diff options
Diffstat (limited to 'id/server/idserverlib/src/test/resources')
14 files changed, 971 insertions, 0 deletions
diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/InvalidProcessDefinition_MultipleStartEvents.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/InvalidProcessDefinition_MultipleStartEvents.xml new file mode 100644 index 000000000..8a32ca46d --- /dev/null +++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/InvalidProcessDefinition_MultipleStartEvents.xml @@ -0,0 +1,22 @@ +<?xml version="1.0" encoding="UTF-8"?> +<tns:ProcessDefinition + id="SampleProcess2" + xmlns:tns="http://www.datentechnik.com/process-engine/processdefinition/v1" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://www.datentechnik.com/process-engine/processdefinition/v1 ../../main/resources/com/datentechnik_innovation/process_engine/ProcessDefinition.xsd "> + + <tns:StartEvent id="start1" /> + + <tns:Task id="task1" class="com.datentechnik.process_engine.test.HelloWorldTask" /> + <tns:Task id="task2" async="true" class="com.datentechnik.process_engine.test.HalloWeltTask" /> + <tns:Task id="task3" /> + + <tns:StartEvent id="start2" /> + <tns:EndEvent id="end" /> + + <tns:Transition id="fromStart" from="start1" to="task1" conditionExpression="true" /> + <tns:Transition from="task1" to="task2" /> + <tns:Transition from="task2" to="task3" /> + <tns:Transition from="task3" to="end" /> + +</tns:ProcessDefinition> diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/InvalidProcessDefinition_NoStartEvents.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/InvalidProcessDefinition_NoStartEvents.xml new file mode 100644 index 000000000..754b7a34d --- /dev/null +++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/InvalidProcessDefinition_NoStartEvents.xml @@ -0,0 +1,16 @@ +<?xml version="1.0" encoding="UTF-8"?> +<tns:ProcessDefinition + id="SampleProcess1" + xmlns:tns="http://www.datentechnik.com/process-engine/processdefinition/v1" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://www.datentechnik.com/process-engine/processdefinition/v1 ../../main/resources/com/datentechnik_innovation/process_engine/ProcessDefinition.xsd "> + + <tns:Task id="task1" class="com.datentechnik.process_engine.test.HelloWorldTask" /> + <tns:Task id="task2" async="true" /> + + <tns:EndEvent id="end" /> + + <tns:Transition from="task1" to="task2" /> + <tns:Transition from="task2" to="end" /> + +</tns:ProcessDefinition> diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/InvalidProcessDefinition_TransitionLoop.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/InvalidProcessDefinition_TransitionLoop.xml new file mode 100644 index 000000000..e698f8019 --- /dev/null +++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/InvalidProcessDefinition_TransitionLoop.xml @@ -0,0 +1,21 @@ +<?xml version="1.0" encoding="UTF-8"?> +<tns:ProcessDefinition + id="SampleProcess1" + xmlns:tns="http://www.datentechnik.com/process-engine/processdefinition/v1" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://www.datentechnik.com/process-engine/processdefinition/v1 ../../main/resources/com/datentechnik_innovation/process_engine/ProcessDefinition.xsd "> + + <tns:Task id="task1" class="com.datentechnik.process_engine.test.HelloWorldTask" /> + <tns:Task id="task2" async="true" /> + + <tns:StartEvent id="start" /> + <tns:EndEvent id="end" /> + + <tns:Transition id="fromStart" from="start" to="task1" conditionExpression="true" /> + <tns:Transition from="task1" to="task2" /> + <tns:Transition from="task2" to="end" /> + + <!-- Must be loop since we have no conditionExpression set. --> + <tns:Transition id="loop" from="task1" to="task1" /> + +</tns:ProcessDefinition> diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/InvalidProcessDefinition_TransitionRefsTransition.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/InvalidProcessDefinition_TransitionRefsTransition.xml new file mode 100644 index 000000000..564bf9040 --- /dev/null +++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/InvalidProcessDefinition_TransitionRefsTransition.xml @@ -0,0 +1,19 @@ +<?xml version="1.0" encoding="UTF-8"?> +<tns:ProcessDefinition + id="SampleProcess1" + xmlns:tns="http://www.datentechnik.com/process-engine/processdefinition/v1" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://www.datentechnik.com/process-engine/processdefinition/v1 ../../main/resources/com/datentechnik_innovation/process_engine/ProcessDefinition.xsd "> + + <tns:Task id="task1" class="com.datentechnik.process_engine.test.HelloWorldTask" /> + <tns:Task id="task2" async="true" /> + + <tns:StartEvent id="start" /> + <tns:EndEvent id="end" /> + + <tns:Transition id="fromStart" from="start" to="task1" conditionExpression="true" /> + <tns:Transition from="task1" to="task2" /> + <tns:Transition id="invalidTransition" from="task1" to="fromStart" /> + <tns:Transition from="task2" to="end" /> + +</tns:ProcessDefinition> diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/InvalidProcessDefinition_TransitionStartsFromEndEvent.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/InvalidProcessDefinition_TransitionStartsFromEndEvent.xml new file mode 100644 index 000000000..b3d2d2ebc --- /dev/null +++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/InvalidProcessDefinition_TransitionStartsFromEndEvent.xml @@ -0,0 +1,19 @@ +<?xml version="1.0" encoding="UTF-8"?> +<tns:ProcessDefinition + id="SampleProcess1" + xmlns:tns="http://www.datentechnik.com/process-engine/processdefinition/v1" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://www.datentechnik.com/process-engine/processdefinition/v1 ../../main/resources/com/datentechnik_innovation/process_engine/ProcessDefinition.xsd "> + + <tns:Task id="task1" class="com.datentechnik.process_engine.test.HelloWorldTask" /> + <tns:Task id="task2" async="true" /> + + <tns:StartEvent id="start" /> + <tns:EndEvent id="end" /> + + <tns:Transition id="fromStart" from="start" to="task1" conditionExpression="true" /> + <tns:Transition from="task1" to="task2" /> + <tns:Transition from="task2" to="end" /> + <tns:Transition from="end" to="task1" /> + +</tns:ProcessDefinition> diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/SampleProcessDefinition1.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/SampleProcessDefinition1.xml new file mode 100644 index 000000000..ab033fb8f --- /dev/null +++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/SampleProcessDefinition1.xml @@ -0,0 +1,18 @@ +<?xml version="1.0" encoding="UTF-8"?