diff options
Diffstat (limited to 'id/server/idserverlib/src/test')
15 files changed, 0 insertions, 1723 deletions
diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/AllTests.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/AllTests.java deleted file mode 100644 index d0d104d69..000000000 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/AllTests.java +++ /dev/null @@ -1,79 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -///* -// * Copyright 2003 Federal Chancellery Austria -// * MOA-ID has been developed in a cooperation between BRZ, the Federal -// * Chancellery Austria - ICT staff unit, and Graz University of Technology. -// * -// * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by -// * the European Commission - subsequent versions of the EUPL (the "Licence"); -// * You may not use this work except in compliance with the Licence. -// * You may obtain a copy of the Licence at: -// * http://www.osor.eu/eupl/ -// * -// * Unless required by applicable law or agreed to in writing, software -// * distributed under the Licence is distributed on an "AS IS" basis, -// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// * See the Licence for the specific language governing permissions and -// * limitations under the Licence. -// * -// * This product combines work with different licenses. See the "NOTICE" text -// * file for details on the various modules and licenses. -// * The "NOTICE" text file is part of the distribution. Any derivative works -// * that you distribute must include a readable copy of the "NOTICE" text file. -// */ -// -// -//package test.at.gv.egovernment.moa.id.auth.builder; -// -//import junit.awtui.TestRunner; -//import junit.framework.Test; -//import junit.framework.TestSuite; -// -///** -// * @author patrick -// * @version $Id$ -// */ -//public class AllTests { -// -// public static Test suite() { -// TestSuite suite = new TestSuite(); -// -//// suite.addTestSuite(AuthenticationBlockAssertionBuilderTest.class); -// suite.addTestSuite(CreateXMLSignatureBuilderTest.class); -//// suite.addTestSuite(GetIdentityLinkFormBuilderTest.class); -//// suite.addTestSuite(InfoboxReadRequestBuilderTest.class); -//// suite.addTestSuite(PersonDataBuilderTest.class); -//// suite.addTestSuite(SAMLArtifactBuilderTest.class); -// -// return suite; -// } -// -// public static void main(String[] args) { -// try { -// TestRunner.run(AllTests.class); -// } catch (Exception e) { -// e.printStackTrace(); -// } -// } -//} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilderTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilderTest.java deleted file mode 100644 index 4c2b3ec8a..000000000 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilderTest.java +++ /dev/null @@ -1,93 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -///* -// * Copyright 2003 Federal Chancellery Austria -// * MOA-ID has been developed in a cooperation between BRZ, the Federal -// * Chancellery Austria - ICT staff unit, and Graz University of Technology. -// * -// * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by -// * the European Commission - subsequent versions of the EUPL (the "Licence"); -// * You may not use this work except in compliance with the Licence. -// * You may obtain a copy of the Licence at: -// * http://www.osor.eu/eupl/ -// * -// * Unless required by applicable law or agreed to in writing, software -// * distributed under the Licence is distributed on an "AS IS" basis, -// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// * See the Licence for the specific language governing permissions and -// * limitations under the Licence. -// * -// * This product combines work with different licenses. See the "NOTICE" text -// * file for details on the various modules and licenses. -// * The "NOTICE" text file is part of the distribution. Any derivative works -// * that you distribute must include a readable copy of the "NOTICE" text file. -// */ -// -// -//package test.at.gv.egovernment.moa.id.auth.builder; -// -//import test.at.gv.egovernment.moa.id.UnitTestCase; -// -//import at.gv.egovernment.moa.id.auth.builder.AuthenticationBlockAssertionBuilder; -// -///** -// * @author Paul Ivancsics -// * @version $Id$ -// */ -//public class AuthenticationBlockAssertionBuilderTest extends UnitTestCase { -// private static final String nl = "\n"; -// private static final String ISSUER = "Hugo Mustermann"; -// private static final String ISSUE_INSTANT = "2003-03-15T22:50:21+01:00"; -// private static final String AUTH_URL = "https://auth.moa.gv.at/"; -// private static final String TARGET = "Grundbuch"; -// private static final String OA_URL = "https://grundbuch.gv.at/"; -// private static final String GEB_DAT = "2004-01-02"; -// -// // wird auch von CreateXMLSignatureBuilderTest verwendet ! -// public static final String ASSERTION_SHOULD = -//"<saml:Assertion xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' MajorVersion='1' MinorVersion='0' AssertionID='any' Issuer='" + ISSUER + "' IssueInstant='" + ISSUE_INSTANT + "'>" + nl + -//" <saml:AttributeStatement>" + nl + -//" <saml:Subject>" + nl + -//" <saml:NameIdentifier>" + AUTH_URL + "</saml:NameIdentifier>" + nl + -//" </saml:Subject>" + nl + -//" <saml:Attribute AttributeName='Gesch�ftsbereich' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'>" + nl + -//" <saml:AttributeValue>" + TARGET + "</saml:AttributeValue>" + nl + -//" </saml:Attribute>" + nl + -//" <saml:Attribute AttributeName='OA' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'>" + nl + -//" <saml:AttributeValue>" + OA_URL + "</saml:AttributeValue>" + nl + -//" </saml:Attribute>" + nl + -//" </saml:AttributeStatement>" + nl + -//"</saml:Assertion>"; -// -// public AuthenticationBlockAssertionBuilderTest(String name) { -// super(name); -// } -// -// public void testBuild() throws Exception { -// AuthenticationBlockAssertionBuilder builder = new AuthenticationBlockAssertionBuilder(); -// String assertionBuilt = builder.buildAuthBlock(ISSUER, ISSUE_INSTANT, AUTH_URL, TARGET, null, "", "", OA_URL, GEB_DAT, null, null); -// assertionBuilt = XML_DECL + assertionBuilt; -// String assertionShould = XML_DECL + ASSERTION_SHOULD; -// assertXmlEquals(assertionShould, assertionBuilt); -// } -//} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureBuilderTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureBuilderTest.java deleted file mode 100644 index c133602b1..000000000 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureBuilderTest.java +++ /dev/null @@ -1,151 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -///* -// * Copyright 2003 Federal