diff options
Diffstat (limited to 'id/server/idserverlib/src/test')
43 files changed, 6427 insertions, 0 deletions
diff --git a/id/server/idserverlib/src/test/java/test/MOAIDTestCase.java b/id/server/idserverlib/src/test/java/test/MOAIDTestCase.java new file mode 100644 index 000000000..f2f06cbf0 --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/MOAIDTestCase.java @@ -0,0 +1,227 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test; + +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.io.InputStream; + +import javax.xml.transform.TransformerException; + +import org.w3c.dom.Element; + +import at.gv.egovernment.moa.util.Constants; +import at.gv.egovernment.moa.util.DOMUtils; +import at.gv.egovernment.moa.util.FileUtils; +import at.gv.egovernment.moa.util.StreamUtils; +import at.gv.egovernment.moa.util.XPathUtils; + +import iaik.ixsil.algorithms.Transform; +import iaik.ixsil.algorithms.TransformImplExclusiveCanonicalXML; +import iaik.ixsil.exceptions.AlgorithmException; +import iaik.ixsil.exceptions.InitException; +import iaik.ixsil.exceptions.URIException; +import iaik.ixsil.init.IXSILInit; +import iaik.ixsil.util.URI; +import test.at.gv.egovernment.moa.MOATestCase; + +/* + * @author Paul Ivancsics + * @version $Id$ + */ +public class MOAIDTestCase extends MOATestCase implements Constants { + + public static final String XML_DECL = + "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>"; + protected static final String nl = "\n"; + + public MOAIDTestCase(String name) { + super(name); + } + + protected void initIxsil() throws InitException, URIException { + IXSILInit.init(new URI("init/properties/init.properties")); + // Switch on debug information + IXSILInit.setPrintDebugLog(true); + } + //STRING <==> STRING + protected void assertXmlEquals(String xml1, String xml2) + throws AlgorithmException, IOException, InitException, URIException{ + initIxsil(); + String canXml1 = canonicalTransform(xml1); + String canXml2 = canonicalTransform(xml2); + assertEquals(canXml1, canXml2); } + // ELEMENT <==> ELEMENT + protected void assertXmlEquals(Element xml1, Element xml2) + throws AlgorithmException, IOException, InitException , URIException, TransformerException{ + initIxsil(); + assertEquals(canonicalTransform(DOMUtils.serializeNode(xml1)),canonicalTransform(DOMUtils.serializeNode(xml2))); + } + // INPUTSTREAM <==> INPUTSTREAM + protected void assertXmlEquals(InputStream xml1, InputStream xml2) + throws AlgorithmException, IOException, InitException , URIException{ + initIxsil(); + assertEquals(canonicalTransform(xml1),canonicalTransform(xml2)); + } + // ELEMENT <==> STRING + protected void assertXmlEquals(Element xml1, String xml2) + throws AlgorithmException, IOException, InitException , URIException, TransformerException { + initIxsil(); + assertEquals(canonicalTransform(xml1),canonicalTransform(xml2)); + } + // ELEMENT <==> INPUTSTREAM + protected void assertXmlEquals(Element xml1, InputStream xml2) + throws AlgorithmException, IOException, InitException , URIException, TransformerException{ + initIxsil(); + assertEquals(canonicalTransform(xml1),canonicalTransform(xml2)); + } + // STRING <==> INPUTSTREAM + protected void assertXmlEquals(String xml1, InputStream xml2) + throws AlgorithmException, IOException, InitException , URIException{ + initIxsil(); + assertEquals(canonicalTransform(xml1),canonicalTransform(xml2)); + } + + /** + * Method canonicalTransform. + * @param input as STRING + * @return String + */ + protected String canonicalTransform(String input) + throws AlgorithmException, IOException { + + Transform tr = new TransformImplExclusiveCanonicalXML(); + InputStream s = new ByteArrayInputStream(input.getBytes("UTF-8")); + tr.setInput(s, null); + ByteArrayInputStream transResult = (ByteArrayInputStream) tr.transform(); + return killWhiteSpace(readString(transResult)); + } + /** + * Method canonicalTransform. + * @param input as Element + * @return String + */ + protected String canonicalTransform(Element input) + throws AlgorithmException, IOException { + + Transform tr = new TransformImplExclusiveCanonicalXML(); + tr.setInput(XPathUtils.selectNodeList(input, XPathUtils.ALL_NODES_XPATH), null); + ByteArrayInputStream transResult = (ByteArrayInputStream) tr.transform(); + + return killWhiteSpace(readString(transResult)); + } + + /** + * Method canonicalTransform. + * @param input as InputStream + * @return String + */ + protected String canonicalTransform(InputStream input) + throws AlgorithmException, IOException { + + Transform tr = new TransformImplExclusiveCanonicalXML(); tr.setInput(input, null); + ByteArrayInputStream transResult = (ByteArrayInputStream) tr.transform(); + + return killWhiteSpace(readString(transResult)); + } + + public static String killWhiteSpace(String input) + { + int start=0; + int ende; + String result; + String middle; + result = input; + do { + start = result.indexOf(">", start); + ende = result.indexOf("<", start); + middle = result.substring(start+1,ende).trim(); + result = result.substring(0,start+1) +middle + result.substring(ende,result.length()); + start++; + } while (result.indexOf("<", ende + 1)>0); + + return result; + } + + /** + * Method killExclusive.: The values startsWith and endsWith will be included into the answer. + * @param input + * @param startsWith + * @param endsWith + * @param newValue + * @return String + */ + public static String killExclusive(String input, String startsWith, String endsWith, String newValue) + { + int start=0; + int ende; + String result; + result = input; + do { + start = result.indexOf(startsWith, start) + startsWith.length(); + ende = result.indexOf(endsWith, start); + result = result.substring(0,start) + newValue + result.substring(ende,result.length()); + start++; + } while (result.indexOf(startsWith, ende + 1)>0); + + return result; + } + + /** + * Method killInclusive. : The values startsWith and endsWith will NOT be included into the answer. + * @param input + * @param startsWith + * @param endsWith + * @param newValue + * @return String + */ + public static String killInclusive(String input, String startsWith, String endsWith, String newValue) + { + int start=0; + int ende; + String result; + result = input; + do { + start = result.indexOf(startsWith, start) + startsWith.length(); + ende = result.indexOf(endsWith, start); + result = result.substring(0,start - startsWith.length() ) + newValue + result.substring(ende + endsWith.length(),result.length()); + start++; + } while (result.indexOf(startsWith, ende + 1)>0); + + return result; + } + + protected String readFile(String filename) throws IOException { + return readFile(filename, "UTF-8"); + } + protected String readFile(String filename, String encoding) throws IOException { + return FileUtils.readFile(filename, encoding); + } + protected String readString(InputStream input) throws IOException + { + return StreamUtils.readStream(input, "UTF-8"); + } + +} diff --git a/id/server/idserverlib/src/test/java/test/abnahme/A/Test100StartAuthentication.java b/id/server/idserverlib/src/test/java/test/abnahme/A/Test100StartAuthentication.java new file mode 100644 index 000000000..818773794 --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/abnahme/A/Test100StartAuthentication.java @@ -0,0 +1,200 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.abnahme.A; + +import test.abnahme.AbnahmeTestCase; +import at.gv.egovernment.moa.id.AuthenticationException; +import at.gv.egovernment.moa.id.auth.WrongParametersException; + +/** + * @author Stefan Knirsch + * @version $Id$ + * + */ +public class Test100StartAuthentication extends AbnahmeTestCase { + + public Test100StartAuthentication(String name) { + super(name); + } + + public void testA101() throws Exception { + try { + String htmlForm = server.startAuthentication("https://localhost:8443/auth", //authURL + "gb", //target + null, + "http://localhost:9080/", //oaURL + "file:" + findXmldata("AuthTemplate.html"), + "http://localhost:3495/http-security-layer-request", + null, null, null, null); + htmlForm = killExclusive(htmlForm, "MOASessionID=","\"","DELETED"); + //writeXmldata("htmlForm_out.html",htmlForm.getBytes("UTF-8")); + assertEquals(readXmldata("htmlForm.html"),htmlForm); + System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA102() throws Exception { + try { + String htmlForm = server.startAuthentication("https://localhost:8443/auth", //authURL + "gb", //target + null, + "http://localhost:9080/", //oaURL + null, + "http://localhost:3495/http-security-layer-request", null, null, null, null); + htmlForm = killExclusive(htmlForm, "MOASessionID=","\"","DELETED"); + //writeXmldata("htmlForm_out.html",htmlForm.getBytes("UTF-8")); + assertEquals(readXmldata("htmlForm.html"),htmlForm); + + System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA103() throws Exception { + try { + String htmlForm = server.startAuthentication("https://localhost:8443/auth", //authURL + "gb", //target + null, + "http://localhost:9080/", //oaURL + "file:" + findXmldata("AuthTemplate.html"), + null, + null, + null, null, null); + htmlForm = killExclusive(htmlForm, "MOASessionID=","\"","DELETED"); + //writeXmldata("htmlForm_out.html",htmlForm.getBytes("UTF-8")); + assertEquals(readXmldata("htmlForm.html"),htmlForm); + System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA151() throws Exception { + try { + try { + server.startAuthentication(null, //authURL + "gb", //target + null, + "http://localhost:9080/", //oaURL + null, null, null, null, null, null); + //assertEquals("",htmlForm); + System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); + fail(this.getName() + " hat KEINE FEHLER geworfen"); + } + catch (WrongParametersException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA152() throws Exception { + try { + try { + server.startAuthentication("http://localhost:8080/auth", //authURL + "gb", null, "http://localhost:9080/", //oaURL + null, null, null, null, null, null); + System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); + fail(this.getName() + " hat KEINE FEHLER geworfen"); + } + catch (AuthenticationException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA153() throws Exception { + try { + try { + server.startAuthentication("https://localhost:8443/auth", //authURL + "gb", null, "http://host_not_in_config/", //oaURL + null, null, null, null, null, null); + System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); + fail(this.getName() + " hat KEINE FEHLER geworfen"); + } + catch (AuthenticationException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA154() throws Exception { + try { + try { + server.startAuthentication("https://localhost:8443/auth", //authURL + "gb", null, null, //oaURL + null, null, null, null, null, null); + System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); + fail(this.getName() + " hat KEINE FEHLER geworfen"); + } + catch (WrongParametersException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA155() throws Exception { + try { + try { + server.startAuthentication("https://localhost:8443/auth", //authURL + null, null, "http://localhost:9080/", //oaURL + null, null, null, null, null, null); + System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); + fail(this.getName() + " hat KEINE FEHLER geworfen"); + } + catch (WrongParametersException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + //assertEquals("",htmlForm); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + +} diff --git a/id/server/idserverlib/src/test/java/test/abnahme/A/Test200VerifyIdentityLink.java b/id/server/idserverlib/src/test/java/test/abnahme/A/Test200VerifyIdentityLink.java new file mode 100644 index 000000000..9a6058370 --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/abnahme/A/Test200VerifyIdentityLink.java @@ -0,0 +1,393 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.abnahme.A; + +import java.util.HashMap; +import java.util.Vector; + +import org.w3c.dom.Element; + +import test.abnahme.AbnahmeTestCase; +import at.gv.egovernment.moa.id.AuthenticationException; +import at.gv.egovernment.moa.id.ParseException; +import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; +import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; +import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; +import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; +import at.gv.egovernment.moa.id.auth.validator.ValidateException; +import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; + +/** + * @author Stefan Knirsch + * @version $Id$ + * + */ +public class Test200VerifyIdentityLink extends AbnahmeTestCase { + + public Test200VerifyIdentityLink(String name) { + super(name); + } + + public void testA201() throws Exception { + try { + String sessionID = startAuthentication(); + System.out.println(sessionID); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + HashMap parameters = new HashMap(1); + parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); + String createXMLSignatureRequest = server.verifyIdentityLink(sessionID, parameters); + + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); + IdentityLink idl = irrp.parseIdentityLink(); + Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); + Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); + + VerifyXMLSignatureResponseParser respParser = new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); + VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames(), VerifyXMLSignatureResponseValidator.CHECK_IDENTITY_LINK, true); + + /* + * HINWEIS: clearSamlAssertion löscht aus einer beliebiegen String-Repräsentation einer XML-Struktur + * AUSSLIESSLICH die Attribute IssueInstand und die AssertionID heraus, von dem her ist diese + * Method hier verwendbar + */ + + assertXmlEquals(clearSamlAssertion(readXmldata("CreateXMLSignatureRequest.xml")), clearSamlAssertion(createXMLSignatureRequest)); + System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + + } + public void testA251() throws Exception { + try { + startAuthentication(); + String sessionID = "0"; + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + + try { + HashMap parameters = new HashMap(1); + parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); + server.verifyIdentityLink(sessionID, parameters); + System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); + fail(this.getName() + " hat KEINE FEHLER geworfen"); + } + catch (AuthenticationException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA252() throws Exception { + try { + String sessionID = startAuthentication(); + + server.setSecondsSessionTimeOut(-100); + server.cleanup(); + server.setSecondsSessionTimeOut(1000); + + System.out.println(sessionID); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + try { + HashMap parameters = new HashMap(1); + parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); + server.verifyIdentityLink(sessionID, parameters); + System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); + fail(this.getName() + " hat KEINE FEHLER geworfen"); + } + catch (AuthenticationException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA253() throws Exception { + try { + String sessionID = startAuthentication(); + System.out.println(sessionID); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + try { + HashMap parameters = new HashMap(1); + parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); + server.verifyIdentityLink(sessionID, parameters); + System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); + fail(this.getName() + " hat KEINE FEHLER geworfen"); + } + catch (AuthenticationException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA254() throws Exception { + try { + String sessionID = startAuthentication(); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + try { + HashMap parameters = new HashMap(1); + parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); + server.verifyIdentityLink(sessionID, parameters); + System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); + fail(this.getName() + " hat KEINE FEHLER geworfen"); + } + catch (ValidateException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA255() throws Exception { + try { + String sessionID = startAuthentication(); + System.out.println(sessionID); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + try { + HashMap parameters = new HashMap(1); + parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); + server.verifyIdentityLink(sessionID, parameters); + } + catch (ParseException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA256() throws Exception { + try { + String sessionID = startAuthentication(); + System.out.println(sessionID); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + try { + HashMap parameters = new HashMap(1); + parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); + server.verifyIdentityLink(sessionID, parameters); + } + catch (ValidateException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA257() throws Exception { + try { + String sessionID = startAuthentication(); + System.out.println(sessionID); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + try { + HashMap parameters = new HashMap(1); + parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); + server.verifyIdentityLink(sessionID, parameters); + System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); + fail(this.getName() + " hat KEINE FEHLER geworfen"); + + } + catch (ValidateException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA258() throws Exception { + try { + String sessionID = startAuthentication(); + System.out.println(sessionID); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + try { + HashMap parameters = new HashMap(1); + parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); + server.verifyIdentityLink(sessionID, parameters); + System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); + fail(this.getName() + " hat KEINE FEHLER geworfen"); + } + catch (ValidateException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA259() throws Exception { + try { + String sessionID = startAuthentication(); + System.out.println(sessionID); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + try { + HashMap parameters = new HashMap(1); + parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); + server.verifyIdentityLink(sessionID, parameters); + System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); + fail(this.getName() + " hat KEINE FEHLER geworfen"); + } + catch (ValidateException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA260() throws Exception { + try { + String sessionID = startAuthentication(); + System.out.println(sessionID); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + try { + HashMap parameters = new HashMap(1); + parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); + server.verifyIdentityLink(sessionID, parameters); + System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); + fail(this.getName() + " hat KEINE FEHLER geworfen"); + } + catch (ValidateException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA261() throws Exception { + try { + String sessionID = startAuthentication(); + System.out.println(sessionID); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + + try { + HashMap parameters = new HashMap(1); + parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); + server.verifyIdentityLink(sessionID, parameters); + System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); + fail(this.getName() + " hat KEINE FEHLER geworfen"); + } + catch (ValidateException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA262() throws Exception { + try { + String sessionID = startAuthentication(); + System.out.println(sessionID); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + new InfoboxReadResponseParser(infoboxReadResponse).parseIdentityLink(); + // System.out.println(infoboxReadResponse); + + try { + HashMap parameters = new HashMap(1); + parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); + server.verifyIdentityLink(sessionID, parameters); + System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); + fail(this.getName() + " hat KEINE FEHLER geworfen"); + } + catch (ValidateException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA263() throws Exception { + try { + String sessionID = startAuthentication(); + System.out.println(sessionID); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + HashMap parameters = new HashMap(1); + parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); + server.verifyIdentityLink(sessionID, parameters); + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); + IdentityLink idl = irrp.parseIdentityLink(); + Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); + Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); + + VerifyXMLSignatureResponseParser respParser = new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); + + // String createXMLSignatureRequest = server.verifyIdentityLink(sessionID, infoboxReadResponse); + // System.out.println(createXMLSignatureRequest); + // String createXMLSignatureResponse = readFile(TESTDATA_ROOT + "xmldata/standard/"+"CreateXMLSignatureResponse.xml"); + // String samlArtifact = server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); + Vector identityLinkSigners = new Vector(); + identityLinkSigners.add("CN=TEST,OU=TEST,O=TEST,C=AT"); + try { + VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), identityLinkSigners, VerifyXMLSignatureResponseValidator.CHECK_IDENTITY_LINK, true); + System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); + fail(this.getName() + " hat KEINE FEHLER geworfen"); + } + catch (ValidateException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } +} diff --git a/id/server/idserverlib/src/test/java/test/abnahme/A/Test300VerifyAuthBlock.java b/id/server/idserverlib/src/test/java/test/abnahme/A/Test300VerifyAuthBlock.java new file mode 100644 index 000000000..a71fe0181 --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/abnahme/A/Test300VerifyAuthBlock.java @@ -0,0 +1,633 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.abnahme.A; + +import java.util.Calendar; +import java.util.HashMap; + +import org.w3c.dom.Element; +import test.abnahme.AbnahmeTestCase; + +import at.gv.egovernment.moa.id.AuthenticationException; +import at.gv.egovernment.moa.id.BuildException; +import at.gv.egovernment.moa.id.ParseException; +import at.gv.egovernment.moa.id.auth.AuthenticationServer; +import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataAssertionBuilder; +import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder; +import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; +import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; +import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; +import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; +import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser; +import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; +import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; +import at.gv.egovernment.moa.id.auth.validator.CreateXMLSignatureResponseValidator; +import at.gv.egovernment.moa.id.auth.validator.ValidateException; +import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator; +import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.data.AuthenticationData; +import at.gv.egovernment.moa.id.util.Random; +import at.gv.egovernment.moa.util.DOMUtils; +import at.gv.egovernment.moa.util.DateTimeUtils; + +/** + * @author Stefan Knirsch + * @version $Id$ + * + */ + +public class Test300VerifyAuthBlock extends AbnahmeTestCase { + + public Test300VerifyAuthBlock(String name) { + super(name); + } + + public void