> +<tns:ProcessDefinition + id="SampleProcess1" + xmlns:tns="http://www.datentechnik.com/process-engine/processdefinition/v1" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://www.datentechnik.com/process-engine/processdefinition/v1 ../../main/resources/com/datentechnik_innovation/process_engine/ProcessDefinition.xsd "> + + <tns:Task id="task1" class="com.datentechnik.process_engine.test.HelloWorldTask" /> + <tns:Task id="task2" async="true" /> + + <tns:StartEvent id="start" /> + <tns:EndEvent id="end" /> + + <tns:Transition id="fromStart" from="start" to="task1" conditionExpression="true" /> + <tns:Transition from="task1" to="task2" /> + <tns:Transition from="task2" to="end" /> + +</tns:ProcessDefinition> diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/SampleProcessDefinition2.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/SampleProcessDefinition2.xml new file mode 100644 index 000000000..ca2617ce8 --- /dev/null +++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/SampleProcessDefinition2.xml @@ -0,0 +1,21 @@ +<?xml version="1.0" encoding="UTF-8"?> +<tns:ProcessDefinition + id="SampleProcess2" + xmlns:tns="http://www.datentechnik.com/process-engine/processdefinition/v1" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://www.datentechnik.com/process-engine/processdefinition/v1 ../../main/resources/com/datentechnik_innovation/process_engine/ProcessDefinition.xsd "> + + <tns:StartEvent id="start" /> + + <tns:Task id="task1" class="com.datentechnik.process_engine.test.HelloWorldTask" /> + <tns:Task id="task2" async="true" class="com.datentechnik.process_engine.test.HalloWeltTask" /> + <tns:Task id="task3" /> + + <tns:EndEvent id="end" /> + + <tns:Transition id="fromStart" from="start" to="task1" conditionExpression="true" /> + <tns:Transition from="task1" to="task2" /> + <tns:Transition from="task2" to="task3" /> + <tns:Transition from="task3" to="end" /> + +</tns:ProcessDefinition> diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionForSAML1Authentication.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionForSAML1Authentication.xml new file mode 100644 index 000000000..6525fb0cd --- /dev/null +++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionForSAML1Authentication.xml @@ -0,0 +1,54 @@ +<?xml version="1.0" encoding="UTF-8"?> +<pd:ProcessDefinition xmlns:pd="http://www.datentechnik.com/process-engine/processdefinition/v1" + id="SampleProcessDefinitionForSAML1Authentication"> + + <!-- + returns String 'bkuURL' + --> + <pd:Task id="bkuSelectionTask" class="com.datentechnik.process_engine.spring.test.task.SelectBKUTask" /> + + <!-- + requires 'bkuURL' + returns String 'IdentityLink' + --> + <pd:Task id="getIdentityLinkTask" class="com.datentechnik.process_engine.spring.test.task.GetIdentityLinkTask" /> + + <!-- + requires 'IdentityLink' + returns Boolean 'isIdentityLinkValidated' + --> + <pd:Task id="validateIdentityLinkTask" class="com.datentechnik.process_engine.spring.test.task.ValidateIdentityLinkTask" /> + + <!-- + requires 'IdentityLink', 'isIdentityLinkValidated', 'bkuURL' + returns String 'SignedAuthBlock' + --> + <pd:Task id="signAuthBlockTask" class="com.datentechnik.process_engine.spring.test.task.SignAuthBlockTask" /> + + <!-- + requires 'IdentityLink', 'isIdentityLinkValidated', 'SignedAuthBlock' + returns Boolean 'isSignedAuthBlockValidated' + --> + <pd:Task id="validateSignedAuthBlockTask" class="com.datentechnik.process_engine.spring.test.task.ValidateSignedAuthBlockTask" /> + + <!-- + requires 'IdentityLink', 'isIdentityLinkValidated', 'SignedAuthBlock', 'isSignedAuthBlockValidated'; + returns 'SAML1Assertion' + --> + <pd:Task id="createAssertionTask" class="com.datentechnik.process_engine.spring.test.task.CreateSAML1AssertionTask" /> + + <pd:StartEvent id="start" /> + <pd:EndEvent id="end" /> + + <pd:Transition from="start" to="bkuSelectionTask" conditionExpression="ctx['bkuURL'] == null" /> + <pd:Transition from="start" to="getIdentityLinkTask" /> + + <pd:Transition from="bkuSelectionTask" to="getIdentityLinkTask" /> + <pd:Transition from="getIdentityLinkTask" to="validateIdentityLinkTask" /> + <pd:Transition from="validateIdentityLinkTask" to="signAuthBlockTask" conditionExpression="ctx['isIdentityLinkValidated']" /> + <pd:Transition from="signAuthBlockTask" to="validateSignedAuthBlockTask" /> + <pd:Transition from="validateSignedAuthBlockTask" to="createAssertionTask" conditionExpression="ctx['isSignedAuthBlockValidated']" /> + + <pd:Transition from="createAssertionTask" to="end" /> + +</pd:ProcessDefinition> diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionWithExpression1.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionWithExpression1.xml new file mode 100644 index 000000000..ef71026ec --- /dev/null +++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionWithExpression1.xml @@ -0,0 +1,19 @@ +<?xml version="1.0" encoding="UTF-8"?> +<pd:ProcessDefinition xmlns:pd="http://www.datentechnik.com/process-engine/processdefinition/v1" + id="SampleProcessWithExpression1"> + + <pd:Task id="task1" /> + <pd:Task id="task2" /> + <pd:Task id="task3" /> + <pd:Task id="task4" /> + + <pd:StartEvent id="start" /> + <pd:EndEvent id="end" /> + + <pd:Transition from="start" to="task1" conditionExpression="'true'" /> + <pd:Transition from="task1" to="task2" conditionExpression="'true'" /> + <pd:Transition from="task2" to="task3" conditionExpression="'true'" /> + <pd:Transition from="task3" to="task4" conditionExpression="'true'" /> + <pd:Transition from="task4" to="end" conditionExpression="'true'" /> + +</pd:ProcessDefinition> diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest-context.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest-context.xml new file mode 100644 index 000000000..eb62d1ae2 --- /dev/null +++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest-context.xml @@ -0,0 +1,30 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:task="http://www.springframework.org/schema/task" + xsi:schemaLocation="http://www.springframework.org/schema/task http://www.springframework.org/schema/task/spring-task.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd"> + + <bean id="springElAwareExpressionEvaluator" class="com.datentechnik.process_engine.spring.SpringExpressionEvaluator" /> + + <bean id="processEngine" class="com.datentechnik.process_engine.ProcessEngineImpl"> + <property name="transitionConditionExpressionEvaluator" ref="springElAwareExpressionEvaluator" /> + <property name="processInstanceMaxIdleTimeSeconds" value="600" /> + <property name="processDefinitions"> + <list> + <bean class="com.datentechnik.process_engine.spring.ProcessDefinitionFactoryBean"> + <property name="resource" value="classpath:com/datentechnik/process_engine/spring/test/SampleProcessDefinitionWithExpression1.xml" /> + </bean> + <bean class="com.datentechnik.process_engine.spring.ProcessDefinitionFactoryBean"> + <property name="resource" value="classpath:com/datentechnik/process_engine/spring/test/SampleProcessDefinitionForSAML1Authentication.xml" /> + </bean> + </list> + </property> + </bean> + + <task:scheduler id="taskScheduler" pool-size="1" /> + <task:scheduled-tasks scheduler="taskScheduler"> + <task:scheduled ref="processEngine" method="cleanup" fixed-delay="60000" /> + </task:scheduled-tasks> + +</beans> diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionEvaluatorTest-context.