthBlock"));
+ assert (Boolean.TRUE.equals(Objects.requireNonNull(executionContext.get("isSignedAuthBlockValidated"))));
+
+ log.debug("Using IdentityLink and signed auth block in order to create SAML1 assertion.");
+
+ try (InputStream in = getClass().getResourceAsStream("SAML1Assertion.xml")) {
+ executionContext.put("SAML1Assertion", IOUtils.toString(in, Charset.forName("UTF-8")));
+ }
+
+ }
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/GetIdentityLinkTask.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/GetIdentityLinkTask.java
new file mode 100644
index 000000000..412fb0123
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/GetIdentityLinkTask.java
@@ -0,0 +1,50 @@
+package at.gv.egovernment.moa.id.process.spring.test.task;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.nio.charset.Charset;
+import java.util.Objects;
+
+import org.apache.commons.io.IOUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+import at.gv.egovernment.moa.id.process.api.Task;
+
+/**
+ * A dummy task simulating the retrieval of an IdentityLink.
+ * <p/>
+ * Asynchonous
+ * <p>
+ * Requires context data:
+ * <ul>
+ * <li>{@code bkuURL}</li>
+ * </ul>
+ * </p>
+ * <p>
+ * Enriches context data with:
+ * <ul>
+ * <li>{@code IdentityLink}</li>
+ * </ul>
+ * </p>
+ *
+ * @author tknall
+ *
+ */
+public class GetIdentityLinkTask implements Task {
+
+ private Logger log = LoggerFactory.getLogger(getClass());
+
+ @Override
+ public void execute(ExecutionContext executionContext) throws IOException {
+ Objects.requireNonNull(executionContext.get("bkuURL"));
+
+ log.debug("Using bkuURL in order to retrieve IdentityLink.");
+
+ try (InputStream in = getClass().getResourceAsStream("IdentityLink_Max_Mustermann.xml")) {
+ executionContext.put("IdentityLink", IOUtils.toString(in, Charset.forName("UTF-8")));
+ }
+ }
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/IdentityLink_Max_Mustermann.xml b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/IdentityLink_Max_Mustermann.xml
deleted file mode 100644
index c68972f13..000000000
--- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/IdentityLink_Max_Mustermann.xml
+++ /dev/null
@@ -1,52 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?><saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:si="http://www.w3.org/2001/XMLSchema-instance" AssertionID="szr.bmi.gv.at-AssertionID132860852347311974" IssueInstant="2012-02-07T10:55:23+01:00" Issuer="http://portal.bmi.gv.at/ref/szr/issuer" MajorVersion="1" MinorVersion="0">
- <saml:AttributeStatement>
- <saml:Subject>
- <saml:SubjectConfirmation>
- <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod>
- <saml:SubjectConfirmationData>
- <pr:Person si:type="pr:PhysicalPersonType"><pr:Identification><pr:Value>tqCQEC7+AqGEeeL390V5Jg==</pr:Value><pr:Type>urn:publicid:gv.at:baseid</pr:Type></pr:Identification><pr:Name><pr:GivenName>Max</pr:GivenName><pr:FamilyName primary="undefined">Mustermann</pr:FamilyName></pr:Name><pr:DateOfBirth>1940-01-01</pr:DateOfBirth></pr:Person>
- </saml:SubjectConfirmationData>
- </saml:SubjectConfirmation>
- </saml:Subject>
- <saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="urn:publicid:gv.at:namespaces:identitylink:1.2"><saml:AttributeValue><ecdsa:ECDSAKeyValue><ecdsa:DomainParameters><ecdsa:NamedCurve URN="urn:oid:1.2.840.10045.3.1.7"/></ecdsa:DomainParameters><ecdsa:PublicKey><ecdsa:X Value="111409151487007036894649069746411000129419717653159596280366627647453458115517" si:type="ecdsa:PrimeFieldElemType"/><ecdsa:Y Value="94725036374184689337892465478597728884477416796494369571140658859618867645034" si:type="ecdsa:PrimeFieldElemType"/></ecdsa:PublicKey></ecdsa:ECDSAKeyValue></saml:AttributeValue></saml:Attribute></saml:AttributeStatement>
- <dsig:Signature>
- <dsig:SignedInfo>
- <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
- <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
- <dsig:Reference URI="">
- <dsig:Transforms>
- <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
- <dsig:XPath>not(ancestor-or-self::pr:Identification)</dsig:XPath>
- </dsig:Transform>
- <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
- </dsig:Transforms>
- <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
- <dsig:DigestValue>Rmr5vkWXL/PvpoXnbK632QmzYms=</dsig:DigestValue>
- </dsig:Reference>
- <dsig:Reference Type="http://www.w3.org/2000/09/xmldsig#Manifest" URI="#manifest">
- <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
- <dsig:DigestValue>HoPZWYll8aMFpKOlRSwckt5iCQk=</dsig:DigestValue>
- </dsig:Reference>
- </dsig:SignedInfo>
- <dsig:SignatureValue>
- NPpRwVo5/5kf5iHUyaEc7d7So3W4oPgOCYNgnKpgdZfttFkFFN+9oG60w7YvKEYSeTPhP3zp7eaH
-ZFapj+naD+wd0y5ELWep9Y+s+qP7fNLrFECHQxQasLWtR4akxlWDpYQ0bvOuepK2ip1EQ6pRlccA
-wJ1l4iOWFhfdA9YAg5QLkBqWSwgrNUswhLnDBM+Ot6Gj5g2rpYY7aoAOXvTR8B5Dkg94ASb4u0wv
-VPV8+4mjOfP+l6QWLqywzcq3qj/qFZkbujjZbV/fNPDnDD1ff/M6ZfCGO8xzlYfjfEA7cmHuiJf2
-/ey/3nT7vI5XbpBPWChT5Sl4DQysxlfE6e4MZw==
- </dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIF3TCCBMWgAwIBAgIDByniMA0GCSqGSIb3DQEBBQUAMIGfMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMSIwIAYDVQQLDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAyMSIwIAYDVQQDDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAyMB4XDTEwMDcyODExMzY0M1oXDTE1MDcyODExMzY0M1owgbYxCzAJBgNVBAYTAkFUMR4wHAYDVQQKDBVEYXRlbnNjaHV0emtvbW1pc3Npb24xIjAgBgNVBAsMGVN0YW1temFobHJlZ2lzdGVyYmVob2VyZGUxLjAsBgNVBAMMJVNpZ25hdHVyc2VydmljZSBEYXRlbnNjaHV0emtvbW1pc3Npb24xFTATBgNVBAUTDDMyNTkyODMyMzk5ODEcMBoGCSqGSIb3DQEJARYNZHNrQGRzay5ndi5hdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN+dBSEBGj2jUXIK1Mp3lVxc/Za+pJMiyKrX3G1ZxgX/ikx7D9scsPYMt473LlAWl9cmCbHbJK+PV2XNNdURLMUCIX+4vUNs2MHeDTQtX8BXjJFpwJYSoaRJQ39FVS/1r5sWcra9Hhdm7w5Gtx/2ukyDX0kdkxawkhP4EQEzi/SI+Fugn+WqgQ1nAdlbxb/dcBw5w1h9b3lmuwUf4z3ooQWUD2DgA/kKd1KejNR43mLUsmvSzevPxT9zs78pOR1OacB7IszTVJPXeOEaaNZHnnB/UeO3g8LEV/3OkXcUgcMkbIIiaBHlll71Pq0COj9kqjXoe7OrRjLY5i3KwOpa6TMCAwEAAaOCAgcwggIDMBMGA1UdIwQMMAqACEkcWDpP6A0DMH8GCCsGAQUFBwEBBHMwcTAnBggrBgEFBQcwAYYbaHR0cDovL29jc3AuYS10cnVzdC5hdC9vY3NwMEYGCCsGAQUFBzAChjpodHRwOi8vd3d3LmEtdHJ1c3QuYXQvY2VydHMvYS1zaWduLWNvcnBvcmF0ZS1saWdodC0wMmEuY3J0MFQGA1UdIARNMEswSQYGKigAEQESMD8wPQYIKwYBBQUHAgEWMWh0dHA6Ly93d3cuYS10cnVzdC5hdC9kb2NzL2NwL2Etc2lnbi1BbXRzc2lnbmF0dXIwgZ4GA1UdHwSBljCBkzCBkKCBjaCBioaBh2xkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9YS1zaWduLWNvcnBvcmF0ZS1saWdodC0wMixvPUEtVHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1dGhvcml0eTARBgNVHQ4ECgQITAgOnhr0tbowDgYDVR0PAQH/BAQDAgSwMCAGA1UdEQQZMBeBFW1hcmN1cy5oaWxkQGRzay5ndi5hdDAJBgNVHRMEAjAAMA4GByooAAoBBwEEAwEB/zAUBgcqKAAKAQEBBAkMB0JTQi1EU0swDQYJKoZIhvcNAQEFBQADggEBAHTklnvPCH/bJSOlIPbLUEkSGuFHsektSZ8Vr22x/Yv7EzsxoQrJIiz2mQ2gQqFuExdWYxvsowjiSbiis9iUf1c0zscvDS3mIZxGs4M89XHsjHnIyb+Fuwnamw65QrFvM1tNB1ZMjxJ3x+YmHLHdtT3BEBcr3/NCRHd2S0HoBspNz9HVgJaZY1llR7poKBvnAc4g1i+QTvyVb00PtKxR9Lw/9ABInX/1pzpxqrPy7Ib2OP8z6dd3WHmIsCiSHUaj0Dxwwln6fYJjhxZ141SnbovlCLYtrsZLXoi9ljIqX4xO0PwMI2RfNc9cXxTRrRS6rEOvX7PpvgXiDXhp592Yyp4=</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo>