Chancellery Austria -// * MOA-ID has been developed in a cooperation between BRZ, the Federal -// * Chancellery Austria - ICT staff unit, and Graz University of Technology. -// * -// * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by -// * the European Commission - subsequent versions of the EUPL (the "Licence"); -// * You may not use this work except in compliance with the Licence. -// * You may obtain a copy of the Licence at: -// * http://www.osor.eu/eupl/ -// * -// * Unless required by applicable law or agreed to in writing, software -// * distributed under the Licence is distributed on an "AS IS" basis, -// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// * See the Licence for the specific language governing permissions and -// * limitations under the Licence. -// * -// * This product combines work with different licenses. See the "NOTICE" text -// * file for details on the various modules and licenses. -// * The "NOTICE" text file is part of the distribution. Any derivative works -// * that you distribute must include a readable copy of the "NOTICE" text file. -// */ -// -// -//package test.at.gv.egovernment.moa.id.auth.builder; -// -//import at.gv.egovernment.moa.id.auth.builder.CreateXMLSignatureRequestBuilder; -// -//import test.at.gv.egovernment.moa.id.UnitTestCase; -// -///** -// * @author Paul Ivancsics -// * @version $Id$ -// */ -//public class CreateXMLSignatureBuilderTest extends UnitTestCase { -// private static final String nl = "\n"; -// public static final String TRANSFORMS_INFO = -// " <sl10:TransformsInfo>" + nl + -// " <dsig:Transforms>" + nl + -// " <dsig:Transform Algorithm='http://www.w3.org/2000/09/xmldsig#enveloped-signature'/>" + nl + -// " <dsig:Transform Algorithm='http://www.w3.org/TR/1999/REC-xslt-19991116'>" + nl + -//"<xsl:stylesheet version='1.0' xmlns:xsl='http://www.w3.org/1999/XSL/Transform' xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' >" + nl + -//"<xsl:template match='/'>" + nl + -//"<html>" + nl + -//"<body>" + nl + -//"</body>" + nl + -//"</html>" + nl + -//"</xsl:template>" + nl + -//"</xsl:stylesheet>" + nl + -// " </dsig:Transform>" + nl + -// " </dsig:Transforms>" + nl + -// " <sl10:FinalDataMetaInfo>" + nl + -// " <sl10:MimeType>text/html</sl10:MimeType>" + nl + -// " </sl10:FinalDataMetaInfo>" + nl + -// " </sl10:TransformsInfo>" + nl; -// public static final String REQUEST_SHOULD = -//"<?xml version=\"1.0\" encoding=\"UTF-8\"?>" + nl + -//"<sl11:CreateXMLSignatureRequest xmlns:dsig=\"http://www.w3.org/2000/09/xmldsig#\" xmlns:sl10=\"http://www.buergerkarte.at/namespaces/securitylayer/20020225#\" xmlns:sl11=\"http://www.buergerkarte.at/namespaces/securitylayer/20020831#\">" + nl + -//" <sl11:KeyboxIdentifier>SecureSignatureKeypair</sl11:KeyboxIdentifier>" + nl + -//" <sl11:DataObjectInfo Structure=\"detached\">" + nl + -//" <sl10:DataObject Reference=\"\"/>" + nl + -//TRANSFORMS_INFO + -//" </sl11:DataObjectInfo>" + nl + -//" <sl11:SignatureInfo>" + nl + -//" <sl11:SignatureEnvironment>" + nl + -//" <sl10:XMLContent>" + AuthenticationBlockAssertionBuilderTest.ASSERTION_SHOULD + "</sl10:XMLContent>" + nl + -//" </sl11:SignatureEnvironment>" + nl + -//" <sl11:SignatureLocation Index=\"2\">/saml:Assertion</sl11:SignatureLocation>" + nl + -//" </sl11:SignatureInfo>" + nl + -//"</sl11:CreateXMLSignatureRequest>"; -// -// -// public static final String TRANSFORMS_INFO_SL12 = -// " <sl:TransformsInfo>" + nl + -// " <dsig:Transforms>" + nl + -// " <dsig:Transform Algorithm='http://www.w3.org/2000/09/xmldsig#enveloped-signature'/>" + nl + -// " <dsig:Transform Algorithm='http://www.w3.org/TR/1999/REC-xslt-19991116'>" + nl + -//"<xsl:stylesheet version='1.0' xmlns:xsl='http://www.w3.org/1999/XSL/Transform' xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' >" + nl + -//"<xsl:template match='/'>" + nl + -//"<html>" + nl + -//"<body>" + nl + -//"</body>" + nl + -//"</html>" + nl + -//"</xsl:template>" + nl + -//"</xsl:stylesheet>" + nl + -// " </dsig:Transform>" + nl + -// " </dsig:Transforms>" + nl + -// " <sl:FinalDataMetaInfo>" + nl + -// " <sl:MimeType>text/html</sl:MimeType>" + nl + -// " </sl:FinalDataMetaInfo>" + nl + -// " </sl:TransformsInfo>" + nl; -// public static final String REQUEST_SHOULD_SL12 = -//"<?xml version=\"1.0\" encoding=\"UTF-8\"?>" + nl + -//"<sl:CreateXMLSignatureRequest xmlns:dsig=\"http://www.w3.org/2000/09/xmldsig#\" xmlns:sl=\"http://www.buergerkarte.at/namespaces/securitylayer/1.2#\">" + nl + -//" <sl:KeyboxIdentifier>SecureSignatureKeypair</sl:KeyboxIdentifier>" + nl + -//" <sl:DataObjectInfo Structure=\"detached\">" + nl + -//" <sl:DataObject Reference=\"\"/>" + nl + -//TRANSFORMS_INFO_SL12 + -//" </sl:DataObjectInfo>" + nl + -//" <sl:SignatureInfo>" + nl + -//" <sl:SignatureEnvironment>" + nl + -//" <sl:XMLContent>" + AuthenticationBlockAssertionBuilderTest.ASSERTION_SHOULD + "</sl:XMLContent>" + nl + -//" </sl:SignatureEnvironment>" + nl + -//" <sl:SignatureLocation Index=\"2\">/saml:Assertion</sl:SignatureLocation>" + nl + -//" </sl:SignatureInfo>" + nl + -//"</sl:CreateXMLSignatureRequest>"; -// -// -// -// -// public CreateXMLSignatureBuilderTest(String name) { -// super(name); -// } -// -// public void testBuild() throws Exception { -// // test build for Security Layer version 1.1 and 1.0 -// String request = new CreateXMLSignatureRequestBuilder().build( -// AuthenticationBlockAssertionBuilderTest.ASSERTION_SHOULD, "SecureSignatureKeypair", -// new String[] {TRANSFORMS_INFO}, -// false); -// assertXmlEquals(REQUEST_SHOULD, request); -// // test build for Security Layer version 1.2 -// String requestSL12 = new CreateXMLSignatureRequestBuilder().build( -// AuthenticationBlockAssertionBuilderTest.ASSERTION_SHOULD, "SecureSignatureKeypair", -// new String[] {TRANSFORMS_INFO}, -// true); -// assertXmlEquals(REQUEST_SHOULD_SL12, requestSL12); -// } -//} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java deleted file mode 100644 index 7b364789b..000000000 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java +++ /dev/null @@ -1,119 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package test.at.gv.egovernment.moa.id.auth.builder; - -import java.text.MessageFormat; - -import junit.framework.TestCase; - -import at.gv.egovernment.moa.id.auth.builder.CertInfoVerifyXMLSignatureRequestBuilder; -import at.gv.egovernment.moa.id.auth.builder.GetIdentityLinkFormBuilder; -import at.gv.egovernment.moa.id.auth.builder.InfoboxReadRequestBuilder; - -/** - * @author Paul Ivancsics - * @version $Id$ - */ -public class GetIdentityLinkFormBuilderTest extends TestCase { - private static String nl = "\n"; - public static String FORM = - "<meta http-equiv=\"content-type\" content=\"text/html; charset=UTF-8\">" + nl + - "<html>" + nl + - "<head>" + nl + - "<title>Auslesen der Personenbindung</title>" + nl + - "</head>" + nl + - "<body>" + nl + - "<form name=\"GetIdentityLinkForm\"" + nl + - " action=\"{0}\"" + nl + - " method=\"post\">" + nl + - " <input type=\"hidden\" " + nl + - " name=\"XMLRequest\"" + nl + - " value=\"{1}\"/>" + nl + - " <input type=\"hidden\" " + nl + - " name=\"DataURL\"" + nl + - " value=\"{2}\"/>" + nl + - " <input type=\"submit\" value=\"Auslesen der Personenbindung\"/>" + nl + - "</form>" + nl + - "<form name=\"CertificateInfoForm\"" + nl + - " action=\"{0}\"" + nl + - " method=\"post\">" + nl + - " <input type=\"hidden\" " + nl + - " name=\"XMLRequest\"" + nl + - " value=\"{3}\"/>" + nl + - " <input type=\"hidden\" " + nl + - " name=\"DataURL\"" + nl + - " value=\"{4}\"/>" + nl + - " <input type=\"submit\" value=\"Information zu Wurzelzertifikaten\"/>" + nl + - "</form>" + nl + - "</body>" + nl + - "</html>"; - public static String BKU = - "http://localhost:3495/http-security-layer-request"; - - public void testBuild() throws Exception { - String xmlRequest = new InfoboxReadRequestBuilder().build(false, null); - String dataURL = "https://1.2.3.4/auth/VerifyIdentityLink?MOASessionID=1234567"; - String infoRequest = new CertInfoVerifyXMLSignatureRequestBuilder().build(); - String infoDataURL = "https://1.2.3.4/auth/StartAuthentication?Target=gb&OA=https://oa.gv.at/"; - String form = new GetIdentityLinkFormBuilder().build(null, null, xmlRequest, dataURL, infoRequest, infoDataURL, null, null, null, null); - String formShould = MessageFormat.format( - FORM, new Object[] { BKU, xmlRequest, dataURL, infoRequest, infoDataURL }); - assertEquals(formShould, form); - } - public void testBuildCustomBKU() throws Exception { - String xmlRequest = new InfoboxReadRequestBuilder().build(false, null); - String dataURL = "https://1.2.3.4/auth/AuthServlet/StartAuthentication?MOASessionID=1234567"; - String infoRequest = new CertInfoVerifyXMLSignatureRequestBuilder().build(); - String infoDataURL = "https://1.2.3.4/auth/StartAuthentication?Target=gb&OA=https://oa.gv.at/"; - String bkuURL = "http://bku.at/"; - String form = new GetIdentityLinkFormBuilder().build(null, bkuURL, xmlRequest, dataURL, infoRequest, infoDataURL, null, null, null, null); - String formShould = MessageFormat.format( - FORM, new Object[] { bkuURL, xmlRequest, dataURL, infoRequest, infoDataURL }); - assertEquals(formShould, form); - } - -} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilderTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilderTest.java deleted file mode 100644 index ec15a209c..000000000 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilderTest.java +++ /dev/null @@ -1,75 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package test.at.gv.egovernment.moa.id.auth.builder; - -import org.w3c.dom.Document; -import test.at.gv.egovernment.moa.id.UnitTestCase; - -import at.gv.egovernment.moa.id.auth.builder.InfoboxReadRequestBuilder; -import at.gv.egovernment.moa.util.Constants; -import at.gv.egovernment.moa.util.DOMUtils; - -/** - * @author Paul Ivancsics - * @version $Id$ - */ -public class InfoboxReadRequestBuilderTest extends UnitTestCase implements Constants { - - public InfoboxReadRequestBuilderTest(String name) { - super(name); - } - - public void testBuild() throws Exception { - InfoboxReadRequestBuilder builder = new InfoboxReadRequestBuilder(); - String xmlBuilt = builder.build(false, null); - Document docBuilt = DOMUtils.parseDocument(xmlBuilt, false, ALL_SCHEMA_LOCATIONS, null); - String xmlBuiltSerialized = DOMUtils.serializeNode(docBuilt); - // xmlShould was generated by Hot:Sign Tester - String xmlShould = "<?xml version='1.0' encoding='utf-8'?><sl10:InfoboxReadRequest xmlns:sl10='http://www.buergerkarte.at/namespaces/securitylayer/20020225#'><sl10:InfoboxIdentifier>IdentityLink</sl10:InfoboxIdentifier><sl10:BinaryFileParameters ContentIsXMLEntity='true'/></sl10:InfoboxReadRequest>"; - assertXmlEquals(xmlShould, xmlBuiltSerialized); - } -} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilderTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilderTest.java deleted file mode 100644 index b26fd4738..000000000 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilderTest.java +++ /dev/null @@ -1,97 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package test.at.gv.egovernment.moa.id.auth.builder; - -import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; -import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; -import at.gv.egovernment.moa.util.Constants; - -import test.at.gv.egovernment.moa.id.UnitTestCase; - -/** - * @author Paul Ivancsics - * @version $Id$ - */ -public class PersonDataBuilderTest extends UnitTestCase implements Constants { - - /** - * Constructor for PersonDataBuilderTest. - */ - public PersonDataBuilderTest(String arg) { - super(arg); - } - public void testBuild() throws Exception { - String xmlInfoboxReadResponse = readFile("data/test/xmldata/testperson1/InfoboxReadResponse.xml"); - IdentityLink il = new InfoboxReadResponseParser(xmlInfoboxReadResponse).parseIdentityLink(); - String xmlPersonData = new PersonDataBuilder().build(il, true); - String xmlPersonDataShould = "<pr:Person xsi:type=\"pr:PhysicalPersonType\"><pr:Identification><pr:Value>123456789012</pr:Value><pr:Type>http://reference.e-government.gv.at/names/persondata/20020228#zmr-zahl</pr:Type></pr:Identification><pr:Name><pr:GivenName>Hermann</pr:GivenName><pr:FamilyName primary=\"undefined\">Muster</pr:FamilyName></pr:Name><pr:DateOfBirth>1968-10-22</pr:DateOfBirth></pr:Person>"; - assertPersonDataEquals(xmlPersonDataShould, xmlPersonData); - } - public void testBuildNoZMRZahl() throws Exception { - String xmlInfoboxReadResponse = readFile("data/test/xmldata/testperson1/InfoboxReadResponse.xml"); - IdentityLink il = new InfoboxReadResponseParser(xmlInfoboxReadResponse).parseIdentityLink(); - String xmlPersonData = new PersonDataBuilder().build(il, false); - String xmlPersonDataShould = XML_DECL + "<pr:Person xsi:type=\"pr:PhysicalPersonType\"><pr:Name><pr:GivenName>Hermann</pr:GivenName><pr:FamilyName primary=\"undefined\">Muster</pr:FamilyName></pr:Name><pr:DateOfBirth>1968-10-22</pr:DateOfBirth></pr:Person>"; - assertPersonDataEquals(xmlPersonDataShould, xmlPersonData); - } - private void assertPersonDataEquals(String s1, String s2) throws Exception { - String ss1 = insertPrNS(s1); - String ss2 = insertPrNS(s2); - assertXmlEquals(ss1, ss2); - } - private String