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionEvaluatorTest-context.xml new file mode 100644 index 000000000..dadc6bf81 --- /dev/null +++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionEvaluatorTest-context.xml @@ -0,0 +1,14 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd"> + + <bean id="simplePojo" class="com.datentechnik.process_engine.spring.test.SimplePojo"> + <property name="booleanValue" value="true" /> + <property name="integerValue" value="42" /> + <property name="stringValue" value="HelloWorld" /> + </bean> + + <bean id="expressionEvaluator" class="com.datentechnik.process_engine.spring.SpringExpressionEvaluator" /> + +</beans> diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/task/IdentityLink_Max_Mustermann.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/task/IdentityLink_Max_Mustermann.xml new file mode 100644 index 000000000..c68972f13 --- /dev/null +++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/task/IdentityLink_Max_Mustermann.xml @@ -0,0 +1,52 @@ +<?xml version="1.0" encoding="UTF-8"?><saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:si="http://www.w3.org/2001/XMLSchema-instance" AssertionID="szr.bmi.gv.at-AssertionID132860852347311974" IssueInstant="2012-02-07T10:55:23+01:00" Issuer="http://portal.bmi.gv.at/ref/szr/issuer" MajorVersion="1" MinorVersion="0"> + <saml:AttributeStatement> + <saml:Subject> + <saml:SubjectConfirmation> + <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod> + <saml:SubjectConfirmationData> + <pr:Person si:type="pr:PhysicalPersonType"><pr:Identification><pr:Value>tqCQEC7+AqGEeeL390V5Jg==</pr:Value><pr:Type>urn:publicid:gv.at:baseid</pr:Type></pr:Identification><pr:Name><pr:GivenName>Max</pr:GivenName><pr:FamilyName primary="undefined">Mustermann</pr:FamilyName></pr:Name><pr:DateOfBirth>1940-01-01</pr:DateOfBirth></pr:Person> + </saml:SubjectConfirmationData> + </saml:SubjectConfirmation> + </saml:Subject> + <saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="urn:publicid:gv.at:namespaces:identitylink:1.2"><saml:AttributeValue><ecdsa:ECDSAKeyValue><ecdsa:DomainParameters><ecdsa:NamedCurve URN="urn:oid:1.2.840.10045.3.1.7"/></ecdsa:DomainParameters><ecdsa:PublicKey><ecdsa:X Value="111409151487007036894649069746411000129419717653159596280366627647453458115517" si:type="ecdsa:PrimeFieldElemType"/><ecdsa:Y Value="94725036374184689337892465478597728884477416796494369571140658859618867645034" si:type="ecdsa:PrimeFieldElemType"/></ecdsa:PublicKey></ecdsa:ECDSAKeyValue></saml:AttributeValue></saml:Attribute></saml:AttributeStatement> + <dsig:Signature> + <dsig:SignedInfo> + <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> + <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> + <dsig:Reference URI=""> + <dsig:Transforms> + <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"> + <dsig:XPath>not(ancestor-or-self::pr:Identification)</dsig:XPath> + </dsig:Transform> + <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> + </dsig:Transforms> + <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <dsig:DigestValue>Rmr5vkWXL/PvpoXnbK632QmzYms=</dsig:DigestValue> + </dsig:Reference> + <dsig:Reference Type="http://www.w3.org/2000/09/xmldsig#Manifest" URI="#manifest"> + <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <dsig:DigestValue>HoPZWYll8aMFpKOlRSwckt5iCQk=</dsig:DigestValue> + </dsig:Reference> + </dsig:SignedInfo> + <dsig:SignatureValue> + NPpRwVo5/5kf5iHUyaEc7d7So3W4oPgOCYNgnKpgdZfttFkFFN+9oG60w7YvKEYSeTPhP3zp7eaH +ZFapj+naD+wd0y5ELWep9Y+s+qP7fNLrFECHQxQasLWtR4akxlWDpYQ0bvOuepK2ip1EQ6pRlccA +wJ1l4iOWFhfdA9YAg5QLkBqWSwgrNUswhLnDBM+Ot6Gj5g2rpYY7aoAOXvTR8B5Dkg94ASb4u0wv +VPV8+4mjOfP+l6QWLqywzcq3qj/qFZkbujjZbV/fNPDnDD1ff/M6ZfCGO8xzlYfjfEA7cmHuiJf2 +/ey/3nT7vI5XbpBPWChT5Sl4DQysxlfE6e4MZw== + </dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIF3TCCBMWgAwIBAgIDByniMA0GCSqGSIb3DQEBBQUAMIGfMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMSIwIAYDVQQLDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAyMSIwIAYDVQQDDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAyMB4XDTEwMDcyODExMzY0M1oXDTE1MDcyODExMzY0M1owgbYxCzAJBgNVBAYTAkFUMR4wHAYDVQQKDBVEYXRlbnNjaHV0emtvbW1pc3Npb24xIjAgBgNVBAsMGVN0YW1temFobHJlZ2lzdGVyYmVob2VyZGUxLjAsBgNVBAMMJVNpZ25hdHVyc2VydmljZSBEYXRlbnNjaHV0emtvbW1pc3Npb24xFTATBgNVBAUTDDMyNTkyODMyMzk5ODEcMBoGCSqGSIb3DQEJARYNZHNrQGRzay5ndi5hdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN+dBSEBGj2jUXIK1Mp3lVxc/Za+pJMiyKrX3G1ZxgX/ikx7D9scsPYMt473LlAWl9cmCbHbJK+PV2XNNdURLMUCIX+4vUNs2MHeDTQtX8BXjJFpwJYSoaRJQ39FVS/1r5sWcra9Hhdm7w5Gtx/2ukyDX0kdkxawkhP4EQEzi/SI+Fugn+WqgQ1nAdlbxb/dcBw5w1h9b3lmuwUf4z3ooQWUD2DgA/kKd1KejNR43mLUsmvSzevPxT9zs78pOR1OacB7IszTVJPXeOEaaNZHnnB/UeO3g8LEV/3OkXcUgcMkbIIiaBHlll71Pq0COj9kqjXoe7OrRjLY5i3KwOpa6TMCAwEAAaOCAgcwggIDMBMGA1UdIwQMMAqACEkcWDpP6A0DMH8GCCsGAQUFBwEBBHMwcTAnBggrBgEFBQcwAYYbaHR0cDovL29jc3AuYS10cnVzdC5hdC9vY3NwMEYGCCsGAQUFBzAChjpodHRwOi8vd3d3LmEtdHJ1c3QuYXQvY2VydHMvYS1zaWduLWNvcnBvcmF0ZS1saWdodC0wMmEuY3J0MFQGA1UdIARNMEswSQYGKigAEQESMD8wPQYIKwYBBQUHAgEWMWh0dHA6Ly93d3cuYS10cnVzdC5hdC9kb2NzL2NwL2Etc2lnbi1BbXRzc2lnbmF0dXIwgZ4GA1UdHwSBljCBkzCBkKCBjaCBioaBh2xkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9YS1zaWduLWNvcnBvcmF0ZS1saWdodC0wMixvPUEtVHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1dGhvcml0eTARBgNVHQ4ECgQITAgOnhr0tbowDgYDVR0PAQH/BAQDAgSwMCAGA1UdEQQZMBeBFW1hcmN1cy5oaWxkQGRzay5ndi5hdDAJBgNVHRMEAjAAMA4GByooAAoBBwEEAwEB/zAUBgcqKAAKAQEBBAkMB0JTQi1EU0swDQYJKoZIhvcNAQEFBQADggEBAHTklnvPCH/bJSOlIPbLUEkSGuFHsektSZ8Vr22x/Yv7EzsxoQrJIiz2mQ2gQqFuExdWYxvsowjiSbiis9iUf1c0zscvDS3mIZxGs4M89XHsjHnIyb+Fuwnamw65QrFvM1tNB1ZMjxJ3x+YmHLHdtT3BEBcr3/NCRHd2S0HoBspNz9HVgJaZY1llR7poKBvnAc4g1i+QTvyVb00PtKxR9Lw/9ABInX/1pzpxqrPy7Ib2OP8z6dd3WHmIsCiSHUaj0Dxwwln6fYJjhxZ141SnbovlCLYtrsZLXoi9ljIqX4xO0PwMI2RfNc9cXxTRrRS6rEOvX7PpvgXiDXhp592Yyp4=</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo> + <dsig:Object> + <dsig:Manifest Id="manifest"> + <dsig:Reference URI=""> + <dsig:Transforms> + <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"> + <dsig:XPath>not(ancestor-or-self::dsig:Signature)</dsig:XPath> + </dsig:Transform> + </dsig:Transforms> + <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <dsig:DigestValue>7IkIdYti2dh3VZQ4Fp+9lPT67cM=</dsig:DigestValue> + </dsig:Reference> + </dsig:Manifest> + </dsig:Object> + </dsig:Signature> +</saml:Assertion>
