diff options
Diffstat (limited to 'id/server/idserverlib/src/test/java/test/abnahme/A/Test300VerifyAuthBlock.java')
-rw-r--r-- | id/server/idserverlib/src/test/java/test/abnahme/A/Test300VerifyAuthBlock.java | 1266 |
1 files changed, 633 insertions, 633 deletions
diff --git a/id/server/idserverlib/src/test/java/test/abnahme/A/Test300VerifyAuthBlock.java b/id/server/idserverlib/src/test/java/test/abnahme/A/Test300VerifyAuthBlock.java index 6e6092b3f..9d07b6620 100644 --- a/id/server/idserverlib/src/test/java/test/abnahme/A/Test300VerifyAuthBlock.java +++ b/id/server/idserverlib/src/test/java/test/abnahme/A/Test300VerifyAuthBlock.java @@ -1,633 +1,633 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package test.abnahme.A; - -import java.util.Calendar; -import java.util.HashMap; - -import org.w3c.dom.Element; -import test.abnahme.AbnahmeTestCase; - -import at.gv.egovernment.moa.id.AuthenticationException; -import at.gv.egovernment.moa.id.BuildException; -import at.gv.egovernment.moa.id.ParseException; -import at.gv.egovernment.moa.id.auth.AuthenticationServer; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataAssertionBuilder; -import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder; -import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; -import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; -import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; -import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; -import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser; -import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; -import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; -import at.gv.egovernment.moa.id.auth.validator.CreateXMLSignatureResponseValidator; -import at.gv.egovernment.moa.id.auth.validator.ValidateException; -import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.data.AuthenticationData; -import at.gv.egovernment.moa.id.util.Random; -import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.egovernment.moa.util.DateTimeUtils; - -/** - * @author Stefan Knirsch - * @version $Id$ - * - */ - -public class Test300VerifyAuthBlock extends AbnahmeTestCase { - - public Test300VerifyAuthBlock(String name) { - super(name); - } - - public void testA301() throws Exception { - try { - String sessionID = startAuthentication(); - AuthenticationData authData = initServer(sessionID); - //authDataWriter(authData,this.getName()+"new.xml"); - assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); - System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA302() throws Exception { - try { - String sessionID = startAuthentication(); - AuthenticationData authData = initServer(sessionID); - //authDataWriter(authData,this.getName()+"new.xml"); - assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); - System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA303() throws Exception { - try { - String sessionID = startAuthentication(); - AuthenticationData authData = initServer(sessionID); - assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); - System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA304() throws Exception { - try { - String sessionID = startAuthentication(); - AuthenticationData authData = initServer(sessionID); - assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); - System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA305() throws Exception { - try { - String sessionID = startAuthentication(); - AuthenticationData authData = initServer(sessionID); - assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); - System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA306() throws Exception { - try { - String sessionID = startAuthentication(); - AuthenticationData authData = initServer(sessionID); - assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); - System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA307() throws Exception { - try { - String sessionID = startAuthentication(); - AuthenticationData authData = initServer(sessionID); - assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); - System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA308() throws Exception { - try { - String sessionID = startAuthentication(); - AuthenticationData authData = initServer(sessionID); - assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); - System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - - } - - public void testA309() throws Exception { - try { - String sessionID = startAuthentication(); - AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID); - assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); - System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA310() throws Exception { - try { - String sessionID = startAuthentication(); - AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID); - assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); - System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA311() throws Exception { - try { - String sessionID = startAuthentication(); - AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID); - assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); - System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA351() throws Exception { - try { - String sessionID = startAuthentication(); - System.out.println(sessionID); - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); - IdentityLink idl = irrp.parseIdentityLink(); - Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); - Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); - new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); - //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); - // System.out.println(createXMLSignatureRequest); - String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); - - // nicht existierende Session.... - try { - server.verifyAuthenticationBlock("0", createXMLSignatureResponse); - fail(); - } - catch (AuthenticationException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA352() throws Exception { - try { - String sessionID = startAuthentication(); - System.out.println(sessionID); - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - server.setSecondsSessionTimeOut(-100); - server.cleanup(); - InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); - IdentityLink idl = irrp.parseIdentityLink(); - Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); - Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); - new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); - //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); - // System.out.println(createXMLSignatureRequest); - String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); - - // abgelaufene Session.... - server.setSecondsSessionTimeOut(1000); - try { - server.verifyAuthenticationBlock("0", createXMLSignatureResponse); - fail(); - } - catch (AuthenticationException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA353() throws Exception { - try { - String sessionID = startAuthentication(); - System.out.println(sessionID); - - String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); - - // Session for VerifyIdentityLink-Aufruf - try { - - server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); - fail(); - } - //NOCH SEHR UNSCHÖN..... (fliegt raus im AuthenticationServer, Methode buildAuthenticationData - // ( IdentityLink identityLink = session.getIdentityLink(); ==> liefert dann NULL... - catch (NullPointerException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA354() throws Exception { - try { - String sessionID = startAuthentication(); - System.out.println(sessionID); - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); - IdentityLink idl = irrp.parseIdentityLink(); - Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); - Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); - new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); - //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); - // System.out.println(createXMLSignatureRequest); - String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); - - // nicht existierende Session.... - - server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); - try { - server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); - fail(); - } - catch (AuthenticationException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA355() throws Exception { - try { - String sessionID = startAuthentication(); - try { - initServer(sessionID); - fail(); - } - catch (ParseException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA356() throws Exception { - try { - String sessionID = startAuthentication(); - try { - initServer(sessionID); - fail(); - } - catch (ParseException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA357() throws Exception { - try { - String sessionID = startAuthentication(); - try { - initServer(sessionID); - fail(); - } - catch (ValidateException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA358() throws Exception { - try { - String sessionID = startAuthentication(); - try { - initServer(sessionID); - fail(); - } - catch (ValidateException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA359() throws Exception { - try { - String sessionID = startAuthentication(); - try { - initServer(sessionID); - fail(); - } - catch (ValidateException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA360() throws Exception { - try { - String sessionID = startAuthentication(); - try { - initServer(sessionID); - fail(); - } - catch (ValidateException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA361() throws Exception { - try { - String sessionID = startAuthentication(); - try { - initServer(sessionID); - fail(); - } - catch (ValidateException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA362() throws Exception { - try { - String sessionID = startAuthentication(); - try { - initServer(sessionID); - fail(); - } - catch (ValidateException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA363() throws Exception { - try { - String sessionID = startAuthentication(); - try { - initServer(sessionID); - fail(); - } - catch (ValidateException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA364() throws Exception { - try { - String sessionID = startAuthentication(); - try { - - initServer(sessionID); - fail(); - } - catch (ValidateException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - /* public void testA365() throws Exception { - String sessionID = startAuthentication(); - try { - // wegen sinnlosigkeit gestrichen - initServer(sessionID); - fail(); - } - catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");} - }*/ - - public void testA366() throws Exception { - - String sessionID = startAuthentication(); - try { - initServer(sessionID); - fail(); - } - catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");} - } - public void testA367() throws Exception { - String sessionID = startAuthentication(); - try { - initServer(sessionID); - fail(); - } - catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");} - } - - - private AuthenticationData initServer(String sessionID) throws Exception { - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); - IdentityLink idl = irrp.parseIdentityLink(); - Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, "TrustProfile1"); - Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); - new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); - //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); - // System.out.println(createXMLSignatureRequest); - String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); - // CreateXMLSignatureResponseValidator.getInstance().validate(new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(),"gb","https://localhost:9443/"); - String samlArtifact = server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); - AuthenticationData authData = server.getAuthenticationData(samlArtifact); - return authData; - } - - private AuthenticationData initServerWithoutValidateAuthBlock(String sessionID) throws Exception { - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); - IdentityLink idl = irrp.parseIdentityLink(); - Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, "TrustProfile1"); - Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); - new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); - //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); - // System.out.println(createXMLSignatureRequest); - String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); - // CreateXMLSignatureResponseValidator.getInstance().validate(new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(),"gb","https://localhost:9443/"); - - AuthenticationSession session = AuthenticationServer.getSession(sessionID); - AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance(); - // parses <CreateXMLSignatureResponse> - CreateXMLSignatureResponse csresp = - new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(); - // validates <CreateXMLSignatureResponse> - new CreateXMLSignatureResponseValidator().validate(csresp, session); - // builds a <VerifyXMLSignatureRequest> for a MOA-SPSS call - String[] vtids = authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs(); - String tpid = authConf.getMoaSpAuthBlockTrustProfileID(); - Element domVsreq = new VerifyXMLSignatureRequestBuilder().build(csresp, vtids, tpid); - // invokes the call - Element domVsresp = new SignatureVerificationInvoker().verifyXMLSignature(domVsreq); - // parses the <VerifyXMLSignatureResponse> - VerifyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponseParser(domVsresp).parseData(); - // validates the <VerifyXMLSignatureResponse> - VerifyXMLSignatureResponseValidator.getInstance().validate(vsresp, null, VerifyXMLSignatureResponseValidator.CHECK_AUTH_BLOCK, true); - // compares the public keys from the identityLink with the AuthBlock - - // builds authentication data and stores it together with a SAML artifact - AuthenticationData authData = buildAuthenticationData(session, vsresp); - return authData; - } - private AuthenticationData buildAuthenticationData( - AuthenticationSession session, - VerifyXMLSignatureResponse verifyXMLSigResp) - throws ConfigurationException, BuildException { - - IdentityLink identityLink = session.getIdentityLink(); - AuthenticationData authData = new AuthenticationData(); - authData.setMajorVersion(1); - authData.setMinorVersion(0); - authData.setAssertionID(Random.nextRandom()); - authData.setIssuer(session.getAuthURL()); - authData.setIssueInstant(DateTimeUtils.buildDateTime(Calendar.getInstance(), false)); - String vpkBase64 = new BPKBuilder().buildBPK( - identityLink.getIdentificationValue(), session.getTarget()); - authData.setBPK(vpkBase64); - authData.setGivenName(identityLink.getGivenName()); - authData.setFamilyName(identityLink.getFamilyName()); - authData.setDateOfBirth(identityLink.getDateOfBirth()); - authData.setQualifiedCertificate(verifyXMLSigResp.isQualifiedCertificate()); - authData.setPublicAuthority(verifyXMLSigResp.isPublicAuthority()); - authData.setPublicAuthorityCode(verifyXMLSigResp.getPublicAuthorityCode()); - OAAuthParameter oaParam = - AuthConfigurationProvider.getInstance().getOnlineApplicationParameter( - session.getPublicOAURLPrefix()); - String prPerson = new PersonDataBuilder().build( - identityLink, oaParam.getProvideStammzahl()); - - try { - String ilAssertion = - oaParam.getProvideIdentityLink() ? DOMUtils.serializeNode(identityLink.getSamlAssertion()) : ""; - String authBlock = oaParam.getProvideAuthBlock() ? session.getAuthBlock() : ""; - String samlAssertion = new AuthenticationDataAssertionBuilder().build( - authData, prPerson, authBlock, ilAssertion, session.getBkuURL(), "", false, null, false, -1); - authData.setSamlAssertion(samlAssertion); - return authData; - } - catch (Throwable ex) { - throw new BuildException( - "builder.00", - new Object[] { "AuthenticationData", ex.getMessage() }, - ex); - } - } -} +///* +// * Copyright 2003 Federal Chancellery Austria +// * MOA-ID has been developed in a cooperation between BRZ, the Federal +// * Chancellery Austria - ICT staff unit, and Graz University of Technology. +// * +// * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by +// * the European Commission - subsequent versions of the EUPL (the "Licence"); +// * You may not use this work except in compliance with the Licence. +// * You may obtain a copy of the Licence at: +// * http://www.osor.eu/eupl/ +// * +// * Unless required by applicable law or agreed to in writing, software +// * distributed under the Licence is distributed on an "AS IS" basis, +// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// * See the Licence for the specific language governing permissions and +// * limitations under the Licence. +// * +// * This product combines work with different licenses. See the "NOTICE" text +// * file for details on the various modules and licenses. +// * The "NOTICE" text file is part of the distribution. Any derivative works +// * that you distribute must include a readable copy of the "NOTICE" text file. +// */ +// +// +//package test.abnahme.A; +// +//import java.util.Calendar; +//import java.util.HashMap; +// +//import org.w3c.dom.Element; +//import test.abnahme.AbnahmeTestCase; +// +//import at.gv.egovernment.moa.id.AuthenticationException; +//import at.gv.egovernment.moa.id.BuildException; +//import at.gv.egovernment.moa.id.ParseException; +//import