insertPrNS(String xmlPersonData) { - int startNS = xmlPersonData.indexOf("Person") + "Person".length() + 1; - String s = - xmlPersonData.substring(0, startNS) + - "xmlns:pr=\"" + PD_NS_URI + "\" " + - "xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" " + - xmlPersonData.substring(startNS); - return s; - } - -} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java deleted file mode 100644 index ebdec6d22..000000000 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java +++ /dev/null @@ -1,98 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package test.at.gv.egovernment.moa.id.auth.builder; - -import at.gv.egovernment.moa.id.auth.builder.SAMLArtifactBuilder; -import at.gv.egovernment.moa.id.auth.exception.BuildException; -import at.gv.egovernment.moa.util.Base64Utils; - -import test.at.gv.egovernment.moa.id.UnitTestCase; - -/** - * @author Paul Ivancsics - * @version $Id$ - */ -public class SAMLArtifactBuilderTest extends UnitTestCase { - - private static final String AUTH_URL = "https://moa.gv.at/auth/"; - private static final String SESSION_ID_1 = "123456"; - private static final String SESSION_ID_2 = "123457"; - private static final String SESSION_ID_3 = "1234567"; - - private SAMLArtifactBuilder builder; - private byte[] artifact1; - private byte[] artifact2; - private byte[] artifact3; - - public SAMLArtifactBuilderTest(String name) { - super(name); - } - protected void setUp() throws Exception { - builder = new SAMLArtifactBuilder(); - artifact1 = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_1, null), false); - artifact2 = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_2, null), false); - artifact3 = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_3, null), false); - } - - public void testBuildArtifactLength() throws BuildException { - assertEquals(42, artifact1.length); - assertEquals(42, artifact2.length); - assertEquals(42, artifact3.length); - } - public void testBuildSameArtifact() throws Exception { - byte[] artifact1Clone = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_1, null), false); - assertEquals(new String(artifact1), new String(artifact1Clone)); - } - public void testBuildDifferentArtifacts() throws BuildException { - String msg = "SAML Artifacts should be different"; - assertFalse(msg, new String(artifact1).equals(new String(artifact2))); - assertFalse(msg, new String(artifact1).equals(new String(artifact3))); - assertFalse(msg, new String(artifact3).equals(new String(artifact2))); - } - - -} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/CertTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/CertTest.java deleted file mode 100644 index 6cf1e8280..000000000 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/CertTest.java +++ /dev/null @@ -1,131 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package test.at.gv.egovernment.moa.id.auth.oauth; - -import iaik.security.ecc.provider.ECCProvider; - -import java.security.KeyStore; -import java.security.PrivateKey; -import java.security.cert.X509Certificate; - -import net.oauth.jsontoken.crypto.Signer; -import net.oauth.jsontoken.crypto.Verifier; - -import org.opensaml.xml.security.x509.BasicX509Credential; -import org.testng.Assert; -import org.testng.annotations.Test; - -import at.gv.egovernment.moa.id.protocols.oauth20.json.OAuth20SHA256Signer; -import at.gv.egovernment.moa.id.protocols.oauth20.json.OAuth20SHA256Verifier; -import at.gv.egovernment.moa.util.KeyStoreUtils; - -public class CertTest { - - /** KeyStore Path */ - private String rsaKeyStorePath = "file:/D:/dev/work/exthex/workspace/OAuthTesting/resources/keys/test_keystore.jks"; - - private String ecdsaKeyStorePath = "file:/D:/dev/work/exthex/workspace/OAuthTesting/resources/keys/ECDSA_keystore.jks"; - - /** KeyStore Password */ - private String keyStorePassword = "test12"; - - /** Specific Key Name as Credential */ - private String keyName = "1"; - - /** Key password */ - private String keyPassword = "test12"; - - private BasicX509Credential getCredentials(String keyStorePath) { - Assert.assertNotNull(keyStorePath); - - // KeyStorePassword optional - // if (StringUtils.isEmpty(this.keyStorePassword)) - // throw new SAMLException("No keyStorePassword specified"); - - Assert.assertNotNull(this.keyName); - - // KeyStorePassword optional - // if (StringUtils.isEmpty(this.keyPassword)) - // throw new SAMLException("No keyPassword specified"); - - KeyStore ks = null; - try { - ks = KeyStoreUtils.loadKeyStore(keyStorePath, this.keyStorePassword); - - } - catch (Exception e) { - e.printStackTrace(); - } - - // return new KeyStoreX509CredentialAdapter(ks, keyName, keyPwd.toCharArray()); - BasicX509Credential credential = null; - try { - X509Certificate certificate = (X509Certificate) ks.getCertificate(this.keyName); - - PrivateKey privateKey = (PrivateKey) ks.getKey(this.keyName, this.keyPassword.toCharArray()); - - // System.out.println("KS Provider:" + privateKey.getClass()); - credential = new BasicX509Credential(); - credential.setEntityCertificate(certificate); - credential.setPrivateKey(privateKey); - - System.out.println("Private Key: " + privateKey); - - } - catch (Exception e) { - e.printStackTrace(); - - } - - return credential; - } - - private void signAndVerify(BasicX509Credential credential) throws Exception { - String data = "someData"; - - Signer signer = new OAuth20SHA256Signer("signer1", keyName, credential.getPrivateKey()); - - byte[] signedData = signer.sign(data.getBytes()); - - Verifier verifier = new OAuth20SHA256Verifier(credential.getPublicKey()); - verifier.verifySignature(data.getBytes(), signedData); - } - - @Test - // (enabled = false) - public void testRSA() throws Exception { - BasicX509Credential credential = this.getCredentials(this.rsaKeyStorePath); - - // System.out.println(credential); - this.signAndVerify(credential); - } - - @Test - public void testECDSA() throws Exception { - ECCProvider.addAsProvider(); - - // Security.addProvider(new ECCProvider()); - BasicX509Credential credential = this.getCredentials(this.ecdsaKeyStorePath); - this.signAndVerify(credential); - } -} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/OAuth20ErrorsTests.