\ No newline at end of file diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/task/SAML1Assertion.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/task/SAML1Assertion.xml new file mode 100644 index 000000000..3aeedd590 --- /dev/null +++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/task/SAML1Assertion.xml @@ -0,0 +1,487 @@ +<?xml version="1.0" encoding="UTF-8"?> +<saml:Assertion AssertionID="6025428631468682100" IssueInstant="2008-07-14T17:51:38+02:00" Issuer="https://localhost:18443/moa-id-auth/" MajorVersion="1" MinorVersion="0" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:si="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <saml:AttributeStatement> + <saml:Subject> + <saml:NameIdentifier NameQualifier="urn:publicid:gv.at:wbpk+FN+www.act.at">K2YMyx3/5kIpNJR+SAD/rbRYH+c=</saml:NameIdentifier> + <saml:SubjectConfirmation> + <saml:ConfirmationMethod>http://reference.e-government.gv.at/namespace/moa/20020822#cm</saml:ConfirmationMethod> + <saml:SubjectConfirmationData> + <saml:Assertion AssertionID="any" IssueInstant="2008-07-14T17:51:26+02:00" Issuer="Thomas Knall" MajorVersion="1" MinorVersion="0" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"> + <saml:AttributeStatement> + <saml:Subject> + <saml:NameIdentifier>https://localhost:18443/moa-id-auth/</saml:NameIdentifier> + </saml:Subject> + <saml:Attribute AttributeName="wbPK" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <saml:AttributeValue> + <pr:Identification> + <pr:Value>K2YMyx3/5kIpNJR+SAD/rbRYH+c=</pr:Value> + <pr:Type>urn:publicid:gv.at:wbpk+FN+www.act.at</pr:Type> + </pr:Identification> + </saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName="OA" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <saml:AttributeValue>https://localhost:48443/mandates/</saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName="Geburtsdatum" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <saml:AttributeValue>1978-04-29</saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName="RepresentationType" AttributeNamespace="http://reference.e-government.gv.at/namespace/mandates/20040701#"> + <saml:AttributeValue>Vollmachtsvertreter</saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName="MandatorName" AttributeNamespace="http://reference.e-government.gv.at/namespace/mandates/20040701#"> + <saml:AttributeValue>MeineTestFirma</saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName="MandatorWbpk" AttributeNamespace="http://reference.e-government.gv.at/namespace/mandates/20040701#"> + <saml:AttributeValue>123456i</saml:AttributeValue> + </saml:Attribute> + </saml:AttributeStatement> + <dsig:Signature Id="signature-1216050695-35956125-21395" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> + <dsig:SignedInfo> + <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/> + <dsig:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/> + <dsig:Reference Id="signed-data-reference-0-1216050695-35956125-19584" URI=""> + <dsig:Transforms> + <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> + <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"> + <xsl:stylesheet version="1.0" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> + <xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml"> + <html xmlns="http://www.w3.org/1999/xhtml"> + <head> + <title>Signatur der Anmeldedaten</title> + <style media="screen" type="text/css"> + .boldstyle { font-weight: bold; } + .italicstyle { font-style: italic; } + .annotationstyle { font-size: small; } + </style> + </head> + <body> + <h1>Signatur der Anmeldedaten</h1> + <p/> + <h4>Mit meiner elektronischen Signatur beantrage ich, + <span class="boldstyle"> + <xsl:value-of select="//@Issuer"/> + </span>, geboren am + <xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,9,2)"/>. + <xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,6,2)"/>. + <xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,1,4)"/>, + <xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']"> + in der Rolle als <xsl:value-of select="//saml:Attribute[@AttributeName='OIDTextualDescription']/saml:AttributeValue"/> + (OID***= <xsl:value-of select="//saml:Attribute[@AttributeName='OID']/saml:AttributeValue"/>), + </xsl:if> + den Zugang zur gesicherten Anwendung. + </h4> + <p/> + <h4>Datum und Uhrzeit: + <xsl:value-of select="substring(//@IssueInstant,9,2)"/>. + <xsl:value-of select="substring(//@IssueInstant,6,2)"/>. + <xsl:value-of select="substring(//@IssueInstant,1,4)"/>, + <xsl:value-of select="substring(//@IssueInstant,12,2)"/>: + <xsl:value-of select="substring(//@IssueInstant,15,2)"/>: + <xsl:value-of select="substring(//@IssueInstant,18,2)"/> + </h4> + <xsl:if test="//saml:Attribute[@AttributeName='HPI']"> + <h4>HPI(**): <xsl:value-of select="//saml:Attribute[@AttributeName='HPI']/saml:AttributeValue"/> + </h4> + </xsl:if> + <xsl:if test="//saml:Attribute[@AttributeName='wbPK']"> + <h4>wbPK(*): <xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Value"/> + </h4> + </xsl:if> + <xsl:if test="//saml:Attribute[@AttributeName='MandatorName']"> + <hr/> + <h4>Ich bin weiters ermächtigt als <xsl:value-of select="//saml:Attribute[@AttributeName='RepresentationType']/saml:AttributeValue/text()"/> + von <xsl:value-of select="//saml:Attribute[@AttributeName='MandatorName']/saml:AttributeValue/text()"/> + <xsl:if test="//saml:Attribute[@AttributeName='MandatorDateOfBirth']">, geboren am + <xsl:value-of select="substring(//saml:Attribute[@AttributeName='MandatorDateOfBirth']/saml:AttributeValue,9,2)"/>. + <xsl:value-of select="substring(//saml:Attribute[@AttributeName='MandatorDateOfBirth']/saml:AttributeValue,6,2)"/>. + <xsl:value-of select="substring(//saml:Attribute[@AttributeName='MandatorDateOfBirth']/saml:AttributeValue,1,4)"/> + </xsl:if> + <xsl:if test="//saml:Attribute[@AttributeName='MandatorDomainIdentifier']">, + <xsl:value-of select="//saml:Attribute[@AttributeName='MandatorDomainIdentifier']/saml:AttributeValue/text()"/> + </xsl:if>, in deren Auftrag zu handeln. + </h4> + <xsl:if test="//saml:Attribute[@AttributeName='MandatorWbpk']"> + <h4>wbPK(*) des Vollmachtgebers: <xsl:value-of select="//saml:Attribute[@AttributeName='MandatorWbpk']/saml:AttributeValue/text()"/> + </h4> + </xsl:if> + <p/> + </xsl:if> + <xsl:choose> + <xsl:when test="//saml:Attribute[@AttributeName='OID']"> + <p/> + <hr/> + </xsl:when> + <xsl:when test="//saml:Attribute[@AttributeName='HPI']"> + <p/> + <hr/> + </xsl:when> + <xsl:when test="//saml:Attribute[@AttributeName='wbPK']"> + <p/> + <hr/> + </xsl:when> + </xsl:choose> + <xsl:if test="//saml:Attribute[@AttributeName='wbPK']"> + <div class="annotationstyle">(*) wbPK: Das <span class="italicstyle">wirtschaftsbereichsspezifische Personenkennzeichen</span> wird aus den + jeweiligen Stammzahlen des Bürgers und des Wirtschaftsunternehmens berechnet und ermöglicht eine eindeutige Zuordnung des Bürgers zum + Wirtschaftsunternehmen.</div> + </xsl:if> + <xsl:if test="//saml:Attribute[@AttributeName='HPI']"> + <div class="annotationstyle">(**) HPI: Der <span class="italicstyle">eHealth Professional Identifier</span> wird aus den jeweiligen + Stammzahlen der Gesundheitsdiensteanbieterinnen / Gesundheitsdiensteanbieter berechnet und ermöglicht eine eindeutige Zuordnung der + Gesundheitsdiensteanbieterin / des Gesundheitsdiensteanbieters im Gesundheitsbereich.