- <dsig:Object>
- <dsig:Manifest Id="manifest">
- <dsig:Reference URI="">
- <dsig:Transforms>
- <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
- <dsig:XPath>not(ancestor-or-self::dsig:Signature)</dsig:XPath>
- </dsig:Transform>
- </dsig:Transforms>
- <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
- <dsig:DigestValue>7IkIdYti2dh3VZQ4Fp+9lPT67cM=</dsig:DigestValue>
- </dsig:Reference>
- </dsig:Manifest>
- </dsig:Object>
- </dsig:Signature>
-</saml:Assertion> \ No newline at end of file
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SAML1Assertion.xml b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SAML1Assertion.xml
deleted file mode 100644
index 3aeedd590..000000000
--- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SAML1Assertion.xml
+++ /dev/null
@@ -1,487 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<saml:Assertion AssertionID="6025428631468682100" IssueInstant="2008-07-14T17:51:38+02:00" Issuer="https://localhost:18443/moa-id-auth/" MajorVersion="1" MinorVersion="0" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:si="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
- <saml:AttributeStatement>
- <saml:Subject>
- <saml:NameIdentifier NameQualifier="urn:publicid:gv.at:wbpk+FN+www.act.at">K2YMyx3/5kIpNJR+SAD/rbRYH+c=</saml:NameIdentifier>
- <saml:SubjectConfirmation>
- <saml:ConfirmationMethod>http://reference.e-government.gv.at/namespace/moa/20020822#cm</saml:ConfirmationMethod>
- <saml:SubjectConfirmationData>
- <saml:Assertion AssertionID="any" IssueInstant="2008-07-14T17:51:26+02:00" Issuer="Thomas Knall" MajorVersion="1" MinorVersion="0" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion">
- <saml:AttributeStatement>
- <saml:Subject>
- <saml:NameIdentifier>https://localhost:18443/moa-id-auth/</saml:NameIdentifier>
- </saml:Subject>
- <saml:Attribute AttributeName="wbPK" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
- <saml:AttributeValue>
- <pr:Identification>
- <pr:Value>K2YMyx3/5kIpNJR+SAD/rbRYH+c=</pr:Value>
- <pr:Type>urn:publicid:gv.at:wbpk+FN+www.act.at</pr:Type>
- </pr:Identification>
- </saml:AttributeValue>
- </saml:Attribute>
- <saml:Attribute AttributeName="OA" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
- <saml:AttributeValue>https://localhost:48443/mandates/</saml:AttributeValue>
- </saml:Attribute>
- <saml:Attribute AttributeName="Geburtsdatum" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
- <saml:AttributeValue>1978-04-29</saml:AttributeValue>
- </saml:Attribute>
- <saml:Attribute AttributeName="RepresentationType" AttributeNamespace="http://reference.e-government.gv.at/namespace/mandates/20040701#">
- <saml:AttributeValue>Vollmachtsvertreter</saml:AttributeValue>
- </saml:Attribute>
- <saml:Attribute AttributeName="MandatorName" AttributeNamespace="http://reference.e-government.gv.at/namespace/mandates/20040701#">
- <saml:AttributeValue>MeineTestFirma</saml:AttributeValue>
- </saml:Attribute>
- <saml:Attribute AttributeName="MandatorWbpk" AttributeNamespace="http://reference.e-government.gv.at/namespace/mandates/20040701#">
- <saml:AttributeValue>123456i</saml:AttributeValue>
- </saml:Attribute>
- </saml:AttributeStatement>
- <dsig:Signature Id="signature-1216050695-35956125-21395" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
- <dsig:SignedInfo>
- <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
- <dsig:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
- <dsig:Reference Id="signed-data-reference-0-1216050695-35956125-19584" URI="">
- <dsig:Transforms>
- <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
- <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116">
- <xsl:stylesheet version="1.0" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
- <xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
- <html xmlns="http://www.w3.org/1999/xhtml">
- <head>
- <title>Signatur der Anmeldedaten</title>
- <style media="screen" type="text/css">
- .boldstyle { font-weight: bold; }
- .italicstyle { font-style: italic; }
- .annotationstyle { font-size: small; }
- </style>
- </head>
- <body>
- <h1>Signatur der Anmeldedaten</h1>
- <p/>
- <h4>Mit meiner elektronischen Signatur beantrage ich,
- <span class="boldstyle">
- <xsl:value-of select="//@Issuer"/>
- </span>, geboren am
- <xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;Geburtsdatum&apos;]/saml:AttributeValue,9,2)"/>.
- <xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;Geburtsdatum&apos;]/saml:AttributeValue,6,2)"/>.
- <xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;Geburtsdatum&apos;]/saml:AttributeValue,1,4)"/>,
- <xsl:if test="//saml:Attribute[@AttributeName=&apos;OIDTextualDescription&apos;]">
- in der Rolle als <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;OIDTextualDescription&apos;]/saml:AttributeValue"/>
- (OID***= <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;OID&apos;]/saml:AttributeValue"/>),
- </xsl:if>
- den Zugang zur gesicherten Anwendung.
- </h4>
- <p/>
- <h4>Datum und Uhrzeit:
- <xsl:value-of select="substring(//@IssueInstant,9,2)"/>.
- <xsl:value-of select="substring(//@IssueInstant,6,2)"/>.
- <xsl:value-of select="substring(//@IssueInstant,1,4)"/>,
- <xsl:value-of select="substring(//@IssueInstant,12,2)"/>:
- <xsl:value-of select="substring(//@IssueInstant,15,2)"/>:
- <xsl:value-of select="substring(//@IssueInstant,18,2)"/>
- </h4>
- <xsl:if test="//saml:Attribute[@AttributeName=&apos;HPI&apos;]">
- <h4>HPI(**): <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;HPI&apos;]/saml:AttributeValue"/>
- </h4>
- </xsl:if>
- <xsl:if test="//saml:Attribute[@AttributeName=&apos;wbPK&apos;]">
- <h4>wbPK(*): <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;wbPK&apos;]/saml:AttributeValue/pr:Identification/pr:Value"/>
- </h4>
- </xsl:if>
- <xsl:if test="//saml:Attribute[@AttributeName=&apos;MandatorName&apos;]">
- <hr/>
- <h4>Ich bin weiters ermächtigt als <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;RepresentationType&apos;]/saml:AttributeValue/text()"/>
- von <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;MandatorName&apos;]/saml:AttributeValue/text()"/>
- <xsl:if test="//saml:Attribute[@AttributeName=&apos;MandatorDateOfBirth&apos;]">, geboren am
- <xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;MandatorDateOfBirth&apos;]/saml:AttributeValue,9,2)"/>.