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/OAuth20ErrorsTests.java deleted file mode 100644 index abfca4f36..000000000 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/OAuth20ErrorsTests.java +++ /dev/null @@ -1,184 +0,0 @@ -package test.at.gv.egovernment.moa.id.auth.oauth; - -import java.io.IOException; - -import javax.servlet.http.HttpServletResponse; - -import org.apache.commons.httpclient.HttpClient; -import org.apache.commons.httpclient.methods.GetMethod; -import org.apache.commons.lang.StringUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.testng.Assert; -import org.testng.annotations.AfterMethod; -import org.testng.annotations.BeforeMethod; -import org.testng.annotations.DataProvider; -import org.testng.annotations.Test; - -import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Constants; -import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Util; - -import com.google.api.client.extensions.java6.auth.oauth2.VerificationCodeReceiver; -import com.google.api.client.extensions.jetty.auth.oauth2.LocalServerReceiver; - -public class OAuth20ErrorsTests { - - final static Logger log = LoggerFactory.getLogger(OAuth20ErrorsTests.class); - - private static VerificationCodeReceiver receiver; - - // base uri - private static String OAUTH2_BASE_URI = "https://localhost/moa-id-auth/"; - // auth action - private static String OAUTH2_AUTH_URI = OAUTH2_BASE_URI + "oauth2/auth"; - // token action - private static String OAUTH2_TOKEN_URI = OAUTH2_BASE_URI + "oauth2/token"; - - // client id - private static String CLIENT_ID = "http://test"; - // client secret - private static String CLIENT_SECRET = "d435cf0a-3933-48f7-b142-339710c8f070"; - // OAuth 2.0 scopes - //private static List<String> SCOPES = Arrays.asList("testScope1", "testScope2"); - // state - private static String STATE = "testState"; - // code - private static String CODE = "code"; - // redirect uri - private static String REDIRECT_URI = "http://localhost:59542/Callback"; - - @BeforeMethod - public void beforeTest() throws Exception { - receiver = new LocalServerReceiver.Builder().setPort(59542).build(); - // REDIRECT_URI = receiver.getRedirectUri(); - // start - receiver.getRedirectUri(); - } - - @AfterMethod - public void afterTest() { - try { - receiver.stop(); - } - catch (IOException e) { - } - } - - private void checkParam(final String paramString, final String paramName) { - String[] help = paramString.split("="); - Assert.assertEquals(help[0], paramName); - Assert.assertTrue(StringUtils.isNotEmpty(help[1])); - } - - private void checkParams(final String queryString) { - // System.out.println("QueryString: " + queryString); - - System.out.println("Result url: " + queryString); - - String[] params = queryString.split("&"); - - this.checkParam(params[0], OAuth20Constants.PARAM_ERROR); - this.checkParam(params[1], OAuth20Constants.PARAM_ERROR_DESCRIPTION); - // this.checkParam(params[2], OAuth20Constants.PARAM_ERROR_URI); - // this.checkParam(params[3], OAuth20Constants.PARAM_STATE); - this.checkParam(params[2], OAuth20Constants.PARAM_STATE); - } - - class OAuthRequestParameters { - String redirectUri; - String clientId; - String responseType; - String scope; - String state; - String error; - - public OAuthRequestParameters(String redirectUri, String clientId, String responseType, String scope, String state, - String error) { - this.redirectUri = redirectUri; - this.clientId = clientId; - this.responseType = responseType; - this.scope = scope; - this.state = state; - this.error = error; - } - } - - @DataProvider(name = "parameter") - public Object[][] parameterProvider() { - // parameter is missing - // OAuthRequestParameters p0 = new OAuthRequestParameters(null, OA_URL, CLIENT_ID, CODE, - // "testScope1", null, - // "User authorization failed (invalid_request)"); - // OAuthRequestParameters p1 = new OAuthRequestParameters(REDIRECT_URI, CLIENT_ID, CODE, - // "testScope1", STATE, - // "User authorization failed (invalid_request)"); - OAuthRequestParameters p2 = new OAuthRequestParameters(REDIRECT_URI, null, CODE, "testScope1", STATE, - "User authorization failed (invalid_request)"); - OAuthRequestParameters p3 = new OAuthRequestParameters(REDIRECT_URI, CLIENT_ID, null, "testScope1", STATE, - "User authorization failed (invalid_request)"); - OAuthRequestParameters p4 = new OAuthRequestParameters(REDIRECT_URI, CLIENT_ID, CODE, null, STATE, null); - OAuthRequestParameters p5 = new OAuthRequestParameters(REDIRECT_URI, CLIENT_ID, CODE, "testScope1", null, - "User authorization failed (invalid_request)"); - - // wrong response type - OAuthRequestParameters p6 = new OAuthRequestParameters(REDIRECT_URI, CLIENT_ID, "WRONG_CODE", "testScope1", STATE, - "User authorization failed (unsupported_response_type)"); - // wrong client id - OAuthRequestParameters p7 = new OAuthRequestParameters(REDIRECT_URI, "wrongClient", CODE, "testScope1", STATE, - "User authorization failed (invalid_request)"); - // wrong redirect uri - // OAuthRequestParameters p9 = new OAuthRequestParameters("wrongURI", OA_URL, "wrongClient", - // CODE, "testScope1", STATE, - // "User authorization failed (access_denied)"); - - return new Object[][] { { p2 }, { p3 }, { p4 }, { p5 }, { p6 }, { p7 } }; - } - - @Test(dataProvider = "parameter", enabled = false) - public void testMissingParams(OAuthRequestParameters p) throws Exception { - StringBuilder url = new StringBuilder(); - url.append(OAUTH2_AUTH_URI); - - if (StringUtils.isNotEmpty(p.redirectUri)) OAuth20Util.addParameterToURL(url, "redirect_uri", p.redirectUri); - if (StringUtils.isNotEmpty(p.clientId)) OAuth20Util.addParameterToURL(url, "client_id", p.clientId); - if (StringUtils.isNotEmpty(p.responseType)) OAuth20Util.addParameterToURL(url, "response_type", p.responseType); - if (StringUtils.isNotEmpty(p.scope)) OAuth20Util.addParameterToURL(url, "scope", p.scope); - if (StringUtils.isNotEmpty(p.state)) OAuth20Util.addParameterToURL(url, "state", p.state); - - String finalUrl = url.toString(); - System.out.println("Calling: " + finalUrl); - - HttpClient client = new HttpClient(); - GetMethod get = new GetMethod(finalUrl); - int res = client.executeMethod(get); - Assert.assertEquals(res, HttpServletResponse.SC_OK); - - // assert - - if (p.error == null) { - Assert.assertFalse(get.getQueryString().contains("error")); - // receiver.waitForCode(); - } else { - // check if all error params are returned - this.checkParams(get.getQueryString()); - try { - receiver.waitForCode(); - Assert.assertTrue(false); - } - catch (Exception e) { - Assert.assertEquals(e.getMessage(), p.error); - } - } - } - - @Test(enabled = false) - public void testTokenErrorResponse() throws Exception { - HttpClient client = new HttpClient(); - GetMethod get = new GetMethod(OAUTH2_TOKEN_URI + "&client_id=" + CLIENT_ID + "&client_secret=" + CLIENT_SECRET - + "&code=test&grant_type=authorization_code"); - int res = client.executeMethod(get); - - System.out.println(res); - System.out.println(get.getResponseBodyAsString()); - } -} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/OAuth20GoogleClientTestCase.