</div> + </xsl:if> + <xsl:if test="//saml:Attribute[@AttributeName='OID']"> + <div class="annotationstyle">(***) OID: <span class="italicstyle">Object Identifier</span> sind standardisierte Objekt-Bezeichner und + beschreiben eindeutig die Rollen des GDA-Token Inhabers.</div> + </xsl:if> + </body> + </html> + </xsl:template> + </xsl:stylesheet> + </dsig:Transform> + <dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/> + </dsig:Transforms> + <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <dsig:DigestValue>0q9QWyqAyyiVNNLu1rIcU+nKsEE=</dsig:DigestValue> + </dsig:Reference> + <dsig:Reference Id="etsi-data-reference-0-1216050695-35956125-7815" Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#xmlns(etsi=http://uri.etsi.org/01903/v1.1.1%23)%20xpointer(id('etsi-data-object-0-1216050695-35956125-20638')/child::etsi:QualifyingProperties/child::etsi:SignedProperties)"> + <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <dsig:DigestValue>WtB0/ptvoB/r/7+fauSUIBULymg=</dsig:DigestValue> + </dsig:Reference> + </dsig:SignedInfo> + <dsig:SignatureValue>mZt9DuZiDqG81scsf30qjSDdy6vKC2/n034ZZwMUAvfWOXy3+Ubsk5X5CHhz ++lyI</dsig:SignatureValue> + <dsig:KeyInfo> + <dsig:X509Data> + <dsig:X509Certificate>MIIEtDCCA5ygAwIBAgIDAgTEMA0GCSqGSIb3DQEBBQUAMIGXMQswCQYDVQQG +EwJBVDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lz +dGVtZSBpbSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMR4wHAYDVQQLDBVh +LXNpZ24tUHJlbWl1bS1TaWctMDIxHjAcBgNVBAMMFWEtc2lnbi1QcmVtaXVt +LVNpZy0wMjAeFw0wNjA0MDQwOTUyMjhaFw0xMTA0MDQwOTUyMjhaMGkxCzAJ +BgNVBAYTAkFUMRUwEwYDVQQDDAxUaG9tYXMgS25hbGwxDjAMBgNVBAQMBUtu +YWxsMQ8wDQYDVQQqDAZUaG9tYXMxFTATBgNVBAUTDDUzNTE5ODkyMzM0OTEL +MAkGA1UEDAwCREkwSTATBgcqhkjOPQIBBggqhkjOPQMBAQMyAARrnYW5sXCQ +6M3irWaanDPi/ROXueKWiPRyZGjNH0Cp/NaiOuvrpv2RDVEKQm2tBiajggIP +MIICCzATBgNVHSMEDDAKgAhN3+H/S9nJ3zAnBggrBgEFBQcBAwEB/wQYMBYw +CAYGBACORgEBMAoGCCsGAQUFBwsBMHsGCCsGAQUFBwEBBG8wbTBCBggrBgEF +BQcwAoY2aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRzL2Etc2lnbi1QcmVt +aXVtLVNpZy0wMmEuY3J0MCcGCCsGAQUFBzABhhtodHRwOi8vb2NzcC5hLXRy +dXN0LmF0L29jc3AwWQYDVR0gBFIwUDBEBgYqKAARAQswOjA4BggrBgEFBQcC +ARYsaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3MvY3AvYS1zaWduLVByZW1p +dW0wCAYGBACLMAEBMIGaBgNVHR8EgZIwgY8wgYyggYmggYaGgYNsZGFwOi8v +bGRhcC5hLXRydXN0LmF0L291PWEtc2lnbi1QcmVtaXVtLVNpZy0wMixvPUEt +VHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2Jq +ZWN0Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1dGhvcml0eTARBgNVHQ4ECgQI +SNyH29WUoCgwDgYDVR0PAQH/BAQDAgbAMCgGA1UdCQQhMB8wHQYIKwYBBQUH +CQExERgPMTk3ODA0MjkwMDAwMDBaMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEF +BQADggEBAFkSCJE0YD4p4izU3ekQYPv4Z7gm/VFlpma5hXNvwkajVjHlAqo/ +ylYn8NQ4mMkD+yCDNtm8m8nr0K/yICb8Gnkbv59i6nh2AbzYBBb49VnYYGL6 +uunLH0aFUpAhy+3mDdlH8uhhIQBHwCfgwG1qa5zXY7bz4Vzkac/h6T+JVFkI +egO8OHQDadhgJvW80qspiao2DTac6vVgx4tGvjpdmw1R2pXBYhHD5rkPHlkf +GoeL3ak6hq4ea94Oy5VfNTIJv5MA0J2G1mwnW9B8uPWSM5EYPoWJyBOWcKBL +SSUqOt9D/9215ZGfbchkdRZjx0dTAD3FIhgG8nA72/uCFrBzyTk= +</dsig:X509Certificate> + </dsig:X509Data> + </dsig:KeyInfo> + <dsig:Object Id="etsi-data-object-0-1216050695-35956125-20638"> + <etsi:QualifyingProperties Target="#signature-1216050695-35956125-21395" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"> + <etsi:SignedProperties> + <etsi:SignedSignatureProperties> + <etsi:SigningTime>2008-07-14T15:51:35Z</etsi:SigningTime> + <etsi:SigningCertificate> + <etsi:Cert> + <etsi:CertDigest> + <etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <etsi:DigestValue>inMYWBmAxMHP7mDENjLFaEtv0Zk=</etsi:DigestValue> + </etsi:CertDigest> + <etsi:IssuerSerial> + <dsig:X509IssuerName>CN=a-sign-Premium-Sig-02,OU=a-sign-Premium-Sig-02,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</dsig:X509IssuerName> + <dsig:X509SerialNumber>132292</dsig:X509SerialNumber> + </etsi:IssuerSerial> + </etsi:Cert> + </etsi:SigningCertificate> + <etsi:SignaturePolicyIdentifier> + <etsi:SignaturePolicyImplied/> + </etsi:SignaturePolicyIdentifier> + </etsi:SignedSignatureProperties> + <etsi:SignedDataObjectProperties> + <etsi:DataObjectFormat ObjectReference="#signed-data-reference-0-1216050695-35956125-19584"> + <etsi:MimeType>application/xhtml+xml</etsi:MimeType> + </etsi:DataObjectFormat> + </etsi:SignedDataObjectProperties> + </etsi:SignedProperties> + </etsi:QualifyingProperties> + </dsig:Object> + </dsig:Signature> + </saml:Assertion> + <saml:Assertion AssertionID="szr.bmi.gv.at-AssertionID11936526102761952" IssueInstant="2007-10-29T10:10:10+01:00" Issuer="http://portal.bmi.gv.at/ref/szr/issuer" MajorVersion="1" MinorVersion="0" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:si="http://www.w3.org/2001/XMLSchema-instance"> + <saml:AttributeStatement> + <saml:Subject> + <saml:SubjectConfirmation> + <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod> + <saml:SubjectConfirmationData> + <pr:Person si:type="pr:PhysicalPersonType"> + <pr:Identification> + <pr:Value>K2YMyx3/5kIpNJR+SAD/rbRYH+c=</pr:Value> + <pr:Type>urn:publicid:gv.at:wbpk+FN+www.act.at</pr:Type> + </pr:Identification> + <pr:Name> + <pr:GivenName>Thomas</pr:GivenName> + <pr:FamilyName primary="undefined">Knall</pr:FamilyName> + </pr:Name> + <pr:DateOfBirth>1978-04-29</pr:DateOfBirth> + </pr:Person> + </saml:SubjectConfirmationData> + </saml:SubjectConfirmation> + </saml:Subject> + <saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="urn:publicid:gv.at:namespaces:identitylink:1.2"> + <saml:AttributeValue> + <ecdsa:ECDSAKeyValue> + <ecdsa:DomainParameters> + <ecdsa:NamedCurve URN="urn:oid:1.2.840.10045.3.1.1"/> + </ecdsa:DomainParameters> + <ecdsa:PublicKey> + <ecdsa:X Value="2638720011055700682018137297354399374048880611104468142324" si:type="ecdsa:PrimeFieldElemType"/> + <ecdsa:Y Value="2804889174475641803405778188053052844820705830770276369958" si:type="ecdsa:PrimeFieldElemType"/> + </ecdsa:PublicKey> + </ecdsa:ECDSAKeyValue> + </saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="urn:publicid:gv.at:namespaces:identitylink:1.2"> + <saml:AttributeValue> + <dsig:RSAKeyValue> + <dsig:Modulus>sWOqPZzPTn9VvBR5LjuopIWYdh5aGzuX2vMjofhn8bStba1CDW1qkDdlYW4Rs/DfU/I1uqor4Lje +/G3Yzh82yD0MHdzlW8MYUJ8RJe+czbjRUPaSbC/NRqhyF3eKnflxM++sJb2abrUH/9TV0q8P5QRS +uZC/JpAEYpSazysPz/fv8AEnU8oxcTvCiax1jf2GZPmm3qFjPc4qDYNHqfnE8yWYt7kHeqPV/cRw +x3aMGW8mRwQZb7VRFLW5g37nrt9N</dsig:Modulus> + <dsig:Exponent>AQAB</dsig:Exponent> + </dsig:RSAKeyValue> + </saml:AttributeValue> + </saml:Attribute> + </saml:AttributeStatement> + <dsig:Signature> + <dsig:SignedInfo> + <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> + <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> + <dsig:Reference