testA301() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServer(sessionID); + //authDataWriter(authData,this.getName()+"new.xml"); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA302() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServer(sessionID); + //authDataWriter(authData,this.getName()+"new.xml"); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA303() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServer(sessionID); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA304() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServer(sessionID); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA305() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServer(sessionID); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA306() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServer(sessionID); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA307() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServer(sessionID); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA308() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServer(sessionID); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + + } + + public void testA309() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA310() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA311() throws Exception { + try { + String sessionID = startAuthentication(); + AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID); + assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA351() throws Exception { + try { + String sessionID = startAuthentication(); + System.out.println(sessionID); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + HashMap parameters = new HashMap(1); + parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); + server.verifyIdentityLink(sessionID, parameters); + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); + IdentityLink idl = irrp.parseIdentityLink(); + Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); + Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); + new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); + //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); + // System.out.println(createXMLSignatureRequest); + String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); + + // nicht existierende Session.... + try { + server.verifyAuthenticationBlock("0", createXMLSignatureResponse); + fail(); + } + catch (AuthenticationException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA352() throws Exception { + try { + String sessionID = startAuthentication(); + System.out.println(sessionID); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + HashMap parameters = new HashMap(1); + parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); + server.verifyIdentityLink(sessionID, parameters); + server.setSecondsSessionTimeOut(-100); + server.cleanup(); + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); + IdentityLink idl = irrp.parseIdentityLink(); + Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); + Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); + new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); + //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); + // System.out.println(createXMLSignatureRequest); + String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); + + // abgelaufene Session.... + server.setSecondsSessionTimeOut(1000); + try { + server.verifyAuthenticationBlock("0", createXMLSignatureResponse); + fail(); + } + catch (AuthenticationException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA353() throws Exception { + try { + String sessionID = startAuthentication(); + System.out.println(sessionID); + + String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); + + // Session for VerifyIdentityLink-Aufruf + try { + + server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); + fail(); + } + //NOCH SEHR UNSCHÖN..... (fliegt raus im AuthenticationServer, Methode buildAuthenticationData + // ( IdentityLink identityLink = session.getIdentityLink(); ==> liefert dann NULL... + catch (NullPointerException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA354() throws Exception { + try { + String sessionID = startAuthentication(); + System.out.println(sessionID); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + HashMap parameters = new HashMap(1); + parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); + server.verifyIdentityLink(sessionID, parameters); + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); + IdentityLink idl = irrp.parseIdentityLink(); + Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); + Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); + new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); + //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); + // System.out.println(createXMLSignatureRequest); + String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); + + // nicht existierende Session.... + + server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); + try { + server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); + fail(); + } + catch (AuthenticationException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA355() throws Exception { + try { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ParseException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA356() throws Exception { + try { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ParseException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA357() throws Exception { + try { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ValidateException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA358() throws Exception { + try { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ValidateException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA359() throws Exception { + try { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ValidateException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA360() throws Exception { + try { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ValidateException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA361() throws Exception { + try { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ValidateException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA362() throws Exception { + try { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ValidateException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA363() throws Exception { + try { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ValidateException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA364() throws Exception { + try { + String sessionID = startAuthentication(); + try { + + initServer(sessionID); + fail(); + } + catch (ValidateException e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + /* public void testA365() throws Exception { + String sessionID = startAuthentication(); + try { + // wegen sinnlosigkeit gestrichen + initServer(sessionID); + fail(); + } + catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");} + }*/ + + public void testA366() throws Exception { + + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");} + } + public void testA367() throws Exception { + String sessionID = startAuthentication(); + try { + initServer(sessionID); + fail(); + } + catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");} + } + + + private AuthenticationData initServer(String sessionID) throws Exception { + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + HashMap parameters = new HashMap(1); + parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); + server.verifyIdentityLink(sessionID, parameters); + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); + IdentityLink idl = irrp.parseIdentityLink(); + Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, "TrustProfile1"); + Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); + new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); + //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); + // System.out.println(createXMLSignatureRequest); + String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); + // CreateXMLSignatureResponseValidator.getInstance().validate(new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(),"gb","https://localhost:9443/"); + String samlArtifact = server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); + AuthenticationData authData = server.getAuthenticationData(samlArtifact); + return authData; + } + + private AuthenticationData initServerWithoutValidateAuthBlock(String sessionID) throws Exception { + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + HashMap parameters = new HashMap(1); + parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); + server.verifyIdentityLink(sessionID, parameters); + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); + IdentityLink idl = irrp.parseIdentityLink(); + Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, "TrustProfile1"); + Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); + new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); + //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); + // System.out.println(createXMLSignatureRequest); + String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); + // CreateXMLSignatureResponseValidator.getInstance().validate(new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(),"gb","https://localhost:9443/"); + + AuthenticationSession session = AuthenticationServer.getSession(sessionID); + AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance(); + // parses <CreateXMLSignatureResponse> + CreateXMLSignatureResponse csresp = + new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(); + // validates <CreateXMLSignatureResponse> + new CreateXMLSignatureResponseValidator().validate(csresp, session); + // builds a <VerifyXMLSignatureRequest> for a MOA-SPSS call + String[] vtids = authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs(); + String tpid = authConf.getMoaSpAuthBlockTrustProfileID(); + Element domVsreq = new VerifyXMLSignatureRequestBuilder().build(csresp, vtids, tpid); + // invokes the call + Element domVsresp = new SignatureVerificationInvoker().verifyXMLSignature(domVsreq); + // parses the <VerifyXMLSignatureResponse> + VerifyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponseParser(domVsresp).parseData(); + // validates the <VerifyXMLSignatureResponse> + VerifyXMLSignatureResponseValidator.getInstance().validate(vsresp, null, VerifyXMLSignatureResponseValidator.CHECK_AUTH_BLOCK, true); + // compares the public keys from the identityLink with the AuthBlock + + // builds authentication data and stores it together with a SAML artifact + AuthenticationData authData = buildAuthenticationData(session, vsresp); + return authData; + } + private AuthenticationData buildAuthenticationData( + AuthenticationSession session, + VerifyXMLSignatureResponse verifyXMLSigResp) + throws ConfigurationException, BuildException { + + IdentityLink identityLink = session.getIdentityLink(); + AuthenticationData authData = new AuthenticationData(); + authData.setMajorVersion(1); + authData.setMinorVersion(0); + authData.setAssertionID(Random.nextRandom()); + authData.setIssuer(session.getAuthURL()); + authData.setIssueInstant(DateTimeUtils.buildDateTime(Calendar.getInstance(), false)); + String vpkBase64 = new BPKBuilder().buildBPK( + identityLink.getIdentificationValue(), session.getTarget()); + authData.setBPK(vpkBase64); + authData.setGivenName(identityLink.getGivenName()); + authData.setFamilyName(identityLink.getFamilyName()); + authData.setDateOfBirth(identityLink.getDateOfBirth()); + authData.setQualifiedCertificate(verifyXMLSigResp.isQualifiedCertificate()); + authData.setPublicAuthority(verifyXMLSigResp.isPublicAuthority()); + authData.setPublicAuthorityCode(verifyXMLSigResp.getPublicAuthorityCode()); + OAAuthParameter oaParam = + AuthConfigurationProvider.getInstance().getOnlineApplicationParameter( + session.getPublicOAURLPrefix()); + String prPerson = new PersonDataBuilder().build( + identityLink, oaParam.getProvideStammzahl()); + + try { + String ilAssertion = + oaParam.getProvideIdentityLink() ? DOMUtils.serializeNode(identityLink.getSamlAssertion()) : ""; + String authBlock = oaParam.getProvideAuthBlock() ? session.getAuthBlock() : ""; + String samlAssertion = new AuthenticationDataAssertionBuilder().build( + authData, prPerson, authBlock, ilAssertion, session.getBkuURL(), "", false, null); + authData.setSamlAssertion(samlAssertion); + return authData; + } + catch (Throwable ex) { + throw new BuildException( + "builder.00", + new Object[] { "AuthenticationData", ex.getMessage() }, + ex); + } + } +} diff --git a/id/server/idserverlib/src/test/java/test/abnahme/A/Test400GetAuthenticationData.java b/id/server/idserverlib/src/test/java/test/abnahme/A/Test400GetAuthenticationData.java new file mode 100644 index 000000000..370949ac4 --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/abnahme/A/Test400GetAuthenticationData.java @@ -0,0 +1,161 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.abnahme.A; + +import java.util.HashMap; + +import org.w3c.dom.Element; +import test.abnahme.AbnahmeTestCase; + +import at.gv.egovernment.moa.id.AuthenticationException; +import at.gv.egovernment.moa.id.auth.AuthenticationServer; +import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; +import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser; +import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; +import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; +import at.gv.egovernment.moa.id.auth.validator.CreateXMLSignatureResponseValidator; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.data.AuthenticationData; + +/** + * @author Stefan Knirsch + * @version $Id$ + */ + +public class Test400GetAuthenticationData extends AbnahmeTestCase { + + private String samlArtifact; + + public Test400GetAuthenticationData(String name) { + super(name); + } + + protected void setUp() throws Exception { + super.setUp(); + String sessionID = startAuthentication(); + AuthenticationSession session = AuthenticationServer.getSession(sessionID); + String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); + HashMap parameters = new HashMap(1); + parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); + server.verifyIdentityLink(sessionID, parameters); + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); + IdentityLink idl = irrp.parseIdentityLink(); + Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); + Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); + new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); + //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); + // System.out.println(createXMLSignatureRequest); + String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); + CreateXMLSignatureResponseValidator.getInstance().validate(new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(), session); + samlArtifact = server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); + } + + public void testA401() throws Exception { + try { + + AuthenticationData authData = server.getAuthenticationData(samlArtifact); +// authDataWriter(authData,"NEWA401"); + assertXmlEquals(clearSamlAssertion(authData.getSamlAssertion()), readXmldata("AuthenticationData.xml")); + System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA451() throws Exception { + try { + try { + AuthenticationData authData = server.getAuthenticationData("AAGu1JFbyGKqJ+3NAonwMu5bNyUc7kooeMK6bxeXBbnK6NL0DfuVJsGi"); + authDataWriter(authData, "A45"); + if (authData != null) + fail(); + } + catch (AuthenticationException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA452() throws Exception { + try { + server.getAuthenticationData(samlArtifact); + try { + server.getAuthenticationData(samlArtifact); + fail(); + } + catch (AuthenticationException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA453() throws Exception { + try { + server.setSecondsAuthDataTimeOut(-1000); + server.cleanup(); + try { + server.getAuthenticationData(samlArtifact); + fail(); + } + catch (AuthenticationException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA454() throws Exception { + try { + try { + server.getAuthenticationData("blabla123"); + fail(); + } + catch (AuthenticationException e) { + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + +} diff --git a/id/server/idserverlib/src/test/java/test/abnahme/A/Test500StartAuthenticationServlet.java b/id/server/idserverlib/src/test/java/test/abnahme/A/Test500StartAuthenticationServlet.java new file mode 100644 index 000000000..2445985ce --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/abnahme/A/Test500StartAuthenticationServlet.java @@ -0,0 +1,329 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.abnahme.A; + +import java.io.OutputStream; +import java.net.URL; +import java.security.Security; + +import javax.net.ssl.SSLSocketFactory; + +import test.abnahme.AbnahmeTestCase; + +import at.gv.egovernment.moa.util.StreamUtils; +import at.gv.egovernment.moa.util.URLEncoder; + +import com.sun.net.ssl.HostnameVerifier; +import com.sun.net.ssl.HttpsURLConnection; + +/** + * @author Stefan Knirsch + * @version $Id$ + * + */ +public class Test500StartAuthenticationServlet extends AbnahmeTestCase { + + private String testdataRoot = TESTDATA_ROOT + "xmldata/standard/"; + SSLSocketFactory ssf; + public Test500StartAuthenticationServlet(String name) { + super(name); + } + protected void setUp() throws Exception { + super.setUp(); + Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); + System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol"); + System.setProperty("javax.net.ssl.trustStore", "C:/Programme/ApacheGroup/abnahme/server.keystore"); + System.setProperty("javax.net.ssl.trustStorePassword", "changeit"); + } + + public void testA501() throws Exception { + //NUR einmal für alle folgenden Testfälle + //---------------------------------------- + + //---------------------------------------- + + try { + String targetURL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); + HttpsURLConnection conn = giveConnection(targetURL, "GET"); + conn.connect(); + int resultCode = conn.getResponseCode(); + String contentType = conn.getHeaderField("Content-Type"); + if (resultCode != 200) + fail("Wrong HTTP-Code"); + if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/html")) + fail("Wrong contentType: expected text/html and was " + conn.getHeaderField("Content-Type")); + conn.disconnect(); + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA502() throws Exception { + try { + String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); + HttpsURLConnection conn = giveConnection(URL, "GET"); + conn.connect(); + int resultCode = conn.getResponseCode(); + String contentType = conn.getHeaderField("Content-Type"); + if (resultCode != 200) + fail("Wrong HTTP-Code: expected '200' and was '" + resultCode + "'"); + if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/html")) + fail("Wrong contentType: expected text/html and was " + conn.getHeaderField("Content-Type")); + String result = new String(StreamUtils.readStream(conn.getInputStream())); + + conn.disconnect(); + + URL = parseDataURL(result); + conn = giveConnection(URL, "POST"); + conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); + + String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); + System.out.println("File gelesen, Daten in Outputstream einpflegen"); + OutputStream out = conn.getOutputStream(); + out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes("UTF-8")); + out.flush(); + out.close(); + + System.out.println("Verbinden zu " + URL); + conn.connect(); + resultCode = conn.getResponseCode(); + System.out.println("resultCode :" + resultCode); + String redirectLoc = conn.getHeaderField("Location"); + System.out.println("redirectLoc :" + redirectLoc); + // Austausch von VerifyIdentityLink in der POST-URL durch VerifyAuthBlock... rest MUSS gleich sein! + if (!killInclusive(URL, "VerifyI", "Link", "VerifyAuthBlock").equals(redirectLoc)) + fail("Wrong Redirect-Location: expected " + URL + " and was " + conn.getHeaderField("Location")); + if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/xml")) + fail("Wrong contentType: expected text/xml and was " + conn.getHeaderField("Content-Type")); + conn.disconnect(); + System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA503() throws Exception { + try { + String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); + HttpsURLConnection conn = giveConnection(URL, "GET"); + conn.connect(); + + assertEquals(200,conn.getResponseCode()); + if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/html")) + fail("Wrong contentType: expected text/html and was " + conn.getHeaderField("Content-Type")); + String result = new String(StreamUtils.readStream(conn.getInputStream())); + URL = parseDataURL(result); + + conn.disconnect(); + conn = giveConnection(URL, "POST"); + conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); + String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); + OutputStream out = conn.getOutputStream(); + out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); + out.flush(); + out.close(); + conn.connect(); + String redirectLoc = conn.getHeaderField("Location"); + // Austausch von VerifyIdentityLink in der POST-URL durch VerifyAuthBlock... rest MUSS gleich sein! + if (!killInclusive(URL, "VerifyI", "Link", "VerifyAuthBlock").equals(redirectLoc)) + fail("Wrong Redirect-Location: expected " + URL + " and was " + conn.getHeaderField("Location")); + if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/xml")) + fail("Wrong contentType: expected text/xml and was " + conn.getHeaderField("Content-Type")); + conn.disconnect(); + + conn = giveConnection(redirectLoc, "POST"); + System.out.println("Redirect Location: " + redirectLoc); + String createXMLSignatureResponse = URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8"); + out = conn.getOutputStream(); + out.write(("XMLResponse=" +createXMLSignatureResponse).getBytes()); + out.flush(); + out.close(); + + System.out.println("Sending Data to " + redirectLoc); + conn.connect(); + + redirectLoc = conn.getHeaderField("Location"); + System.out.println("redirectLoc: " + redirectLoc); + /* RandomAccessFile raf = new RandomAccessFile("C://503.xml", "rw"); + raf.write(StreamUtils.readStream(conn.getInputStream())); + raf.close();*/ + conn.disconnect(); + assertEquals(302, conn.getResponseCode()); + assertTrue(redirectLoc.startsWith("https://localhost:9443/?Target=gb&SAMLArtifact=")); + System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); + + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA551() throws Exception { + try { + String targetURL = getURL("https://localhost:8443/moa-id-auth/", "gb", ""); + HttpsURLConnection conn = giveConnection(targetURL, "GET"); + conn.connect(); + String result = new String(StreamUtils.readStream(conn.getInputStream())); + assertTrue(result.indexOf("Die Angabe der Parameter ist unvollständig") >= 0); + conn.disconnect(); + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: Die Angabe der Parameter ist unvollständig.