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/OAuth20GoogleClientTestCase.java deleted file mode 100644 index 53c7ad496..000000000 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/OAuth20GoogleClientTestCase.java +++ /dev/null @@ -1,158 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package test.at.gv.egovernment.moa.id.auth.oauth; - -import java.awt.Desktop; -import java.awt.Desktop.Action; -import java.io.IOException; -import java.math.BigInteger; -import java.net.URI; -import java.security.SecureRandom; -import java.util.Arrays; -import java.util.List; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.testng.Assert; -import org.testng.annotations.Test; - -import com.google.api.client.auth.oauth2.AuthorizationCodeFlow; -import com.google.api.client.auth.oauth2.AuthorizationCodeRequestUrl; -import com.google.api.client.auth.oauth2.BearerToken; -import com.google.api.client.auth.oauth2.ClientParametersAuthentication; -import com.google.api.client.auth.oauth2.TokenResponse; -import com.google.api.client.auth.openidconnect.IdToken; -import com.google.api.client.extensions.java6.auth.oauth2.VerificationCodeReceiver; -import com.google.api.client.extensions.jetty.auth.oauth2.LocalServerReceiver; -import com.google.api.client.http.GenericUrl; -import com.google.api.client.http.HttpExecuteInterceptor; -import com.google.api.client.http.HttpTransport; -import com.google.api.client.http.javanet.NetHttpTransport; -import com.google.api.client.json.JsonFactory; -import com.google.api.client.json.jackson2.JacksonFactory; - -public class OAuth20GoogleClientTestCase { - - final static Logger log = LoggerFactory.getLogger(OAuth20GoogleClientTestCase.class); - - // private static FileDataStoreFactory DATA_STORE_FACTORY; - - // Global instance of the HTTP transport. - private static HttpTransport HTTP_TRANSPORT = new NetHttpTransport(); - // Global instance of the JSON factory. - private static final JsonFactory JSON_FACTORY = JacksonFactory.getDefaultInstance(); - - private static String ISS = "https://localhost/moa-id-auth/"; - - // base uri - //private static String OAUTH2_BASE_URI = ISS + "dispatcher"; - // auth action - //private static String OAUTH2_AUTH_URI = OAUTH2_BASE_URI + "?mod=id_oauth20&action=AUTH"; - private static String OAUTH2_AUTH_URI = ISS + "oauth2/auth"; - - // token action - //private static String OAUTH2_TOKEN_URI = OAUTH2_BASE_URI + "?mod=id_oauth20&action=TOKEN"; - private static String OAUTH2_TOKEN_URI = ISS + "oauth2/token"; - - // client id - private static String CLIENT_ID = "http://test"; - // client secret - private static String CLIENT_SECRET = "d435cf0a-3933-48f7-b142-339710c8f070"; - // OAuth 2.0 scopes - private static final List<String> SCOPES = Arrays.asList("profile", "eID", "eID_gov", "mandate"); - - // open browser for bku login - private void openURL(String url) { - Assert.assertNotNull(url); - log.info("Please open the following URL in your browser:"); - log.info(url); - if (Desktop.isDesktopSupported()) { - Desktop desktop = Desktop.getDesktop(); - if (desktop.isSupported(Action.BROWSE)) { - try { - desktop.browse(URI.create(url)); - return; - } - catch (IOException e) { - // handled below - } - } - } - - } - - private TokenResponse authorize() throws Exception { - // set up a receiver for the callback - VerificationCodeReceiver receiver = new LocalServerReceiver.Builder().setPort(59542).build(); - - // create AuthorizationCodeFlow - GenericUrl token_uri = new GenericUrl(OAUTH2_TOKEN_URI); - HttpExecuteInterceptor credentials = new ClientParametersAuthentication(CLIENT_ID, CLIENT_SECRET); - AuthorizationCodeFlow flow = new AuthorizationCodeFlow.Builder(BearerToken.queryParameterAccessMethod(), HTTP_TRANSPORT, - JSON_FACTORY, token_uri, credentials, CLIENT_ID, OAUTH2_AUTH_URI).setScopes(SCOPES).build(); - // .setDataStoreFactory(DATA_STORE_FACTORY) - - // create AuthorizationCodeRequestUrl - try { - String redirectUri = receiver.getRedirectUri(); - String state = new BigInteger(130, new SecureRandom()).toString(32); - AuthorizationCodeRequestUrl authorizationUrl = flow.newAuthorizationUrl().setRedirectUri(redirectUri).setState(state); - - // open in browser - this.openURL(authorizationUrl.build()); - - // receive authorization code and exchange it for an access token - String code = receiver.waitForCode(); - System.out.println(code); - TokenResponse response = flow.newTokenRequest(code).setRedirectUri(redirectUri).execute(); - return response; - } - finally { - // if anything fails, stop the receiver - receiver.stop(); - } - - } - - // eyJhbGciOiJSUzI1NiIsImtpZCI6IjEifQ.eyJpc3MiOiJodHRwczovL2xvY2FsaG9zdC9tb2EtaWQtYXV0aC8iLCJleHAiOi02MzE5MDMsInN1YiI6IncveThQY2pNTHBFTGZmUHRTSDNtbmd6M24rRVx1MDAzZCIsImJpcnRoZGF0ZSI6IjE5ODUtMDItMDEiLCJmYW1pbHlfbmFtZSI6IkhpZXNzIiwiZ2l2ZW5fbmFtZSI6Ik1pY2hhZWwiLCJpYXQiOi02MzIyMDN9.Z_jveITHlTtktPOOV3n_sMbg50YQ4YcOEcSUs_RJ-4FGedj1sVxk9gmlUQcBPfQaBrPgC6RoiPLTy8CKu2PBClEyv9c9HdzIGqBjWzaTSNASx_QL5bfG4EQ8VZmSEI9d0whzlaBgkUFNfhx-Q2ZVh-g8SJ-0JO0zFR18OSRNTxPTJ4PPl0APqn2H-98sU331_zQKiZxNOvl_6OG26VoIYwEuW5m_N5tsf4lLAlqYcdHR3iNTeu8AkAOvlEwv7Z3BeeOiP4u-OWuc6VusWBPxaI2NwmDIoorpyIxY-wEFb4CWICuyk61Wlq1SCNdl-f-ODwJBK3rlj0IMlYbAjKSB0g - private void verifyIdToken(TokenResponse response) throws Exception { - String id_token = (String) response.getUnknownKeys().get("id_token"); - log.info("going to parse id token: {}", id_token); - - IdToken idToken = IdToken.parse(JSON_FACTORY, id_token); - Assert.assertTrue(idToken.verifyIssuer(ISS)); - - log.info(idToken.getPayload().toPrettyString()); - log.info(idToken.getHeader().toPrettyString()); - - } - - @Test(enabled = false) - public void testServerFlow() throws Exception { - TokenResponse response = this.authorize(); - log.info(response.toPrettyString()); - - this.verifyIdToken(response); - } - -} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/OAuth20UtilTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/OAuth20UtilTest.java deleted file mode 100644 index 8e18adc08..000000000 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/OAuth20UtilTest.java +++ /dev/null @@ -1,70 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package test.at.gv.egovernment.moa.id.auth.oauth; - -import java.util.regex.Matcher; -import java.util.regex.Pattern; - -import org.testng.Assert; -import org.testng.annotations.Test; - -import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Util; - -public class OAuth20UtilTest { - - @Test - public void