URI=""> + <dsig:Transforms> + <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"> + <dsig:XPath>not(ancestor-or-self::pr:Identification)</dsig:XPath> + </dsig:Transform> + <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> + </dsig:Transforms> + <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <dsig:DigestValue>b3d/wcQb0Bl0/6GSPsrMxWpdRLA=</dsig:DigestValue> + </dsig:Reference> + <dsig:Reference Type="http://www.w3.org/2000/09/xmldsig#Manifest" URI="#manifest"> + <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <dsig:DigestValue>eet0q3Thmw6+cbO1fazbEg0556I=</dsig:DigestValue> + </dsig:Reference> + </dsig:SignedInfo> + <dsig:SignatureValue> +oy55Cq7IyYy7z/TO2a3+m7tjG/ztiKhxhGzVqEYIWIObEOs/GVJDCCI4oe/HS8Fhc4TaXDcZXk4y +qBp4JJ288TeaNjPYkPzp38nWJ4xRatEyo7VaySXy+TqgwiBT5uhxrwkroCr4ZIWwOvt1uR5UBVAf +qk1ii+LPW2WYE3bMpoHfrM9CdFSPzWTRl/0zsEURc64EBPyIdKz+c70DaexeX2E0JVelKcj+jDaJ +mHsFhi/9QoscqPEVA87qv07yhyK5S41+f3HDvpuhYwvQDdOq50sclfsI+g9r473VxiRsOmJ9Ak4/ +k2KP0tgfAQ+h5hRGQUUo5LYPywjg7zPxe8SGGA== +</dsig:SignatureValue> + <dsig:KeyInfo> + <dsig:X509Data> + <dsig:X509Certificate> +MIIFZTCCBE2gAwIBAgIDAt4cMA0GCSqGSIb3DQEBBQUAMIGfMQswCQYDVQQGEwJB +VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp +bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMSIwIAYDVQQLDBlhLXNpZ24tY29y +cG9yYXRlLWxpZ2h0LTAzMSIwIAYDVQQDDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0 +LTAzMB4XDTA3MDExOTA5MDY0OFoXDTEyMDExOTA5MDY0OFowgZwxCzAJBgNVBAYT +AkFUMRkwFwYDVQQKDBBCdW5kZXNrYW56bGVyYW10MR4wHAYDVQQLDBVEYXRlbnNj +aHV0emtvbW1pc3Npb24xHTAbBgNVBAMMFERyLiBXYWx0cmF1dCBLb3RzY2h5MRUw +EwYDVQQFEww3MDAyNDc0OTk4MDQxHDAaBgkqhkiG9w0BCQEWDWRza0Bkc2suZ3Yu +YXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfnQUhARo9o1FyCtTK +d5VcXP2WvqSTIsiq19xtWcYF/4pMew/bHLD2DLeO9y5QFpfXJgmx2ySvj1dlzTXV +ESzFAiF/uL1DbNjB3g00LV/AV4yRacCWEqGkSUN/RVUv9a+bFnK2vR4XZu8ORrcf +9rpMg19JHZMWsJIT+BEBM4v0iPhboJ/lqoENZwHZW8W/3XAcOcNYfW95ZrsFH+M9 +6KEFlA9g4AP5CndSnozUeN5i1LJr0s3rz8U/c7O/KTkdTmnAeyLM01ST13jhGmjW +R55wf1Hjt4PCxFf9zpF3FIHDJGyCImgR5ZZe9T6tAjo/ZKo16Huzq0Yy2OYtysDq +WukzAgMBAAGjggGpMIIBpTATBgNVHSMEDDAKgAhBkWkcv63YmDBVBggrBgEFBQcB +AQRJMEcwRQYIKwYBBQUHMAKGOWh0dHA6Ly93d3cuYS10cnVzdC5hdC9jZXJ0cy9h +LXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAzLmNydDBYBgNVHSAEUTBPME0GByooABEB +BwEwQjBABggrBgEFBQcCARY0aHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3MvY3Av +YS1zaWduLWNvcnBvcmF0ZS1saWdodDCBngYDVR0fBIGWMIGTMIGQoIGNoIGKhoGH +bGRhcDovL2xkYXAuYS10cnVzdC5hdC9vdT1hLXNpZ24tY29ycG9yYXRlLWxpZ2h0 +LTAzLG89QS1UcnVzdCxjPUFUP2NlcnRpZmljYXRlcmV2b2NhdGlvbmxpc3Q/YmFz +ZT9vYmplY3RjbGFzcz1laWRDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5MBEGA1UdDgQK +BAhMCA6eGvS1ujAOBgNVHQ8BAf8EBAMCBLAwCQYDVR0TBAIwADAOBgcqKAAKAQcB +BAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAEoIvqPLAg0n2wCS27zTL+hmLi7zSbes +Od4e6pFT1l3cwGfdTkhiHVPnPRaDGLQkS384fAXBrOp6W13X9m2jD9csO6vZhd+T +nERXN1AqayoaecXFyHPykVUTLhn6pMdiSE21mEozfGLUDGMz74lvphEKFAOOCgp1 +o5ZCR09RbGAEbQNNn+ucXJxIa3mYjr1h3AElVbXoeoz12qUpqsNm9znymSkcmcNo +B5Pk6qXXx9UeC/Tj0aTglNkcMOSCFayldzOBaY6+qWKguPdzQUEryhGiNuARQpM5 +KMzvI0rmpc4Gau5HT9rQZHadr++VS8v1k6935uIyyZF9s+gdS5ywnSM= +</dsig:X509Certificate> + </dsig:X509Data> + </dsig:KeyInfo> + <dsig:Object> + <dsig:Manifest Id="manifest"> + <dsig:Reference URI=""> + <dsig:Transforms> + <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"> + <dsig:XPath>not(ancestor-or-self::dsig:Signature)</dsig:XPath> + </dsig:Transform> + </dsig:Transforms> + <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <dsig:DigestValue>JZGwiDzQAtJtnJMeeXyypTrDjwY=</dsig:DigestValue> + </dsig:Reference> + </dsig:Manifest> + </dsig:Object> + </dsig:Signature> + </saml:Assertion> + </saml:SubjectConfirmationData> + </saml:SubjectConfirmation> + </saml:Subject> + <saml:Attribute AttributeName="PersonData" AttributeNamespace="http://reference.e-government.gv.at/namespace/persondata/20020228#"> + <saml:AttributeValue> + <pr:Person si:type="pr:PhysicalPersonType" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:si="http://www.w3.org/2001/XMLSchema-instance"> + <pr:Identification> + <pr:Value>K2YMyx3/5kIpNJR+SAD/rbRYH+c=</pr:Value> + <pr:Type>urn:publicid:gv.at:wbpk+FN+www.act.at</pr:Type> + </pr:Identification> + <pr:Name> + <pr:GivenName>Thomas</pr:GivenName> + <pr:FamilyName primary="undefined">Knall</pr:FamilyName> + </pr:Name> + <pr:DateOfBirth>1978-04-29</pr:DateOfBirth> + </pr:Person> + </saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName="isQualifiedCertificate" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <saml:AttributeValue>true</saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName="bkuURL" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <saml:AttributeValue>https://127.0.0.1:3496/https-security-layer-request</saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName="SignerCertificate" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <saml:AttributeValue>MIIEtDCCA5ygAwIBAgIDAgTEMA0GCSqGSIb3DQEBBQUAMIGXMQswCQYDVQQGEwJB +VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp +bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMR4wHAYDVQQLDBVhLXNpZ24tUHJl +bWl1bS1TaWctMDIxHjAcBgNVBAMMFWEtc2lnbi1QcmVtaXVtLVNpZy0wMjAeFw0w +NjA0MDQwOTUyMjhaFw0xMTA0MDQwOTUyMjhaMGkxCzAJBgNVBAYTAkFUMRUwEwYD +VQQDDAxUaG9tYXMgS25hbGwxDjAMBgNVBAQMBUtuYWxsMQ8wDQYDVQQqDAZUaG9t +YXMxFTATBgNVBAUTDDUzNTE5ODkyMzM0OTELMAkGA1UEDAwCREkwSTATBgcqhkjO +PQIBBggqhkjOPQMBAQMyAARrnYW5sXCQ6M3irWaanDPi/ROXueKWiPRyZGjNH0Cp +/NaiOuvrpv2RDVEKQm2tBiajggIPMIICCzATBgNVHSMEDDAKgAhN3+H/S9nJ3zAn +BggrBgEFBQcBAwEB/wQYMBYwCAYGBACORgEBMAoGCCsGAQUFBwsBMHsGCCsGAQUF +BwEBBG8wbTBCBggrBgEFBQcwAoY2aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRz +L2Etc2lnbi1QcmVtaXVtLVNpZy0wMmEuY3J0MCcGCCsGAQUFBzABhhtodHRwOi8v +b2NzcC5hLXRydXN0LmF0L29jc3AwWQYDVR0gBFIwUDBEBgYqKAARAQswOjA4Bggr +BgEFBQcCARYsaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3MvY3AvYS1zaWduLVBy +ZW1pdW0wCAYGBACLMAEBMIGaBgNVHR8EgZIwgY8wgYyggYmggYaGgYNsZGFwOi8v +bGRhcC5hLXRydXN0LmF0L291PWEtc2lnbi1QcmVtaXVtLVNpZy0wMixvPUEtVHJ1 +c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xh +c3M9ZWlkQ2VydGlmaWNhdGlvbkF1dGhvcml0eTARBgNVHQ4ECgQISNyH29WUoCgw +DgYDVR0PAQH/BAQDAgbAMCgGA1UdCQQhMB8wHQYIKwYBBQUHCQExERgPMTk3ODA0 +MjkwMDAwMDBaMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBAFkSCJE0YD4p +4izU3ekQYPv4Z7gm/VFlpma5hXNvwkajVjHlAqo/ylYn8NQ4mMkD+yCDNtm8m8nr +0K/yICb8Gnkbv59i6nh2AbzYBBb49VnYYGL6uunLH0aFUpAhy+3mDdlH8uhhIQBH +wCfgwG1qa5zXY7bz4Vzkac/h6T+JVFkIegO8OHQDadhgJvW80qspiao2DTac6vVg +x4tGvjpdmw1R2pXBYhHD5rkPHlkfGoeL3ak6hq4ea94Oy5VfNTIJv5MA0J2G1mwn +W9B8uPWSM5EYPoWJyBOWcKBLSSUqOt9D/9215ZGfbchkdRZjx0dTAD3FIhgG8nA7 +2/uCFrBzyTk=</saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName="Mandate" AttributeNamespace="http://reference.e-government.gv.at/namespace/mandates/20040701#"> + <saml:AttributeValue> + <md:Mandate MandateID="https://egov.act.at/mandates/20080714174835/886164" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:md="http://reference.e-government.gv.at/namespace/mandates/20040701#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#"> + <md:Annotation>Prokura - MeineTestFirma</md:Annotation> + <md:StatusInformationService>http://localhost:58080/omsp/OMSPRequest</md:StatusInformationService> + <md:Representative> + <pr:PhysicalPerson> + <pr:Identification> + <pr:Value>K2YMyx3/5kIpNJR+SAD/rbRYH+c=</pr:Value> + <pr:Type>urn:publicid:gv.at:wbpk+FN+www.act.at</pr:Type> + </pr:Identification> + <pr:Name> + <pr:GivenName>Thomas</pr:GivenName> + <pr:FamilyName primary="undefined">Knall</pr:FamilyName> + </pr:Name> + <pr:DateOfBirth>1978-04-29</pr:DateOfBirth> + </pr:PhysicalPerson> + </md:Representative> + <md:Mandator> + <pr:CorporateBody> + <pr:Identification> + <pr:Value>123456i</pr:Value> + <pr:Type>urn:publicid:gv.at:baseid+XFN</pr:Type> + </pr:Identification> + <pr:FullName>MeineTestFirma</pr:FullName> + </pr:CorporateBody> + </md:Mandator> + <md:Issued> + <md:Place>Wien</md:Place> + <md:Date>2008-07-14</md:Date> + </md:Issued> + <md:Properties> + <md:SubstitutionAllowed>false</md:SubstitutionAllowed> + </md:Properties> + <md:SimpleMandateContent> + <md:TextualDescription>Der/Die Bevollmächtigte wird zum Prokuristen/Prokuristin bestellt.</md:TextualDescription> + </md:SimpleMandateContent> + <dsig:Signature Id="signature-1-1" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> + <dsig:SignedInfo> + <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/> + <dsig:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/> + <dsig:Reference Id="reference-1-1" URI=""> + <dsig:Transforms> + <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"> + <dsig:XPath xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:moa="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#">not(ancestor-or-self::pr:Identification or ancestor-or-self::dsig:Signature)</dsig:XPath> + </dsig:Transform> + <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> + <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> + </dsig:Transforms> + <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <dsig:DigestValue>PRRF0sWBgoywztCKWEXafZfhpd0=</dsig:DigestValue> + </dsig:Reference> + <dsig:Reference Type="http://www.w3.org/2000/09/xmldsig#Manifest" URI="#dsig-manifest-1-1"> + <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <dsig:DigestValue>NorNorUqPFMA06JfxSJopOq7Qv0=</dsig:DigestValue> + </dsig:Reference> + </dsig:SignedInfo> + <dsig:SignatureValue>IQMZFc57XZd9LjeiaZqSfzZtWuXhuikAqbKA7pWuDK02DLFSYZPXsGjcvnwNdVaP</dsig:SignatureValue> + <dsig:KeyInfo> + <dsig:X509Data> + <dsig:X509Certificate>MIICtjCCAm6gAwIBAgIBATAJBgcqhkjOPQQBMGoxCzAJBgNVBAYTAkFUMQ0wCwYD +VQQHEwRXaWVuMRkwFwYDVQQJExBFc3NsaW5nZ2Fzc2UgNS85MQwwCgYDVQQKEwNB +Q1QxIzAhBgNVBAMTGlZvbGxtYWNodGVuIFNpZ25hdHVyZGllbnN0MB4XDTA4MDcw +ODE1MTk1MFoXDTEyMTIzMTIxNTk1OVowajELMAkGA1UEBhMCQVQxDTALBgNVBAcT +BFdpZW4xGTAXBgNVBAkTEEVzc2xpbmdnYXNzZSA1LzkxDDAKBgNVBAoTA0FDVDEj +MCEGA1UEAxMaVm9sbG1hY2h0ZW4gU2lnbmF0dXJkaWVuc3QwgfMwgbwGByqGSM49 +AgEwgbACAQEwJAYHKoZIzj0BAQIZAP////////////////////7//////////zA0 +BBj////////////////////+//////////wEGGQhBRnlnIDnD6fpq3IkMEn+uN7s +wUa5sQQxBBiNqA6wMJD2fL8g60OhiAD0/wr9gv8QEgcZK5X/yNp4YxAR7WskzdVz ++XehHnlIEQIZAP///////////////5ne+DYUa8mxtNIoMQIBAQMyAAS908G9FD5/ +LLYruwFbp9giXahdQ1FAqKwzohSn9pgsVTQBnvXxU8IWIzhPHs49DZCjazBpMAwG +A1UdEwEB/wQCMAAwHQYDVR0OBBYEFLOSgnkLSJ3l4Ah49rHX/FAV1wWcMBkGA1Ud +IAQSMBAwDgYMKwYBBAGVEgECBAEBMB8GA1UdIwQYMBaAFLOSgnkLSJ3l4Ah49rHX +/FAV1wWcMAkGByqGSM49BAEDNwAwNAIYTTppZzS6wqoLDFcf9frHzf1kMheY04dT +Ahg4Nrb54vE3DTRf9sbO4xs4dTARHSt1ihA=</dsig:X509Certificate> + </dsig:X509Data> + </dsig:KeyInfo> + <dsig:Object> + <dsig:Manifest Id="dsig-manifest-1-1"> + <dsig:Reference Id="reference-1-2" URI=""> + <dsig:Transforms> + <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"> + <dsig:XPath xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:moa="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#">not(ancestor-or-self::dsig:Signature)</dsig:XPath> + </dsig:Transform> + <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> + <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> + </dsig:Transforms> + <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <dsig:DigestValue>oz6ThHPL3V7RNibfPrDSWVhUgi8=</dsig:DigestValue> + </dsig:Reference> + </dsig:Manifest> + </dsig:Object> + </dsig:Signature> + </md:Mandate> + </saml:AttributeValue> + </saml:Attribute> + </saml:AttributeStatement> +</saml:Assertion> diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/task/SignedAuthBlock.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/task/SignedAuthBlock.xml new file mode 100644 index 000000000..450ba90f3 --- /dev/null +++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/task/SignedAuthBlock.xml @@ -0,0 +1,179 @@ +<?xml version="1.0" encoding="UTF-8"?> +<dsig:Signature Id="signature-1216050695-35956125-21395" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> + <dsig:SignedInfo> + <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/> + <dsig:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/> + <dsig:Reference Id="signed-data-reference-0-1216050695-35956125-19584" URI=""> + <dsig:Transforms> + <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> + <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"> + <xsl:stylesheet version="1.0" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> + <xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml"> + <html xmlns="http://www.w3.org/1999/xhtml"> + <head> + <title>Signatur der Anmeldedaten</title> + <style media="screen" type="text/css"> +.boldstyle { font-weight: bold; } +.italicstyle { font-style: italic; } +.annotationstyle { font-size: small; } +</style> + </head> + <body> + <h1>Signatur der Anmeldedaten</h1> + <p/> + <h4>Mit meiner elektronischen Signatur beantrage ich, +<span class="boldstyle"> + <xsl:value-of select="//@Issuer"/> + </span>, geboren am +<xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,9,2)"/>. +<xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,6,2)"/>. +<xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,1,4)"/>, +<xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']"> +in der Rolle als <xsl:value-of select="//saml:Attribute[@AttributeName='OIDTextualDescription']/saml:AttributeValue"/> +(OID***= <xsl:value-of select="//saml:Attribute[@AttributeName='OID']/saml:AttributeValue"/>), +</xsl:if> +den Zugang zur gesicherten Anwendung. +</h4> + <p/> + <h4>Datum und Uhrzeit: +<xsl:value-of select="substring(//@IssueInstant,9,2)"/>. +<xsl:value-of select="substring(//@IssueInstant,6,2)"/>. +<xsl:value-of select="substring(//@IssueInstant,1,4)"/>, +<xsl:value-of select="substring(//@IssueInstant,12,2)"/>: +<xsl:value-of select="substring(//@IssueInstant,15,2)"/>: +<xsl:value-of select="substring(//@IssueInstant,18,2)"/> + </h4> + <xsl:if test="//saml:Attribute[@AttributeName='HPI']"> + <h4>HPI(**): <xsl:value-of select="//saml:Attribute[@AttributeName='HPI']/saml:AttributeValue"/> + </h4> + </xsl:if> + <xsl:if