- <xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;MandatorDateOfBirth&apos;]/saml:AttributeValue,6,2)"/>.
- <xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;MandatorDateOfBirth&apos;]/saml:AttributeValue,1,4)"/>
- </xsl:if>
- <xsl:if test="//saml:Attribute[@AttributeName=&apos;MandatorDomainIdentifier&apos;]">,
- <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;MandatorDomainIdentifier&apos;]/saml:AttributeValue/text()"/>
- </xsl:if>, in deren Auftrag zu handeln.
- </h4>
- <xsl:if test="//saml:Attribute[@AttributeName=&apos;MandatorWbpk&apos;]">
- <h4>wbPK(*) des Vollmachtgebers: <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;MandatorWbpk&apos;]/saml:AttributeValue/text()"/>
- </h4>
- </xsl:if>
- <p/>
- </xsl:if>
- <xsl:choose>
- <xsl:when test="//saml:Attribute[@AttributeName=&apos;OID&apos;]">
- <p/>
- <hr/>
- </xsl:when>
- <xsl:when test="//saml:Attribute[@AttributeName=&apos;HPI&apos;]">
- <p/>
- <hr/>
- </xsl:when>
- <xsl:when test="//saml:Attribute[@AttributeName=&apos;wbPK&apos;]">
- <p/>
- <hr/>
- </xsl:when>
- </xsl:choose>
- <xsl:if test="//saml:Attribute[@AttributeName=&apos;wbPK&apos;]">
- <div class="annotationstyle">(*) wbPK: Das <span class="italicstyle">wirtschaftsbereichsspezifische Personenkennzeichen</span> wird aus den
- jeweiligen Stammzahlen des Bürgers und des Wirtschaftsunternehmens berechnet und ermöglicht eine eindeutige Zuordnung des Bürgers zum
- Wirtschaftsunternehmen.</div>
- </xsl:if>
- <xsl:if test="//saml:Attribute[@AttributeName=&apos;HPI&apos;]">
- <div class="annotationstyle">(**) HPI: Der <span class="italicstyle">eHealth Professional Identifier</span> wird aus den jeweiligen
- Stammzahlen der Gesundheitsdiensteanbieterinnen / Gesundheitsdiensteanbieter berechnet und ermöglicht eine eindeutige Zuordnung der
- Gesundheitsdiensteanbieterin / des Gesundheitsdiensteanbieters im Gesundheitsbereich.</div>
- </xsl:if>
- <xsl:if test="//saml:Attribute[@AttributeName=&apos;OID&apos;]">
- <div class="annotationstyle">(***) OID: <span class="italicstyle">Object Identifier</span> sind standardisierte Objekt-Bezeichner und
- beschreiben eindeutig die Rollen des GDA-Token Inhabers.</div>
- </xsl:if>
- </body>
- </html>
- </xsl:template>
- </xsl:stylesheet>
- </dsig:Transform>
- <dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/>
- </dsig:Transforms>
- <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
- <dsig:DigestValue>0q9QWyqAyyiVNNLu1rIcU+nKsEE=</dsig:DigestValue>
- </dsig:Reference>
- <dsig:Reference Id="etsi-data-reference-0-1216050695-35956125-7815" Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#xmlns(etsi=http://uri.etsi.org/01903/v1.1.1%23)%20xpointer(id(&apos;etsi-data-object-0-1216050695-35956125-20638&apos;)/child::etsi:QualifyingProperties/child::etsi:SignedProperties)">
- <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
- <dsig:DigestValue>WtB0/ptvoB/r/7+fauSUIBULymg=</dsig:DigestValue>
- </dsig:Reference>
- </dsig:SignedInfo>
- <dsig:SignatureValue>mZt9DuZiDqG81scsf30qjSDdy6vKC2/n034ZZwMUAvfWOXy3+Ubsk5X5CHhz
-+lyI</dsig:SignatureValue>
- <dsig:KeyInfo>
- <dsig:X509Data>
- <dsig:X509Certificate>MIIEtDCCA5ygAwIBAgIDAgTEMA0GCSqGSIb3DQEBBQUAMIGXMQswCQYDVQQG
-EwJBVDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lz
-dGVtZSBpbSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMR4wHAYDVQQLDBVh
-LXNpZ24tUHJlbWl1bS1TaWctMDIxHjAcBgNVBAMMFWEtc2lnbi1QcmVtaXVt
-LVNpZy0wMjAeFw0wNjA0MDQwOTUyMjhaFw0xMTA0MDQwOTUyMjhaMGkxCzAJ
-BgNVBAYTAkFUMRUwEwYDVQQDDAxUaG9tYXMgS25hbGwxDjAMBgNVBAQMBUtu
-YWxsMQ8wDQYDVQQqDAZUaG9tYXMxFTATBgNVBAUTDDUzNTE5ODkyMzM0OTEL
-MAkGA1UEDAwCREkwSTATBgcqhkjOPQIBBggqhkjOPQMBAQMyAARrnYW5sXCQ
-6M3irWaanDPi/ROXueKWiPRyZGjNH0Cp/NaiOuvrpv2RDVEKQm2tBiajggIP
-MIICCzATBgNVHSMEDDAKgAhN3+H/S9nJ3zAnBggrBgEFBQcBAwEB/wQYMBYw
-CAYGBACORgEBMAoGCCsGAQUFBwsBMHsGCCsGAQUFBwEBBG8wbTBCBggrBgEF
-BQcwAoY2aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRzL2Etc2lnbi1QcmVt
-aXVtLVNpZy0wMmEuY3J0MCcGCCsGAQUFBzABhhtodHRwOi8vb2NzcC5hLXRy
-dXN0LmF0L29jc3AwWQYDVR0gBFIwUDBEBgYqKAARAQswOjA4BggrBgEFBQcC
-ARYsaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3MvY3AvYS1zaWduLVByZW1p
-dW0wCAYGBACLMAEBMIGaBgNVHR8EgZIwgY8wgYyggYmggYaGgYNsZGFwOi8v
-bGRhcC5hLXRydXN0LmF0L291PWEtc2lnbi1QcmVtaXVtLVNpZy0wMixvPUEt
-VHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2Jq
-ZWN0Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1dGhvcml0eTARBgNVHQ4ECgQI
-SNyH29WUoCgwDgYDVR0PAQH/BAQDAgbAMCgGA1UdCQQhMB8wHQYIKwYBBQUH
-CQExERgPMTk3ODA0MjkwMDAwMDBaMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEF
-BQADggEBAFkSCJE0YD4p4izU3ekQYPv4Z7gm/VFlpma5hXNvwkajVjHlAqo/
-ylYn8NQ4mMkD+yCDNtm8m8nr0K/yICb8Gnkbv59i6nh2AbzYBBb49VnYYGL6
-uunLH0aFUpAhy+3mDdlH8uhhIQBHwCfgwG1qa5zXY7bz4Vzkac/h6T+JVFkI
-egO8OHQDadhgJvW80qspiao2DTac6vVgx4tGvjpdmw1R2pXBYhHD5rkPHlkf
-GoeL3ak6hq4ea94Oy5VfNTIJv5MA0J2G1mwnW9B8uPWSM5EYPoWJyBOWcKBL
-SSUqOt9D/9215ZGfbchkdRZjx0dTAD3FIhgG8nA72/uCFrBzyTk=
-</dsig:X509Certificate>
- </dsig:X509Data>
- </dsig:KeyInfo>
- <dsig:Object Id="etsi-data-object-0-1216050695-35956125-20638">
- <etsi:QualifyingProperties Target="#signature-1216050695-35956125-21395" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#">
- <etsi:SignedProperties>
- <etsi:SignedSignatureProperties>
- <etsi:SigningTime>2008-07-14T15:51:35Z</etsi:SigningTime>
- <etsi:SigningCertificate>
- <etsi:Cert>
- <etsi:CertDigest>
- <etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