\n-----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA552() throws Exception { + try { + String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); + HttpsURLConnection conn = giveConnection(URL, "GET"); + conn.connect(); + int resultCode = conn.getResponseCode(); + assertEquals(200, resultCode); + if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/html")) + fail("Wrong contentType: expected text/html and was " + conn.getHeaderField("Content-Type")); + conn.disconnect(); + URL = "https://localhost:8443/moa-id-auth/" + "VerifyIdentityLink?MOASessionID=0000"; + conn = giveConnection(URL, "POST"); + conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); + + String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); + OutputStream out = conn.getOutputStream(); + out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); + out.flush(); + out.close(); + + conn.connect(); + String result = new String(StreamUtils.readStream(conn.getInputStream())); + assertTrue(result.indexOf("MOASessionID ist unbekannt") >= 0); + System.out.println("Fehler in testA552 erfolgreich abgefangen: MOASessionID ist unbekannt"); + conn.disconnect(); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testA553() throws Exception { + try { + String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); + HttpsURLConnection conn = giveConnection(URL, "GET"); + conn.connect(); + int resultCode = conn.getResponseCode(); + assertEquals(200,resultCode); + if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/html")) + fail("Wrong contentType: expected text/html and was " + conn.getHeaderField("Content-Type")); + String result = new String(StreamUtils.readStream(conn.getInputStream())); + String MOASessionID = parseSessionIDFromForm(result); + URL = parseDataURL(result); + conn.disconnect(); + + conn = giveConnection(URL, "POST"); + conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); + + String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); + OutputStream out = conn.getOutputStream(); + out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); + out.flush(); + out.close(); + conn.connect(); + result = new String(StreamUtils.readStream(conn.getInputStream())); + String redirectLoc = conn.getHeaderField("Location"); + // Austausch von VerifyIdentityLink in der POST-URL durch VerifyAuthBlock... rest MUSS gleich sein! + if (!killInclusive(URL, "VerifyI", "Link", "VerifyAuthBlock").equals(redirectLoc)) + fail("Wrong Redirect-Location: expected " + URL + " and was " + conn.getHeaderField("Location")); + if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/xml")) + fail("Wrong contentType: expected text/xml and was " + conn.getHeaderField("Content-Type")); + conn.disconnect(); + conn = giveConnection(redirectLoc + "XXX", "POST"); + System.out.println("Redirect Location: " + redirectLoc + "XXX"); + String createXMLSignatureResponse = "XMLResponse=" + URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8"); + + out = conn.getOutputStream(); + out.write(new String("MOASessionID=" + MOASessionID + "&").getBytes()); + out.write(createXMLSignatureResponse.getBytes("UTF-8")); + out.flush(); + out.close(); + System.out.println("Sending Data to " + redirectLoc); + conn.connect(); + resultCode = conn.getResponseCode(); + + result = new String(StreamUtils.readStream(conn.getInputStream())); + conn.disconnect(); + assertEquals(200, resultCode); + assertTrue(result.indexOf("MOASessionID ist unbekannt") >= 0); + System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + private String parseDataURL(String input) { + String ret = getSubString(input.substring(input.indexOf("DataURL"), input.length()), "value=\"", "\""); + return ret; + } + + private String getSubString(String input, String startsWith, String endsWith) { + return input.substring(input.indexOf(startsWith) + startsWith.length(), input.indexOf(endsWith, input.indexOf(startsWith) + startsWith.length())); + } + private String getURL(String authURL, String target, String oaURL) { + return authURL + "StartAuthentication?Target=" + target + "&OA=" + oaURL; + } + private String parseSessionIDFromForm(String htmlForm) { + String parName = "MOASessionID="; + assertTrue("HTML Form enthält keine SessionID", htmlForm.indexOf(parName) >= 0); + int i1 = htmlForm.indexOf(parName) + parName.length(); + int i2 = htmlForm.indexOf("\"", i1); + assertTrue("HTML Form enthält keine gültige SessionID", i2 > i1); + return htmlForm.substring(i1, i2); + } + + private class HostnameVerifierHack implements HostnameVerifier { + public boolean verify(String arg0, String arg1) { + return true; + } + } + private HttpsURLConnection giveConnection(String targetURL, String requestMethod) throws Exception { + URL url = new URL(targetURL); + HttpsURLConnection conn = (HttpsURLConnection) url.openConnection(); + conn.setRequestMethod(requestMethod); + conn.setDoInput(true); + conn.setDoOutput(true); + conn.setUseCaches(false); + conn.setAllowUserInteraction(false); + conn.setHostnameVerifier(new HostnameVerifierHack()); + return conn; + } + +}
\ No newline at end of file diff --git a/id/server/idserverlib/src/test/java/test/abnahme/A/Test600GetAuthenticationDataService.java b/id/server/idserverlib/src/test/java/test/abnahme/A/Test600GetAuthenticationDataService.java new file mode 100644 index 000000000..fab258e09 --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/abnahme/A/Test600GetAuthenticationDataService.java @@ -0,0 +1,305 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.abnahme.A; + +import java.io.OutputStream; +import java.net.URL; +import java.security.Security; +import java.util.Calendar; +import java.util.Vector; + +import javax.xml.namespace.QName; +import javax.xml.rpc.Call; +import javax.xml.rpc.Service; +import javax.xml.rpc.ServiceFactory; + +import org.apache.axis.message.SOAPBodyElement; +import org.w3c.dom.Element; + +import com.sun.net.ssl.HostnameVerifier; +import com.sun.net.ssl.HttpsURLConnection; + +import test.abnahme.AbnahmeTestCase; + +import at.gv.egovernment.moa.id.proxy.builder.SAMLRequestBuilder; +import at.gv.egovernment.moa.util.DOMUtils; +import at.gv.egovernment.moa.util.DateTimeUtils; +import at.gv.egovernment.moa.util.StreamUtils; +import at.gv.egovernment.moa.util.URLDecoder; +import at.gv.egovernment.moa.util.URLEncoder; + +/** + * @author Stefan Knirsch + * @version $Id$ + */ + +public class Test600GetAuthenticationDataService extends AbnahmeTestCase { + + private String moaSessionID; + private String samlArtifact; + private static final QName SERVICE_QNAME = new QName("SignatureCreation"); + + public Test600GetAuthenticationDataService(String name) { + super(name); + } + + protected void setUp() throws Exception { + super.setUp(); + Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); + System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol"); + System.setProperty("javax.net.ssl.trustStore", "C:/Programme/ApacheGroup/abnahme/server.keystore"); + System.setProperty("javax.net.ssl.trustStorePassword", "changeit"); + } + + public void testA601() throws Exception { + try { + + // Anmelden + String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); + HttpsURLConnection conn = giveConnection(URL, "GET"); + conn.connect(); + String result = new String(StreamUtils.readStream(conn.getInputStream())); + String MOASessionID = parseSessionIDFromForm(result); + conn.disconnect(); + + URL = parseDataURL(result); + // Verify Identity Link + conn = giveConnection(URL, "POST"); + conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); + String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); + OutputStream out = conn.getOutputStream(); + out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); + out.flush(); + out.close(); + conn.connect(); + String redirectLoc = conn.getHeaderField("Location"); + conn.disconnect(); + //Verify Auth Block + conn = giveConnection(redirectLoc, "POST"); + String createXMLSignatureResponse = URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8"); + out = conn.getOutputStream(); + out.write(("MOASessionID=" + moaSessionID + "&XMLResponse=" + createXMLSignatureResponse).getBytes("UTF-8")); + out.flush(); + out.close(); + conn.connect(); + redirectLoc = conn.getHeaderField("Location"); + samlArtifact = parseSamlArtifact(redirectLoc); + System.out.println("SamlArtifact: " + samlArtifact); + conn.disconnect(); + + assertTrue(redirectLoc.startsWith("https://localhost:9443/?Target=gb&SAMLArtifact=")); + + conn = null; + + SAMLRequestBuilder srb = new SAMLRequestBuilder(); + + Element erg = doCall(srb.build(moaSessionID,URLDecoder.decode(samlArtifact, "UTF-8"))); + result = DOMUtils.serializeNode(erg); + result = killInclusive(result,"IssueInstant=\"","\"",""); + result = killInclusive(result,"AssertionID=\"","\"",""); + result = killInclusive(result,"ResponseID=\"","\"",""); + +// writeXmldata("GetAuthenticationDataWebServiceResponse.xml", result.getBytes("UTF-8")); + + assertEquals(result,readXmldata("GetAuthenticationDataWebServiceResponse.xml")); + + System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA651() throws Exception { + try { + + // Anmelden + String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); + HttpsURLConnection conn = giveConnection(URL, "GET"); + conn.connect(); + String result = new String(StreamUtils.readStream(conn.getInputStream())); + String MOASessionID = parseSessionIDFromForm(result); + conn.disconnect(); + + URL = parseDataURL(result); + // Verify Identity Link + conn = giveConnection(URL, "POST"); + conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); + String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); + OutputStream out = conn.getOutputStream(); + out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); + out.flush(); + out.close(); + conn.connect(); + String redirectLoc = conn.getHeaderField("Location"); + conn.disconnect(); + //Verify Auth Block + conn = giveConnection(redirectLoc, "POST"); + String createXMLSignatureResponse = URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8"); + out = conn.getOutputStream(); + out.write(("MOASessionID=" + moaSessionID + "&XMLResponse=" + createXMLSignatureResponse).getBytes("UTF-8")); + out.flush(); + out.close(); + conn.connect(); + redirectLoc = conn.getHeaderField("Location"); + samlArtifact = "AAGu1JFbyGKqJ+3NAonwMu5bNyUc7kooeMK6bxeXBbnK6NL0DfuVJsGi"; + System.out.println("SamlArtifact: " + samlArtifact); + conn.disconnect(); + + assertTrue(redirectLoc.startsWith("https://localhost:9443/?Target=gb&SAMLArtifact=")); + + conn = null; + + SAMLRequestBuilder srb = new SAMLRequestBuilder(); + Element samlPRequest = srb.build(moaSessionID,samlArtifact); + + assertTrue(DOMUtils.serializeNode(doCall(samlPRequest)).indexOf("unbekanntes SAML-Artifakt")!=-1); + + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: Fehler beim Abholen der Anmeldedaten, unbekanntes SAML-Artifakt\n-----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + public void testA652() throws Exception { + try { + + // Anmelden + String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); + HttpsURLConnection conn = giveConnection(URL, "GET"); + conn.connect(); + String result = new String(StreamUtils.readStream(conn.getInputStream())); + String MOASessionID = parseSessionIDFromForm(result); + conn.disconnect(); + + URL = parseDataURL(result); + // Verify Identity Link + conn = giveConnection(URL, "POST"); + conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); + String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); + OutputStream out = conn.getOutputStream(); + out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); + out.flush(); + out.close(); + conn.connect(); + String redirectLoc = conn.getHeaderField("Location"); + conn.disconnect(); + //Verify Auth Block + conn = giveConnection(redirectLoc, "POST"); + String createXMLSignatureResponse = URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8"); + out = conn.getOutputStream(); + out.write(("MOASessionID=" + moaSessionID + "&XMLResponse=" + createXMLSignatureResponse).getBytes("UTF-8")); + out.flush(); + out.close(); + conn.connect(); + redirectLoc = conn.getHeaderField("Location"); + samlArtifact = parseSamlArtifact(redirectLoc); + System.out.println("SamlArtifact: " + samlArtifact); + conn.disconnect(); + + assertTrue(redirectLoc.startsWith("https://localhost:9443/?Target=gb&SAMLArtifact=")); + + conn = null; + String request = + "<samlp:Request xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" RequestID=\"" + + moaSessionID + "\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"" + + DateTimeUtils.buildDateTime(Calendar.getInstance(), false)+"\">" + + "</samlp:Request>"; + + Element samlPRequest = DOMUtils.parseDocument(request, false, ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); + + assertTrue(DOMUtils.serializeNode(doCall(samlPRequest)).indexOf("Fehlerhaftes Requestformat")!=-1); +// writeXmldata("GetAuthenticationDataWebServiceResponse.xml", result.getBytes("UTF-8")); + System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: Fehlerhaftes Requestformat\n-----------------------"); } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + + protected Element doCall(Element request) + throws Exception { + QName serviceName = new QName("GetAuthenticationData"); + String endPoint = "http://localhost:8080/moa-id-auth/services/GetAuthenticationData"; + Service service = ServiceFactory.newInstance().createService(serviceName); + Call call = service.createCall(); + SOAPBodyElement body = + new SOAPBodyElement(request); + SOAPBodyElement[] params = new SOAPBodyElement[] {body}; + Vector responses; + SOAPBodyElement response; + + call.setTargetEndpointAddress(endPoint); + responses = (Vector) call.invoke(params); + response = (SOAPBodyElement) responses.get(0); + + return response.getAsDOM(); + } + + private String parseDataURL(String input) + { + return getSubString(input.substring(input.indexOf("DataURL"),input.length()),"value=\"","\""); + } + private String parseSamlArtifact(String input) + { + return getSubString(input+"@@@","SAMLArtifact=","@@@"); + } + private String getSubString(String input, String startsWith, String endsWith) + { + return input.substring(input.indexOf(startsWith)+startsWith.length(), input.indexOf(endsWith, input.indexOf(startsWith)+startsWith.length())); + } + private String getURL(String authURL, String target, String oaURL) + { + return authURL + "StartAuthentication?Target=" + target + "&OA=" + oaURL; + } + private String parseSessionIDFromForm(String htmlForm) { + String parName = "MOASessionID="; + assertTrue( + "HTML Form enthält keine SessionID", + htmlForm.indexOf(parName) >= 0); + int i1 = htmlForm.indexOf(parName) + parName.length(); + int i2 = htmlForm.indexOf("\"", i1); + assertTrue("HTML Form enthält keine gültige SessionID", i2 > i1); + return htmlForm.substring(i1, i2); + } + private HttpsURLConnection giveConnection(String targetURL, String requestMethod) throws Exception { + HttpsURLConnection conn = (HttpsURLConnection) new URL(targetURL).openConnection(); + conn.setRequestMethod(requestMethod); + conn.setDoInput(true); + conn.setDoOutput(true); + conn.setUseCaches(false); + conn.setAllowUserInteraction(false); + conn.setHostnameVerifier(new HostnameVerifierHack()); + return conn; + } + private class HostnameVerifierHack implements HostnameVerifier { + public boolean verify(String arg0, String arg1) { + return true; + } + } +} diff --git a/id/server/idserverlib/src/test/java/test/abnahme/A/Test700SelectBKU.java b/id/server/idserverlib/src/test/java/test/abnahme/A/Test700SelectBKU.java new file mode 100644 index 000000000..386a2b454 --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/abnahme/A/Test700SelectBKU.java @@ -0,0 +1,87 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.abnahme.A; + +import test.abnahme.AbnahmeTestCase; + +/* + * @author Paul Ivancsics + * @version $Id$ + */ +public class Test700SelectBKU extends AbnahmeTestCase { + + public Test700SelectBKU(String name) { + super(name); + } + + public void testA701() throws Exception { + try { + String form = server.selectBKU( + "https://localhost:8443/auth", + "gb", + "https://localhost:9443/", + "file:" + getTestCaseDirectory() + "BKUSelectionTemplate.html", + "file:" + getTestCaseDirectory() + "Template.html"); + //writeXmldata("SelectBKUForm_out.html", form.getBytes()); + assertEqualsIgnoreSessionID(readXmldata("SelectBKUForm.html"), form); + } + catch (Exception ex) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + ex.getLocalizedMessage()); + throw ex; + } + } + public void testA702() throws Exception { + try { + String form = server.selectBKU( + "https://localhost:8443/auth", + "gb", + "https://localhost:9443/", + null, + null); + //writeXmldata("SelectBKUForm_out.html", form.getBytes()); + assertEqualsIgnoreSessionID(readXmldata("SelectBKUForm.html"), form); + } + catch (Exception ex) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + ex.getLocalizedMessage()); + throw ex; + } + } + public void testA703() throws Exception { + try { + String form = server.selectBKU( + "https://localhost:8443/auth", + "gb", + "https://localhost:9443/", + null, + null); + //writeXmldata("SelectBKUForm_out.html", form.getBytes()); + assertEqualsIgnoreSessionID(readXmldata("SelectBKUForm.html"), form); + } + catch (Exception ex) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + ex.getLocalizedMessage()); + throw ex; + } + } +} diff --git a/id/server/idserverlib/src/test/java/test/abnahme/AbnahmeTestCase.java b/id/server/idserverlib/src/test/java/test/abnahme/AbnahmeTestCase.java new file mode 100644 index 000000000..8e38c7673 --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/abnahme/AbnahmeTestCase.java @@ -0,0 +1,190 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.abnahme; + +import java.io.File; +import java.io.IOException; +import java.io.RandomAccessFile; + +import test.MOAIDTestCase; + +import at.gv.egovernment.moa.id.MOAIDException; +import at.gv.egovernment.moa.id.auth.AuthenticationServer; +import at.gv.egovernment.moa.id.config.ConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.data.AuthenticationData; + +/** + * Base class for MOA ID test cases. + * + * Provides some utility functions. + * + * @author Stefan Knirsch + * @version $Id$ + */ +public class AbnahmeTestCase extends MOAIDTestCase { + + protected static final String TESTDATA_ROOT = "data/abnahme-test/"; + protected static final String TESTDATA_XMLDATA = "data/abnahme-test/xmldata/"; + protected static final String AUTH_ENDPOINT = "http://localhost:8080/moa-id-auth/"; + protected AuthenticationServer server; + + /** + * Constructor for MOATestCase. + * @param arg0 + */ + public AbnahmeTestCase(String name) { + super(name); + } + /** + * Set up a transaction context with a test configuration. + */ + protected void setUp() throws Exception { + + System.out.print("--------S-T-A-R-T----V-O-N----"); + System.out.print(getName().toUpperCase().substring(4,getName().length())); + System.out.print("-----------------------------\n"); + + // Set moa.spss.server.configuration property + System.setProperty("moa.spss.server.configuration",TESTDATA_ROOT + "conf/moa/ConfigurationTest.xml"); + + // Set moa.id.configuration property + String pathname = findXmldata("Configuration.xml"); + System.setProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME, pathname); + System.out.println("Konfiguration " + pathname); + AuthConfigurationProvider.reload(); + + server = AuthenticationServer.getInstance(); + } + /** Test case z.B. "A153" */ + protected String getID() { + return getName().toUpperCase().substring(4,getName().length()); + } + /** Test group z.B. "A100" */ + protected String getTestGroup() { + return getID().substring(0, 2) + "00"; + } + /** Test case data directory */ + protected String getTestCaseDirectory() { + return getTestGroupDirectory() + getID() + "/"; + } + /** Test group data directory */ + protected String getTestGroupDirectory() { + return TESTDATA_XMLDATA + getTestGroup() + "/"; + } + /** Finds a file in the xmldata directory */ + protected String findXmldata(String filename) { + String pathname = getTestCaseDirectory() + filename; + if (! new File(pathname).exists()) { + pathname = getTestGroupDirectory() + filename; + if (! new File(pathname).exists()) { + pathname = TESTDATA_XMLDATA + filename; + } + } + return pathname; + } + /** Finds and reads a file in the xmldata directory */ + protected String readXmldata(String filename) throws IOException { + String pathname = findXmldata(filename); + System.out.println("Read file " + pathname); + return readFile(pathname); + } + protected void writeXmldata(String filename, byte[] content) throws Exception { + String pathname = getTestCaseDirectory() + filename; + System.out.println("Write file " + pathname); + RandomAccessFile raf = new RandomAccessFile(pathname, "rw"); + byte[] data = content; + raf.write(data); + raf.setLength(data.length); + raf.close(); + } + + /** + * Creates a session using standard parameters, + * and returns the session ID. + */ + protected String startAuthentication() throws MOAIDException { + return startAuthentication("https://localhost:9443/"); + } + /** + * Creates a session using standard parameters, + * and returns the session ID. + */ + protected String startAuthentication(String oaURL) throws MOAIDException { + String htmlForm = AuthenticationServer.getInstance().startAuthentication( + "https://localhost:8443/auth", + "gb", + null, + oaURL, + null, + null, + null, + null, + null, null); + String sessionID = parseSessionIDFromForm(htmlForm); + return sessionID; + } + private String parseSessionIDFromForm(String htmlForm) { + String parName = "MOASessionID="; + assertTrue( + "HTML Form enthält keine SessionID", + htmlForm.indexOf(parName) >= 0); + int i1 = htmlForm.indexOf(parName) + parName.length(); + int i2 = i1; + while(i2 < htmlForm.length() && + (htmlForm.charAt(i2) == '-' || (htmlForm.charAt(i2) >= '0' && htmlForm.charAt(i2) <= '9'))) + i2++; + assertTrue("HTML Form enthält keine gültige SessionID", i2 > i1); + return htmlForm.substring(i1, i2); + } + protected String clearSessionID(String htmlForm) { + String sessionID = parseSessionIDFromForm(htmlForm); + int i1 = htmlForm.indexOf(sessionID); + int i2 = i1 + sessionID.length(); + return htmlForm.substring(0, i1) + htmlForm.substring(i2); + } + protected void assertEqualsIgnoreSessionID(String s1, String s2) { + String ss1 = clearSessionID(s1); + String ss2 = clearSessionID(s2); + assertEquals(ss1, ss2); + } + protected void authDataWriter(AuthenticationData authData, String filename) throws Exception + { + writeXmldata("AuthenticationDataNEW.xml", clearSamlAssertion(authData.getSamlAssertion()).getBytes("UTF-8")); + } + + /** + * clearSamlAssertion löscht aus einer beliebiegen String-Repräsentation einer XML-Struktur + * AUSSLIESSLICH die Attribute 'IssueInstant' und 'AssertionID' heraus. + * @param samlAssertion + * @return String + */ + protected String clearSamlAssertion(String samlAssertion) + { + String result = killInclusive(samlAssertion,"IssueInstant='", "'",""); + result = killInclusive(result,"AssertionID='", "'",""); + return result; + } +}