test="//saml:Attribute[@AttributeName='wbPK']"> + <h4>wbPK(*): <xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Value"/> + </h4> + </xsl:if> + <xsl:if test="//saml:Attribute[@AttributeName='MandatorName']"> + <hr/> + <h4>Ich bin weiters ermächtigt als <xsl:value-of select="//saml:Attribute[@AttributeName='RepresentationType']/saml:AttributeValue/text()"/> +von <xsl:value-of select="//saml:Attribute[@AttributeName='MandatorName']/saml:AttributeValue/text()"/> + <xsl:if test="//saml:Attribute[@AttributeName='MandatorDateOfBirth']">, geboren am + <xsl:value-of select="substring(//saml:Attribute[@AttributeName='MandatorDateOfBirth']/saml:AttributeValue,9,2)"/>. + <xsl:value-of select="substring(//saml:Attribute[@AttributeName='MandatorDateOfBirth']/saml:AttributeValue,6,2)"/>. + <xsl:value-of select="substring(//saml:Attribute[@AttributeName='MandatorDateOfBirth']/saml:AttributeValue,1,4)"/> + </xsl:if> + <xsl:if test="//saml:Attribute[@AttributeName='MandatorDomainIdentifier']">, + <xsl:value-of select="//saml:Attribute[@AttributeName='MandatorDomainIdentifier']/saml:AttributeValue/text()"/> + </xsl:if>, in deren Auftrag zu handeln. +</h4> + <xsl:if test="//saml:Attribute[@AttributeName='MandatorWbpk']"> + <h4>wbPK(*) des Vollmachtgebers: <xsl:value-of select="//saml:Attribute[@AttributeName='MandatorWbpk']/saml:AttributeValue/text()"/> + </h4> + </xsl:if> + <p/> + </xsl:if> + <xsl:choose> + <xsl:when test="//saml:Attribute[@AttributeName='OID']"> + <p/> + <hr/> + </xsl:when> + <xsl:when test="//saml:Attribute[@AttributeName='HPI']"> + <p/> + <hr/> + </xsl:when> + <xsl:when test="//saml:Attribute[@AttributeName='wbPK']"> + <p/> + <hr/> + </xsl:when> + </xsl:choose> + <xsl:if test="//saml:Attribute[@AttributeName='wbPK']"> + <div class="annotationstyle">(*) wbPK: Das <span class="italicstyle">wirtschaftsbereichsspezifische Personenkennzeichen</span> wird aus den +jeweiligen Stammzahlen des Bürgers und des Wirtschaftsunternehmens berechnet und ermöglicht eine eindeutige Zuordnung des Bürgers zum +Wirtschaftsunternehmen.</div> + </xsl:if> + <xsl:if test="//saml:Attribute[@AttributeName='HPI']"> + <div class="annotationstyle">(**) HPI: Der <span class="italicstyle">eHealth Professional Identifier</span> wird aus den jeweiligen +Stammzahlen der Gesundheitsdiensteanbieterinnen / Gesundheitsdiensteanbieter berechnet und ermöglicht eine eindeutige Zuordnung der +Gesundheitsdiensteanbieterin / des Gesundheitsdiensteanbieters im Gesundheitsbereich.</div> + </xsl:if> + <xsl:if test="//saml:Attribute[@AttributeName='OID']"> + <div class="annotationstyle">(***) OID: <span class="italicstyle">Object Identifier</span> sind standardisierte Objekt-Bezeichner und +beschreiben eindeutig die Rollen des GDA-Token Inhabers.</div> + </xsl:if> + </body> + </html> + </xsl:template> + </xsl:stylesheet> + </dsig:Transform> + <dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/> + </dsig:Transforms> + <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <dsig:DigestValue>0q9QWyqAyyiVNNLu1rIcU+nKsEE=</dsig:DigestValue> + </dsig:Reference> + <dsig:Reference Id="etsi-data-reference-0-1216050695-35956125-7815" Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#xmlns(etsi=http://uri.etsi.org/01903/v1.1.1%23)%20xpointer(id('etsi-data-object-0-1216050695-35956125-20638')/child::etsi:QualifyingProperties/child::etsi:SignedProperties)"> + <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <dsig:DigestValue>WtB0/ptvoB/r/7+fauSUIBULymg=</dsig:DigestValue> + </dsig:Reference> + </dsig:SignedInfo> + <dsig:SignatureValue>mZt9DuZiDqG81scsf30qjSDdy6vKC2/n034ZZwMUAvfWOXy3+Ubsk5X5CHhz ++lyI</dsig:SignatureValue> + <dsig:KeyInfo> + <dsig:X509Data> + <dsig:X509Certificate>MIIEtDCCA5ygAwIBAgIDAgTEMA0GCSqGSIb3DQEBBQUAMIGXMQswCQYDVQQG +EwJBVDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lz +dGVtZSBpbSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMR4wHAYDVQQLDBVh +LXNpZ24tUHJlbWl1bS1TaWctMDIxHjAcBgNVBAMMFWEtc2lnbi1QcmVtaXVt +LVNpZy0wMjAeFw0wNjA0MDQwOTUyMjhaFw0xMTA0MDQwOTUyMjhaMGkxCzAJ +BgNVBAYTAkFUMRUwEwYDVQQDDAxUaG9tYXMgS25hbGwxDjAMBgNVBAQMBUtu +YWxsMQ8wDQYDVQQqDAZUaG9tYXMxFTATBgNVBAUTDDUzNTE5ODkyMzM0OTEL +MAkGA1UEDAwCREkwSTATBgcqhkjOPQIBBggqhkjOPQMBAQMyAARrnYW5sXCQ +6M3irWaanDPi/ROXueKWiPRyZGjNH0Cp/NaiOuvrpv2RDVEKQm2tBiajggIP +MIICCzATBgNVHSMEDDAKgAhN3+H/S9nJ3zAnBggrBgEFBQcBAwEB/wQYMBYw +CAYGBACORgEBMAoGCCsGAQUFBwsBMHsGCCsGAQUFBwEBBG8wbTBCBggrBgEF +BQcwAoY2aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRzL2Etc2lnbi1QcmVt +aXVtLVNpZy0wMmEuY3J0MCcGCCsGAQUFBzABhhtodHRwOi8vb2NzcC5hLXRy +dXN0LmF0L29jc3AwWQYDVR0gBFIwUDBEBgYqKAARAQswOjA4BggrBgEFBQcC +ARYsaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3MvY3AvYS1zaWduLVByZW1p +dW0wCAYGBACLMAEBMIGaBgNVHR8EgZIwgY8wgYyggYmggYaGgYNsZGFwOi8v +bGRhcC5hLXRydXN0LmF0L291PWEtc2lnbi1QcmVtaXVtLVNpZy0wMixvPUEt +VHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2Jq +ZWN0Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1dGhvcml0eTARBgNVHQ4ECgQI +SNyH29WUoCgwDgYDVR0PAQH/BAQDAgbAMCgGA1UdCQQhMB8wHQYIKwYBBQUH +CQExERgPMTk3ODA0MjkwMDAwMDBaMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEF +BQADggEBAFkSCJE0YD4p4izU3ekQYPv4Z7gm/VFlpma5hXNvwkajVjHlAqo/ +ylYn8NQ4mMkD+yCDNtm8m8nr0K/yICb8Gnkbv59i6nh2AbzYBBb49VnYYGL6 +uunLH0aFUpAhy+3mDdlH8uhhIQBHwCfgwG1qa5zXY7bz4Vzkac/h6T+JVFkI +egO8OHQDadhgJvW80qspiao2DTac6vVgx4tGvjpdmw1R2pXBYhHD5rkPHlkf +GoeL3ak6hq4ea94Oy5VfNTIJv5MA0J2G1mwnW9B8uPWSM5EYPoWJyBOWcKBL +SSUqOt9D/9215ZGfbchkdRZjx0dTAD3FIhgG8nA72/uCFrBzyTk= +</dsig:X509Certificate> + </dsig:X509Data> + </dsig:KeyInfo> + <dsig:Object Id="etsi-data-object-0-1216050695-35956125-20638"> + <etsi:QualifyingProperties Target="#signature-1216050695-35956125-21395" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"> + <etsi:SignedProperties> + <etsi:SignedSignatureProperties> + <etsi:SigningTime>2008-07-14T15:51:35Z</etsi:SigningTime> + <etsi:SigningCertificate> + <etsi:Cert> + <etsi:CertDigest> + <etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <etsi:DigestValue>inMYWBmAxMHP7mDENjLFaEtv0Zk=</etsi:DigestValue> + </etsi:CertDigest> + <etsi:IssuerSerial> + <dsig:X509IssuerName>CN=a-sign-Premium-Sig-02,OU=a-sign-Premium-Sig-02,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</dsig:X509IssuerName> + <dsig:X509SerialNumber>132292</dsig:X509SerialNumber> + </etsi:IssuerSerial> + </etsi:Cert> + </etsi:SigningCertificate> + <etsi:SignaturePolicyIdentifier> + <etsi:SignaturePolicyImplied/> + </etsi:SignaturePolicyIdentifier> + </etsi:SignedSignatureProperties> + <etsi:SignedDataObjectProperties> + <etsi:DataObjectFormat ObjectReference="#signed-data-reference-0-1216050695-35956125-19584"> + <etsi:MimeType>application/xhtml+xml</etsi:MimeType> + </etsi:DataObjectFormat> + </etsi:SignedDataObjectProperties> + </etsi:SignedProperties> + </etsi:QualifyingProperties> + </dsig:Object> +</dsig:Signature>
\ No newline at end of file |