at.gv.egovernment.moa.id.auth.AuthenticationServer; +//import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; +//import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataAssertionBuilder; +//import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder; +//import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; +//import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; +//import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +//import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; +//import at.gv.egovernment.moa.id.auth.data.IdentityLink; +//import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; +//import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; +//import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser; +//import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; +//import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; +//import at.gv.egovernment.moa.id.auth.validator.CreateXMLSignatureResponseValidator; +//import at.gv.egovernment.moa.id.auth.validator.ValidateException; +//import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator; +//import at.gv.egovernment.moa.id.config.ConfigurationException; +//import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +//import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +//import at.gv.egovernment.moa.id.data.AuthenticationData; +//import at.gv.egovernment.moa.id.util.Random; +//import at.gv.egovernment.moa.util.DOMUtils; +//import at.gv.egovernment.moa.util.DateTimeUtils; +// +///** +// * @author Stefan Knirsch +// * @version $Id$ +// * +// */ +// +//public class Test300VerifyAuthBlock extends AbnahmeTestCase { +// +// public Test300VerifyAuthBlock(String name) { +// super(name); +// } +// +// public void testA301() throws Exception { +// try { +// String sessionID = startAuthentication(); +// AuthenticationData authData = initServer(sessionID); +// //authDataWriter(authData,this.getName()+"new.xml"); +// assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); +// System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testA302() throws Exception { +// try { +// String sessionID = startAuthentication(); +// AuthenticationData authData = initServer(sessionID); +// //authDataWriter(authData,this.getName()+"new.xml"); +// assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); +// System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// public void testA303() throws Exception { +// try { +// String sessionID = startAuthentication(); +// AuthenticationData authData = initServer(sessionID); +// assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); +// System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// public void testA304() throws Exception { +// try { +// String sessionID = startAuthentication(); +// AuthenticationData authData = initServer(sessionID); +// assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); +// System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// public void testA305() throws Exception { +// try { +// String sessionID = startAuthentication(); +// AuthenticationData authData = initServer(sessionID); +// assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); +// System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// public void testA306() throws Exception { +// try { +// String sessionID = startAuthentication(); +// AuthenticationData authData = initServer(sessionID); +// assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); +// System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// public void testA307() throws Exception { +// try { +// String sessionID = startAuthentication(); +// AuthenticationData authData = initServer(sessionID); +// assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); +// System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// public void testA308() throws Exception { +// try { +// String sessionID = startAuthentication(); +// AuthenticationData authData = initServer(sessionID); +// assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); +// System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// +// } +// +// public void testA309() throws Exception { +// try { +// String sessionID = startAuthentication(); +// AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID); +// assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); +// System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// public void testA310() throws Exception { +// try { +// String sessionID = startAuthentication(); +// AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID); +// assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); +// System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// public void testA311() throws Exception { +// try { +// String sessionID = startAuthentication(); +// AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID); +// assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); +// System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testA351() throws Exception { +// try { +// String sessionID = startAuthentication(); +// System.out.println(sessionID); +// String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); +// HashMap parameters = new HashMap(1); +// parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); +// server.verifyIdentityLink(sessionID, parameters); +// InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); +// IdentityLink idl = irrp.parseIdentityLink(); +// Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); +// Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); +// new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); +// //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); +// // System.out.println(createXMLSignatureRequest); +// String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); +// +// // nicht existierende Session.... +// try { +// server.verifyAuthenticationBlock("0", createXMLSignatureResponse); +// fail(); +// } +// catch (AuthenticationException e) { +// System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); +// } +// +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testA352() throws