validateURL() { - Assert.assertTrue(OAuth20Util.isUrl("file:/D:/dev/work/exthex/workspace/OAuthTesting/resources/keys/test_keystore.jks")); - Assert.assertTrue(OAuth20Util.isUrl("https://www.google.at/")); - Assert.assertTrue(OAuth20Util.isUrl("http://test")); - Assert.assertTrue(OAuth20Util.isUrl("http://localhost:59542/Callback")); - - - Assert.assertFalse(OAuth20Util.isUrl("http://")); - Assert.assertFalse(OAuth20Util.isUrl("123http://test")); - Assert.assertFalse(OAuth20Util.isUrl("test")); - } - - @Test - public void validateState() { - // check state for invalid characters (like < > & ; ... javascript ... to prevent xss) - - Assert.assertFalse(OAuth20Util.isValidStateValue("javascript")); - Assert.assertFalse(OAuth20Util.isValidStateValue("<Test")); - Assert.assertFalse(OAuth20Util.isValidStateValue("Test>")); - Assert.assertFalse(OAuth20Util.isValidStateValue("Tas<est")); - Assert.assertFalse(OAuth20Util.isValidStateValue("Te>st")); - Assert.assertFalse(OAuth20Util.isValidStateValue("Tes&t")); - Assert.assertFalse(OAuth20Util.isValidStateValue("Tes;t")); - Assert.assertTrue(OAuth20Util.isValidStateValue("secure_state")); - } - - - @Test - public void testExp() { - Pattern urlPattern = Pattern.compile("/oauth2/auth\\?(.*)$", Pattern.CASE_INSENSITIVE); - Matcher matcher = urlPattern.matcher("https://localhost/moa-id-auth/oauth2/auth?client_id=http://test&redirect_uri=http://localhost:59542/Callback&response_type=code&scope=profile%20eID%20eID_gov%20mandate&state=7gfnabf112ogg9segnnrfpi83q"); - System.out.println(matcher.find()); - } - -} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/AllTests.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/AllTests.java deleted file mode 100644 index d293ff347..000000000 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/AllTests.java +++ /dev/null @@ -1,75 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -///* -// * Copyright 2003 Federal Chancellery Austria -// * MOA-ID has been developed in a cooperation between BRZ, the Federal -// * Chancellery Austria - ICT staff unit, and Graz University of Technology. -// * -// * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by -// * the European Commission - subsequent versions of the EUPL (the "Licence"); -// * You may not use this work except in compliance with the Licence. -// * You may obtain a copy of the Licence at: -// * http://www.osor.eu/eupl/ -// * -// * Unless required by applicable law or agreed to in writing, software -// * distributed under the Licence is distributed on an "AS IS" basis, -// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// * See the Licence for the specific language governing permissions and -// * limitations under the Licence. -// * -// * This product combines work with different licenses. See the "NOTICE" text -// * file for details on the various modules and licenses. -// * The "NOTICE" text file is part of the distribution. Any derivative works -// * that you distribute must include a readable copy of the "NOTICE" text file. -// */ -// -// -//package test.at.gv.egovernment.moa.id.auth.parser; -// -//import junit.awtui.TestRunner; -//import junit.framework.Test; -//import junit.framework.TestSuite; -// -///** -// * @author Paul Ivancsics -// * @version $Id$ -// */ -//public class AllTests { -// -// public static Test suite() { -// TestSuite suite = new TestSuite(); -// -// suite.addTestSuite(IdentityLinkAssertionParserTest.class); -// suite.addTestSuite(SAMLArtifactParserTest.class); -// -// return suite; -// } -// -// public static void main(String[] args) { -// try { -// TestRunner.run(AllTests.class); -// } catch (Exception e) { -// e.printStackTrace(); -// } -// } -//} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParserTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParserTest.java deleted file mode 100644 index 977764878..000000000 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParserTest.java +++ /dev/null @@ -1,179 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package test.at.gv.egovernment.moa.id.auth.parser; - -import iaik.security.rsa.RSAPublicKey; - -import java.io.FileOutputStream; -import java.io.RandomAccessFile; -import java.security.PublicKey; - -import org.w3c.dom.Document; - -import test.at.gv.egovernment.moa.id.UnitTestCase; -import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; -import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; -import at.gv.egovernment.moa.id.util.ECDSAKeyValueConverter; -import at.gv.egovernment.moa.util.Constants; -import at.gv.egovernment.moa.util.DOMUtils; - -/** - * @author Paul Ivancsics - * @version $Id$ - */ -public class IdentityLinkAssertionParserTest extends UnitTestCase { - - IdentityLinkAssertionParser ilap; - - public IdentityLinkAssertionParserTest(String name) { - super(name); - } - - public void setUp() { - try { - RandomAccessFile s = - new RandomAccessFile( - "data/test/xmldata/testperson1/InfoboxReadResponse.xml", - "r"); - byte[] b = new byte[(int) s.length()]; - s.read(b); - String xmlInfoboxReadResponse = new String(b, "UTF-8"); - - InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(xmlInfoboxReadResponse); - ilap = new IdentityLinkAssertionParser(irrp.parseSAMLAssertion()); - } - catch (Exception e) { - e.printStackTrace(); - } - } - -// public void testParseIdentityLink() throws Exception { -// IdentityLink idl = ilap.parseIdentityLink(); -// System.out.println(idl.getGivenName()); -// System.out.println(idl.getFamilyName()); -// System.out.println(idl.getDateOfBirth()); -// System.out.println(idl.getIdentificationValue()); -// -// VerifyXMLSignatureRequestBuilder vx = new VerifyXMLSignatureRequestBuilder(); -// -// // Element zur�ck bekommen: vx.build(idl.getSamlAssertion()); -// -// IdentityLinkValidator idVali = IdentityLinkValidator.getInstance(); -// idVali.validate(idl); -// -// } - -// public void testParseIdentityLinkECC() throws Exception { -// RandomAccessFile s = -// new RandomAccessFile( -// "data/test/xmldata/IL.ResponseToRequest.01.ECDSA.xml", -// "r"); -// byte[] b = new byte[(int) s.length()]; -// s.read(b); -// String xmlInfoboxReadResponse = new String(b); -// InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(xmlInfoboxReadResponse); -// String SAML = irrp.parseSAMLAssertion(); -// ilap = new IdentityLinkAssertionParser(SAML); -// IdentityLink idl = ilap.parseIdentityLink(); -// System.out.println(idl.getGivenName()); -// System.out.println(idl.getFamilyName()); -// System.out.println(idl.getDateOfBirth()); -// System.out.println(idl.getIdentificationValue()); -// -// VerifyXMLSignatureRequestBuilder vx = new VerifyXMLSignatureRequestBuilder(); -// -// // Element zur�ck bekommen: vx.build(idl.getSamlAssertion()); -// -// IdentityLinkValidator