\ No newline at end of file diff --git a/id/server/idserverlib/src/test/java/test/abnahme/AllTests.java b/id/server/idserverlib/src/test/java/test/abnahme/AllTests.java new file mode 100644 index 000000000..b67c62fc0 --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/abnahme/AllTests.java @@ -0,0 +1,73 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.abnahme; + +import junit.awtui.TestRunner; +import junit.framework.*; + +import test.abnahme.A.Test100StartAuthentication; +import test.abnahme.A.Test200VerifyIdentityLink; +import test.abnahme.A.Test300VerifyAuthBlock; +import test.abnahme.A.Test400GetAuthenticationData; +import test.abnahme.A.Test500StartAuthenticationServlet; +import test.abnahme.A.Test600GetAuthenticationDataService; +import test.abnahme.A.Test700SelectBKU; +import test.abnahme.C.Test100Konfiguration; +import test.abnahme.P.Test100LoginParameterResolver; + + + + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class AllTests { + + public static Test suite() { + TestSuite suite = new TestSuite(); + + suite.addTestSuite(Test100StartAuthentication.class); + suite.addTestSuite(Test200VerifyIdentityLink.class); + suite.addTestSuite(Test300VerifyAuthBlock.class); + suite.addTestSuite(Test400GetAuthenticationData.class); + suite.addTestSuite(Test500StartAuthenticationServlet.class); + suite.addTestSuite(Test600GetAuthenticationDataService.class); + suite.addTestSuite(Test700SelectBKU.class); + + suite.addTestSuite(Test100LoginParameterResolver.class); + + suite.addTestSuite(Test100Konfiguration.class); + return suite; + } + + public static void main(String[] args) { + try { + TestRunner.run(AllTests.class); + } catch (Exception e) { + e.printStackTrace(); + } + } +} diff --git a/id/server/idserverlib/src/test/java/test/abnahme/C/Test100Konfiguration.java b/id/server/idserverlib/src/test/java/test/abnahme/C/Test100Konfiguration.java new file mode 100644 index 000000000..2ab2071fb --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/abnahme/C/Test100Konfiguration.java @@ -0,0 +1,84 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.abnahme.C; + +import at.gv.egovernment.moa.id.config.ConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; + +import test.abnahme.AbnahmeTestCase; + +/** + * @author Stefan Knirsch + * @version $Id$ + * + */ + +public class Test100Konfiguration extends AbnahmeTestCase { + + public Test100Konfiguration(String name) { + super(name); + } + + public void testC001() throws Exception { + try { + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testC002() throws Exception { + try { + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testC003() throws Exception { + try { + System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); + } + catch (Exception e) { + System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); + throw e; + } + } + public void testC051() throws Exception { + try { + // Set moa.id.configuration property + String pathname = findXmldata("ConfigurationC051.xml"); + System.setProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME, pathname); + System.out.println("Konfiguration " + pathname); + AuthConfigurationProvider.reload(); + } + catch (Exception e) { + System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); + } + // AuthConfigurationProvider.getInstance().getBKUConnectionParameter().getAcceptedServerCertificates() + } +} diff --git a/id/server/idserverlib/src/test/java/test/abnahme/P/Test100LoginParameterResolver.java b/id/server/idserverlib/src/test/java/test/abnahme/P/Test100LoginParameterResolver.java new file mode 100644 index 000000000..0e5d88c4d --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/abnahme/P/Test100LoginParameterResolver.java @@ -0,0 +1,159 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.abnahme.P; +import test.abnahme.AbnahmeTestCase; + +/** + * @author Stefan Knirsch + * @version $Id$ + * + */ + +public class Test100LoginParameterResolver extends AbnahmeTestCase { + +// private static final String CLIENT_IP_ADDRESS = "56.246.75.11"; +// private OAConfiguration oaConf; +// private LoginParameterResolver lpr; +// + public Test100LoginParameterResolver(String name) { + super(name); + } +// +// private void setUp(String publicURLPrefix) +// throws Exception { +// +// // get configuration data +// ProxyConfigurationProvider proxyConf = ProxyConfigurationProvider.getInstance(); +// OAProxyParameter oaParam = proxyConf.getOnlineApplicationParameter(publicURLPrefix); +// oaConf = oaParam.getOaConfiguration(); +// System.out.println("Parameterübergabe: " + oaConf.getAuthType()); +// +// // get login parameter resolver +// LoginParameterResolverFactory.initialize(); +// lpr = LoginParameterResolverFactory.getLoginParameterResolver(publicURLPrefix); +// } +// public void testP101() throws Exception { +// try { +// // read configuration and set up LoginParameterResolver +// setUp("https://testP101:9443/"); +// if (! oaConf.getAuthType().equals(OAConfiguration.BASIC_AUTH)) +// fail(); +// +// // assemble authentication data +// AuthenticationData authData = new AuthenticationData(); +// authData.setFamilyName("Huber"); +// authData.setGivenName("Hugo"); +// +// // resolve login headers +// Map loginHeaders = lpr.getAuthenticationHeaders(oaConf, authData, CLIENT_IP_ADDRESS, false, ""); +// +// // validate login headers +// assertEquals(1, loginHeaders.keySet().size()); +// System.out.println("Header Authorization: " + loginHeaders.get("Authorization")); +// System.out.println("Decoded UserID:Password " + +// new String(new BASE64Decoder().decodeBuffer(((String)loginHeaders.get("Authorization")).substring(6)))); +// String userIDPassword = "Hugo:Huber"; +// String credentials = Base64Utils.encode(userIDPassword.getBytes()); +// assertEquals("Basic " + credentials, loginHeaders.get("Authorization")); +// System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// +// } +// public void testP102() throws Exception { +// try { +// // read configuration and set up LoginParameterResolver +// setUp("https://testP102:9443/"); +// if (! oaConf.getAuthType().equals(OAConfiguration.PARAM_AUTH)) +// fail(); +// +// // assemble authentication data +// AuthenticationData authData = new AuthenticationData(); +// String DATE_OF_BIRTH = "1963-12-29"; +// String VPK = "kp6hOq6LRAkLtrqm6EvDm6bMwJw="; +// authData.setDateOfBirth(DATE_OF_BIRTH); +// authData.setBPK(VPK); +// +// // resolve login parameters +// Map loginParameters = lpr.getAuthenticationParameters(oaConf, authData, CLIENT_IP_ADDRESS, false, ""); +// +// // validate login headers +// assertEquals(2, loginParameters.keySet().size()); +// System.out.println("Param1: " + loginParameters.get("Param1")); +// System.out.println("Param2: " + loginParameters.get("Param2")); +// assertEquals(DATE_OF_BIRTH, loginParameters.get("Param1")); +// assertEquals(VPK, loginParameters.get("Param2")); +// System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +// +// public void testP103() throws Exception { +// try { +// // read configuration and set up LoginParameterResolver +// setUp("https://localhost:9443/"); +// if (! oaConf.getAuthType().equals(OAConfiguration.HEADER_AUTH)) +// fail(); +// +// // assemble authentication data +// AuthenticationData authData = new AuthenticationData(); +// boolean PUBLIC_AUTH = true; +// String BKZ = "FinanzamtWien23Leitstelle"; +// boolean QUAL_CERT = false; +// String STAMMZAHL = "3456789012"; +// authData.setPublicAuthority(PUBLIC_AUTH); +// authData.setPublicAuthorityCode(BKZ); +// authData.setQualifiedCertificate(QUAL_CERT); +// authData.setIdentificationValue(STAMMZAHL); +// +// // resolve login headers +// Map loginHeaders = lpr.getAuthenticationHeaders(oaConf, authData, CLIENT_IP_ADDRESS, false, ""); +// +// // validate login headers +// assertEquals(5, loginHeaders.keySet().size()); +// System.out.println("Header Param1: " + loginHeaders.get("Param1")); +// System.out.println("Header Param2: " + loginHeaders.get("Param2")); +// System.out.println("Header Param3: " + loginHeaders.get("Param3")); +// System.out.println("Header Param4: " + loginHeaders.get("Param4")); +// System.out.println("Header Param5: " + loginHeaders.get("Param5")); +// assertEquals(String.valueOf(PUBLIC_AUTH), loginHeaders.get("Param1")); +// assertEquals(BKZ, loginHeaders.get("Param2")); +// assertEquals(String.valueOf(QUAL_CERT), loginHeaders.get("Param3")); +// assertEquals(STAMMZAHL, loginHeaders.get("Param4")); +// assertEquals(CLIENT_IP_ADDRESS, loginHeaders.get("Param5")); +// System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); +// } +// catch (Exception e) { +// System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); +// throw e; +// } +// } +} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/AllTests.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/AllTests.java new file mode 100644 index 000000000..fc12ca5e7 --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/AllTests.java @@ -0,0 +1,65 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.id; + +import test.at.gv.egovernment.moa.id.auth.AuthenticationServerTest; +import test.at.gv.egovernment.moa.id.auth.servlet.GetAuthenticationDataServiceTest; +import test.at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationTest; +import test.at.gv.egovernment.moa.id.config.auth.MOAIDAuthConfigurationProviderTest; +import test.at.gv.egovernment.moa.id.config.proxy.MOAIDProxyConfigurationProviderTest; + +import junit.awtui.TestRunner; +import junit.framework.Test; +import junit.framework.TestSuite; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class AllTests { + + public static Test suite() { + TestSuite suite = new TestSuite(); + + suite.addTestSuite(AuthenticationServerTest.class); + suite.addTest(test.at.gv.egovernment.moa.id.auth.builder.AllTests.suite()); + suite.addTest(test.at.gv.egovernment.moa.id.auth.parser.AllTests.suite()); + suite.addTestSuite(GetAuthenticationDataServiceTest.class); + suite.addTestSuite(SignatureVerificationTest.class); + suite.addTestSuite(MOAIDAuthConfigurationProviderTest.class); + suite.addTestSuite(MOAIDProxyConfigurationProviderTest.class); + suite.addTest(test.at.gv.egovernment.moa.id.proxy.AllTests.suite()); + + return suite; + } + + public static void main(String[] args) { + try { + TestRunner.run(AllTests.class); + } catch (Exception e) { + e.printStackTrace(); + } + } +} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/UnitTestCase.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/UnitTestCase.java new file mode 100644 index 000000000..db4500ddb --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/UnitTestCase.java @@ -0,0 +1,59 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.id; + +import test.MOAIDTestCase; + +import at.gv.egovernment.moa.id.config.ConfigurationProvider; + +/** + * Base class for MOA ID test cases. + * + * Provides some utility functions. + * + * @author Patrick Peck + * @version $Id$ + */ +public class UnitTestCase extends MOAIDTestCase { + + protected static final String TESTDATA_ROOT = "data/test/"; + + /** + * Constructor for MOATestCase. + * @param arg0 + */ + public UnitTestCase(String name) { + super(name); + } + /** + * Set up a transaction context with a test configuration. + */ + protected void setUp() throws Exception { + System.setProperty( + ConfigurationProvider.CONFIG_PROPERTY_NAME, + TESTDATA_ROOT + "conf/ConfigurationTest.xml"); + } + +}
\ No newline at end of file diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/AuthenticationServerTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/AuthenticationServerTest.java new file mode 100644 index 000000000..187f577a3 --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/AuthenticationServerTest.java @@ -0,0 +1,80 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.id.auth; + +import java.util.HashMap; + +import at.gv.egovernment.moa.id.auth.AuthenticationServer; +import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.data.AuthenticationData; + +import test.at.gv.egovernment.moa.id.UnitTestCase; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class AuthenticationServerTest extends UnitTestCase { + + public AuthenticationServerTest(String name) { + super(name); + } + + public void testStandard() throws Exception { + doTest( + "standard", + "https://localhost:8443/auth", + "gb", + "https://localhost:9443/", + null, + null); + } + public void doTest(String testdataDirectory, String authURL, String target, String oaURL, String bkuURL, String templateURL) throws Exception { + String testdataRoot = TESTDATA_ROOT + "xmldata/" + testdataDirectory + "/"; + AuthenticationServer server = AuthenticationServer.getInstance(); + String htmlForm = server.startAuthentication(authURL, target, null, oaURL, templateURL, bkuURL, null, null, null, null); + String sessionID = parseSessionIDFromForm(htmlForm); + String infoboxReadResponse = readFile(TESTDATA_ROOT + "xmldata/testperson1/" + "InfoboxReadResponse.xml"); + HashMap parameters = new HashMap(1); + parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); + + String createXMLSignatureRequest = server.verifyIdentityLink(sessionID, parameters); + String createXMLSignatureRequestShould = readFile(testdataRoot + "CreateXMLSignatureRequest.xml"); + assertXmlEquals(createXMLSignatureRequestShould, createXMLSignatureRequest); + String createXMLSignatureResponse = readFile(testdataRoot + "CreateXMLSignatureResponse.xml"); + String samlArtifact = server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); + AuthenticationData authData = server.getAuthenticationData(samlArtifact); + String authDataShould = readFile(testdataRoot + "AuthenticationDataAssertion.xml"); + assertXmlEquals(authDataShould, authData.getSamlAssertion()); + } + private String parseSessionIDFromForm(String htmlForm) { + String parName = "MOASessionID="; + assertTrue("HTML Form enthält keine SessionID", htmlForm.indexOf(parName) >= 0); + int i1 = htmlForm.indexOf(parName) + parName.length(); + int i2 = htmlForm.indexOf("\"", i1); + assertTrue("HTML Form enthält keine gültige SessionID", i2 > i1); + return htmlForm.substring(i1, i2); + } +} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/MOAIDAuthInitialiserTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/MOAIDAuthInitialiserTest.java new file mode 100644 index 000000000..ab1991b9e --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/MOAIDAuthInitialiserTest.java @@ -0,0 +1,71 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.id.auth; + +import java.security.KeyStore; +import java.util.Enumeration; + +import test.at.gv.egovernment.moa.id.UnitTestCase; +import at.gv.egovernment.moa.id.util.SSLUtils; +import at.gv.egovernment.moa.util.KeyStoreUtils; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class MOAIDAuthInitialiserTest extends UnitTestCase { + + public MOAIDAuthInitialiserTest(String name) { + super(name); + } + + public void testInit() throws Exception + { +// System.setProperty( +// ConfigurationProvider.CONFIG_PROPERTY_NAME,"C://Programme/ApacheGroup/abnahme/conf/moa-id/SampleMOAIDConfiguration.xml"); +// System.setProperty( +// ConfigurationProvider.CONFIG_PROPERTY_NAME,"D://Daten/_Projects/moa_id_maengel/SampleMOAIDConfiguration.xml"); + SSLUtils.initialize(); + + try { + KeyStore s = KeyStoreUtils.loadKeyStore("pkcs12","file:C:/Programme/ApacheGroup/abnahme/cert/keystore.p12","changeit"); + System.out.println(s.getProvider().getClass().getName()); + Enumeration aliases = s.aliases(); + while (aliases.hasMoreElements()) { + String element = (String) aliases.nextElement(); + System.out.print(element+":"); + System.out.println(s.getCertificate(element).getPublicKey().getAlgorithm()); + System.out.println(s.getCertificate(element).getType()); + } + + + System.out.println(s.getCertificate("pc41408").getPublicKey().getFormat()); + + } + catch (Exception e) {e.printStackTrace();}; + + } + + } diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/AllTests.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/AllTests.java new file mode 100644 index 000000000..7852dc9cd --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/AllTests.java @@ -0,0 +1,57 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.id.auth.builder; + +import junit.awtui.TestRunner; +import junit.framework.Test; +import junit.framework.TestSuite; + +/** + * @author patrick + * @version $Id$ + */ +public class AllTests { + + public static Test suite() { + TestSuite suite = new TestSuite(); + +// suite.addTestSuite(AuthenticationBlockAssertionBuilderTest.class); + suite.addTestSuite(CreateXMLSignatureBuilderTest.class); +// suite.addTestSuite(GetIdentityLinkFormBuilderTest.class); +// suite.addTestSuite(InfoboxReadRequestBuilderTest.class); +// suite.addTestSuite(PersonDataBuilderTest.class); +// suite.addTestSuite(SAMLArtifactBuilderTest.class); + + return suite; + } + + public static void main(String[] args) { + try { + TestRunner.run(AllTests.class); + } catch (Exception e) { + e.printStackTrace(); + } + } +} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilderTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilderTest.java new file mode 100644 index 000000000..d369c39bd --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilderTest.java @@ -0,0 +1,71 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.id.auth.builder; + +import test.at.gv.egovernment.moa.id.UnitTestCase; + +import at.gv.egovernment.moa.id.auth.builder.AuthenticationBlockAssertionBuilder; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class AuthenticationBlockAssertionBuilderTest extends UnitTestCase { + private static final String nl = "\n"; + private static final String ISSUER = "Hugo Mustermann"; + private static final String ISSUE_INSTANT = "2003-03-15T22:50:21+01:00"; + private static final String AUTH_URL = "https://auth.moa.gv.at/"; + private static final String TARGET = "Grundbuch"; + private static final String OA_URL = "https://grundbuch.gv.at/"; + private static final String GEB_DAT = "2004-01-02"; + + // wird auch von CreateXMLSignatureBuilderTest verwendet ! + public static final String ASSERTION_SHOULD = +"<saml:Assertion xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' MajorVersion='1' MinorVersion='0' AssertionID='any' Issuer='" + ISSUER + "' IssueInstant='" + ISSUE_INSTANT + "'>" + nl + +" <saml:AttributeStatement>" + nl + +" <saml:Subject>" + nl + +" <saml:NameIdentifier>" + AUTH_URL + "</saml:NameIdentifier>" + nl + +" </saml:Subject>" + nl + +" <saml:Attribute AttributeName='Geschäftsbereich' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'>" + nl + +" <saml:AttributeValue>" + TARGET + "</saml:AttributeValue>" + nl + +" </saml:Attribute>" + nl + +" <saml:Attribute AttributeName='OA' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'>" + nl + +" <saml:AttributeValue>" + OA_URL + "</saml:AttributeValue>" + nl + +" </saml:Attribute>" + nl + +" </saml:AttributeStatement>" + nl + +"</saml:Assertion>"; + + public AuthenticationBlockAssertionBuilderTest(String name) { + super(name); + } + + public void testBuild() throws Exception { + AuthenticationBlockAssertionBuilder builder = new AuthenticationBlockAssertionBuilder(); + String assertionBuilt = builder.buildAuthBlock(ISSUER, ISSUE_INSTANT, AUTH_URL, TARGET, null, "", "", OA_URL, GEB_DAT, null, null); + assertionBuilt = XML_DECL + assertionBuilt; + String assertionShould = XML_DECL + ASSERTION_SHOULD; + assertXmlEquals(assertionShould, assertionBuilt); + } +} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureBuilderTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureBuilderTest.java new file mode 100644 index 000000000..87ddaef0c --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureBuilderTest.java @@ -0,0 +1,129 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.id.auth.builder; + +import at.gv.egovernment.moa.id.auth.builder.CreateXMLSignatureRequestBuilder; + +import test.at.gv.egovernment.moa.id.UnitTestCase; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class CreateXMLSignatureBuilderTest extends UnitTestCase { + private static final String nl = "\n"; + public static final String TRANSFORMS_INFO = + " <sl10:TransformsInfo>" + nl + + " <dsig:Transforms>" + nl + + " <dsig:Transform Algorithm='http://www.w3.org/2000/09/xmldsig#enveloped-signature'/>" + nl + + " <dsig:Transform Algorithm='http://www.w3.org/TR/1999/REC-xslt-19991116'>" + nl + +"<xsl:stylesheet version='1.0' xmlns:xsl='http://www.w3.org/1999/XSL/Transform' xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' >" + nl + +"<xsl:template match='/'>" + nl + +"<html>" + nl + +"<body>" + nl + +"</body>" + nl + +"</html>" + nl + +"</xsl:template>" + nl + +"</xsl:stylesheet>" + nl + + " </dsig:Transform>" + nl + + " </dsig:Transforms>" + nl + + " <sl10:FinalDataMetaInfo>" + nl + + " <sl10:MimeType>text/html</sl10:MimeType>" + nl + + " </sl10:FinalDataMetaInfo>" + nl + + " </sl10:TransformsInfo>" + nl; + public static final String REQUEST_SHOULD = +"<?xml version=\"1.0\" encoding=\"UTF-8\"?>" + nl + +"<sl11:CreateXMLSignatureRequest xmlns:dsig=\"http://www.w3.org/2000/09/xmldsig#\" xmlns:sl10=\"http://www.buergerkarte.at/namespaces/securitylayer/20020225#\" xmlns:sl11=\"http://www.buergerkarte.at/namespaces/securitylayer/20020831#\">" + nl + +" <sl11:KeyboxIdentifier>SecureSignatureKeypair</sl11:KeyboxIdentifier>" + nl + +" <sl11:DataObjectInfo Structure=\"detached\">" + nl + +" <sl10:DataObject Reference=\"\"/>" + nl + +TRANSFORMS_INFO + +" </sl11:DataObjectInfo>" + nl + +" <sl11:SignatureInfo>" + nl + +" <sl11:SignatureEnvironment>" + nl + +" <sl10:XMLContent>" + AuthenticationBlockAssertionBuilderTest.ASSERTION_SHOULD + "</sl10:XMLContent>" + nl + +" </sl11:SignatureEnvironment>" + nl + +" <sl11:SignatureLocation Index=\"2\">/saml:Assertion</sl11:SignatureLocation>" + nl + +" </sl11:SignatureInfo>" + nl + +"</sl11:CreateXMLSignatureRequest>"; + + + public static final String TRANSFORMS_INFO_SL12 = + " <sl:TransformsInfo>" + nl + + " <dsig:Transforms>" + nl + + " <dsig:Transform Algorithm='http://www.w3.org/2000/09/xmldsig#enveloped-signature'/>" + nl + + " <dsig:Transform Algorithm='http://www.w3.org/TR/1999/REC-xslt-19991116'>" + nl + +"<xsl:stylesheet version='1.0' xmlns:xsl='http://www.w3.org/1999/XSL/Transform' xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' >" + nl + +"<xsl:template match='/'>" + nl + +"<html>" + nl + +"<body>" + nl + +"</body>" + nl + +"</html>" + nl + +"</xsl:template>" + nl + +"</xsl:stylesheet>" + nl + + " </dsig:Transform>" + nl + + " </dsig:Transforms>" + nl + + " <sl:FinalDataMetaInfo>" + nl + + " <sl:MimeType>text/html</sl:MimeType>" + nl + + " </sl:FinalDataMetaInfo>" + nl + + " </sl:TransformsInfo>" + nl; + public static final String REQUEST_SHOULD_SL12 = +"<?xml version=\"1.0\" encoding=\"UTF-8\"?>" + nl + +"<sl:CreateXMLSignatureRequest xmlns:dsig=\"http://www.w3.org/2000/09/xmldsig#\" xmlns:sl=\"http://www.buergerkarte.at/namespaces/securitylayer/1.2#\">" + nl + +" <sl:KeyboxIdentifier>SecureSignatureKeypair</sl:KeyboxIdentifier>" + nl + +" <sl:DataObjectInfo Structure=\"detached\">" + nl + +" <sl:DataObject Reference=\"\"/>" + nl + +TRANSFORMS_INFO_SL12 + +" </sl:DataObjectInfo>" + nl + +" <sl:SignatureInfo>" + nl + +" <sl:SignatureEnvironment>" + nl + +" <sl:XMLContent>" + AuthenticationBlockAssertionBuilderTest.ASSERTION_SHOULD + "</sl:XMLContent>" + nl + +" </sl:SignatureEnvironment>" + nl + +" <sl:SignatureLocation Index=\"2\">/saml:Assertion</sl:SignatureLocation>" + nl + +" </sl:SignatureInfo>" + nl + +"</sl:CreateXMLSignatureRequest>"; + + + + + public CreateXMLSignatureBuilderTest(String name) { + super(name); + } + + public void testBuild() throws Exception { + // test build for Security Layer version 1.1 and 1.0 + String request = new CreateXMLSignatureRequestBuilder().build( + AuthenticationBlockAssertionBuilderTest.ASSERTION_SHOULD, "SecureSignatureKeypair", + new String[] {TRANSFORMS_INFO}, + false); + assertXmlEquals(REQUEST_SHOULD, request); + // test build for Security Layer version 1.2 + String requestSL12 = new CreateXMLSignatureRequestBuilder().build( + AuthenticationBlockAssertionBuilderTest.ASSERTION_SHOULD, "SecureSignatureKeypair", + new String[] {TRANSFORMS_INFO}, + true); + assertXmlEquals(REQUEST_SHOULD_SL12, requestSL12); + } +} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java new file mode 100644 index 000000000..2887454ec --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java @@ -0,0 +1,97 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.id.auth.builder; + +import java.text.MessageFormat; + +import junit.framework.TestCase; + +import at.gv.egovernment.moa.id.auth.builder.CertInfoVerifyXMLSignatureRequestBuilder; +import at.gv.egovernment.moa.id.auth.builder.GetIdentityLinkFormBuilder; +import at.gv.egovernment.moa.id.auth.builder.InfoboxReadRequestBuilder; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class GetIdentityLinkFormBuilderTest extends TestCase { + private static String nl = "\n"; + public static String FORM = + "<meta http-equiv=\"content-type\" content=\"text/html; charset=UTF-8\">" + nl + + "<html>" + nl + + "<head>" + nl + + "<title>Auslesen der Personenbindung</title>" + nl + + "</head>" + nl + + "<body>" + nl + + "<form name=\"GetIdentityLinkForm\"" + nl + + " action=\"{0}\"" + nl + + " method=\"post\">" + nl + + " <input type=\"hidden\" " + nl + + " name=\"XMLRequest\"" + nl + + " value=\"{1}\"/>" + nl + + " <input type=\"hidden\" " + nl + + " name=\"DataURL\"" + nl + + " value=\"{2}\"/>" + nl + + " <input type=\"submit\" value=\"Auslesen der Personenbindung\"/>" + nl + + "</form>" + nl + + "<form name=\"CertificateInfoForm\"" + nl + + " action=\"{0}\"" + nl + + " method=\"post\">" + nl + + " <input type=\"hidden\" " + nl + + " name=\"XMLRequest\"" + nl + + " value=\"{3}\"/>" + nl + + " <input type=\"hidden\" " + nl + + " name=\"DataURL\"" + nl + + " value=\"{4}\"/>" + nl + + " <input type=\"submit\" value=\"Information zu Wurzelzertifikaten\"/>" + nl + + "</form>" + nl + + "</body>" + nl + + "</html>"; + public static String BKU = + "http://localhost:3495/http-security-layer-request"; + + public void testBuild() throws Exception { + String xmlRequest = new InfoboxReadRequestBuilder().build(false, false, null); + String dataURL = "https://1.2.3.4/auth/VerifyIdentityLink?MOASessionID=1234567"; + String infoRequest = new CertInfoVerifyXMLSignatureRequestBuilder().build(false); + String infoDataURL = "https://1.2.3.4/auth/StartAuthentication?Target=gb&OA=https://oa.gv.at/"; + String form = new GetIdentityLinkFormBuilder().build(null, null, xmlRequest, dataURL, infoRequest, infoDataURL, null); + String formShould = MessageFormat.format( + FORM, new Object[] { BKU, xmlRequest, dataURL, infoRequest, infoDataURL }); + assertEquals(formShould, form); + } + public void testBuildCustomBKU() throws Exception { + String xmlRequest = new InfoboxReadRequestBuilder().build(false, false, null); + String dataURL = "https://1.2.3.4/auth/AuthServlet/StartAuthentication?MOASessionID=1234567"; + String infoRequest = new CertInfoVerifyXMLSignatureRequestBuilder().build(false); + String infoDataURL = "https://1.2.3.4/auth/StartAuthentication?Target=gb&OA=https://oa.gv.at/"; + String bkuURL = "http://bku.at/"; + String form = new GetIdentityLinkFormBuilder().build(null, bkuURL, xmlRequest, dataURL, infoRequest, infoDataURL, null); + String formShould = MessageFormat.format( + FORM, new Object[] { bkuURL, xmlRequest, dataURL, infoRequest, infoDataURL }); + assertEquals(formShould, form); + } + +} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilderTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilderTest.java new file mode 100644 index 000000000..968055384 --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilderTest.java @@ -0,0 +1,53 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.id.auth.builder; + +import org.w3c.dom.Document; +import test.at.gv.egovernment.moa.id.UnitTestCase; + +import at.gv.egovernment.moa.id.auth.builder.InfoboxReadRequestBuilder; +import at.gv.egovernment.moa.util.Constants; +import at.gv.egovernment.moa.util.DOMUtils; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class InfoboxReadRequestBuilderTest extends UnitTestCase implements Constants { + + public InfoboxReadRequestBuilderTest(String name) { + super(name); + } + + public void testBuild() throws Exception { + InfoboxReadRequestBuilder builder = new InfoboxReadRequestBuilder(); + String xmlBuilt = builder.build(false, false, null); + Document docBuilt = DOMUtils.parseDocument(xmlBuilt, false, ALL_SCHEMA_LOCATIONS, null); + String xmlBuiltSerialized = DOMUtils.serializeNode(docBuilt); + // xmlShould was generated by Hot:Sign Tester + String xmlShould = "<?xml version='1.0' encoding='utf-8'?