- <etsi:DigestValue>inMYWBmAxMHP7mDENjLFaEtv0Zk=</etsi:DigestValue>
- </etsi:CertDigest>
- <etsi:IssuerSerial>
- <dsig:X509IssuerName>CN=a-sign-Premium-Sig-02,OU=a-sign-Premium-Sig-02,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</dsig:X509IssuerName>
- <dsig:X509SerialNumber>132292</dsig:X509SerialNumber>
- </etsi:IssuerSerial>
- </etsi:Cert>
- </etsi:SigningCertificate>
- <etsi:SignaturePolicyIdentifier>
- <etsi:SignaturePolicyImplied/>
- </etsi:SignaturePolicyIdentifier>
- </etsi:SignedSignatureProperties>
- <etsi:SignedDataObjectProperties>
- <etsi:DataObjectFormat ObjectReference="#signed-data-reference-0-1216050695-35956125-19584">
- <etsi:MimeType>application/xhtml+xml</etsi:MimeType>
- </etsi:DataObjectFormat>
- </etsi:SignedDataObjectProperties>
- </etsi:SignedProperties>
- </etsi:QualifyingProperties>
- </dsig:Object>
- </dsig:Signature>
- </saml:Assertion>
- <saml:Assertion AssertionID="szr.bmi.gv.at-AssertionID11936526102761952" IssueInstant="2007-10-29T10:10:10+01:00" Issuer="http://portal.bmi.gv.at/ref/szr/issuer" MajorVersion="1" MinorVersion="0" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:si="http://www.w3.org/2001/XMLSchema-instance">
- <saml:AttributeStatement>
- <saml:Subject>
- <saml:SubjectConfirmation>
- <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod>
- <saml:SubjectConfirmationData>
- <pr:Person si:type="pr:PhysicalPersonType">
- <pr:Identification>
- <pr:Value>K2YMyx3/5kIpNJR+SAD/rbRYH+c=</pr:Value>
- <pr:Type>urn:publicid:gv.at:wbpk+FN+www.act.at</pr:Type>
- </pr:Identification>
- <pr:Name>
- <pr:GivenName>Thomas</pr:GivenName>
- <pr:FamilyName primary="undefined">Knall</pr:FamilyName>
- </pr:Name>
- <pr:DateOfBirth>1978-04-29</pr:DateOfBirth>
- </pr:Person>
- </saml:SubjectConfirmationData>
- </saml:SubjectConfirmation>
- </saml:Subject>
- <saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="urn:publicid:gv.at:namespaces:identitylink:1.2">
- <saml:AttributeValue>
- <ecdsa:ECDSAKeyValue>
- <ecdsa:DomainParameters>
- <ecdsa:NamedCurve URN="urn:oid:1.2.840.10045.3.1.1"/>
- </ecdsa:DomainParameters>
- <ecdsa:PublicKey>
- <ecdsa:X Value="2638720011055700682018137297354399374048880611104468142324" si:type="ecdsa:PrimeFieldElemType"/>
- <ecdsa:Y Value="2804889174475641803405778188053052844820705830770276369958" si:type="ecdsa:PrimeFieldElemType"/>
- </ecdsa:PublicKey>
- </ecdsa:ECDSAKeyValue>
- </saml:AttributeValue>
- </saml:Attribute>
- <saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="urn:publicid:gv.at:namespaces:identitylink:1.2">
- <saml:AttributeValue>
- <dsig:RSAKeyValue>
- <dsig:Modulus>sWOqPZzPTn9VvBR5LjuopIWYdh5aGzuX2vMjofhn8bStba1CDW1qkDdlYW4Rs/DfU/I1uqor4Lje
-/G3Yzh82yD0MHdzlW8MYUJ8RJe+czbjRUPaSbC/NRqhyF3eKnflxM++sJb2abrUH/9TV0q8P5QRS
-uZC/JpAEYpSazysPz/fv8AEnU8oxcTvCiax1jf2GZPmm3qFjPc4qDYNHqfnE8yWYt7kHeqPV/cRw
-x3aMGW8mRwQZb7VRFLW5g37nrt9N</dsig:Modulus>
- <dsig:Exponent>AQAB</dsig:Exponent>
- </dsig:RSAKeyValue>
- </saml:AttributeValue>
- </saml:Attribute>
- </saml:AttributeStatement>
- <dsig:Signature>
- <dsig:SignedInfo>
- <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
- <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
- <dsig:Reference URI="">
- <dsig:Transforms>
- <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
- <dsig:XPath>not(ancestor-or-self::pr:Identification)</dsig:XPath>
- </dsig:Transform>
- <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
- </dsig:Transforms>
- <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
- <dsig:DigestValue>b3d/wcQb0Bl0/6GSPsrMxWpdRLA=</dsig:DigestValue>
- </dsig:Reference>
- <dsig:Reference Type="http://www.w3.org/2000/09/xmldsig#Manifest" URI="#manifest">
- <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
- <dsig:DigestValue>eet0q3Thmw6+cbO1fazbEg0556I=</dsig:DigestValue>
- </dsig:Reference>
- </dsig:SignedInfo>
- <dsig:SignatureValue>
-oy55Cq7IyYy7z/TO2a3+m7tjG/ztiKhxhGzVqEYIWIObEOs/GVJDCCI4oe/HS8Fhc4TaXDcZXk4y
-qBp4JJ288TeaNjPYkPzp38nWJ4xRatEyo7VaySXy+TqgwiBT5uhxrwkroCr4ZIWwOvt1uR5UBVAf
-qk1ii+LPW2WYE3bMpoHfrM9CdFSPzWTRl/0zsEURc64EBPyIdKz+c70DaexeX2E0JVelKcj+jDaJ
-mHsFhi/9QoscqPEVA87qv07yhyK5S41+f3HDvpuhYwvQDdOq50sclfsI+g9r473VxiRsOmJ9Ak4/
-k2KP0tgfAQ+h5hRGQUUo5LYPywjg7zPxe8SGGA==
-</dsig:SignatureValue>
- <dsig:KeyInfo>
- <dsig:X509Data>
- <dsig:X509Certificate>
-MIIFZTCCBE2gAwIBAgIDAt4cMA0GCSqGSIb3DQEBBQUAMIGfMQswCQYDVQQGEwJB
-VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
-bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMSIwIAYDVQQLDBlhLXNpZ24tY29y
-cG9yYXRlLWxpZ2h0LTAzMSIwIAYDVQQDDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0
-LTAzMB4XDTA3MDExOTA5MDY0OFoXDTEyMDExOTA5MDY0OFowgZwxCzAJBgNVBAYT
-AkFUMRkwFwYDVQQKDBBCdW5kZXNrYW56bGVyYW10MR4wHAYDVQQLDBVEYXRlbnNj
-aHV0emtvbW1pc3Npb24xHTAbBgNVBAMMFERyLiBXYWx0cmF1dCBLb3RzY2h5MRUw
-EwYDVQQFEww3MDAyNDc0OTk4MDQxHDAaBgkqhkiG9w0BCQEWDWRza0Bkc2suZ3Yu
-YXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfnQUhARo9o1FyCtTK
-d5VcXP2WvqSTIsiq19xtWcYF/4pMew/bHLD2DLeO9y5QFpfXJgmx2ySvj1dlzTXV
-ESzFAiF/uL1DbNjB3g00LV/AV4yRacCWEqGkSUN/RVUv9a+bFnK2vR4XZu8ORrcf
-9rpMg19JHZMWsJIT+BEBM4v0iPhboJ/lqoENZwHZW8W/3XAcOcNYfW95ZrsFH+M9
-6KEFlA9g4AP5CndSnozUeN5i1LJr0s3rz8U/c7O/KTkdTmnAeyLM01ST13jhGmjW
-R55wf1Hjt4PCxFf9zpF3FIHDJGyCImgR5ZZe9T6tAjo/ZKo16Huzq0Yy2OYtysDq
-WukzAgMBAAGjggGpMIIBpTATBgNVHSMEDDAKgAhBkWkcv63YmDBVBggrBgEFBQcB
-AQRJMEcwRQYIKwYBBQUHMAKGOWh0dHA6Ly93d3cuYS10cnVzdC5hdC9jZXJ0cy9h
-LXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAzLmNydDBYBgNVHSAEUTBPME0GByooABEB
-BwEwQjBABggrBgEFBQcCARY0aHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3MvY3Av
-YS1zaWduLWNvcnBvcmF0ZS1saWdodDCBngYDVR0fBIGWMIGTMIGQoIGNoIGKhoGH
-bGRhcDovL2xkYXAuYS10cnVzdC5hdC9vdT1hLXNpZ24tY29ycG9yYXRlLWxpZ2h0
-LTAzLG89QS1UcnVzdCxjPUFUP2NlcnRpZmljYXRlcmV2b2NhdGlvbmxpc3Q/YmFz
-ZT9vYmplY3RjbGFzcz1laWRDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5MBEGA1UdDgQK
-BAhMCA6eGvS1ujAOBgNVHQ8BAf8EBAMCBLAwCQYDVR0TBAIwADAOBgcqKAAKAQcB
-BAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAEoIvqPLAg0n2wCS27zTL+hmLi7zSbes
-Od4e6pFT1l3cwGfdTkhiHVPnPRaDGLQkS384fAXBrOp6W13X9m2jD9csO6vZhd+T
-nERXN1AqayoaecXFyHPykVUTLhn6pMdiSE21mEozfGLUDGMz74lvphEKFAOOCgp1
-o5ZCR09RbGAEbQNNn+ucXJxIa3mYjr1h3AElVbXoeoz12qUpqsNm9znymSkcmcNo
-B5Pk6qXXx9UeC/Tj0aTglNkcMOSCFayldzOBaY6+qWKguPdzQUEryhGiNuARQpM5
-KMzvI0rmpc4Gau5HT9rQZHadr++VS8v1k6935uIyyZF9s+gdS5ywnSM=
-</dsig:X509Certificate>
- </dsig:X509Data>
- </dsig:KeyInfo>
- <dsig:Object>
- <dsig:Manifest Id="manifest">
- <dsig:Reference URI="">
- <dsig:Transforms>
- <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
- <dsig:XPath>not(ancestor-or-self::dsig:Signature)</dsig:XPath>
- </dsig:Transform>
- </dsig:Transforms>
- <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
- <dsig:DigestValue>JZGwiDzQAtJtnJMeeXyypTrDjwY=</dsig:DigestValue>
- </dsig:Reference>
- </dsig:Manifest>
- </dsig:Object>
- </dsig:Signature>
- </saml:Assertion>
- </saml:SubjectConfirmationData>
- </saml:SubjectConfirmation>
- </saml:Subject>
- <saml:Attribute AttributeName="PersonData" AttributeNamespace="http://reference.e-government.gv.at/namespace/persondata/20020228#">
- <saml:AttributeValue>
- <pr:Person si:type="pr:PhysicalPersonType" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:si="http://www.w3.org/2001/XMLSchema-instance">
- <pr:Identification>
- <pr:Value>K2YMyx3/5kIpNJR+SAD/rbRYH+c=</pr:Value>
- <pr:Type>urn:publicid:gv.at:wbpk+FN+www.act.at</pr:Type>
- </pr:Identification>
- <pr:Name>
- <pr:GivenName>Thomas</pr:GivenName>
- <pr:FamilyName primary="undefined">Knall</pr:FamilyName>
- </pr:Name>
- <pr:DateOfBirth>1978-04-29</pr:DateOfBirth>
- </pr:Person>
- </saml:AttributeValue>
- </saml:Attribute>
- <saml:Attribute AttributeName="isQualifiedCertificate" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
- <saml:AttributeValue>true</saml:AttributeValue>
- </saml:Attribute>
- <saml:Attribute AttributeName="bkuURL" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
- <saml:AttributeValue>https://127.0.0.1:3496/https-security-layer-request</saml:AttributeValue>
- </saml:Attribute>
- <saml:Attribute AttributeName="SignerCertificate" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
- <saml:AttributeValue>MIIEtDCCA5ygAwIBAgIDAgTEMA0GCSqGSIb3DQEBBQUAMIGXMQswCQYDVQQGEwJB
-VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
-bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMR4wHAYDVQQLDBVhLXNpZ24tUHJl
-bWl1bS1TaWctMDIxHjAcBgNVBAMMFWEtc2lnbi1QcmVtaXVtLVNpZy0wMjAeFw0w
-NjA0MDQwOTUyMjhaFw0xMTA0MDQwOTUyMjhaMGkxCzAJBgNVBAYTAkFUMRUwEwYD
-VQQDDAxUaG9tYXMgS25hbGwxDjAMBgNVBAQMBUtuYWxsMQ8wDQYDVQQqDAZUaG9t
-YXMxFTATBgNVBAUTDDUzNTE5ODkyMzM0OTELMAkGA1UEDAwCREkwSTATBgcqhkjO
-PQIBBggqhkjOPQMBAQMyAARrnYW5sXCQ6M3irWaanDPi/ROXueKWiPRyZGjNH0Cp
-/NaiOuvrpv2RDVEKQm2tBiajggIPMIICCzATBgNVHSMEDDAKgAhN3+H/S9nJ3zAn
-BggrBgEFBQcBAwEB/wQYMBYwCAYGBACORgEBMAoGCCsGAQUFBwsBMHsGCCsGAQUF
-BwEBBG8wbTBCBggrBgEFBQcwAoY2aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRz
-L2Etc2lnbi1QcmVtaXVtLVNpZy0wMmEuY3J0MCcGCCsGAQUFBzABhhtodHRwOi8v
-b2NzcC5hLXRydXN0LmF0L29jc3AwWQYDVR0gBFIwUDBEBgYqKAARAQswOjA4Bggr
-BgEFBQcCARYsaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3MvY3AvYS1zaWduLVBy
-ZW1pdW0wCAYGBACLMAEBMIGaBgNVHR8EgZIwgY8wgYyggYmggYaGgYNsZGFwOi8v
-bGRhcC5hLXRydXN0LmF0L291PWEtc2lnbi1QcmVtaXVtLVNpZy0wMixvPUEtVHJ1
-c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xh
-c3M9ZWlkQ2VydGlmaWNhdGlvbkF1dGhvcml0eTARBgNVHQ4ECgQISNyH29WUoCgw
-DgYDVR0PAQH/BAQDAgbAMCgGA1UdCQQhMB8wHQYIKwYBBQUHCQExERgPMTk3ODA0
-MjkwMDAwMDBaMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBAFkSCJE0YD4p
-4izU3ekQYPv4Z7gm/VFlpma5hXNvwkajVjHlAqo/ylYn8NQ4mMkD+yCDNtm8m8nr
-0K/yICb8Gnkbv59i6nh2AbzYBBb49VnYYGL6uunLH0aFUpAhy+3mDdlH8uhhIQBH
-wCfgwG1qa5zXY7bz4Vzkac/h6T+JVFkIegO8OHQDadhgJvW80qspiao2DTac6vVg
-x4tGvjpdmw1R2pXBYhHD5rkPHlkfGoeL3ak6hq4ea94Oy5VfNTIJv5MA0J2G1mwn
-W9B8uPWSM5EYPoWJyBOWcKBLSSUqOt9D/9215ZGfbchkdRZjx0dTAD3FIhgG8nA7
-2/uCFrBzyTk=</saml:AttributeValue>
- </saml:Attribute>
- <saml:Attribute AttributeName="Mandate" AttributeNamespace="http://reference.e-government.gv.at/namespace/mandates/20040701#">
- <saml:AttributeValue>
- <md:Mandate MandateID="https://egov.act.at/mandates/20080714174835/886164" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:md="http://reference.e-government.gv.at/namespace/mandates/20040701#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#">
- <md:Annotation>Prokura - MeineTestFirma</md:Annotation>
- <md:StatusInformationService>http://localhost:58080/omsp/OMSPRequest</md:StatusInformationService>
- <md:Representative>
- <pr:PhysicalPerson>
- <pr:Identification>
- <pr:Value>K2YMyx3/5kIpNJR+SAD/rbRYH+c=</pr:Value>
- <pr:Type>urn:publicid:gv.at:wbpk+FN+www.act.at</pr:Type>
- </pr:Identification>
- <pr:Name>
- <pr:GivenName>Thomas</pr:GivenName>
- <pr:FamilyName primary="undefined">Knall</pr:FamilyName>
- </pr:Name>
- <pr:DateOfBirth>1978-04-29</pr:DateOfBirth>