idVali = IdentityLinkValidator.getInstance(); -// idVali.validate(idl); -// -// } - - public void testRSAPublicKeys() throws Exception { - if (ilap.getPublicKeys()[0].getClass().getName().equals("iaik.security.rsa.RSAPublicKey")) - { - - for (int i = 0; i < ilap.getPublicKeys().length; i++) { - RSAPublicKey result = (RSAPublicKey)ilap.getPublicKeys()[i]; - System.out.println("RSA Public Key No" + i); - System.out.println("Modulus: " + result.getModulus()); - System.out.println("Exponent: " + result.getPublicExponent()); - } - - } - } - - public void testECDSAPublicKeys() throws Exception { - - RandomAccessFile s = - new RandomAccessFile( - "data/test/xmldata/ECDSAKeyExample.xml", - "r"); - byte[] b = new byte[(int) s.length()]; - s.read(b); - String ecdsaKey = new String(b, "UTF-8"); - Document e = DOMUtils.parseDocument(ecdsaKey,true,Constants.ALL_SCHEMA_LOCATIONS, null); - PublicKey p = ECDSAKeyValueConverter.element2ECDSAPublicKey(e.getDocumentElement()); - - } - - - public void testDsigCertificates() throws Exception { - - String[] result = ilap.getCertificates(); - for (int i = 0; i < result.length; i++) { - - System.out.println("DSIG Certificate Length: " + result[i].length() + " No" + i + "\n" + result[i]); - FileOutputStream raf = new FileOutputStream("data/test/certs/cert" + i + ".cer"); - raf.write(result[i].getBytes()); - raf.flush(); - raf.close(); - } - - } - -} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParserTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParserTest.java deleted file mode 100644 index 8d7dee597..000000000 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParserTest.java +++ /dev/null @@ -1,113 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package test.at.gv.egovernment.moa.id.auth.parser; - -import java.io.RandomAccessFile; - -import test.at.gv.egovernment.moa.id.UnitTestCase; - -import at.gv.egovernment.moa.id.auth.data.IdentityLink; -import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; -import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; - -/** - * @author Paul Ivancsics - * @version $Id$ - */ -public class InfoboxReadResponseParserTest extends UnitTestCase { - - IdentityLinkAssertionParser ilap; - - public InfoboxReadResponseParserTest(String name) { - super(name); - } - - public void setUp() { - } - - public void testParseInfoboxReadResponse() throws Exception { - RandomAccessFile s = - new RandomAccessFile( - "data/test/xmldata/testperson1/InfoboxReadResponse.xml", - "r"); - byte[] b = new byte[(int) s.length()]; - s.read(b); - String xmlInfoboxReadResponse = new String(b, "UTF-8"); - - InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(xmlInfoboxReadResponse); - ilap = new IdentityLinkAssertionParser(irrp.parseSAMLAssertion()); - - IdentityLink idl = ilap.parseIdentityLink(); - System.out.println(idl.getGivenName()); - System.out.println(idl.getFamilyName()); - System.out.println(idl.getDateOfBirth()); - System.out.println(idl.getIdentificationValue()); - - } - - public void testParseInfoboxReadResponseError() throws Exception { - RandomAccessFile s = - new RandomAccessFile( - "data/test/xmldata/ErrorResponse.xml", - "r"); - byte[] b = new byte[(int) s.length()]; - s.read(b); - String xmlInfoboxReadResponse = new String(b, "UTF-8"); - - InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(xmlInfoboxReadResponse); - ilap = new IdentityLinkAssertionParser(irrp.parseSAMLAssertion()); - - IdentityLink idl = ilap.parseIdentityLink(); - System.out.println(idl.getGivenName()); - System.out.println(idl.getFamilyName()); - System.out.println(idl.getDateOfBirth()); - System.out.println(idl.getIdentificationValue()); - - } - - -} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java deleted file mode 100644 index 961c8d0b5..000000000 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java +++ /dev/null @@ -1,101 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package test.at.gv.egovernment.moa.id.auth.parser; - -import at.gv.egovernment.moa.id.auth.builder.SAMLArtifactBuilder; -import at.gv.egovernment.moa.id.auth.parser.SAMLArtifactParser; -import at.gv.egovernment.moa.id.util.Random; -import test.at.gv.egovernment.moa.id.UnitTestCase; - -/* - * @author Paul Ivancsics - * @version $Id$ - */ -public class SAMLArtifactParserTest extends UnitTestCase { - - private static String URL1 = "http://moa.gv.at/auth"; - private static String URL2 = "https://moa.gv.at/auth"; - - public SAMLArtifactParserTest(String name) { - super(name); - } - - public void testParseTypeCode() throws Exception { - String sessionID = Random.nextRandom(); - String samlArtifact = new SAMLArtifactBuilder().build(URL1, sessionID, null); - byte[] typeCode = new SAMLArtifactParser(samlArtifact).parseTypeCode(); - assertEquals(typeCode[0], 0); - assertEquals(typeCode[1], 1); - } - public void testParseAssertionHandleSameSessionID() throws Exception { - // SAML artifacts for different authURL's but same sessionID MUST give same assertion handle - String sessionID = Random.nextRandom(); - String samlArtifact1 = new SAMLArtifactBuilder().build(URL1, sessionID, null); - String samlArtifact2 = new SAMLArtifactBuilder().build(URL2, sessionID, null); - String assertionHandle1 = new SAMLArtifactParser(samlArtifact1).parseAssertionHandle(); - String assertionHandle2 = new SAMLArtifactParser(samlArtifact2).parseAssertionHandle(); - assertEquals(assertionHandle1, assertionHandle2); - } - public void testParseAssertionHandleSameURL() throws Exception { - // SAML artifacts for same authURL but different sessionID's MUST give different assertion handles - String sessionID1 = Random.nextRandom(); - String sessionID2 = Random.nextRandom(); - String samlArtifact1 = new SAMLArtifactBuilder().build(URL1, sessionID1, null); - String samlArtifact2 = new SAMLArtifactBuilder().build(URL1, sessionID2, null); - String assertionHandle1 = new SAMLArtifactParser(samlArtifact1).parseAssertionHandle(); - String assertionHandle2 = new SAMLArtifactParser(samlArtifact2).parseAssertionHandle(); - assertFalse(assertionHandle1.equals(assertionHandle2)); - } - public void testParseAssertionHandleSameSAMLArtifact() throws Exception { - // SAML artifact parsed twice MUST give same assertion handle each time - String sessionID = Random.nextRandom(); - String samlArtifact = new SAMLArtifactBuilder().build(URL1, sessionID, null); - String assertionHandle1 = new SAMLArtifactParser(samlArtifact).parseAssertionHandle(); - String assertionHandle2 = new SAMLArtifactParser(samlArtifact).parseAssertionHandle(); - assertEquals(assertionHandle1, assertionHandle2); - } -} |