><sl10:InfoboxReadRequest xmlns:sl10='http://www.buergerkarte.at/namespaces/securitylayer/20020225#'><sl10:InfoboxIdentifier>IdentityLink</sl10:InfoboxIdentifier><sl10:BinaryFileParameters ContentIsXMLEntity='true'/></sl10:InfoboxReadRequest>"; + assertXmlEquals(xmlShould, xmlBuiltSerialized); + } +} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilderTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilderTest.java new file mode 100644 index 000000000..9acce6b38 --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilderTest.java @@ -0,0 +1,75 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.id.auth.builder; + +import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder; +import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; +import at.gv.egovernment.moa.util.Constants; + +import test.at.gv.egovernment.moa.id.UnitTestCase; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class PersonDataBuilderTest extends UnitTestCase implements Constants { + + /** + * Constructor for PersonDataBuilderTest. + */ + public PersonDataBuilderTest(String arg) { + super(arg); + } + public void testBuild() throws Exception { + String xmlInfoboxReadResponse = readFile("data/test/xmldata/testperson1/InfoboxReadResponse.xml"); + IdentityLink il = new InfoboxReadResponseParser(xmlInfoboxReadResponse).parseIdentityLink(); + String xmlPersonData = new PersonDataBuilder().build(il, true); + String xmlPersonDataShould = "<pr:Person xsi:type=\"pr:PhysicalPersonType\"><pr:Identification><pr:Value>123456789012</pr:Value><pr:Type>http://reference.e-government.gv.at/names/persondata/20020228#zmr-zahl</pr:Type></pr:Identification><pr:Name><pr:GivenName>Hermann</pr:GivenName><pr:FamilyName primary=\"undefined\">Muster</pr:FamilyName></pr:Name><pr:DateOfBirth>1968-10-22</pr:DateOfBirth></pr:Person>"; + assertPersonDataEquals(xmlPersonDataShould, xmlPersonData); + } + public void testBuildNoZMRZahl() throws Exception { + String xmlInfoboxReadResponse = readFile("data/test/xmldata/testperson1/InfoboxReadResponse.xml"); + IdentityLink il = new InfoboxReadResponseParser(xmlInfoboxReadResponse).parseIdentityLink(); + String xmlPersonData = new PersonDataBuilder().build(il, false); + String xmlPersonDataShould = XML_DECL + "<pr:Person xsi:type=\"pr:PhysicalPersonType\"><pr:Name><pr:GivenName>Hermann</pr:GivenName><pr:FamilyName primary=\"undefined\">Muster</pr:FamilyName></pr:Name><pr:DateOfBirth>1968-10-22</pr:DateOfBirth></pr:Person>"; + assertPersonDataEquals(xmlPersonDataShould, xmlPersonData); + } + private void assertPersonDataEquals(String s1, String s2) throws Exception { + String ss1 = insertPrNS(s1); + String ss2 = insertPrNS(s2); + assertXmlEquals(ss1, ss2); + } + private String insertPrNS(String xmlPersonData) { + int startNS = xmlPersonData.indexOf("Person") + "Person".length() + 1; + String s = + xmlPersonData.substring(0, startNS) + + "xmlns:pr=\"" + PD_NS_URI + "\" " + + "xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" " + + xmlPersonData.substring(startNS); + return s; + } + +} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java new file mode 100644 index 000000000..915dc540c --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java @@ -0,0 +1,76 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.id.auth.builder; + +import at.gv.egovernment.moa.id.BuildException; +import at.gv.egovernment.moa.id.auth.builder.SAMLArtifactBuilder; +import at.gv.egovernment.moa.util.Base64Utils; + +import test.at.gv.egovernment.moa.id.UnitTestCase; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class SAMLArtifactBuilderTest extends UnitTestCase { + + private static final String AUTH_URL = "https://moa.gv.at/auth/"; + private static final String SESSION_ID_1 = "123456"; + private static final String SESSION_ID_2 = "123457"; + private static final String SESSION_ID_3 = "1234567"; + + private SAMLArtifactBuilder builder; + private byte[] artifact1; + private byte[] artifact2; + private byte[] artifact3; + + public SAMLArtifactBuilderTest(String name) { + super(name); + } + protected void setUp() throws Exception { + builder = new SAMLArtifactBuilder(); + artifact1 = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_1, null), false); + artifact2 = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_2, null), false); + artifact3 = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_3, null), false); + } + + public void testBuildArtifactLength() throws BuildException { + assertEquals(42, artifact1.length); + assertEquals(42, artifact2.length); + assertEquals(42, artifact3.length); + } + public void testBuildSameArtifact() throws Exception { + byte[] artifact1Clone = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_1, null), false); + assertEquals(new String(artifact1), new String(artifact1Clone)); + } + public void testBuildDifferentArtifacts() throws BuildException { + String msg = "SAML Artifacts should be different"; + assertFalse(msg, new String(artifact1).equals(new String(artifact2))); + assertFalse(msg, new String(artifact1).equals(new String(artifact3))); + assertFalse(msg, new String(artifact3).equals(new String(artifact2))); + } + + +} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilderTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilderTest.java new file mode 100644 index 000000000..7a6f69877 --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilderTest.java @@ -0,0 +1,117 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.id.auth.builder; + +import java.io.FileInputStream; +import java.io.RandomAccessFile; + +import org.w3c.dom.Element; +import test.at.gv.egovernment.moa.id.auth.invoke.MOASPSSTestCase; + +import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; +import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; +import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser; +import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; +import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; +import at.gv.egovernment.moa.id.config.ConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; + + + +/** + * Test case for the signature verification web service. + * + * This test requires a running SignatureVerification web service. + * + * @author Stefan Knirsch + * @version $Id$ + */ +public class VerifyXMLSignatureRequestBuilderTest extends MOASPSSTestCase { + + + private SignatureVerificationInvoker caller; + + public VerifyXMLSignatureRequestBuilderTest(String name) { + super(name); + } + + public void setUp() { + System.setProperty( + ConfigurationProvider.CONFIG_PROPERTY_NAME, + "data/test/conf/ConfigurationTest.xml"); + caller = new SignatureVerificationInvoker(); + } + + public void testVerifyXMLSignatureRequestBuilderIdentityLink() throws Exception { + + RandomAccessFile infoBox = new RandomAccessFile( + "data/test/xmldata/testperson1/InfoboxReadResponse.xml","r"); + byte[] b = new byte[(int) infoBox.length()]; + infoBox.read(b); + infoBox.close(); + String xmlInfoboxReadResponse = new String(b, "UTF-8"); + + + RandomAccessFile vr = new RandomAccessFile( + "data/test/xmldata/standard/VerifyXMLSignatureRequestIdentityLink.xml","r"); + b = new byte[(int) vr.length()]; + vr.read(b); + vr.close(); + String xmlResponse = new String(b, "UTF-8"); + + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(xmlInfoboxReadResponse); + IdentityLink idl = irrp.parseIdentityLink(); + VerifyXMLSignatureRequestBuilder vsrb = new VerifyXMLSignatureRequestBuilder(); + AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance(); + + Element requestBuild = vsrb.build(idl, authConf.getMoaSpIdentityLinkTrustProfileID()); + + assertXmlEquals(requestBuild, xmlResponse); + + } + + public void testVerifyXMLSignature2() throws Exception { + + RandomAccessFile s = new RandomAccessFile("data/test/xmldata/standard/CreateXMLSignatureResponse.xml","r"); + byte[] b = new byte[(int) s.length()]; + s.read(b); + s.close(); + String xmlCreateXMLSignatureResponse = new String(b, "UTF-8"); + + CreateXMLSignatureResponseParser cXMLsrp = new CreateXMLSignatureResponseParser(xmlCreateXMLSignatureResponse); + CreateXMLSignatureResponse csr = cXMLsrp.parseResponse(); + + VerifyXMLSignatureRequestBuilder vsrb = new VerifyXMLSignatureRequestBuilder(); + + AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance(); + + Element request = vsrb.build(csr, authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs(), authConf.getMoaSpIdentityLinkTrustProfileID()); + + // check the result + assertXmlEquals(request, new FileInputStream("data/test/xmldata/standard/VerifyXMLSignatureRequestCreateXML.xml")); + + } + } diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/invoke/MOASPSSTestCase.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/invoke/MOASPSSTestCase.java new file mode 100644 index 000000000..e4dd1c42f --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/invoke/MOASPSSTestCase.java @@ -0,0 +1,62 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.id.auth.invoke; + +import java.security.Security; + +import test.at.gv.egovernment.moa.id.UnitTestCase; + +/** + * Base class for end-to-end tests of MOA web-services. + * + * Initializes the test system and provides some properties. + * + * @author Patrick Peck + * @version $Id$ + */ +public class MOASPSSTestCase extends UnitTestCase { + + public MOASPSSTestCase(String name) { + super(name); + } + + + protected void setupSSL() { + System.setProperty("javax.net.debug", "all"); + Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); + System.setProperty( + "java.protocol.handler.pkgs", + "com.sun.net.ssl.internal.www.protocol"); + System.setProperty( + "javax.net.ssl.keyStore", + "data/test/security/client.keystore"); + System.setProperty("javax.net.ssl.keyStorePassword", "changeit"); + System.setProperty( + "javax.net.ssl.trustStore", + "data/test/security/client.keystore"); + System.setProperty("javax.net.ssl.trustStorePassword", "changeit"); + } + +} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationTest.java new file mode 100644 index 000000000..9cf92f8a5 --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationTest.java @@ -0,0 +1,190 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.id.auth.invoke; + +import java.io.RandomAccessFile; + +import org.w3c.dom.Element; + +import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; +import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; +import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; +import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser; +import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; +import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; +import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; +import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator; +import at.gv.egovernment.moa.id.config.ConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.util.DOMUtils; + + + +/** + * Test case for the signature verification web service. + * + * This test requires a running SignatureVerification web service. + * + * @author Patrick Peck + * @author Fatemeh Philippi + * @version $Id$ + */ +public class SignatureVerificationTest extends MOASPSSTestCase { + + + private SignatureVerificationInvoker caller; + + public SignatureVerificationTest(String name) { + super(name); + } + + public void setUp() { +System.setProperty( + ConfigurationProvider.CONFIG_PROPERTY_NAME, + "data/test/conf/ConfigurationTest.xml"); + caller = new SignatureVerificationInvoker(); + } + +/* public void testVerifyCMSSignature() throws Exception { + Element request = + parseXml("data/test/xml/VCSQ000.xml").getDocumentElement(); + Element result; + + // call the service + result = caller.verifyXMLSignature(request); + + // check the result + assertEquals("VerifyCMSSignatureResponse", result.getTagName()); + }*/ + + public void testVerifyXMLSignature1() throws Exception { + + //Momentan zeigt die Konfiguration als Endpunkt aus localhost:8081 zum + //Protokollieren per TCPMon... der ECHT Endpunkt ist 10.16.46.108:8080 + RandomAccessFile s = + new RandomAccessFile( + "data/test/xmldata/testperson1/InfoboxReadResponse.xml","r"); + byte[] b = new byte[(int) s.length()]; + s.read(b); + String xmlInfoboxReadResponse =new String(b,"UTF8"); + + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(xmlInfoboxReadResponse); + IdentityLink idl = irrp.parseIdentityLink(); + VerifyXMLSignatureRequestBuilder vsrb = new VerifyXMLSignatureRequestBuilder(); + + AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance(); + + Element request = vsrb.build(idl, authConf.getMoaSpIdentityLinkTrustProfileID()); + s =new RandomAccessFile("D://PatricksVerifyXMLSignatureRequestWithInfoboxReadResponse.xml","rw"); + s.write(DOMUtils.serializeNode(request).getBytes("UTF-8")); + s.close(); +// Element request = DOMUtils.parseDocument(vsrb.build(xmlInfoboxReadResponse,"TrustProfile1"),false,null,null).getDocumentElement(); +// Element request = DOMUtils.parseDocument(xmlInfoboxReadResponse,false,null,null).getDocumentElement(); +// call the service + Element response = caller.verifyXMLSignature(request); + VerifyXMLSignatureResponseParser vParser = new VerifyXMLSignatureResponseParser(response); + VerifyXMLSignatureResponse vData = vParser.parseData(); + VerifyXMLSignatureResponseValidator vValidate = VerifyXMLSignatureResponseValidator.getInstance(); + vValidate.validate(vData, authConf.getIdentityLinkX509SubjectNames(), VerifyXMLSignatureResponseValidator.CHECK_IDENTITY_LINK, true); + vValidate.validateCertificate(vData,idl); + + // check the result + assertXmlEquals(response, request); + + } + + public void testVerifyXMLSignature2() throws Exception { + // Prüft den 2. Aufruf mit dem CreateXMLSIgnatureResponse als Parameter + //Momentan zeigt die Konfiguration als Endpunkt aus localhost:8081 zum + //Protokollieren per TCPMon... der ECHT Endpunkt ist 10.16.46.108:8080 + RandomAccessFile s = + new RandomAccessFile( + "data/test/xmldata/standard/CreateXMLSignatureResponse.xml","r"); + byte[] b = new byte[(int) s.length()]; + s.read(b); + String xmlCreateXMLSignatureResponse = new String(b, "UTF8"); + + CreateXMLSignatureResponseParser cXMLsrp = new CreateXMLSignatureResponseParser(xmlCreateXMLSignatureResponse); +// CreateXMLSignatureResponseParser cXMLsrp = new CreateXMLSignatureResponseParser(xmlCreateXMLSignatureResponse); + CreateXMLSignatureResponse csr = cXMLsrp.parseResponse(); + + VerifyXMLSignatureRequestBuilder vsrb = new VerifyXMLSignatureRequestBuilder(); + + AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance(); + + Element request = vsrb.build(csr, authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs(), authConf.getMoaSpIdentityLinkTrustProfileID()); + // Element request = DOMUtils.parseDocument(vsrb.build(xmlInfoboxReadResponse,"TrustProfile1"),false,null,null).getDocumentElement(); +// Element request = DOMUtils.parseDocument(xmlInfoboxReadResponse,false,null,null).getDocumentElement(); + Element result; +/*s =new RandomAccessFile("D://PatricksVerifyXMLSignatureRequestWithAuthBlock.xml","rw"); + s.write(DOMUtils.serializeNode(request).getBytes("UTF-8")); + s.close();*/ + // call the service + result = caller.verifyXMLSignature(request); + // check the result + assertEquals("VerifyXMLSignatureResponse", result.getTagName()); + + } + + + public void testParseCreateXMLSignatureResponse() throws Exception { + + //Später soll die Datei direkt vom Server geholt werden... + + RandomAccessFile s = + new RandomAccessFile( + "data/test/xmldata/standard/CreateXMLSignatureResponse.xml", + + "r"); + byte[] b = new byte[(int) s.length()]; + s.read(b); + String xmlCreateXMLSignatureResponse = new String(b, "UTF-8"); + + CreateXMLSignatureResponseParser cXMLsrp = new CreateXMLSignatureResponseParser(xmlCreateXMLSignatureResponse); + CreateXMLSignatureResponse csr = cXMLsrp.parseResponse(); + + } + + public void testParseVerifyXMLSignatureResponse() throws Exception { + + //Später soll die Datei direkt vom Server geholt werden... + + RandomAccessFile s = + new RandomAccessFile( + "data/test/xmldata/standard/VerifyXMLSignaterResponse.xml", + + "r"); + byte[] b = new byte[(int) s.length()]; + s.read(b); + String xmlVerifyXMLSignatureResponse = new String(b, "UTF-8"); + + VerifyXMLSignatureResponseParser vXMLsrp = new VerifyXMLSignatureResponseParser(xmlVerifyXMLSignatureResponse); + VerifyXMLSignatureResponse vsr = vXMLsrp.parseData(); + + } + + + } diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/AllTests.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/AllTests.java new file mode 100644 index 000000000..a6b4335db --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/AllTests.java @@ -0,0 +1,53 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.id.auth.parser; + +import junit.awtui.TestRunner; +import junit.framework.Test; +import junit.framework.TestSuite; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class AllTests { + + public static Test suite() { + TestSuite suite = new TestSuite(); + + suite.addTestSuite(IdentityLinkAssertionParserTest.class); + suite.addTestSuite(SAMLArtifactParserTest.class); + + return suite; + } + + public static void main(String[] args) { + try { + TestRunner.run(AllTests.class); + } catch (Exception e) { + e.printStackTrace(); + } + } +} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParserTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParserTest.java new file mode 100644 index 000000000..6fb533ff0 --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParserTest.java @@ -0,0 +1,157 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.id.auth.parser; + +import iaik.security.rsa.RSAPublicKey; + +import java.io.FileOutputStream; +import java.io.RandomAccessFile; +import java.security.PublicKey; + +import org.w3c.dom.Document; + +import test.at.gv.egovernment.moa.id.UnitTestCase; +import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; +import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; +import at.gv.egovernment.moa.id.util.ECDSAKeyValueConverter; +import at.gv.egovernment.moa.util.Constants; +import at.gv.egovernment.moa.util.DOMUtils; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class IdentityLinkAssertionParserTest extends UnitTestCase { + + IdentityLinkAssertionParser ilap; + + public IdentityLinkAssertionParserTest(String name) { + super(name); + } + + public void setUp() { + try { + RandomAccessFile s = + new RandomAccessFile( + "data/test/xmldata/testperson1/InfoboxReadResponse.xml", + "r"); + byte[] b = new byte[(int) s.length()]; + s.read(b); + String xmlInfoboxReadResponse = new String(b, "UTF-8"); + + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(xmlInfoboxReadResponse); + ilap = new IdentityLinkAssertionParser(irrp.parseSAMLAssertion()); + } + catch (Exception e) { + e.printStackTrace(); + } + } + +// public void testParseIdentityLink() throws Exception { +// IdentityLink idl = ilap.parseIdentityLink(); +// System.out.println(idl.getGivenName()); +// System.out.println(idl.getFamilyName()); +// System.out.println(idl.getDateOfBirth()); +// System.out.println(idl.getIdentificationValue()); +// +// VerifyXMLSignatureRequestBuilder vx = new VerifyXMLSignatureRequestBuilder(); +// +// // Element zurück bekommen: vx.build(idl.getSamlAssertion()); +// +// IdentityLinkValidator idVali = IdentityLinkValidator.getInstance(); +// idVali.validate(idl); +// +// } + +// public void testParseIdentityLinkECC() throws Exception { +// RandomAccessFile s = +// new RandomAccessFile( +// "data/test/xmldata/IL.ResponseToRequest.01.ECDSA.xml", +// "r"); +// byte[] b = new byte[(int) s.length()]; +// s.read(b); +// String xmlInfoboxReadResponse = new String(b); +// InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(xmlInfoboxReadResponse); +// String SAML = irrp.parseSAMLAssertion(); +// ilap = new IdentityLinkAssertionParser(SAML); +// IdentityLink idl = ilap.parseIdentityLink(); +// System.out.println(idl.getGivenName()); +// System.out.println(idl.getFamilyName()); +// System.out.println(idl.getDateOfBirth()); +// System.out.println(idl.getIdentificationValue()); +// +// VerifyXMLSignatureRequestBuilder vx = new VerifyXMLSignatureRequestBuilder(); +// +// // Element zurück bekommen: vx.build(idl.getSamlAssertion()); +// +// IdentityLinkValidator idVali = IdentityLinkValidator.getInstance(); +// idVali.validate(idl); +// +// } + + public void testRSAPublicKeys() throws Exception { + if (ilap.getPublicKeys()[0].getClass().getName().equals("iaik.security.rsa.RSAPublicKey")) + { + + for (int i = 0; i < ilap.getPublicKeys().length; i++) { + RSAPublicKey result = (RSAPublicKey)ilap.getPublicKeys()[i]; + System.out.println("RSA Public Key No" + i); + System.out.println("Modulus: " + result.getModulus()); + System.out.println("Exponent: " + result.getPublicExponent()); + } + + } + } + + public void testECDSAPublicKeys() throws Exception { + + RandomAccessFile s = + new RandomAccessFile( + "data/test/xmldata/ECDSAKeyExample.xml", + "r"); + byte[] b = new byte[(int) s.length()]; + s.read(b); + String ecdsaKey = new String(b, "UTF-8"); + Document e = DOMUtils.parseDocument(ecdsaKey,true,Constants.ALL_SCHEMA_LOCATIONS, null); + PublicKey p = ECDSAKeyValueConverter.element2ECDSAPublicKey(e.getDocumentElement()); + + } + + + public void testDsigCertificates() throws Exception { + + String[] result = ilap.getCertificates(); + for (int i = 0; i < result.length; i++) { + + System.out.println("DSIG Certificate Length: " + result[i].length() + " No" + i + "\n" + result[i]); + FileOutputStream raf = new