- </pr:PhysicalPerson>
- </md:Representative>
- <md:Mandator>
- <pr:CorporateBody>
- <pr:Identification>
- <pr:Value>123456i</pr:Value>
- <pr:Type>urn:publicid:gv.at:baseid+XFN</pr:Type>
- </pr:Identification>
- <pr:FullName>MeineTestFirma</pr:FullName>
- </pr:CorporateBody>
- </md:Mandator>
- <md:Issued>
- <md:Place>Wien</md:Place>
- <md:Date>2008-07-14</md:Date>
- </md:Issued>
- <md:Properties>
- <md:SubstitutionAllowed>false</md:SubstitutionAllowed>
- </md:Properties>
- <md:SimpleMandateContent>
- <md:TextualDescription>Der/Die Bevollmächtigte wird zum Prokuristen/Prokuristin bestellt.</md:TextualDescription>
- </md:SimpleMandateContent>
- <dsig:Signature Id="signature-1-1" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
- <dsig:SignedInfo>
- <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
- <dsig:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
- <dsig:Reference Id="reference-1-1" URI="">
- <dsig:Transforms>
- <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
- <dsig:XPath xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:moa="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#">not(ancestor-or-self::pr:Identification or ancestor-or-self::dsig:Signature)</dsig:XPath>
- </dsig:Transform>
- <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
- <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
- </dsig:Transforms>
- <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
- <dsig:DigestValue>PRRF0sWBgoywztCKWEXafZfhpd0=</dsig:DigestValue>
- </dsig:Reference>
- <dsig:Reference Type="http://www.w3.org/2000/09/xmldsig#Manifest" URI="#dsig-manifest-1-1">
- <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
- <dsig:DigestValue>NorNorUqPFMA06JfxSJopOq7Qv0=</dsig:DigestValue>
- </dsig:Reference>
- </dsig:SignedInfo>
- <dsig:SignatureValue>IQMZFc57XZd9LjeiaZqSfzZtWuXhuikAqbKA7pWuDK02DLFSYZPXsGjcvnwNdVaP</dsig:SignatureValue>
- <dsig:KeyInfo>
- <dsig:X509Data>
- <dsig:X509Certificate>MIICtjCCAm6gAwIBAgIBATAJBgcqhkjOPQQBMGoxCzAJBgNVBAYTAkFUMQ0wCwYD
-VQQHEwRXaWVuMRkwFwYDVQQJExBFc3NsaW5nZ2Fzc2UgNS85MQwwCgYDVQQKEwNB
-Q1QxIzAhBgNVBAMTGlZvbGxtYWNodGVuIFNpZ25hdHVyZGllbnN0MB4XDTA4MDcw
-ODE1MTk1MFoXDTEyMTIzMTIxNTk1OVowajELMAkGA1UEBhMCQVQxDTALBgNVBAcT
-BFdpZW4xGTAXBgNVBAkTEEVzc2xpbmdnYXNzZSA1LzkxDDAKBgNVBAoTA0FDVDEj
-MCEGA1UEAxMaVm9sbG1hY2h0ZW4gU2lnbmF0dXJkaWVuc3QwgfMwgbwGByqGSM49
-AgEwgbACAQEwJAYHKoZIzj0BAQIZAP////////////////////7//////////zA0
-BBj////////////////////+//////////wEGGQhBRnlnIDnD6fpq3IkMEn+uN7s
-wUa5sQQxBBiNqA6wMJD2fL8g60OhiAD0/wr9gv8QEgcZK5X/yNp4YxAR7WskzdVz
-+XehHnlIEQIZAP///////////////5ne+DYUa8mxtNIoMQIBAQMyAAS908G9FD5/
-LLYruwFbp9giXahdQ1FAqKwzohSn9pgsVTQBnvXxU8IWIzhPHs49DZCjazBpMAwG
-A1UdEwEB/wQCMAAwHQYDVR0OBBYEFLOSgnkLSJ3l4Ah49rHX/FAV1wWcMBkGA1Ud
-IAQSMBAwDgYMKwYBBAGVEgECBAEBMB8GA1UdIwQYMBaAFLOSgnkLSJ3l4Ah49rHX
-/FAV1wWcMAkGByqGSM49BAEDNwAwNAIYTTppZzS6wqoLDFcf9frHzf1kMheY04dT
-Ahg4Nrb54vE3DTRf9sbO4xs4dTARHSt1ihA=</dsig:X509Certificate>
- </dsig:X509Data>
- </dsig:KeyInfo>
- <dsig:Object>
- <dsig:Manifest Id="dsig-manifest-1-1">
- <dsig:Reference Id="reference-1-2" URI="">
- <dsig:Transforms>
- <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
- <dsig:XPath xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:moa="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#">not(ancestor-or-self::dsig:Signature)</dsig:XPath>
- </dsig:Transform>
- <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
- <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
- </dsig:Transforms>
- <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
- <dsig:DigestValue>oz6ThHPL3V7RNibfPrDSWVhUgi8=</dsig:DigestValue>
- </dsig:Reference>
- </dsig:Manifest>
- </dsig:Object>
- </dsig:Signature>
- </md:Mandate>
- </saml:AttributeValue>
- </saml:Attribute>
- </saml:AttributeStatement>
-</saml:Assertion>
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SelectBKUTask.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SelectBKUTask.java
new file mode 100644
index 000000000..54195ec91
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SelectBKUTask.java
@@ -0,0 +1,33 @@
+package at.gv.egovernment.moa.id.process.spring.test.task;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+import at.gv.egovernment.moa.id.process.api.Task;
+
+/**
+ * A dummy task simulating a bku selection.
+ * <p/>
+ * Asynchonous
+ * <p>
+ * Enriches context data with:
+ * <ul>
+ * <li>{@code bkuURL}</li>
+ * </ul>
+ * </p>
+ *
+ * @author tknall
+ *
+ */
+public class SelectBKUTask implements Task {
+
+ private Logger log = LoggerFactory.getLogger(getClass());
+
+ @Override
+ public void execute(ExecutionContext executionContext) {
+ log.debug("Providing BKU selection.");
+ executionContext.put("bkuURL", "https://127.0.0.1:3496/https-security-layer-request");
+ }
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SignAuthBlockTask.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SignAuthBlockTask.java
new file mode 100644
index 000000000..8099c0f98
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SignAuthBlockTask.java
@@ -0,0 +1,52 @@
+package at.gv.egovernment.moa.id.process.spring.test.task;
+
+import java.io.InputStream;
+import java.nio.charset.Charset;
+import java.util.Objects;
+
+import org.apache.commons.io.IOUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+import at.gv.egovernment.moa.id.process.api.Task;
+
+/**
+ * A dummy task simulating the signature of an auth block.