Exception { +// try { +// String sessionID = startAuthentication(); +// System.out.println(sessionID); +// String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); +// HashMap parameters = new HashMap(1); +// parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); +// server.verifyIdentityLink(sessionID, parameters); +// server.setSecondsSessionTimeOut(-100); +// server.cleanup(); +// InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); +// IdentityLink idl = irrp.parseIdentityLink(); +// Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); +// Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); +// new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); +// //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); +// // System.out.println(createXMLSignatureRequest); +// String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); +// +// // abgelaufene Session.... +// server.setSecondsSessionTimeOut(1000); +// try { +// server.verifyAuthenticationBlock("0", createXMLSignatureResponse); +// fail(); +// } +// catch (AuthenticationException e) { +// System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); +// } +// +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testA353() throws Exception { +// try { +// String sessionID = startAuthentication(); +// System.out.println(sessionID); +// +// String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); +// +// // Session for VerifyIdentityLink-Aufruf +// try { +// +// server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); +// fail(); +// } +// //NOCH SEHR UNSCH�N..... (fliegt raus im AuthenticationServer, Methode buildAuthenticationData +// // ( IdentityLink identityLink = session.getIdentityLink(); ==> liefert dann NULL... +// catch (NullPointerException e) { +// System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testA354() throws Exception { +// try { +// String sessionID = startAuthentication(); +// System.out.println(sessionID); +// String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); +// HashMap parameters = new HashMap(1); +// parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); +// server.verifyIdentityLink(sessionID, parameters); +// InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); +// IdentityLink idl = irrp.parseIdentityLink(); +// Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); +// Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); +// new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); +// //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); +// // System.out.println(createXMLSignatureRequest); +// String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); +// +// // nicht existierende Session.... +// +// server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); +// try { +// server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); +// fail(); +// } +// catch (AuthenticationException e) { +// System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testA355() throws Exception { +// try { +// String sessionID = startAuthentication(); +// try { +// initServer(sessionID); +// fail(); +// } +// catch (ParseException e) { +// System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testA356() throws Exception { +// try { +// String sessionID = startAuthentication(); +// try { +// initServer(sessionID); +// fail(); +// } +// catch (ParseException e) { +// System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// public void testA357() throws Exception { +// try { +// String sessionID = startAuthentication(); +// try { +// initServer(sessionID); +// fail(); +// } +// catch (ValidateException e) { +// System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// public void testA358() throws Exception { +// try { +// String sessionID = startAuthentication(); +// try { +// initServer(sessionID); +// fail(); +// } +// catch (ValidateException e) { +// System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// public void testA359() throws Exception { +// try { +// String sessionID = startAuthentication(); +// try { +// initServer(sessionID); +// fail(); +// } +// catch (ValidateException e) { +// System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// public void testA360() throws Exception { +// try { +// String sessionID = startAuthentication(); +// try { +// initServer(sessionID); +// fail(); +// } +// catch (ValidateException e) { +// System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// public void testA361() throws Exception { +// try { +// String sessionID = startAuthentication(); +// try { +// initServer(sessionID); +// fail(); +// } +// catch (ValidateException e) { +// System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// public void testA362() throws Exception { +// try { +// String sessionID = startAuthentication(); +// try { +// initServer(sessionID); +// fail(); +// } +// catch (ValidateException e) { +// System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testA363() throws Exception { +// try { +// String sessionID = startAuthentication(); +// try { +// initServer(sessionID); +// fail(); +// } +// catch (ValidateException e) { +// System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testA364() throws Exception { +// try { +// String sessionID = startAuthentication(); +// try { +// +// initServer(sessionID); +// fail(); +// } +// catch (ValidateException e) { +// System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); +// } +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// /* public void testA365() throws Exception { +// String sessionID = startAuthentication(); +// try { +// // wegen sinnlosigkeit gestrichen +// initServer(sessionID); +// fail(); +// } +// catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");} +// }*/ +// +// public void testA366() throws Exception { +// +// String sessionID = startAuthentication(); +// try { +// initServer(sessionID); +// fail(); +// } +// catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");} +// } +// public void testA367() throws Exception { +// String sessionID = startAuthentication(); +// try { +// initServer(sessionID); +// fail(); +// } +// catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");} +// } +// +// +// private AuthenticationData initServer(String sessionID) throws Exception { +// String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); +// HashMap parameters = new HashMap(1); +// parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); +// server.verifyIdentityLink(sessionID, parameters); +// InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); +// IdentityLink idl = irrp.parseIdentityLink(); +// Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, "TrustProfile1"); +// Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); +// new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); +// //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); +// // System.out.println(createXMLSignatureRequest); +// String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); +// // CreateXMLSignatureResponseValidator.getInstance().validate(new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(),"gb","https://localhost:9443/"); +// String samlArtifact = server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); +// AuthenticationData authData = server.getAuthenticationData(samlArtifact); +// return authData; +// } +// +// private AuthenticationData initServerWithoutValidateAuthBlock(String sessionID) throws Exception { +// String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); +// HashMap parameters = new HashMap(1); +// parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); +// server.verifyIdentityLink(sessionID, parameters); +// InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); +// IdentityLink idl = irrp.parseIdentityLink(); +// Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, "TrustProfile1"); +// Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); +// new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); +// //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); +// // System.out.println(createXMLSignatureRequest); +// String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); +// // CreateXMLSignatureResponseValidator.getInstance().validate(new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(),"gb","https://localhost:9443/"); +// +// AuthenticationSession session = AuthenticationServer.getSession(sessionID); +// AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance(); +// // parses <CreateXMLSignatureResponse> +// CreateXMLSignatureResponse csresp = +// new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(); +// // validates <CreateXMLSignatureResponse> +// new CreateXMLSignatureResponseValidator().validate(csresp, session); +// // builds a <VerifyXMLSignatureRequest> for a MOA-SPSS call +// String[] vtids = authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs(); +// String tpid = authConf.getMoaSpAuthBlockTrustProfileID(); +// Element domVsreq = new VerifyXMLSignatureRequestBuilder().build(csresp, vtids, tpid); +// // invokes the call +// Element domVsresp = new SignatureVerificationInvoker().verifyXMLSignature(domVsreq); +// // parses the <VerifyXMLSignatureResponse> +// VerifyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponseParser(domVsresp).parseData(); +// // validates the <VerifyXMLSignatureResponse> +// VerifyXMLSignatureResponseValidator.getInstance().validate(vsresp, null, VerifyXMLSignatureResponseValidator.CHECK_AUTH_BLOCK, true); +// // compares the public keys from the identityLink with the AuthBlock +// +// // builds authentication data and stores it together with a SAML artifact +// AuthenticationData authData = buildAuthenticationData(session, vsresp); +// return authData; +// } +// private AuthenticationData buildAuthenticationData( +// AuthenticationSession session, +// VerifyXMLSignatureResponse verifyXMLSigResp) +// throws ConfigurationException, BuildException { +// +// IdentityLink identityLink = session.getIdentityLink(); +// AuthenticationData authData = new AuthenticationData(); +// authData.setMajorVersion(1); +// authData.setMinorVersion(0); +// authData.setAssertionID(Random.nextRandom()); +// authData.setIssuer(session.getAuthURL()); +// authData.setIssueInstant(DateTimeUtils.buildDateTime(Calendar.getInstance(), false)); +// String vpkBase64 = new BPKBuilder().buildBPK( +// identityLink.getIdentificationValue(), session.getTarget()); +// authData.setBPK(vpkBase64); +// authData.setGivenName(identityLink.getGivenName()); +// authData.setFamilyName(identityLink.getFamilyName()); +// authData.setDateOfBirth(identityLink.getDateOfBirth()); +// authData.setQualifiedCertificate(verifyXMLSigResp.isQualifiedCertificate()); +// authData.setPublicAuthority(verifyXMLSigResp.isPublicAuthority()); +// authData.setPublicAuthorityCode(verifyXMLSigResp.getPublicAuthorityCode()); +// OAAuthParameter oaParam = +// AuthConfigurationProvider.getInstance().getOnlineApplicationParameter( +// session.getPublicOAURLPrefix()); +// String prPerson = new PersonDataBuilder().build( +// identityLink, oaParam.getProvideStammzahl()); +// +// try { +// String ilAssertion = +// oaParam.getProvideIdentityLink() ? DOMUtils.serializeNode(identityLink.getSamlAssertion()) : ""; +// String authBlock = oaParam.getProvideAuthBlock() ? session.getAuthBlock() : ""; +// String samlAssertion = new AuthenticationDataAssertionBuilder().build( +// authData, prPerson, authBlock, ilAssertion, session.getBkuURL(), "", false, null, false, -1); +// authData.setSamlAssertion(samlAssertion); +// return authData; +// } +// catch (Throwable ex) { +// throw new BuildException( +// "builder.00", +// new Object[] { "AuthenticationData", ex.getMessage() }, +// ex); +// } +// } +//} |