FileOutputStream("data/test/certs/cert" + i + ".cer"); + raf.write(result[i].getBytes()); + raf.flush(); + raf.close(); + } + + } + +} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParserTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParserTest.java new file mode 100644 index 000000000..da5e066c6 --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParserTest.java @@ -0,0 +1,91 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.id.auth.parser; + +import java.io.RandomAccessFile; + +import test.at.gv.egovernment.moa.id.UnitTestCase; + +import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; +import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class InfoboxReadResponseParserTest extends UnitTestCase { + + IdentityLinkAssertionParser ilap; + + public InfoboxReadResponseParserTest(String name) { + super(name); + } + + public void setUp() { + } + + public void testParseInfoboxReadResponse() throws Exception { + RandomAccessFile s = + new RandomAccessFile( + "data/test/xmldata/testperson1/InfoboxReadResponse.xml", + "r"); + byte[] b = new byte[(int) s.length()]; + s.read(b); + String xmlInfoboxReadResponse = new String(b, "UTF-8"); + + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(xmlInfoboxReadResponse); + ilap = new IdentityLinkAssertionParser(irrp.parseSAMLAssertion()); + + IdentityLink idl = ilap.parseIdentityLink(); + System.out.println(idl.getGivenName()); + System.out.println(idl.getFamilyName()); + System.out.println(idl.getDateOfBirth()); + System.out.println(idl.getIdentificationValue()); + + } + + public void testParseInfoboxReadResponseError() throws Exception { + RandomAccessFile s = + new RandomAccessFile( + "data/test/xmldata/ErrorResponse.xml", + "r"); + byte[] b = new byte[(int) s.length()]; + s.read(b); + String xmlInfoboxReadResponse = new String(b, "UTF-8"); + + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(xmlInfoboxReadResponse); + ilap = new IdentityLinkAssertionParser(irrp.parseSAMLAssertion()); + + IdentityLink idl = ilap.parseIdentityLink(); + System.out.println(idl.getGivenName()); + System.out.println(idl.getFamilyName()); + System.out.println(idl.getDateOfBirth()); + System.out.println(idl.getIdentificationValue()); + + } + + +} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java new file mode 100644 index 000000000..d34678f0c --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java @@ -0,0 +1,79 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.id.auth.parser; + +import at.gv.egovernment.moa.id.auth.builder.SAMLArtifactBuilder; +import at.gv.egovernment.moa.id.auth.parser.SAMLArtifactParser; +import at.gv.egovernment.moa.id.util.Random; +import test.at.gv.egovernment.moa.id.UnitTestCase; + +/* + * @author Paul Ivancsics + * @version $Id$ + */ +public class SAMLArtifactParserTest extends UnitTestCase { + + private static String URL1 = "http://moa.gv.at/auth"; + private static String URL2 = "https://moa.gv.at/auth"; + + public SAMLArtifactParserTest(String name) { + super(name); + } + + public void testParseTypeCode() throws Exception { + String sessionID = Random.nextRandom(); + String samlArtifact = new SAMLArtifactBuilder().build(URL1, sessionID, null); + byte[] typeCode = new SAMLArtifactParser(samlArtifact).parseTypeCode(); + assertEquals(typeCode[0], 0); + assertEquals(typeCode[1], 1); + } + public void testParseAssertionHandleSameSessionID() throws Exception { + // SAML artifacts for different authURL's but same sessionID MUST give same assertion handle + String sessionID = Random.nextRandom(); + String samlArtifact1 = new SAMLArtifactBuilder().build(URL1, sessionID, null); + String samlArtifact2 = new SAMLArtifactBuilder().build(URL2, sessionID, null); + String assertionHandle1 = new SAMLArtifactParser(samlArtifact1).parseAssertionHandle(); + String assertionHandle2 = new SAMLArtifactParser(samlArtifact2).parseAssertionHandle(); + assertEquals(assertionHandle1, assertionHandle2); + } + public void testParseAssertionHandleSameURL() throws Exception { + // SAML artifacts for same authURL but different sessionID's MUST give different assertion handles + String sessionID1 = Random.nextRandom(); + String sessionID2 = Random.nextRandom(); + String samlArtifact1 = new SAMLArtifactBuilder().build(URL1, sessionID1, null); + String samlArtifact2 = new SAMLArtifactBuilder().build(URL1, sessionID2, null); + String assertionHandle1 = new SAMLArtifactParser(samlArtifact1).parseAssertionHandle(); + String assertionHandle2 = new SAMLArtifactParser(samlArtifact2).parseAssertionHandle(); + assertFalse(assertionHandle1.equals(assertionHandle2)); + } + public void testParseAssertionHandleSameSAMLArtifact() throws Exception { + // SAML artifact parsed twice MUST give same assertion handle each time + String sessionID = Random.nextRandom(); + String samlArtifact = new SAMLArtifactBuilder().build(URL1, sessionID, null); + String assertionHandle1 = new SAMLArtifactParser(samlArtifact).parseAssertionHandle(); + String assertionHandle2 = new SAMLArtifactParser(samlArtifact).parseAssertionHandle(); + assertEquals(assertionHandle1, assertionHandle2); + } +} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/servlet/GetAuthenticationDataServiceTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/servlet/GetAuthenticationDataServiceTest.java new file mode 100644 index 000000000..ccb8fac7a --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/servlet/GetAuthenticationDataServiceTest.java @@ -0,0 +1,115 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.id.auth.servlet; + +import org.w3c.dom.Element; + +import test.at.gv.egovernment.moa.id.UnitTestCase; + +import at.gv.egovernment.moa.id.auth.servlet.GetAuthenticationDataService; +import at.gv.egovernment.moa.util.Constants; +import at.gv.egovernment.moa.util.DOMUtils; +import at.gv.egovernment.moa.util.XPathUtils; + +/** + * Test case instantiates GetAuthenticationDataService and calls the Request() method. + * It DOES NOT call the web service via Axis. + * + * @author Paul Ivancsics + * @version $Id$ + */ +public class GetAuthenticationDataServiceTest extends UnitTestCase implements Constants { + + private GetAuthenticationDataService service; + + public GetAuthenticationDataServiceTest(String arg0) { + super(arg0); + } + protected void setUp() throws Exception { + service = new GetAuthenticationDataService(); + } + + public void testService2Requests() throws Exception { + String requestString = + "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>" + + "<samlp:Request xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" RequestID=\"123456\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"2003-02-13T13:59:00\">" + + "<saml:AssertionIDReference>123</saml:AssertionIDReference>" + + "</samlp:Request>"; + Element request = DOMUtils.parseDocument(requestString, false, ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); + Element response = service.Request(new Element[] {request, request})[0]; + assertStatus(response, "samlp:Requester", "samlp:TooManyResponses"); + } + public void testServiceNoSAMLArtifact() throws Exception { + String requestString = + "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>" + + "<samlp:Request xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" RequestID=\"123456\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"2003-02-13T13:59:00\">" + + "<saml:AssertionIDReference>123</saml:AssertionIDReference>" + + "</samlp:Request>"; + Element request = DOMUtils.parseDocument(requestString, false, ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); + Element response = service.Request(new Element[] {request})[0]; + assertStatus(response, "samlp:Requester", null); + } + public void testService2SAMLArtifacts() throws Exception { + String requestString = + "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>" + + "<samlp:Request xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" RequestID=\"123456\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"2003-02-13T13:59:00\">" + + "<samlp:AssertionArtifact>123</samlp:AssertionArtifact>" + + "<samlp:AssertionArtifact>456</samlp:AssertionArtifact>" + + "</samlp:Request>"; + Element request = DOMUtils.parseDocument(requestString, false, ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); + Element response = service.Request(new Element[] {request})[0]; + assertStatus(response, "samlp:Requester", "samlp:TooManyResponses"); + } + public void testServiceWrongFormat() throws Exception { + String requestString = + "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>" + + "<samlp:Request xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" RequestID=\"123456\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"2003-02-13T13:59:00\">" + + "</samlp:Request>"; + Element request = DOMUtils.parseDocument(requestString, false, ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); + Element response = service.Request(new Element[] {request})[0]; + assertStatus(response, "samlp:Requester", null); + } + public void testServiceWrongSAMLArtifact() throws Exception { + String requestString = + "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>" + + "<samlp:Request xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" RequestID=\"123456\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"2003-02-13T13:59:00\">" + + "<samlp:AssertionArtifact>WRONGARTIFACT</samlp:AssertionArtifact>" + + "</samlp:Request>"; + Element request = DOMUtils.parseDocument(requestString, false, ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); + Element response = service.Request(new Element[] {request})[0]; + assertStatus(response, "samlp:Requester", "samlp:ResourceNotRecognized"); + } + private void assertStatus(Element response, String statusCodeShould, String subStatusCodeShould) throws Exception { + Element statusCodeNode = (Element)XPathUtils.selectSingleNode(response, "//samlp:StatusCode"); + String statusCode = statusCodeNode.getAttribute("Value"); + Element subStatusCodeNode = (Element)XPathUtils.selectSingleNode(statusCodeNode, "//samlp:StatusCode/samlp:StatusCode"); + String subStatusCode = subStatusCodeNode == null ? null : subStatusCodeNode.getAttribute("Value"); + System.out.println(statusCode + subStatusCode); + assertEquals(statusCodeShould, statusCode); + assertEquals(subStatusCodeShould, subStatusCode); + } + + +} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/config/auth/MOAIDAuthConfigurationProviderTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/config/auth/MOAIDAuthConfigurationProviderTest.java new file mode 100644 index 000000000..b2b973b4a --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/config/auth/MOAIDAuthConfigurationProviderTest.java @@ -0,0 +1,136 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.id.config.auth; + +import java.util.Map; + +import test.at.gv.egovernment.moa.id.UnitTestCase; + +import at.gv.egovernment.moa.id.config.ConnectionParameter; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; + +/** + * @author Stefan Knirsch + * @version $Id$ + */ +public class MOAIDAuthConfigurationProviderTest extends UnitTestCase { + private AuthConfigurationProvider provider; + + /** + * Constructor for MOAAuthConfigTest. + * @param name + */ + public MOAIDAuthConfigurationProviderTest(String name) { + super(name); + } + + protected void setUp() throws Exception { + + provider = + new AuthConfigurationProvider(TESTDATA_ROOT + "conf/ConfigurationTest.xml"); + + } + public void testGetTransformsInfoFileNames() { + String[] transformsInfoFileNames; + transformsInfoFileNames = provider.getTransformsInfoFileNames(); +// for (int i = 0; i < transformsInfoFileNames.length; i++) { +// System.out.println( +// "getTransformsInfoFileNames: " + transformsInfoFileNames[i]); + assertEquals(transformsInfoFileNames[0],"http://StringsecLayerTranformsInfo1"); + assertEquals(transformsInfoFileNames[1],"http://StringsecLayerTranformsInfo2"); +// } + + } + + public void testGetMOASPConnectionParameters() { + ConnectionParameter cp; + cp = provider.getMoaSpConnectionParameter(); + assertEquals(cp.getUrl(),"MOA-SP-URL"); + assertEquals(cp.getAcceptedServerCertificates(),"http://AcceptedServerCertificates"); + assertEquals(cp.getClientKeyStorePassword(),"Keystore Pass"); + assertEquals(cp.getClientKeyStore(),"URLtoClientKeystoreAUTH"); +/* System.out.println(); + System.out.println("getMoaSpConnectionParameter :" + cp.getUrl()); + System.out.println( + "getMoaSpConnectionParameter :" + cp.getAcceptedServerCertificates()); + System.out.println( + "getMoaSpConnectionParameter :" + cp.getClientKeyStorePassword()); + System.out.println( + "getMoaSpConnectionParameter :" + cp.getClientKeyStore());*/ + } + public void testGetMoaSpIdentityLinkTrustProfileID() { + + assertEquals(provider.getMoaSpIdentityLinkTrustProfileID(),"StringVerifyIdentiyLinkTrustID"); + + } + public void testGetMoaSpAuthBlockTrustProfileID() { + assertEquals(provider.getMoaSpAuthBlockTrustProfileID(),"StringVerifyAuthBlockTransformID"); + } + + public void testGetMoaSpAuthBlockVerifyTransformsInfoIDs() { + String[] result = provider.getMoaSpAuthBlockVerifyTransformsInfoIDs(); + assertEquals(result[0],"StringVerifyTransformsInfoID1"); + assertEquals(result[1],"StringVerifyTransformsInfoID2"); + + } + + public void testGetOnlineApplicationAuthParameter() { + OAAuthParameter[] result = provider.getOnlineApplicationParameters(); + + assertEquals(result[0].getPublicURLPrefix(),"StringOALoginURL"); + assertEquals(result[0].getProvideStammzahl(),false); + assertEquals(result[0].getProvideAuthBlock(),false); + assertEquals(result[0].getProvideIdentityLink(),false); + + assertEquals(result[1].getPublicURLPrefix(),"StringOALoginURL2"); + assertEquals(result[1].getProvideStammzahl(),true); + assertEquals(result[1].getProvideAuthBlock(),true); + assertEquals(result[1].getProvideIdentityLink(),true); + + +/* for (int i = 0; i < result.length; i++) { + System.out.println(); + System.out.println("getOnlineApplicationParameters Url: " + result[i].getUrl()); + System.out.println("getOnlineApplicationParameters ProvideStammzahl: " + result[i].getProvideStammzahl()); + System.out.println("getOnlineApplicationParameters ProvideAuthBlock: " + result[i].getProvideAuthBlock()); + System.out.println("getOnlineApplicationParameters ProvideIdentityLink: " + result[i].getProvideIdentityLink()); + }*/ + } + + public void testGetGenericConfiguration() { + Map result = provider.getGenericConfiguration(); + assertEquals(result.containsKey("Generic Name 1"),true); + assertEquals(result.containsKey("Generic Name 2"),true); + assertEquals(result.get("Generic Name 1"),"Value1"); + assertEquals(result.get("Generic Name 2"),"Value2"); + /* for (Iterator iter = result.keySet().iterator(); iter.hasNext();) { + String element = (String) iter.next(); + System.out.println("getGenericConfiguration Key:" + element); + System.out.println("getGenericConfiguration Value:" + result.get(element)); + }*/ + } + +} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/config/proxy/MOAIDProxyConfigurationProviderTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/config/proxy/MOAIDProxyConfigurationProviderTest.java new file mode 100644 index 000000000..64e628e0c --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/config/proxy/MOAIDProxyConfigurationProviderTest.java @@ -0,0 +1,151 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.id.config.proxy; + +import java.util.Map; + +import at.gv.egovernment.moa.id.config.ConnectionParameter; +import at.gv.egovernment.moa.id.config.proxy.OAConfiguration; +import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider; +import at.gv.egovernment.moa.id.config.proxy.OAProxyParameter; + +import test.at.gv.egovernment.moa.id.UnitTestCase; + + + +/** + * @author Stefan Knirsch + * @version $Id$ + */ +public class MOAIDProxyConfigurationProviderTest extends UnitTestCase { + private ProxyConfigurationProvider provider; + + /** + * Constructor for MOAProxyConfigTest. + * @param name + */ + public MOAIDProxyConfigurationProviderTest(String name) { + super(name); + } + + protected void setUp() throws Exception { + + provider = +// new ProxyConfigurationProvider(TESTDATA_ROOT + "conf/ConfigurationTest.xml"); + new ProxyConfigurationProvider("data/deploy/conf/moa-id/ConfigurationTest.xml"); + } + public void testGetAuthComponentConnectionParameter() + { + ConnectionParameter cp; + cp = provider.getAuthComponentConnectionParameter(); + assertEquals(cp.getUrl(),"AuthComponentURL"); + assertEquals( cp.getAcceptedServerCertificates(),"http://www.altova.com"); + assertEquals(cp.getClientKeyStorePassword(),"String"); + assertEquals(cp.getClientKeyStore(),"http://www.altova.com"); + /* System.out.println(); + System.out.println("getProxyComponentConnectionParameter :" + cp.getUrl()); + System.out.println( + "getProxyComponentConnectionParameter :" + cp.getAcceptedServerCertificates()); + System.out.println( + "getProxyComponentConnectionParameter :" + cp.getClientKeyStorePassword()); + System.out.println( + "getProxyComponentConnectionParameter :" + cp.getClientKeyStore());*/ +} + + public void testGetOAProxyParameter() { + OAProxyParameter[] result = provider.getOnlineApplicationParameters(); + + assertEquals("http://localhost:9080/", result[0].getPublicURLPrefix()); + assertEquals("file:data/test/conf/OAConfParamAuth.xml", result[0].getConfigFileURL()); + assertEquals(10, result[0].getSessionTimeOut()); + assertEquals("StringloginParameterResolverImpl1", result[0].getLoginParameterResolverImpl()); + assertEquals("StringconnectionBuilderImpl1", result[0].getConnectionBuilderImpl()); + + assertEquals("ProxyComponentURL", result[0].getConnectionParameter().getUrl()); + assertEquals("url:AcceptedServerCertificates", result[0].getConnectionParameter().getAcceptedServerCertificates()); + assertEquals("URL:toClientKeystoreOA", result[0].getConnectionParameter().getClientKeyStore()); + assertEquals("ClientKeystoreOAPAss", result[0].getConnectionParameter().getClientKeyStorePassword()); + + assertEquals("StringOALoginURL2", result[1].getPublicURLPrefix()); + assertEquals("file:data/test/conf/OAConfHeaderAuth.xml", result[1].getConfigFileURL()); + assertEquals(20, result[1].getSessionTimeOut()); + assertEquals("StringloginParameterResolverImpl2",result[1].getLoginParameterResolverImpl()); + assertEquals("StringconnectionBuilderImpl2", result[1].getConnectionBuilderImpl()); + + assertEquals("ProxyComponentURL2", result[1].getConnectionParameter().getUrl()); + assertEquals("url:AcceptedServerCertificates2", result[1].getConnectionParameter().getAcceptedServerCertificates()); + assertEquals("URL:toClientKeystoreOA2", result[1].getConnectionParameter().getClientKeyStore()); + assertEquals("ClientKeystoreOAPAss2", result[1].getConnectionParameter().getClientKeyStorePassword()); + + assertEquals("StringOALoginURL3", result[2].getPublicURLPrefix()); + assertEquals("file:data/test/conf/OAConfBasicAuth.xml", result[2].getConfigFileURL()); + assertEquals(20, result[2].getSessionTimeOut()); + assertEquals("StringloginParameterResolverImpl3",result[2].getLoginParameterResolverImpl()); + assertEquals("StringconnectionBuilderImpl3", result[2].getConnectionBuilderImpl()); + + assertEquals("ProxyComponentURL3", result[2].getConnectionParameter().getUrl()); + assertEquals("url:AcceptedServerCertificates3", result[2].getConnectionParameter().getAcceptedServerCertificates()); + assertEquals("URL:toClientKeystoreOA3", result[2].getConnectionParameter().getClientKeyStore()); + assertEquals("ClientKeystoreOAPAss3", result[2].getConnectionParameter().getClientKeyStorePassword()); + } + + public void testGetGenericConfiguration() { + Map result = provider.getGenericConfiguration(); + assertEquals(true, result.containsKey("authenticationSessionTimeOut")); + assertEquals(true, result.containsKey("authenticationDataTimeOut")); + assertEquals("600", result.get("authenticationSessionTimeOut")); + assertEquals("120", result.get("authenticationDataTimeOut")); + } + + public void testOAConfigurationProvider() throws Exception + { + OAProxyParameter[] result = provider.getOnlineApplicationParameters(); + // für jeden Parameter müsste theoretisch bereits ein Provider instanziiert worden sein, + // aus diesem Grund braucht man NICHT mehr die File-URL anzugeben, PublicURLPrefix reicht + + // sollte ParamAuth sein + OAConfiguration oac1 = result[0].getOaConfiguration(); + assertEquals(OAConfiguration.PARAM_AUTH, oac1.getAuthType()); + assertEquals("MOADateOfBirth", oac1.getParamAuthMapping().get("Param1")); + assertEquals("MOABPK", oac1.getParamAuthMapping().get("Param2")); + // sollte HeaderAuth sein + OAConfiguration oac2 = result[1].getOaConfiguration(); + assertEquals(OAConfiguration.HEADER_AUTH, oac2.getAuthType()); + assertEquals("MOAPublicAuthority", oac2.getHeaderAuthMapping().get("Param1")); + assertEquals("MOABKZ", oac2.getHeaderAuthMapping().get("Param2")); + assertEquals("MOAQualifiedCertificate", oac2.getHeaderAuthMapping().get("Param3")); + assertEquals("MOAStammzahl", oac2.getHeaderAuthMapping().get("Param4")); + assertEquals("MOAIPAddress", oac2.getHeaderAuthMapping().get("Param5")); + + // sollte BasicAuth sein + OAConfiguration oac3 = result[2].getOaConfiguration(); + assertEquals(OAConfiguration.BASIC_AUTH, oac3.getAuthType()); + assertEquals("MOAGivenName", oac3.getBasicAuthUserIDMapping()); + assertEquals("MOAFamilyName", oac3.getBasicAuthPasswordMapping()); + //Fehlerfall: + + + } +} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/AllTests.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/AllTests.java new file mode 100644 index 000000000..84e41e12e --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/AllTests.java @@ -0,0 +1,55 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.id.proxy; + +import test.at.gv.egovernment.moa.id.proxy.builder.SAMLRequestBuilderTest; +import test.at.gv.egovernment.moa.id.proxy.parser.SAMLResponseParserTest; +import junit.awtui.TestRunner; +import junit.framework.Test; +import junit.framework.TestSuite; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class AllTests { + + public static Test suite() { + TestSuite suite = new TestSuite(); + + suite.addTestSuite(SAMLRequestBuilderTest.class); + suite.addTestSuite(SAMLResponseParserTest.class); + + return suite; + } + + public static void main(String[] args) { + try { + TestRunner.run(AllTests.class); + } catch (Exception e) { + e.printStackTrace(); + } + } +} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/builder/DOMTreeCompare.