+ * <p/>
+ * Asynchonous
+ * <p>
+ * Requires context data:
+ * <ul>
+ * <li>{@code IdentityLink}</li>
+ * <li>{@code isIdentityLinkValidated}</li>
+ * <li>{@code bkuURL}</li>
+ * </ul>
+ * </p>
+ * <p>
+ * Enriches context data with:
+ * <ul>
+ * <li>{@code SignedAuthBlock}</li>
+ * </ul>
+ * </p>
+ *
+ * @author tknall
+ *
+ */
+public class SignAuthBlockTask implements Task {
+
+ private Logger log = LoggerFactory.getLogger(getClass());
+
+ @Override
+ public void execute(ExecutionContext executionContext) throws Exception {
+ Objects.requireNonNull(executionContext.get("IdentityLink"));
+ assert (Boolean.TRUE.equals(Objects.requireNonNull(executionContext.get("isIdentityLinkValidated"))));
+ Objects.requireNonNull(executionContext.get("bkuURL"));
+
+ log.debug("Using validated IdentityLink and bkuURL in order to sign auth block.");
+ try (InputStream in = getClass().getResourceAsStream("SignedAuthBlock.xml")) {
+ executionContext.put("SignedAuthBlock", IOUtils.toString(in, Charset.forName("UTF-8")));
+ }
+ }
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SignedAuthBlock.xml b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SignedAuthBlock.xml
deleted file mode 100644
index 450ba90f3..000000000
--- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SignedAuthBlock.xml
+++ /dev/null
@@ -1,179 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<dsig:Signature Id="signature-1216050695-35956125-21395" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
- <dsig:SignedInfo>
- <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
- <dsig:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
- <dsig:Reference Id="signed-data-reference-0-1216050695-35956125-19584" URI="">
- <dsig:Transforms>
- <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
- <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116">
- <xsl:stylesheet version="1.0" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
- <xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
- <html xmlns="http://www.w3.org/1999/xhtml">
- <head>
- <title>Signatur der Anmeldedaten</title>
- <style media="screen" type="text/css">
-.boldstyle { font-weight: bold; }
-.italicstyle { font-style: italic; }
-.annotationstyle { font-size: small; }
-</style>
- </head>
- <body>
- <h1>Signatur der Anmeldedaten</h1>
- <p/>
- <h4>Mit meiner elektronischen Signatur beantrage ich,
-<span class="boldstyle">
- <xsl:value-of select="//@Issuer"/>
- </span>, geboren am
-<xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;Geburtsdatum&apos;]/saml:AttributeValue,9,2)"/>.
-<xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;Geburtsdatum&apos;]/saml:AttributeValue,6,2)"/>.
-<xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;Geburtsdatum&apos;]/saml:AttributeValue,1,4)"/>,
-<xsl:if test="//saml:Attribute[@AttributeName=&apos;OIDTextualDescription&apos;]">
-in der Rolle als <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;OIDTextualDescription&apos;]/saml:AttributeValue"/>
-(OID***= <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;OID&apos;]/saml:AttributeValue"/>),
-</xsl:if>
-den Zugang zur gesicherten Anwendung.
-</h4>
- <p/>
- <h4>Datum und Uhrzeit:
-<xsl:value-of select="substring(//@IssueInstant,9,2)"/>.
-<xsl:value-of select="substring(//@IssueInstant,6,2)"/>.
-<xsl:value-of select="substring(//@IssueInstant,1,4)"/>,
-<xsl:value-of select="substring(//@IssueInstant,12,2)"/>:
-<xsl:value-of select="substring(//@IssueInstant,15,2)"/>:
-<xsl:value-of select="substring(//@IssueInstant,18,2)"/>
- </h4>
- <xsl:if test="//saml:Attribute[@AttributeName=&apos;HPI&apos;]">
- <h4>HPI(**): <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;HPI&apos;]/saml:AttributeValue"/>
- </h4>
- </xsl:if>
- <xsl:if test="//saml:Attribute[@AttributeName=&apos;wbPK&apos;]">
- <h4>wbPK(*): <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;wbPK&apos;]/saml:AttributeValue/pr:Identification/pr:Value"/>
- </h4>
- </xsl:if>
- <xsl:if test="//saml:Attribute[@AttributeName=&apos;MandatorName&apos;]">
- <hr/>
- <h4>Ich bin weiters ermächtigt als <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;RepresentationType&apos;]/saml:AttributeValue/text()"/>
-von <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;MandatorName&apos;]/saml:AttributeValue/text()"/>
- <xsl:if test="//saml:Attribute[@AttributeName=&apos;MandatorDateOfBirth&apos;]">, geboren am
- <xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;MandatorDateOfBirth&apos;]/saml:AttributeValue,9,2)"/>.
- <xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;MandatorDateOfBirth&apos;]/saml:AttributeValue,6,2)"/>.
- <xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;MandatorDateOfBirth&apos;]/saml:AttributeValue,1,4)"/>
- </xsl:if>
- <xsl:if test="//saml:Attribute[@AttributeName=&apos;MandatorDomainIdentifier&apos;]">,
- <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;MandatorDomainIdentifier&apos;]/saml:AttributeValue/text()"/>
- </xsl:if>, in deren Auftrag zu handeln.
-</h4>
- <xsl:if test="//saml:Attribute[@AttributeName=&apos;MandatorWbpk&apos;]">
- <h4>wbPK(*) des Vollmachtgebers: <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;MandatorWbpk&apos;]/saml:AttributeValue/text()"/>
- </h4>
- </xsl:if>
- <p/>
- </xsl:if>
- <xsl:choose>
- <xsl:when test="//saml:Attribute[@AttributeName=&apos;OID&apos;]">
- <p/>
- <hr/>
- </xsl:when>
- <xsl:when test="//saml:Attribute[@AttributeName=&apos;HPI&apos;]">
- <p/>
- <hr/>
- </xsl:when>
- <xsl:when test="//saml:Attribute[@AttributeName=&apos;wbPK&apos;]">
- <p/>
- <hr/>
- </xsl:when>
- </xsl:choose>
- <xsl:if test="//saml:Attribute[@AttributeName=&apos;wbPK&apos;]">
- <div class="annotationstyle">(*) wbPK: Das <span class="italicstyle">wirtschaftsbereichsspezifische Personenkennzeichen</span> wird aus den
-jeweiligen Stammzahlen des Bürgers und des Wirtschaftsunternehmens berechnet und ermöglicht eine eindeutige Zuordnung des Bürgers zum
-Wirtschaftsunternehmen.</div>
- </xsl:if>
- <xsl:if test="//saml:Attribute[@AttributeName=&apos;HPI&apos;]">
- <div class="annotationstyle">(**) HPI: Der <span class="italicstyle">eHealth Professional Identifier</span> wird aus den jeweiligen
-Stammzahlen der Gesundheitsdiensteanbieterinnen / Gesundheitsdiensteanbieter berechnet und ermöglicht eine eindeutige Zuordnung der
-Gesundheitsdiensteanbieterin / des Gesundheitsdiensteanbieters im Gesundheitsbereich.</div>
- </xsl:if>
- <xsl:if test="//saml:Attribute[@AttributeName=&apos;OID&apos;]">
- <div class="annotationstyle">(***) OID: <span class="italicstyle">Object Identifier</span> sind standardisierte Objekt-Bezeichner und
-beschreiben eindeutig die Rollen des GDA-Token Inhabers.</div>
- </xsl:if>
- </body>
- </html>
- </xsl:template>
- </xsl:stylesheet>
- </dsig:Transform>
