diff options
Diffstat (limited to 'id/server/idserverlib/src/test/java/test/abnahme/A/Test300VerifyAuthBlock.java')
| -rw-r--r-- | id/server/idserverlib/src/test/java/test/abnahme/A/Test300VerifyAuthBlock.java | 633 |
1 files changed, 633 insertions, 0 deletions
diff --git a/id/server/idserverlib/src/test/java/test/abnahme/A/Test300VerifyAuthBlock.java b/id/server/idserverlib/src/test/java/test/abnahme/A/Test300VerifyAuthBlock.java new file mode 100644 index 000000000..a71fe0181 --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/abnahme/A/Test300VerifyAuthBlock.java @@ -0,0 +1,633 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.abnahme.A; + +import java.util.Calendar; +import java.util.HashMap; + +import org.w3c.dom.Element; +import test.abnahme.AbnahmeTestCase; + +import at.gv.egovernment.moa.id.AuthenticationException; +import at.gv.egovernment.moa.id.BuildException; +import at.gv.egovernment.moa.id.ParseException; +import at.gv.egovernment.moa.id.auth.AuthenticationServer; +import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataAssertionBuilder; +import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder; +import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; +import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; +import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; +import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; +import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser; +import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; +import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; +import at.gv.egovernment.moa.id.auth.validator.CreateXMLSignatureResponseValidator; +import at.gv.egovernment.moa.id.auth.validator.ValidateException; +import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator; +import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.data.AuthenticationData; +import at.gv.egovernment.moa.id.util.Random; +import at.gv.egovernment.moa.util.DOMUtils; +import at.gv.egovernment.moa.util.DateTimeUtils; + +/** + * @author Stefan Knirsch + * @version $Id$ + * + */ + +public class Test300VerifyAuthBlock extends AbnahmeTestCase { + + public Test300VerifyAuthBlock(String name) { + super(name); + } + + public void testA301() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServer(sessionID); + //authDataWriter(authData,this.getName()+"new.xml"); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA302() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServer(sessionID); + //authDataWriter(authData,this.getName()+"new.xml"); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA303() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServer(sessionID); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA304() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServer(sessionID); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA305() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServer(sessionID); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA306() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServer(sessionID); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA307() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServer(sessionID); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA308() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServer(sessionID); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + + } + + public void testA309() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA310() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA311() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA351() throws Exception { + try { + String sessionID = startAuthentication(); + System.out.println(sessionID); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + HashMap parameters = new HashMap(1); + parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); + server.verifyIdentityLink(sessionID, parameters); + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); + IdentityLink idl = irrp.parseIdentityLink(); + Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); + Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); + new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); + //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); + // System.out.println(createXMLSignatureRequest); + String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); + + // nicht existierende Session.... + try { + server.verifyAuthenticationBlock("0", createXMLSignatureResponse); + fail(); + } + catch (AuthenticationException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA352() throws Exception { + try { + String sessionID = startAuthentication(); + System.out.println(sessionID); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + HashMap parameters = new HashMap(1); + parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); + server.verifyIdentityLink(sessionID, parameters); + server.setSecondsSessionTimeOut(-100); + server.cleanup(); + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); + IdentityLink idl = irrp.parseIdentityLink(); + Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); + Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); + new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); + //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); + // System.out.println(createXMLSignatureRequest); + String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); + + // abgelaufene Session.... + server.setSecondsSessionTimeOut(1000); + try { + server.verifyAuthenticationBlock("0", createXMLSignatureResponse); + fail(); + } + catch (AuthenticationException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA353() throws Exception { + try { + String sessionID = startAuthentication(); + System.out.println(sessionID); + + String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); + + // Session for VerifyIdentityLink-Aufruf + try { + + server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); + fail(); + } + //NOCH SEHR UNSCHÖN..... (fliegt raus im AuthenticationServer, Methode buildAuthenticationData + // ( IdentityLink identityLink = session.getIdentityLink(); ==> liefert dann NULL... + catch (NullPointerException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA354() throws Exception { + try { + String sessionID = startAuthentication(); + System.out.println(sessionID); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + HashMap parameters = new HashMap(1); + parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); + server.verifyIdentityLink(sessionID, parameters); + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); + IdentityLink idl = irrp.parseIdentityLink(); + Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); + Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); + new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); + //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); + // System.out.println(createXMLSignatureRequest); + String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); + + // nicht existierende Session.... + + server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); + try { + server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); + fail(); + } + catch (AuthenticationException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA355() throws Exception { + try { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ParseException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA356() throws Exception { + try { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ParseException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA357() throws Exception { + try { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ValidateException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA358() throws Exception { + try { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ValidateException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA359() throws Exception { + try { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ValidateException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA360() throws Exception { + try { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ValidateException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA361() throws Exception { + try { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ValidateException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA362() throws Exception { + try { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ValidateException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA363() throws Exception { + try { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ValidateException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA364() throws Exception { + try { + String sessionID = startAuthentication(); + try { + + initServer(sessionID); + fail(); + } + catch (ValidateException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + /* public void testA365() throws Exception { + String sessionID = startAuthentication(); + try { + // wegen sinnlosigkeit gestrichen + initServer(sessionID); + fail(); + } + catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");} + }*/ + + public void testA366() throws Exception { + + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");} + } + public void testA367() throws Exception { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");} + } + + + private AuthenticationData initServer(String sessionID) throws Exception { + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + HashMap parameters = new HashMap(1); + parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); + server.verifyIdentityLink(sessionID, parameters); + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); + IdentityLink idl = irrp.parseIdentityLink(); + Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, "TrustProfile1"); + Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); + new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); + //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); + // System.out.println(createXMLSignatureRequest); + String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); + // CreateXMLSignatureResponseValidator.getInstance().validate(new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(),"gb","https://localhost:9443/"); + String samlArtifact = server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); + AuthenticationData authData = server.getAuthenticationData(samlArtifact); + return authData; + } + + private AuthenticationData initServerWithoutValidateAuthBlock(String sessionID) throws Exception { + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + HashMap parameters = new HashMap(1); + parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); + server.verifyIdentityLink(sessionID, parameters); + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); + IdentityLink idl = irrp.parseIdentityLink(); + Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, "TrustProfile1"); + Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); + new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); + //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); + // System.out.println(createXMLSignatureRequest); + String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); + // CreateXMLSignatureResponseValidator.getInstance().validate(new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(),"gb","https://localhost:9443/"); + + AuthenticationSession session = AuthenticationServer.getSession(sessionID); + AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance(); + // parses <CreateXMLSignatureResponse> + CreateXMLSignatureResponse csresp = + new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(); + // validates <CreateXMLSignatureResponse> + new CreateXMLSignatureResponseValidator().validate(csresp, session); + // builds a <VerifyXMLSignatureRequest> for a MOA-SPSS call + String[] vtids = authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs(); + String tpid = authConf.getMoaSpAuthBlockTrustProfileID(); + Element domVsreq = new VerifyXMLSignatureRequestBuilder().build(csresp, vtids, tpid); + // invokes the call + Element domVsresp = new SignatureVerificationInvoker().verifyXMLSignature(domVsreq); + // parses the <VerifyXMLSignatureResponse> + VerifyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponseParser(domVsresp).parseData(); + // validates the <VerifyXMLSignatureResponse> + VerifyXMLSignatureResponseValidator.getInstance().validate(vsresp, null, VerifyXMLSignatureResponseValidator.CHECK_AUTH_BLOCK, true); + // compares the public keys from the identityLink with the AuthBlock + + // builds authentication data and stores it together with a SAML artifact + AuthenticationData authData = buildAuthenticationData(session, vsresp); + return authData; + } + private AuthenticationData buildAuthenticationData( + AuthenticationSession session, + VerifyXMLSignatureResponse verifyXMLSigResp) + throws ConfigurationException, BuildException { + + IdentityLink identityLink = session.getIdentityLink(); + AuthenticationData authData = new AuthenticationData(); + authData.setMajorVersion(1); + authData.setMinorVersion(0); + authData.setAssertionID(Random.nextRandom()); + authData.setIssuer(session.getAuthURL()); + authData.setIssueInstant(DateTimeUtils.buildDateTime(Calendar.getInstance(), false)); + String vpkBase64 = new BPKBuilder().buildBPK( + identityLink.getIdentificationValue(), session.getTarget()); + authData.setBPK(vpkBase64); + authData.setGivenName(identityLink.getGivenName()); + authData.setFamilyName(identityLink.getFamilyName()); + authData.setDateOfBirth(identityLink.getDateOfBirth()); + authData.setQualifiedCertificate(verifyXMLSigResp.isQualifiedCertificate()); + authData.setPublicAuthority(verifyXMLSigResp.isPublicAuthority()); + authData.setPublicAuthorityCode(verifyXMLSigResp.getPublicAuthorityCode()); + OAAuthParameter oaParam = + AuthConfigurationProvider.getInstance().getOnlineApplicationParameter( + session.getPublicOAURLPrefix()); + String prPerson = new PersonDataBuilder().build( + identityLink, oaParam.getProvideStammzahl()); + + try { + String ilAssertion = + oaParam.getProvideIdentityLink() ? DOMUtils.serializeNode(identityLink.getSamlAssertion()) : ""; + String authBlock = oaParam.getProvideAuthBlock() ? session.getAuthBlock() : ""; + String samlAssertion = new AuthenticationDataAssertionBuilder().build( + authData, prPerson, authBlock, ilAssertion, session.getBkuURL(), "", false, null); + authData.setSamlAssertion(samlAssertion); + return authData; + } + catch (Throwable ex) { + throw new BuildException( + "builder.00", + new Object[] { "AuthenticationData", ex.getMessage() }, + ex); + } + } +} |