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/builder/DOMTreeCompare.java new file mode 100644 index 000000000..428477ce4 --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/builder/DOMTreeCompare.java @@ -0,0 +1,486 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.id.proxy.builder; + +import java.io.PrintStream; +import java.util.ArrayList; + +import org.w3c.dom.Element; +import org.w3c.dom.NamedNodeMap; +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; +import org.w3c.dom.Text; + +import at.gv.egovernment.moa.util.Base64Utils; + +/** + * @author Administrator + * + * To change this generated comment edit the template variable "typecomment": + * Window>Preferences>Java>Templates. + * To enable and disable the creation of type comments go to + * Window>Preferences>Java>Code Generation. + */ +public class DOMTreeCompare { + + boolean debug = true; + + private static PrintStream Log = null; + + static + { + Log = System.out; + } + + public boolean compareElements(Element root1, Element root2) + { + //Log.println("----- Compare Elements:"+root1.getNodeName()+" "+root2.getNodeName()); + filterTree(root1); + filterTree(root2); + return compareNodes(root1,root2,0,"root/",false); + } + + private boolean compareNodes(Node n1, Node n2, int level,String path,boolean attribute) + { + /*try { + Log.println(DOMUtils.serializeNode(n1)); + } + catch(Exception e) + { + e.printStackTrace(); + }*/ + boolean equal = false; + //Log.println("----- Compare Node "+level+":"+n1+" "+n2); + //Log.println("----- Compare Node "+level+":"+n1.getNodeName()+" "+n2.getNodeName()); + //Log.println("----- Checking:"+path+getPathString(n1)); + NodeList nl1 = n1.getChildNodes(); + NodeList nl2 = n2.getChildNodes(); + + int size1 = nl1.getLength(); + int size2 = nl2.getLength(); + + if(debug)display_one(n1); + if(debug)display_one(n2); + + + if(debug) + if(n1.getNodeName().equals("Base64Content") && n2.getNodeName().equals("Base64Content")) + { + try { + Log.println("CONT:"+new String(Base64Utils.decode(strip(n1.getChildNodes().item(0).getNodeValue()),false))); + Log.println("CONT:"+new String(Base64Utils.decode(strip(n2.getChildNodes().item(0).getNodeValue()),false))); + } + catch(Exception e) + { + e.printStackTrace(); + } + } + + if(size1 != size2) + { + Log.println("----- Anzahl der Kinder nicht gleich:"+path+getPathString(n1)+":"+getPathString(n2)); + return false; + } + + equal = compareNodeExact(n1,n2,level,path+getPathString(n1)+"/"); + if(!equal) + { + Log.println("----- Knoten sind nicht identisch:"+path+getPathString(n1)); + return false; + } + + if(n1.hasAttributes() || n2.hasAttributes()) + { + equal = compareNodeAttriubtes(n1,n2,level+1,path+getPathString(n1)+"/(a)"); + if(!equal) + { + Log.println("----- Attribute stimmen nicht überein:"+path+getPathString(n1)); + return false; + } + } + if(size1==0) + { + return true; + } + + for(int counter=0;counter<size1;counter++) + { + boolean found = false; + Node comp_n1 = nl1.item(counter); + + //if(comp_n1==null) return false; + + Node comp_n2 = null; + size2 = nl2.getLength(); + for(int counter2=0;counter2<size2;counter2++) + { + comp_n2 = nl2.item(counter2); + + /*equal = compareNodeExact(comp_n1,comp_n2,level+1); + if(equal) return false;*/ + //Log.println("COMP_N1:"+comp_n1); + //Log.println("COMP_N2:"+comp_n2); + equal = compareNodes(comp_n1,comp_n2,level+1,path+getPathString(comp_n1)+"/",false); + if(equal) + { + n2.removeChild(comp_n2); + counter2=size2; + nl2 = n2.getChildNodes(); + size2 = nl2.getLength(); + } + + } + + if(!equal) + { + Log.println("----- Keine Übereinstimmung gefunden:"+path+getPathString(comp_n1)); + return false; + } + } + return true; + } + + private boolean compareNodeExact(Node n1,Node n2,int level,String path) + { + if(n1.getNodeType() == Node.TEXT_NODE) + { + Text textnode = (Text)n1; + /*Log.println("----- *****"+textnode.getNodeName()); + Log.println("----- *****"+textnode.getParentNode().getNodeName()); + Log.println("----- *****"+textnode.getNodeValue());*/ + } + + //Log.println("----- Checking:"+path); + String n1_name = n1.getNodeName(); + String n2_name = n2.getNodeName(); + /*Log.println("----- !!!!!"+n1.getNodeName()); + Log.println("----- !!!!!"+n1.getNodeValue()); + Log.println("----- !!!!!"+n1.getLocalName()); + Log.println("----- !!!!!"+n1.getPrefix()); + Log.println("----- !!!!!"+n1.getNextSibling()); + Log.println("----- !!!!!"+n1.getPreviousSibling());*/ + + //Log.println("----- Compare Node "+level+":"+n1_name+" "+n2_name); + if(!((n1_name==null && n2_name==null) || + (n1_name!=null && n2_name!=null && n1_name.equals(n2_name)))) + { + Log.println("----- Name stimmt nicht überein:"+path); + return false; + } + + //Log.println("----- Compare Node "+level+":"+n1.getNodeType()+" "+n2.getNodeType()); + if(n1.getNodeType() != n2.getNodeType()) + { + Log.println("----- Knotentyp stimmt nicht überein:"+path); + return false; + } + + String n1_ns = n1.getPrefix(); + String n2_ns = n2.getPrefix(); + //Log.println("----- Compare Node "+level+":"+n1_ns+" "+n2_ns); + if(!((n1_ns==null && n2_ns==null) || + (n1_ns!=null && n2_ns!=null && n1_ns.equals(n2_ns)))) + { + Log.println("----- NameSpace stimmt nicht überein:"+path); + return false; + } + + String n1_value = n1.getNodeValue(); + String n2_value = n2.getNodeValue(); + + boolean special = false; + special = specialValues(n1_value,n2_value,path); + if(special) return true; + + //Log.println("----- Compare Node "+level+":"+n1_value+" "+n2_value); + if(!((n1_value==null && n2_value==null) || + (n1_value!=null && n2_value!=null && n1_value.equals(n2_value)))) + { + Log.println("----- Wert stimmt nicht überein:"+path); + Log.println("----- Value1:\n"+n1_value); + Log.println("----- Value2:\n"+n2_value); + return false; + } + + + return true; + } + + private boolean compareNodeAttriubtesWithoutSize(Node n1, Node n2, int level,String path) + { + return true; + } + + private boolean compareNodeAttriubtes(Node n1, Node n2, int level,String path) + { + //Log.println("----- Compare NodeAttributes "+level+":"+n1.getNodeName()+" "+n2.getNodeName()); + Element n1elem = (Element)n1; + Element n2elem = (Element)n2; + + NamedNodeMap nnm1 = n1.getAttributes(); + NamedNodeMap nnm2 = n2.getAttributes(); + + int size1 = 0; + int size2 = 0; + + boolean specialattrs = specialAttributesSize(path); + + if(!specialattrs) + { + + if(nnm1==null && nnm2==null) return true; + if(nnm1==null || nnm2==null) + { + Log.println("----- Anzahl der Attribute nicht gleich:"+path+":"+getPathString(n1)); + return false; + } + size1 = nnm1.getLength(); + size2 = nnm2.getLength(); + + if(size1 != size2) + { + Log.println("----- Anzahl der Attribute nicht gleich:"+path+":"+getPathString(n1)); + return false; + } + + } + else + { + return compareNodeAttriubtesWithoutSize(n1,n2,level,path); + } + + for(int counter=0;counter<size1;counter++) + { + Node attribute_node1 = nnm1.item(counter); + Node attribute_node2 = nnm2.item(counter); + + String attr1_name = attribute_node1.getNodeName(); + String attr2_name = attribute_node2.getNodeName(); + + String value1 = n1elem.getAttribute(attr1_name); + String value2 = n2elem.getAttribute(attr2_name); + + boolean special = false; + + special = specialAttributes(path,attr1_name,value1,attr2_name,value2); + if(special) + { + return special; + } + + if(!value1.equals(value2)) + { + Log.println("----- Keine Übereinstimmung gefunden:"+path+getPathString(n1)); + return false; + } + } + + return true; + } + + private boolean checkNode(Node base,String name) + { + if(base.getNodeName().equals(name)) + { + return true; + } + + NodeList children = base.getChildNodes(); + int size = children.getLength(); + for(int counter=0;counter<size;counter++) + { + boolean found = checkNode(children.item(counter),name); + if(found) return true; + } + return false; + } + + private void display_one(Node base) + { + int att_size=0; + if(base.getAttributes()!=null) + { + att_size=base.getAttributes().getLength(); + } + if(base.getNodeName().equals("#text")) + Log.println(base.getNodeName()+base.getChildNodes().getLength()+":"+att_size+" ("+base.getNodeValue()+")"); + else + Log.println(base.getNodeName()+base.getChildNodes().getLength()+":"+att_size); + } + + private void display(Node base) + { + display(base,1); + } + + private void display(Node base,int level) + { + String spacer = ""; + for(int counter=0;counter<level;counter++) + { + spacer+=" "; + } + + int att_size=0; + if(base.getAttributes()!=null) + { + att_size=base.getAttributes().getLength(); + } + if(base.getNodeName().equals("#text")) + Log.println(spacer+base.getNodeName()+base.getChildNodes().getLength()+":"+att_size+" ("+base.getNodeValue()+")"); + else + Log.println(spacer+base.getNodeName()+base.getChildNodes().getLength()+":"+att_size); + + NodeList children = base.getChildNodes(); + int size = children.getLength(); + for(int counter=0;counter<size;counter++) + { + display(children.item(counter),level+1); + } + } + + private void filterTree(Node base) + { + ArrayList removeList = new ArrayList(); + + NodeList children = base.getChildNodes(); + int size = children.getLength(); + for(int counter=0;counter<size;counter++) + { + Node child1 = children.item(counter); + if(child1.getNodeType() == Node.TEXT_NODE && child1.getNodeValue().trim().equals("")) + { + removeList.add(child1); + } + } + + size = removeList.size(); + for(int counter=0;counter<size;counter++) + { + base.removeChild((Node)removeList.get(counter)); + } + + children = base.getChildNodes(); + size = children.getLength(); + for(int counter=0;counter<size;counter++) + { + filterTree(children.item(counter)); + } + + } + + private String getPathString(Node n) + { + if(n.getNodeType()==Node.TEXT_NODE) + { + return n.getParentNode().getNodeName()+"(text)"; + } + else + { + return n.getNodeName(); + } + + } + + public boolean specialAttributes(String path,String attr1_name,String value1,String attr2_name,String value2) + { + //if(value1.startsWith("reference-") && value2.startsWith("reference-")) return true; + //if(value1.startsWith("signature-") && value2.startsWith("signature-")) return true; + + return false; + } + + public boolean specialAttributesSize(String path) + { + //if(path.endsWith("/xsl:template/(a)")) return true; + return false; + } + + public boolean specialValues(String value1,String value2,String path) + { + + //Log.println(path); + /*if(ignoreSignatureValue) + { + if(path.endsWith("/dsig:SignatureValue(text)/")) + { + return true; + } + } + else + { + if(path.endsWith("/dsig:SignatureValue(text)/")) + { + String stripped_1 = strip(value1); + String stripped_2 = strip(value2); + return stripped_1.equals(stripped_2); + } + }*/ + + return false; + } + + private String strip(String input) + { + String output = replaceStringAll(input," ",""); + output = replaceStringAll(output,"\n",""); + output = replaceStringAll(output,"\r",""); + return output; + } + + private static String replaceStringAll( + String input, + String oldPart, + String newPart) + { + + String erg = null; + + int pos = input.indexOf(oldPart); + if(pos==-1) return input; + + while(true) + { + + //First Part + pos = input.indexOf(oldPart); + if(pos==-1) break; + erg = input.substring(0, pos); + + //Insert new Part + erg += newPart; + + //insert REST + erg + += input.substring( + input.indexOf(oldPart) + oldPart.length(), + input.length()); + + input = erg; + } + return erg; + } + +} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilderTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilderTest.java new file mode 100644 index 000000000..467c6520e --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilderTest.java @@ -0,0 +1,56 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.id.proxy.builder; + +import org.w3c.dom.Element; + +import test.at.gv.egovernment.moa.id.UnitTestCase; +import at.gv.egovernment.moa.id.auth.builder.SAMLArtifactBuilder; +import at.gv.egovernment.moa.id.proxy.builder.SAMLRequestBuilder; +import at.gv.egovernment.moa.util.DOMUtils; + +/* + * @author Paul Ivancsics + * @version $Id$ + */ +public class SAMLRequestBuilderTest extends UnitTestCase { + + public SAMLRequestBuilderTest(String arg0) { + super(arg0); + } + + public void testBuild() throws Exception { + String requestID = "123"; + String samlArtifact = new SAMLArtifactBuilder().build("https://moa.gv.at/auth/", "12345678901234567890", null); + String REQUEST_SHOULD = "<samlp:Request xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" RequestID=\"" + + requestID + "\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"IGNORE\">" + + "<samlp:AssertionArtifact>" + samlArtifact + "</samlp:AssertionArtifact>" + + "</samlp:Request>"; + Element request = new SAMLRequestBuilder().build(requestID, samlArtifact); + Element requestShould = DOMUtils.parseDocument(REQUEST_SHOULD, false, ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); + assertTrue(new SAMLRequestCompare().compareElements(requestShould, request)); + } + +} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestCompare.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestCompare.java new file mode 100644 index 000000000..f338b7c89 --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestCompare.java @@ -0,0 +1,43 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.id.proxy.builder; + +/* + * @author Paul Ivancsics + * @version $Id$ + */ +public class SAMLRequestCompare extends test.at.gv.egovernment.moa.id.proxy.builder.DOMTreeCompare { + + + /* + * @see at.gv.egovernment.moa.util.SAMLRequestCompare#specialAttributes(java.lang.String, java.lang.String) + */ + public boolean specialAttributes(String path,String attr1_name,String value1,String attr2_name,String value2) { + if(attr1_name.equals("IssueInstant")) + return true; + return false; + } + +} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParserTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParserTest.java new file mode 100644 index 000000000..24a9aa3c2 --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParserTest.java @@ -0,0 +1,204 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.id.proxy.parser; + +import org.w3c.dom.Element; + +import test.at.gv.egovernment.moa.id.UnitTestCase; + +import at.gv.egovernment.moa.id.data.AuthenticationData; +import at.gv.egovernment.moa.id.data.SAMLStatus; +import at.gv.egovernment.moa.id.proxy.parser.SAMLResponseParser; +import at.gv.egovernment.moa.util.Constants; +import at.gv.egovernment.moa.util.DOMUtils; + +/* + * @author Paul Ivancsics + * @version $Id$ + */ +public class SAMLResponseParserTest extends UnitTestCase { + + public SAMLResponseParserTest(String arg0) { + super(arg0); + } + + public void testParse() throws Exception { + String samlResponse = + "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" + + "<samlp:Response xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\"" + + " ResponseID=\"\" MajorVersion=\"1\" MinorVersion=\"0\" IssueInstant=\"2003-03-29T06:00:00+02:00\">" + + "<samlp:Status>" + + "<samlp:StatusCode Value=\"samlp:Success\"><samlp:StatusCode Value=\"samlp:Success\"></samlp:StatusCode></samlp:StatusCode>" + + "<samlp:StatusMessage>Ollas leiwand</samlp:StatusMessage>" + + "</samlp:Status>" + +"<saml:Assertion xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:pr=\"http://reference.e-government.gv.at/namespace/persondata/20020228#\" xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" MajorVersion=\"1\" MinorVersion=\"0\" AssertionID=\"-4633313027464114584\" Issuer=\"http://localhost:8080/moa-id-auth/\" IssueInstant=\"2003-04-02T14:55:42+02:00\">" + + "<saml:AttributeStatement>" + + "<saml:Subject>" + + "<saml:NameIdentifier NameQualifier=\"http://reference.e-government.gv.at/names/vpk/20020221#\">MTk2OC0xMC0yMmdi</saml:NameIdentifier>" + + "<saml:SubjectConfirmation>" + + "<saml:ConfirmationMethod>http://reference.e-government.gv.at/namespace/moa/20020822#cm</saml:ConfirmationMethod>" + + "<saml:SubjectConfirmationData>" + + "<saml:Assertion xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" MajorVersion=\"1\" MinorVersion=\"0\" AssertionID=\"any\" Issuer=\"Hermann Muster\" IssueInstant=\"2003-04-02T14:55:27+02:00\">" + + "<saml:AttributeStatement>" + + "<saml:Subject>" + + "<saml:NameIdentifier>http://localhost:8080/moa-id-auth/</saml:NameIdentifier>" + + "</saml:Subject>" + + "<saml:Attribute AttributeName=\"Geschäftsbereich\" AttributeNamespace=\"http://reference.e-government.gv.at/namespace/moa/20020822#\">" + + "<saml:AttributeValue>gb</saml:AttributeValue>" + + "</saml:Attribute>" + + "<saml:Attribute AttributeName=\"OA\" AttributeNamespace=\"http://reference.e-government.gv.at/namespace/moa/20020822#\">" + + "<saml:AttributeValue>https://localhost:9443/</saml:AttributeValue>" + + "</saml:Attribute>" + + "</saml:AttributeStatement>" + + "</saml:Assertion>" + + "<saml:Assertion AssertionID=\"zmr.bmi.gv.at-AssertionID-2003-02-12T20:28:34.474\" IssueInstant=\"2003-02-12T20:28:34.474\" Issuer=\"http://zmr.bmi.gv.at/zmra/names#Issuer\" MajorVersion=\"1\" MinorVersion=\"0\" xmlns:pr=\"http://reference.e-government.gv.at/namespace/persondata/20020228#\" xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\">" + + "<saml:AttributeStatement>" + + "<saml:Subject>" + + "<saml:SubjectConfirmation>" + + "<saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod>" + + "<saml:SubjectConfirmationData>" + + "<pr:Person xsi:type=\"pr:PhysicalPersonType\">" + + "<pr:Identification>" + + "<pr:Value>123456789012</pr:Value>" + + "<pr:Type>http://reference.e-government.gv.at/names/persondata/20020228#zmr-zahl</pr:Type>" + + "</pr:Identification>" + + "<pr:Name>" + + "<pr:GivenName>Hermann</pr:GivenName>" + + "<pr:FamilyName primary=\"undefined\">Muster</pr:FamilyName>" + + "</pr:Name>" + + "<pr:DateOfBirth>1968-10-22</pr:DateOfBirth>" + + "</pr:Person>" + + "</saml:SubjectConfirmationData>" + + "</saml:SubjectConfirmation>" + + "</saml:Subject>" + + "<saml:Attribute AttributeName=\"CitizenPublicKey\" AttributeNamespace=\"http://www.buergerkarte.at/namespaces/personenbindung/20020506#\">" + + "<saml:AttributeValue>" + + "<dsig:RSAKeyValue xmlns:dsig=\"http://www.w3.org/2000/09/xmldsig#\">" + + "<dsig:Modulus>0v1Ftf7WXgoexx0Jo/GrlExHOHnQIEQ5FFSjptLRd5BN1mZYRg2S9KfOMbHSCsiPm8AwjAEwE5EM A6P18Z/YyTIuP7fNGzckbB5PYIgNMHL8/TYJhHA8CjamsBrEfYDXivE8iAvALg5I9RMLZADmzL7a f2daYYuO8dycQw3xg6U=</dsig:Modulus>" + + "<dsig:Exponent>AQAB</dsig:Exponent>" + + "</dsig:RSAKeyValue>" + + "</saml:AttributeValue>" + + "</saml:Attribute>" + + "<saml:Attribute AttributeName=\"CitizenPublicKey\" AttributeNamespace=\"http://www.buergerkarte.at/namespaces/personenbindung/20020506#\">" + + "<saml:AttributeValue>" + + "<dsig:RSAKeyValue xmlns:dsig=\"http://www.w3.org/2000/09/xmldsig#\">" + + "<dsig:Modulus>i2qa56X4fpYeXqFLXAcQljGU3+DWnVgNrAxI9gn2bMeFWtLXE2SFa6qvl9EymUl0noBlFn0q9DWp AsyeLnRhzCAXJeSxiwsUEloOvcQCV0DfW2UVq0Y9bVlJ8KifJ2AS+5BxZ21mkc/VYx5Qz6EYjPrn pIpdAwR9sw5xnIvTySc=</dsig:Modulus>" + + "<dsig:Exponent>AQAB</dsig:Exponent>" + + "</dsig:RSAKeyValue>" + + "</saml:AttributeValue>" + + "</saml:Attribute>" + + "</saml:AttributeStatement>" + + "<dsig:Signature xmlns:dsig=\"http://www.w3.org/2000/09/xmldsig#\">" + + "<dsig:SignedInfo>" + + "<dsig:CanonicalizationMethod Algorithm=\"http://www.w3.org/TR/2001/REC-xml-c14n-20010315\"/>" + + "<dsig:SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\"/>" + + "<dsig:Reference URI=\"\">" + + "<dsig:Transforms>" + + "<dsig:Transform Algorithm=\"http://www.w3.org/TR/1999/REC-xpath-19991116\">" + + "<dsig:XPath>not(ancestor-or-self::pr:Identification)</dsig:XPath>" + + "</dsig:Transform>" + + "<dsig:Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\"/>" + + "</dsig:Transforms>" + + "<dsig:DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\"/>" + + "<dsig:DigestValue>s7TfoZrYo36OMdlxGxuIfAw/wr8=</dsig:DigestValue>" + + "</dsig:Reference>" + + "<dsig:Reference Type=\"http://www.w3.org/2000/09/xmldsig#Manifest\" URI=\"\">" + + "<dsig:Transforms>" + + "<dsig:Transform Algorithm=\"http://www.w3.org/TR/1999/REC-xpath-19991116\">" + + "<dsig:XPath>ancestor-or-self::dsig:Manifest</dsig:XPath>" + + "</dsig:Transform>" + + "</dsig:Transforms>" + + "<dsig:DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\"/>" + + "<dsig:DigestValue>dO+RSn4xLHT3cuq8uopFtZyUBqo=</dsig:DigestValue>" + + "</dsig:Reference>" + + "</dsig:SignedInfo>" + + "<dsig:SignatureValue>MFbZ5wA5cq0UezYFDXted5uqXubWFxxRwZawGh73XEAGxAbJsT/IEQmrTQThPRHNWW5RPGxVlPDz 5BmjberdaWlgJlbyKf3b/WpNNJYptQ7ijrXlsQoCzjfiQy37NEfvHEcxHQOA6sa42C+dFKsKIvmP 3mZkRYWJDxxsVzI7E+Y=</dsig:SignatureValue>" + + "<dsig:KeyInfo>" + + "<dsig:X509Data>" + + "<dsig:X509Certificate>MIIDaDCCAtWgAwIBAgIBADAJBgUrDgMCHQUAMIGOMQswCQYDVQQGEwJBVDE9MDsG A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx GzAZBgNVBAMTEk1PQSBUZXN0IENBIC0gUm9vdDAeFw0wMzAyMTExNTE5NDRaFw0w MzEyMzEyMjU5MzBaMIGOMQswCQYDVQQGEwJBVDE9MDsGA1UEChQ0QnVuZGVzbWlu aXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5nIHVuZCBTcG9ydDEjMCEG A1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMxGzAZBgNVBAMTEk1PQSBU ZXN0IENBIC0gUm9vdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAjHuFphE3 +UkTe2OcIFWUDLzhPl1j2dH4sMPAhDK09/0i+aWrdtQW9yHktu/7+LTiCiPeevT0 lGMGDcWMSoSm66tYmpxei6YojCFIaVdJFtXZ7x1o7e7jTDVRLMfdZ5lI1sQ7loIY hOE0OmlYOkn4AI6xMtJtsca45rV8wW7qm8kCAwEAAaOB2zCB2DAPBgNVHRMBAf8E BTADAQH/MA4GA1UdDwEB/wQEAwIBBjBdBgNVHSAEVjBUMFIGDCsGAQQBlRIBAnsB ATBCMEAGCCsGAQUFBwICMDQaMkRpZXNlcyBaZXJ0aWZpa2F0IGlzdCBudXIgZvxy IFRlc3R6d2Vja2UgZ2VlaWduZXQuMB0GA1UdDgQWBBRDC612dCgZetTmAKyV6DII NkOoYTAWBgcqKAAKAQEBBAsMCUJNT0xTLUlLVDAfBgNVHSMEGDAWgBRDC612dCgZ etTmAKyV6DIINkOoYTAJBgUrDgMCHQUAA4GBAHj0xBNWGYLijaocjOX1AkL+r+G2 fZsX4z3S/2eEvtUp+EUHaOPMLTS0MIP1nwj5f4ZluAIrDLXihqMdi4xRv0W6QYbN aDxICNz3/QbrzMlFPeC8odesdRlT+GGswX0ZGUtVIZm1HVhxRk5ZEW2pr2afo5c0 Btxup/kgjGMnnS7C</dsig:X509Certificate>" + + "<dsig:X509Certificate>MIIDiTCCAvagAwIBAgIBADAJBgUrDgMCHQUAMIGOMQswCQYDVQQGEwJBVDE9MDsG A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx GzAZBgNVBAMTEk1PQSBUZXN0IENBIC0gUm9vdDAeFw0wMzAyMTExNTI1MTRaFw0w MzEyMzEyMjU5MzBaMIGZMQswCQYDVQQGEwJBVDE9MDsGA1UEChQ0QnVuZGVzbWlu aXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5nIHVuZCBTcG9ydDEjMCEG A1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMxJjAkBgNVBAMTHU1PQSBU ZXN0IENBIC0gU2lnbmF0dXJkaWVuc3RlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB iQKBgQCw7ULOYSNji09Ein7Ar4j3Rjxjq05spBmZDmbSomEZMnGEtVTyIRzKc8ia 2kcXUMz5MEoFaVmvqRim31m20T21uvHFIs86gqzC/prOAz7V7HWok5F+9M/5gR1S BvpdqiEAXYeRXFPiOe8XSmpwhic7+n2jfuoBeYiRBEMGoP1DkwIDAQABo4HxMIHu MBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgHGMBEGCWCGSAGG+EIB AQQEAwIBAjBdBgNVHSAEVjBUMFIGDCsGAQQBlRIBAgMBATBCMEAGCCsGAQUFBwIC MDQaMkRpZXNlcyBaZXJ0aWZpa2F0IGlzdCBudXIgZvxyIFRlc3R6d2Vja2UgZ2Vl aWduZXQuMB0GA1UdDgQWBBSeRWvUfxEjKZSfxImJr/fpBDtMmTAWBgcqKAAKAQEB BAsMCUJNT0xTLUlLVDAfBgNVHSMEGDAWgBRDC612dCgZetTmAKyV6DIINkOoYTAJ BgUrDgMCHQUAA4GBAIMa4C2z3SbkcjEiMNAsHKaKUCJkBbMtNaab6U/cwwYmG6nl ga7xyEmbfY2SKzOqkcIwuv83Tma3rcr1f+OLUeGUaGLHt2Pl1a/s8BZGQZHWvLXv 7hV4RceEUHzVGAfvDD8iBJqBmfq/z/fBPFsgSup4nO1YECkDYfQ+sqCIP4ik</dsig:X509Certificate>" + + "<dsig:X509Certificate>MIIDZzCCAtSgAwIBAgIBADAJBgUrDgMCHQUAMIGZMQswCQYDVQQGEwJBVDE9MDsG A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx JjAkBgNVBAMTHU1PQSBUZXN0IENBIC0gU2lnbmF0dXJkaWVuc3RlMB4XDTAzMDIx MTE1MzI0NVoXDTAzMDgxMTE0MzI0NVowgYUxCzAJBgNVBAYTAkFUMSYwJAYDVQQK FB1CdW5kZXNtaW5pc3Rlcml1bSBm/HIgSW5uZXJlczEgMB4GA1UECxMXWmVudHJh bGVzIE1lbGRlcmVnaXN0ZXIxLDAqBgNVBAMTI1Rlc3QgU2lnbmF0dXJkaWVuc3Qg UGVyc29uZW5iaW5kdW5nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEzkpk QjbGjZwssN1+vMBE/ALMcA8LWFcILI3uxXaTSWGfTiLo9ECfzjuwYJG7FjEaeWrW nPEcp4VfMNocrm3T7Hw/ikpE5/+FsfTzD4MpIwwUPd/CUfA5vDNXK5CiP7qKKR1e vATO2s6lfDul+CS/eEbwzKmUQvZGrJggxg2m5wIDAQABo4HYMIHVMAwGA1UdEwEB /wQCMAAwDgYDVR0PAQH/BAQDAgbAMF0GA1UdIARWMFQwUgYMKwYBBAGVEgECAwEB MEIwQAYIKwYBBQUHAgIwNBoyRGllc2VzIFplcnRpZmlrYXQgaXN0IG51ciBm/HIg VGVzdHp3ZWNrZSBnZWVpZ25ldC4wHQYDVR0OBBYEFIpEyv43H3EtiGr4I7Z34bWj v2z6MBYGByooAAoBAQEECwwJQk1PTFMtSUtUMB8GA1UdIwQYMBaAFJ5Fa9R/ESMp lJ/EiYmv9+kEO0yZMAkGBSsOAwIdBQADgYEAfMBJRy/kp8HQa0lGIBfFrWNpxVPv RsIu+N4IiFrswrsoQoMAh6IqNyzSdq7rJC08xsDkXe5HOwkb+2zGKYoC3aQ/J/zr BGkg6ec4tOaS/VSdEQeTL1L30r2faTffWLUV3GrzL7pM7jN470hB1w8F6Hc3LCI7 kFfp23o/juVtJNw=</dsig:X509Certificate>" + + "</dsig:X509Data>" + + "</dsig:KeyInfo>" + + "<dsig:Object>" + + "<dsig:Manifest>" + + "<dsig:Reference URI=\"\">" + + "<dsig:Transforms>" + + "<dsig:Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\"/>" + + "</dsig:Transforms>" + + "<dsig:DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\"/>" + + "<dsig:DigestValue>BqzfCB7dNg4G3u4YaxpD1tALdKI=</dsig:DigestValue>" + + "</dsig:Reference>" + + "</dsig:Manifest>" + + "</dsig:Object>" + + "</dsig:Signature>" + + "</saml:Assertion>" + + "</saml:SubjectConfirmationData>" + + "</saml:SubjectConfirmation>" + + "</saml:Subject>" + + "<saml:Attribute AttributeName=\"PersonData\" AttributeNamespace=\"http://reference.e-government.gv.at/namespace/persondata/20020228#\">" + + "<saml:AttributeValue>" + + "<pr:Person xsi:type=\"pr:PhysicalPersonType\">" + + "<pr:Identification>" + + "<pr:Value>123456789012</pr:Value>" + + "<pr:Type>http://reference.e-government.gv.at/names/persondata/20020228#zmr-zahl</pr:Type>" + + "</pr:Identification>" + + "<pr:Name>" + + "<pr:GivenName>Hermann</pr:GivenName>" + + "<pr:FamilyName primary=\"undefined\">Muster</pr:FamilyName>" + + "</pr:Name>" + + "<pr:DateOfBirth>1968-10-22</pr:DateOfBirth>" + + "</pr:Person>" + + "</saml:AttributeValue>" + + "</saml:Attribute>" + + "<saml:Attribute AttributeName=\"isQualifiedCertificate\" AttributeNamespace=\"http://reference.e-government.gv.at/namespace/moa/20020822#\">" + + "<saml:AttributeValue>true</saml:AttributeValue>" + + "</saml:Attribute>" + + "</saml:AttributeStatement>" + +"</saml:Assertion>" + + "</samlp:Response>"; + + Element samlResponseElem = + DOMUtils.parseDocument(samlResponse, true, Constants.ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); + SAMLResponseParser parser = new SAMLResponseParser(samlResponseElem); + SAMLStatus status = parser.parseStatusCode(); + assertEquals("samlp:Success", status.getStatusCode()); + assertEquals("samlp:Success", status.getSubStatusCode()); + assertEquals("Ollas leiwand", status.getStatusMessage()); + AuthenticationData authData = parser.parseAuthenticationData(); + assertEquals(1, authData.getMajorVersion()); + assertEquals(0, authData.getMinorVersion()); + assertEquals("-4633313027464114584", authData.getAssertionID()); + assertEquals("http://localhost:8080/moa-id-auth/", authData.getIssuer()); + assertEquals("2003-04-02T14:55:42+02:00", authData.getIssueInstant()); + assertEquals("123456789012", authData.getIdentificationValue()); + assertEquals("MTk2OC0xMC0yMmdi", authData.getBPK()); + assertEquals("Hermann", authData.getGivenName()); + assertEquals("Muster", authData.getFamilyName()); + assertEquals("1968-10-22", authData.getDateOfBirth()); + assertTrue(authData.isQualifiedCertificate()); + assertFalse(authData.isPublicAuthority()); + } +} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/util/SSLUtilsTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/util/SSLUtilsTest.java new file mode 100644 index 000000000..19ad228a4 --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/util/SSLUtilsTest.java @@ -0,0 +1,116 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.at.gv.egovernment.moa.id.util; + +import iaik.pki.jsse.IAIKX509TrustManager; + +import java.net.URL; +import java.security.Security; + +import javax.net.ssl.SSLException; +import javax.net.ssl.SSLSocketFactory; + +import com.sun.net.ssl.HttpsURLConnection; + +import at.gv.egovernment.moa.id.config.ConfigurationProvider; +import at.gv.egovernment.moa.id.config.ConnectionParameter; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.proxy.OAProxyParameter; +import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider; +import at.gv.egovernment.moa.id.iaik.config.LoggerConfigImpl; +import at.gv.egovernment.moa.id.util.SSLUtils; +import test.at.gv.egovernment.moa.id.UnitTestCase; + +/* + * @author Paul Ivancsics + * @version $Id$ + */ +public class SSLUtilsTest extends UnitTestCase { + + public SSLUtilsTest(String name) { + super(name); + } + + protected void setUp() throws Exception { + //System.setProperty("javax.net.debug", "all"); + Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); + System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol"); + IAIKX509TrustManager.initLog(new LoggerConfigImpl("file:" + TESTDATA_ROOT + "conf/log4j.properties")); + System.setProperty("https.cipherSuites", "SSL_DHE_DSS_WITH_DES_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA,SSL_RSA_WITH_DES_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_RSA_EXPORT_WITH_RC4_40_MD5"); + } + + public void testVerisignOK() throws Exception { + doTestOA("conf/ConfigurationTest.xml", "http://verisign.moa.gv.at/", true, null); + } + public void testATrustOK() throws Exception { + doTestOA("conf/ConfigurationTest.xml", "http://a-trust.moa.gv.at/", true, null); + } + public void testBaltimoreOK() throws Exception { + doTestOA("conf/ConfigurationTest.xml", "http://baltimore.moa.gv.at/", true, null); + } + public void testCIOOK() throws Exception { + doTestOA("conf/ConfigurationTest.xml", "http://cio.moa.gv.at/", true, null); + } + public void testMOASPOK() throws Exception { + System.setProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME, + TESTDATA_ROOT + "conf/ConfigurationTest.xml"); + ConnectionParameter connParam = AuthConfigurationProvider.getInstance().getMoaSpConnectionParameter(); + doTest(connParam, true, null); + } + private void doTestOA(String configFile, String publicURLPrefix, boolean shouldOK, String exMessageFragment) throws Exception { + System.setProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME, + TESTDATA_ROOT + configFile); + ProxyConfigurationProvider proxyConf = + ProxyConfigurationProvider.getInstance(); + OAProxyParameter oaParam = proxyConf.getOnlineApplicationParameter(publicURLPrefix); + ConnectionParameter connParam = oaParam.getConnectionParameter(); + doTest(connParam, shouldOK, exMessageFragment); + } + private void doTest(ConnectionParameter connParam, boolean shouldOK, String exMessageFragment) throws Exception { + SSLUtils.initialize(); + AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance(); + SSLSocketFactory ssf = SSLUtils.getSSLSocketFactory(authConf, connParam); + URL url = new URL(connParam.getUrl()); + HttpsURLConnection conn = (HttpsURLConnection)url.openConnection(); + conn.setRequestMethod("GET"); + conn.setDoInput(true); + conn.setDoOutput(true); + conn.setUseCaches(false); + conn.setAllowUserInteraction(false); + conn.setSSLSocketFactory(ssf); + try { + conn.connect(); + assertTrue(shouldOK); + assertEquals(200, conn.getResponseCode()); + conn.disconnect(); + } + catch (SSLException ex) { + ex.printStackTrace(); + assertFalse(shouldOK); + assertTrue(ex.getMessage().indexOf(exMessageFragment) >= 0); + } + } + +} diff --git a/id/server/idserverlib/src/test/java/test/lasttest/Dispatcher.java b/id/server/idserverlib/src/test/java/test/lasttest/Dispatcher.java new file mode 100644 index 000000000..2b0e5991c --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/lasttest/Dispatcher.java @@ -0,0 +1,88 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.lasttest; + +/** + * @author Stefan Knirsch + * @version $Id$ + * + */ +public class Dispatcher extends Thread { + private LasttestClient parent = null; + private int max; + private int turns; + private int turn_counter; + private int turn; + private int time; + private long sum; + private int turnnum; + + public Dispatcher(LasttestClient parent, int max, int turns, int time, long sum) { + this.parent = parent; + this.max = max; + this.turns = turns; + this.time = time; + this.sum = sum; + turnnum=0; + } + + public void run() { + this.setPriority(Thread.NORM_PRIORITY + 1); + System.out.println("Dispatcher wird gestartet..."); + TestThread[] old_reqs = buildRequests(0); + for (turn_counter = 0; turns == 0 ? true : (turn_counter < turns); turn_counter++) { + try { +// LasttestClient.Log.write(("Starte Durchlauf " + turn_counter + "\n").getBytes()); + } + catch (Exception e) {} + +// System.out.println("Starte Durchlauf " + turn_counter); + turn = turn_counter; + if (turns == 0) + turn_counter--; + TestThread[] reqs = buildRequests(turn_counter); + for (int counter = 0; counter < max; counter++) { + old_reqs[counter].start(); + } + old_reqs = reqs; + try { + Thread.sleep(time); + } + catch (Exception e) { + e.printStackTrace(); + } + } + parent.stop = true; + } + + public TestThread[] buildRequests(int turnNo) { + TestThread[] ret = new TestThread[max]; + for (int counter = 0; counter < max; counter++) { +// turnnum ++; + ret[counter] = new TestThread(parent, turnNo); + } + return ret; + } +} diff --git a/id/server/idserverlib/src/test/java/test/lasttest/HostnameVerifierHack.java b/id/server/idserverlib/src/test/java/test/lasttest/HostnameVerifierHack.java new file mode 100644 index 000000000..82dcf2b41 --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/lasttest/HostnameVerifierHack.java @@ -0,0 +1,37 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.lasttest; + +import com.sun.net.ssl.HostnameVerifier; + +/** + * @author Stefan Knirsch + * @version $Id$ + * + */ +public class HostnameVerifierHack implements HostnameVerifier{ + public boolean verify(String arg0, String arg1) { + return true; + }} diff --git a/id/server/idserverlib/src/test/java/test/lasttest/LasttestClient.java b/id/server/idserverlib/src/test/java/test/lasttest/LasttestClient.java new file mode 100644 index 000000000..29af24ff7 --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/lasttest/LasttestClient.java @@ -0,0 +1,242 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.lasttest; + +import java.io.FileOutputStream; +import java.io.OutputStream; +import java.io.PrintStream; +import java.security.Security; +import java.util.Date; + +import org.w3c.dom.Element; + +import at.gv.egovernment.moa.id.auth.AuthenticationServer; +import at.gv.egovernment.moa.id.config.ConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.proxy.builder.SAMLRequestBuilder; +import at.gv.egovernment.moa.util.DOMUtils; +import at.gv.egovernment.moa.util.StreamUtils; +import at.gv.egovernment.moa.util.URLDecoder; +import at.gv.egovernment.moa.util.URLEncoder; +import com.sun.net.ssl.HttpsURLConnection; + +/** + * @author Sven + * + * To change this generated comment edit the template variable "typecomment": + * Window>Preferences>Java>Templates. + * To enable and disable the creation of type comments go to + * Window>Preferences>Java>Code Generation. + * + * Aufruf: Requestdatei (==null), ServerURL, Anzahl der Requests pro Sekunde, Anzahl der Wiederholungen + * z.b. "data/CX0/TestGeneratorCX0.001.Req.xml" "http://127.0.0.1:8080/" 5 100 + * + * ==> GEÄNDERT: ersten 2 Parameter gekillt... nur noch 5 100 + */ +public class LasttestClient { + + protected static final String TESTDATA_ROOT = "data/abnahme-test/"; + protected static final String MOA_AUTH_SERVER = "https://localhost:8443/moa-id-auth/"; + protected AuthenticationServer server; + + public int max_thread_count = 300; + public int thread_counter = 0; + public int error_count = 0; + public int turns = 0; + public long sum = 0; + public long max = 0; + public long min = Long.MAX_VALUE; + + public static PrintStream Log = null; + + public boolean stop = false; + + public static final String trustStore = "javax.net.ssl.trustStore"; + public static final String trustStorePassword = "javax.net.ssl.trustStorePassword"; + public static final String handler = "java.protocol.handler.pkgs"; + + public void startTest(int req_per_second, int turns, int time) throws Exception { + Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); + + System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol"); + System.setProperty("javax.net.ssl.trustStore", "C:/Programme/ApacheGroup/abnahme/server.keystore"); + System.setProperty("javax.net.ssl.trustStorePassword", "changeit"); + + System.setProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME, TESTDATA_ROOT + "xmldata/L000/Configuration.xml"); + + AuthConfigurationProvider.reload(); + + this.turns = turns; + + boolean result = new TestThread(this,0).doRequest(0);// doTestRequest(); + if (result) { + System.out.println("TestRequest OK. Lasttest wird gestartet."); + sum=0; + max=0; + Dispatcher dp = new Dispatcher(this, req_per_second, turns, time, sum); + dp.start(); + while (!stop) { + try { + Log.println(new String(("Checking Stop Condition ...(Running " + thread_counter + ", Min " + (min) + ", Max " + (max) + ", " + new Date(System.currentTimeMillis()) + ")"))); + Log.flush(); + } + catch (Exception e) {} + + System.out.println("Checking Stop Condition ...(Running " + thread_counter + ", Min " + (min) + ", Max " + (max) + ", " + new Date(System.currentTimeMillis()) + ")"); + Thread.sleep(10000); + } + System.out.println("Fehler:" + error_count + " (Running " + thread_counter + ", Min " + (min) + ", Max " + (max) + ", " + new Date(System.currentTimeMillis()) + ")"); + } + else { + System.out.println("TestRequest lieferte einen Fehler. Lasttest wird nicht gestartet."); + } + } + + + public boolean doTestRequest() throws Exception { + + try { + + TestThread tt = new TestThread(null,0); + + // Anmelden + String URL = tt.getURL(MOA_AUTH_SERVER, "gb", "http://10.16.126.28:9080/moa-id-proxy/"); + HttpsURLConnection conn = tt.giveConnection(URL, "GET"); + + conn.connect(); + String result = new String(StreamUtils.readStream(conn.getInputStream())); + String MOASessionID = tt.parseSessionIDFromForm(result); + conn.disconnect(); + + URL = tt.parseDataURL(result); + // Verify Identity Link + conn = tt.giveConnection(URL, "POST"); + conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); + String infoboxReadResponse = tt.readXmldata("InfoboxReadResponse.xml"); + OutputStream out = conn.getOutputStream(); + out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); + out.flush(); + out.close(); + conn.connect(); + String redirectLoc = conn.getHeaderField("Location"); + conn.disconnect(); + //Verify Auth Block + conn = tt.giveConnection(redirectLoc, "POST"); + String createXMLSignatureResponse = URLEncoder.encode(tt.readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8"); + out = conn.getOutputStream(); + out.write(("XMLResponse=" + createXMLSignatureResponse).getBytes("UTF-8")); + out.flush(); + out.close(); + conn.connect(); + redirectLoc = conn.getHeaderField("Location"); + String samlArtifact = tt.parseSamlArtifact(redirectLoc); + System.out.println("SamlArtifact: " + samlArtifact); + + conn.disconnect(); + + conn = null; + + SAMLRequestBuilder srb = new SAMLRequestBuilder(); + + Element erg = tt.doCall(srb.build(MOASessionID, URLDecoder.decode(samlArtifact, "UTF-8")),MOA_AUTH_SERVER); + result = DOMUtils.serializeNode(erg); + if (result.indexOf("saml:Assertion")<0) + { + System.err.println("Falsche Antwort vom Webservice:\n" + result); + throw new Exception("Falsche Antwort vom Webservice"); + + } + } + catch (Exception e) { + System.err.println("------ FEHLER IN LASTTEST :" + e.getLocalizedMessage()); + throw e; + } + + return true; + + } + + public String replaceString(String input, String oldPart, String newPart) throws Exception { + String erg = null; + + //First Part + erg = input.substring(0, input.indexOf(oldPart)); + //Insert new Part + erg += newPart; + + //insert REST + erg += input.substring(input.indexOf(oldPart) + oldPart.length(), input.length()); + + return erg; + } + + public static void main(String[] args) throws Exception { + Log = new PrintStream(new FileOutputStream("C:/Lasttest.log")); + int time = 0; + int sek = 0; + int turns = 0; + + if (args.length != 3) { + System.out.println("Parameteranzahl falsch. Bitte verwenden Sie die Syntax <Request_pro_Zeiteinheit(Zahl)> <Anzahl_der_Durchläufe(Zahl oder INF)> <Zeit_zwischen_Aufrufen_in_ms(Zahl)>"); + return; + } + + try { + sek = Integer.parseInt(args[0]); + time = Integer.parseInt(args[2]); + if (args[1].equals("INF")) { + turns = 0; + } + else + turns = Integer.parseInt(args[1]); + } + catch (NumberFormatException e) { + System.out.println("Einer der Parameter (Requestanzahl oder Testanzahl) ist keine Zahl !"); + return; + } + + System.out.println("Starte Lastest mit folgenden Parametern ..."); + System.out.println("ServerURL: " + MOA_AUTH_SERVER); + double reqPerSek = sek*1000; + System.out.println("Requests pro Sekunde: " + reqPerSek/time); + System.out.println("Durchläufe: " + (turns == 0 ? "INF" : turns + "")); + + Log.println("Starte Lastest mit folgenden Parametern ..."); + Log.println("ServerURL: " + MOA_AUTH_SERVER); + Log.println("Requests pro Sekunde: " + reqPerSek / time); + Log.println("Durchläufe: " + (turns == 0 ? "INF" : turns + "")); + + + try { + LasttestClient lc = new LasttestClient(); + //lc.startTest("data/CX0/TestGeneratorCX0.001.Req.xml","http://161.106.2.255:8080/",10,1000); + lc.startTest(sek, turns, time); + } + catch (Exception e) { + e.printStackTrace(); + } + } +} + diff --git a/id/server/idserverlib/src/test/java/test/lasttest/TestThread.java b/id/server/idserverlib/src/test/java/test/lasttest/TestThread.java new file mode 100644 index 000000000..e3f4b879d --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/lasttest/TestThread.java @@ -0,0 +1,275 @@ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package test.lasttest; + +import java.io.OutputStream; +import java.net.URL; +import java.util.Vector; + +import javax.xml.namespace.QName; +import javax.xml.rpc.Call; +import javax.xml.rpc.Service; +import javax.xml.rpc.ServiceFactory; + +import org.apache.axis.message.SOAPBodyElement; +import org.w3c.dom.Element; + +import at.gv.egovernment.moa.id.proxy.builder.SAMLRequestBuilder; +import at.gv.egovernment.moa.id.util.AxisSecureSocketFactory; +import at.gv.egovernment.moa.util.FileUtils; +import at.gv.egovernment.moa.util.StreamUtils; +import at.gv.egovernment.moa.util.URLDecoder; +import at.gv.egovernment.moa.util.URLEncoder; +import com.sun.net.ssl.HttpsURLConnection; + +/** + * @author Stefan Knirsch + * @version $Id$ + * + */ +public class TestThread extends Thread { + private LasttestClient parent = null; + private int turn_no; + private Dispatcher disp = null; + + public TestThread( LasttestClient parent, int durchlauf_nr) { + turn_no = durchlauf_nr; + this.parent = parent; + + } + + protected Element doCall(Element request, String server) throws Exception { + + /* QName serviceName = new QName("GetAuthenticationData"); + + String endPoint = server + "services/GetAuthenticationData"; + Service service = ServiceFactory.newInstance().createService(serviceName); + Call call = service.createCall(); + SOAPBodyElement body = new SOAPBodyElement(request); + SOAPBodyElement[] params = new SOAPBodyElement[] { body }; + Vector responses; + SOAPBodyElement response; + + + System.out.println(DOMUtils.serializeNode(body.getAsDOM())); + call.setTargetEndpointAddress(endPoint); + System.out.println("Rufe WS auf: " + endPoint); + responses = (Vector) call.invoke(params); + System.out.println("WS aufgerufen."); + response = (SOAPBodyElement) responses.get(0); + System.out.println(DOMUtils.serializeNode(response.getAsDOM())); + return response.getAsDOM();*/ + + QName serviceName = new QName("GetAuthenticationData"); + String endPoint = server + "services/GetAuthenticationData"; + Service service = ServiceFactory.newInstance().createService(serviceName); + Call call = service.createCall(); + + System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol"); + System.setProperty("javax.net.ssl.trustStore", "C:/Programme/ApacheGroup/abnahme/server.keystore"); + System.setProperty("javax.net.ssl.trustStorePassword", "changeit"); + SOAPBodyElement body = new SOAPBodyElement(request); + SOAPBodyElement[] params = new SOAPBodyElement[] { body }; + Vector responses; + SOAPBodyElement response; + + call.setTargetEndpointAddress(endPoint); + responses = (Vector) call.invoke(params); + response = (SOAPBodyElement) responses.get(0); + return response.getAsDOM(); + } + + public boolean doRequest(int turnNo) throws Exception { + long start = System.currentTimeMillis(); + + try { + LasttestClient.Log.write(("Starte Durchlauf " + turnNo + "\n").getBytes()); + } + catch (Exception e) {} + + System.out.println("Starte Durchlauf " + turnNo); + // Anmelden + String URL = getURL(LasttestClient.MOA_AUTH_SERVER, "gb", "http://10.16.126.28:9080/moa-id-proxy/"); + HttpsURLConnection conn = giveConnection(URL, "GET"); + conn.connect(); + String result = new String(StreamUtils.readStream(conn.getInputStream())); + /* + * FOR DEBUG ONLY + */ + // System.out.println(URL); + // System.out.println(result); + //---------------- + + String MOASessionID = parseSessionIDFromForm(result); + conn.disconnect(); + + URL = parseDataURL(result); + // Verify Identity Link + conn = giveConnection(URL, "POST"); + conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); + String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); + OutputStream out = conn.getOutputStream(); + out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); + out.flush(); + out.close(); + conn.connect(); + + /* + * FOR DEBUG ONLY + */ + // System.out.println(URL); + // System.out.println(new String(StreamUtils.readStream(conn.getInputStream()))); + //---------------- + + String redirectLoc = conn.getHeaderField("Location"); + conn.disconnect(); + //Verify Auth Block + conn = giveConnection(redirectLoc, "POST"); + String createXMLSignatureResponse = URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8"); + out = conn.getOutputStream(); + out.write(("XMLResponse=" + createXMLSignatureResponse).getBytes("UTF-8")); + out.flush(); + out.close(); + conn.connect(); + redirectLoc = conn.getHeaderField("Location"); + + /* + * FOR DEBUG ONLY + */ + // System.out.println(redirectLoc); + // System.out.println(new String(StreamUtils.readStream(conn.getInputStream()))); + //---------------- + String samlArtifact = parseSamlArtifact(redirectLoc); + + // System.out.println("SamlArtifact: " + samlArtifact); + + AxisSecureSocketFactory.initialize(conn.getSSLSocketFactory()); + conn.disconnect(); + + conn = null; + + SAMLRequestBuilder srb = new SAMLRequestBuilder(); + + doCall(srb.build(MOASessionID, URLDecoder.decode(samlArtifact, "UTF-8")), LasttestClient.MOA_AUTH_SERVER); + // writeXmldata("GetAuthenticationDataWebServiceResponse.xml", result.getBytes("UTF-8")); + + long end = System.currentTimeMillis(); + long diff = end - start; + parent.sum +=diff; + if (parent.max < diff) { + parent.max = diff; + } + if (parent.min > diff) { + parent.min = diff; + } + if (turnNo>0) { + long totalmem = Runtime.getRuntime().totalMemory(); + long freemem = Runtime.getRuntime().freeMemory(); + try { + LasttestClient.Log.write(new String("Ende Durchlauf: " + turnNo + " ==> Dauer:" + diff + " Schnitt: " + (parent.sum/turnNo/2) + " Total-Mem: " + totalmem + " Free-Mem: " + freemem + "\n").getBytes()); + LasttestClient.Log.flush(); + } + catch (Exception e) {} + System.out.println(new String("Ende Durchlauf: " + turnNo + " ==> Dauer:" + diff + " Schnitt: " + (parent.sum/turnNo/2) + " Total-Mem: " + totalmem + " Free-Mem: " + freemem)); + } + return true; + + } + + public String getSubString(String input, String startsWith, String endsWith) { + return input.substring(input.indexOf(startsWith) + startsWith.length(), input.indexOf(endsWith, input.indexOf(startsWith) + startsWith.length())); + } + + public String getURL(String authURL, String target, String oaURL) { + return authURL + "StartAuthentication?Target=" + target + "&OA=" + oaURL; + } + + public HttpsURLConnection giveConnection(String targetURL, String requestMethod) throws Exception { + HttpsURLConnection conn = (HttpsURLConnection) new URL(targetURL).openConnection(); + conn.setRequestMethod(requestMethod); + conn.setDoInput(true); + conn.setDoOutput(true); + conn.setUseCaches(false); + conn.setAllowUserInteraction(false); + conn.setHostnameVerifier(new HostnameVerifierHack()); + return conn; + } + + public String killInclusive(String input, String startsWith, String endsWith, String newValue) { + int start = 0; + int ende; + String result; + result = input; + do { + start = result.indexOf(startsWith, start) + startsWith.length(); + ende = result.indexOf(endsWith, start); + result = result.substring(0, start - startsWith.length()) + newValue + result.substring(ende + endsWith.length(), result.length()); + start++; + } + while (result.indexOf(startsWith, ende + 1) > 0); + + return result; + } + + public String parseDataURL(String input) { + return getSubString(input.substring(input.indexOf("DataURL"), input.length()), "value=\"", "\""); + } + + public String parseSamlArtifact(String input) { +// System.out.println(input); + return getSubString(input + "@@@", "SAMLArtifact=", "@@@"); + } + + public String parseSessionIDFromForm(String htmlForm) { + String parName = "MOASessionID="; + int i1 = htmlForm.indexOf(parName) + parName.length(); + int i2 = htmlForm.indexOf("\"", i1); + return htmlForm.substring(i1, i2); + } + + public String readXmldata(String filename) throws Exception { + + return FileUtils.readFile(LasttestClient.TESTDATA_ROOT + "xmldata/L000/" + filename, "UTF-8"); + } + + /** + * @see java.lang.Runnable#run() + */ + public void run() { + parent.thread_counter++; + + try { + if (!doRequest(turn_no)) { + parent.error_count++; + } + } + catch (Exception e) { + e.printStackTrace(); + parent.error_count++; + } + parent.thread_counter--; + } + +} |