- <dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/>
- </dsig:Transforms>
- <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
- <dsig:DigestValue>0q9QWyqAyyiVNNLu1rIcU+nKsEE=</dsig:DigestValue>
- </dsig:Reference>
- <dsig:Reference Id="etsi-data-reference-0-1216050695-35956125-7815" Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#xmlns(etsi=http://uri.etsi.org/01903/v1.1.1%23)%20xpointer(id(&apos;etsi-data-object-0-1216050695-35956125-20638&apos;)/child::etsi:QualifyingProperties/child::etsi:SignedProperties)">
- <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
- <dsig:DigestValue>WtB0/ptvoB/r/7+fauSUIBULymg=</dsig:DigestValue>
- </dsig:Reference>
- </dsig:SignedInfo>
- <dsig:SignatureValue>mZt9DuZiDqG81scsf30qjSDdy6vKC2/n034ZZwMUAvfWOXy3+Ubsk5X5CHhz
-+lyI</dsig:SignatureValue>
- <dsig:KeyInfo>
- <dsig:X509Data>
- <dsig:X509Certificate>MIIEtDCCA5ygAwIBAgIDAgTEMA0GCSqGSIb3DQEBBQUAMIGXMQswCQYDVQQG
-EwJBVDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lz
-dGVtZSBpbSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMR4wHAYDVQQLDBVh
-LXNpZ24tUHJlbWl1bS1TaWctMDIxHjAcBgNVBAMMFWEtc2lnbi1QcmVtaXVt
-LVNpZy0wMjAeFw0wNjA0MDQwOTUyMjhaFw0xMTA0MDQwOTUyMjhaMGkxCzAJ
-BgNVBAYTAkFUMRUwEwYDVQQDDAxUaG9tYXMgS25hbGwxDjAMBgNVBAQMBUtu
-YWxsMQ8wDQYDVQQqDAZUaG9tYXMxFTATBgNVBAUTDDUzNTE5ODkyMzM0OTEL
-MAkGA1UEDAwCREkwSTATBgcqhkjOPQIBBggqhkjOPQMBAQMyAARrnYW5sXCQ
-6M3irWaanDPi/ROXueKWiPRyZGjNH0Cp/NaiOuvrpv2RDVEKQm2tBiajggIP
-MIICCzATBgNVHSMEDDAKgAhN3+H/S9nJ3zAnBggrBgEFBQcBAwEB/wQYMBYw
-CAYGBACORgEBMAoGCCsGAQUFBwsBMHsGCCsGAQUFBwEBBG8wbTBCBggrBgEF
-BQcwAoY2aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRzL2Etc2lnbi1QcmVt
-aXVtLVNpZy0wMmEuY3J0MCcGCCsGAQUFBzABhhtodHRwOi8vb2NzcC5hLXRy
-dXN0LmF0L29jc3AwWQYDVR0gBFIwUDBEBgYqKAARAQswOjA4BggrBgEFBQcC
-ARYsaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3MvY3AvYS1zaWduLVByZW1p
-dW0wCAYGBACLMAEBMIGaBgNVHR8EgZIwgY8wgYyggYmggYaGgYNsZGFwOi8v
-bGRhcC5hLXRydXN0LmF0L291PWEtc2lnbi1QcmVtaXVtLVNpZy0wMixvPUEt
-VHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2Jq
-ZWN0Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1dGhvcml0eTARBgNVHQ4ECgQI
-SNyH29WUoCgwDgYDVR0PAQH/BAQDAgbAMCgGA1UdCQQhMB8wHQYIKwYBBQUH
-CQExERgPMTk3ODA0MjkwMDAwMDBaMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEF
-BQADggEBAFkSCJE0YD4p4izU3ekQYPv4Z7gm/VFlpma5hXNvwkajVjHlAqo/
-ylYn8NQ4mMkD+yCDNtm8m8nr0K/yICb8Gnkbv59i6nh2AbzYBBb49VnYYGL6
-uunLH0aFUpAhy+3mDdlH8uhhIQBHwCfgwG1qa5zXY7bz4Vzkac/h6T+JVFkI
-egO8OHQDadhgJvW80qspiao2DTac6vVgx4tGvjpdmw1R2pXBYhHD5rkPHlkf
-GoeL3ak6hq4ea94Oy5VfNTIJv5MA0J2G1mwnW9B8uPWSM5EYPoWJyBOWcKBL
-SSUqOt9D/9215ZGfbchkdRZjx0dTAD3FIhgG8nA72/uCFrBzyTk=
-</dsig:X509Certificate>
- </dsig:X509Data>
- </dsig:KeyInfo>
- <dsig:Object Id="etsi-data-object-0-1216050695-35956125-20638">
- <etsi:QualifyingProperties Target="#signature-1216050695-35956125-21395" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#">
- <etsi:SignedProperties>
- <etsi:SignedSignatureProperties>
- <etsi:SigningTime>2008-07-14T15:51:35Z</etsi:SigningTime>
- <etsi:SigningCertificate>
- <etsi:Cert>
- <etsi:CertDigest>
- <etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
- <etsi:DigestValue>inMYWBmAxMHP7mDENjLFaEtv0Zk=</etsi:DigestValue>
- </etsi:CertDigest>
- <etsi:IssuerSerial>
- <dsig:X509IssuerName>CN=a-sign-Premium-Sig-02,OU=a-sign-Premium-Sig-02,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</dsig:X509IssuerName>
- <dsig:X509SerialNumber>132292</dsig:X509SerialNumber>
- </etsi:IssuerSerial>
- </etsi:Cert>
- </etsi:SigningCertificate>
- <etsi:SignaturePolicyIdentifier>
- <etsi:SignaturePolicyImplied/>
- </etsi:SignaturePolicyIdentifier>
- </etsi:SignedSignatureProperties>
- <etsi:SignedDataObjectProperties>
- <etsi:DataObjectFormat ObjectReference="#signed-data-reference-0-1216050695-35956125-19584">
- <etsi:MimeType>application/xhtml+xml</etsi:MimeType>
- </etsi:DataObjectFormat>
- </etsi:SignedDataObjectProperties>
- </etsi:SignedProperties>
- </etsi:QualifyingProperties>
- </dsig:Object>
-</dsig:Signature> \ No newline at end of file
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/ValidateIdentityLinkTask.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/ValidateIdentityLinkTask.java
new file mode 100644
index 000000000..a8e7df3d7
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/ValidateIdentityLinkTask.java
@@ -0,0 +1,42 @@
+package at.gv.egovernment.moa.id.process.spring.test.task;
+
+import java.util.Objects;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+import at.gv.egovernment.moa.id.process.api.Task;
+
+/**
+ * Dummy task simulating the validation of an IdentityLink.
+ * <p>
+ * Requires context data:
+ * <ul>
+ * <li>{@code IdentityLink}</li>
+ * </ul>
+ * </p>
+ * <p>
+ * Enriches context data with:
+ * <ul>
+ * <li>{@code isIdentityLinkValidated}</li>
+ * </ul>
+ * </p>
+ *
+ * @author tknall
+ *
+ */
+public class ValidateIdentityLinkTask implements Task {
+
+ private Logger log = LoggerFactory.getLogger(getClass());
+
+ @Override
+ public void execute(ExecutionContext executionContext) {
+ Objects.requireNonNull(executionContext.get("IdentityLink"));
+
+ log.debug("Validating IdentityLink.");
+
+ executionContext.put("isIdentityLinkValidated", true);
+ }
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/ValidateSignedAuthBlockTask.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/ValidateSignedAuthBlockTask.java
new file mode 100644
index 000000000..07b2ea69c
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/ValidateSignedAuthBlockTask.java
@@ -0,0 +1,46 @@
+package at.gv.egovernment.moa.id.process.spring.test.task;
+
+import java.util.Objects;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+import at.gv.egovernment.moa.id.process.api.Task;
+
+/**
+ * A dummy task simulating the validation of an auth block.
+ * <p>
+ * Requires context data:
+ * <ul>
+ * <li>{@code IdentityLink}</li>
+ * <li>{@code isIdentityLinkValidated}</li>
+ * <li>{@code SignedAuthBlock}</li>
+ * </ul>
+ * </p>
+ * <p>
+ * Enriches context data with:
+ * <ul>
+ * <li>{@code isSignedAuthBlockValidated}</li>
+ * </ul>
+ * </p>
+ *
+ * @author tknall
+ *
+ */
+public class ValidateSignedAuthBlockTask implements Task {
+
+ private Logger log = LoggerFactory.getLogger(getClass());
+
+ @Override
+ public void execute(ExecutionContext executionContext) throws Exception {
+ Objects.requireNonNull(executionContext.get("IdentityLink"));
+ assert (Boolean.TRUE.equals(Objects.requireNonNull(executionContext.get("isIdentityLinkValidated"))));
+ Objects.requireNonNull(executionContext.get("SignedAuthBlock"));
+
+ log.debug("Using validated IdentityLink and signed auth block in order to validate signed auth block.");
+
+ executionContext.put("isSignedAuthBlockValidated", true);
+ }
+
+}