diff options
Diffstat (limited to 'id/server/modules/moa-id-module-ehvd_integration')
51 files changed, 4455 insertions, 0 deletions
diff --git a/id/server/modules/moa-id-module-ehvd_integration/pom.xml b/id/server/modules/moa-id-module-ehvd_integration/pom.xml new file mode 100644 index 000000000..15edb681e --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/pom.xml @@ -0,0 +1,145 @@ +<?xml version="1.0" encoding="UTF-8"?> +<project xmlns="http://maven.apache.org/POM/4.0.0" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> + <modelVersion>4.0.0</modelVersion> + <parent> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-modules</artifactId> + <version>4.2.0</version> + </parent> + <artifactId>moa-id-module-ehvd_integration</artifactId> + <version>${moa-id-ehvd_integration.version}</version> + <description>Module to integrate information from EHVD into MOA-ID response</description> + + <dependencies> + <dependency> + <groupId>MOA.id.server.modules</groupId> + <artifactId>moa-id-modul-citizencard_authentication</artifactId> + <exclusions> + <exclusion> + <groupId>*</groupId> + </exclusion> + </exclusions> + </dependency> + + <dependency> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-lib</artifactId> + <scope>provided</scope> + </dependency> + + <dependency> + <groupId>javax.servlet</groupId> + <artifactId>javax.servlet-api</artifactId> + <scope>provided</scope> + </dependency> + + <dependency> + <groupId>org.apache.cxf</groupId> + <artifactId>cxf-rt-frontend-jaxws</artifactId> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>org.apache.cxf</groupId> + <artifactId>cxf-rt-transports-http</artifactId> + <scope>provided</scope> + </dependency> + + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-test</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>at.gv.egiz.eaaf</groupId> + <artifactId>eaaf_core_utils</artifactId> + <scope>test</scope> + <type>test-jar</type> + </dependency> + <dependency> + <groupId>at.gv.egiz.eaaf</groupId> + <artifactId>eaaf-core</artifactId> + <scope>test</scope> + <type>test-jar</type> + </dependency> + <dependency> + <groupId>com.github.skjolber</groupId> + <artifactId>mockito-soap-cxf</artifactId> + <version>1.2.0</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.apache.cxf</groupId> + <artifactId>cxf-rt-transports-http-jetty</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.apache.cxf</groupId> + <artifactId>cxf-rt-rs-extension-providers</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.apache.tomcat</groupId> + <artifactId>tomcat-servlet-api</artifactId> + <version>9.0.56</version> + <scope>test</scope> + </dependency> + </dependencies> + + <build> + <plugins> + <plugin> + <groupId>org.apache.cxf</groupId> + <artifactId>cxf-codegen-plugin</artifactId> + <version>3.3.12</version> + <dependencies> + <dependency> + <groupId>xerces</groupId> + <artifactId>xercesImpl</artifactId> + <version>2.8.1</version> + </dependency> + <dependency> + <groupId>com.sun.xml.bind</groupId> + <artifactId>jaxb-impl</artifactId> + <version>2.2.5</version> + </dependency> + <dependency> + <groupId>com.sun.xml.bind</groupId> + <artifactId>jaxb-xjc</artifactId> + <version>2.2.5</version> + </dependency> + </dependencies> + <executions> + <execution> + <id>generate-sources</id> + <phase>generate-sources</phase> + <configuration> + <sourceRoot>${project.build.directory}/generated/cxf</sourceRoot> + <wsdlOptions> + <wsdlOption> + <wsdl>${basedir}/src/main/resources/wsdl/eHVD.wsdl</wsdl> + <packagenames> + <packagename>eHVD=at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl</packagename> + </packagenames> + <extraargs> + <extraarg>-verbose </extraarg> + </extraargs> + </wsdlOption> + </wsdlOptions> + </configuration> + <goals> + <goal>wsdl2java</goal> + </goals> + </execution> + </executions> + </plugin> + </plugins> + </build> + +</project> diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java new file mode 100644 index 000000000..6cb9c08e3 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java @@ -0,0 +1,61 @@ +/* + * Copyright 2021 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.ehvd; + +import at.gv.egiz.eaaf.core.api.data.EAAFConstants; + +public class ConfigurationProperties { + + // configuration properties + private static final String MODULE_PREFIX = "modules.ehvd."; + + public static final String PROP_MODULE_ENABLED = MODULE_PREFIX + "enabled"; + public static final String PROP_MODULE_SP_PREFIX = MODULE_PREFIX + "sp"; + + public static final String PROP_MODULE_SERVICE_TARGET = MODULE_PREFIX + "service.bpk.target"; + public static final String PROP_MODULE_SERVICE_ENDPOINT = MODULE_PREFIX + "service.url"; + public static final String PROP_MODULE_EHVD_ROLE_REGEX = MODULE_PREFIX + "service.role.regex"; + public static final String PROP_MODULE_EHVD_OTHERID_PREFIX = MODULE_PREFIX + "service.otherid.prefix"; + + public static final String PROP_MODULE_PVP_ROLE = MODULE_PREFIX + "role.pvp"; + + public static final String PROP_MODULE_PROXY_SOCKS_PORT = MODULE_PREFIX + "proxy.socks.port"; + + public static final String DEFAULT_EHVD_SERVICE_TARGET = EAAFConstants.URN_PREFIX_CDID + "GH"; + + + //TODO: define custom EHVD SAML2 attributes + public static final String ATTRIBUTE_URN_EHVD_PREFIX = "urn:brzgvat:attributes.ehvd."; + public static final String ATTRIBUTE_URN_EHVD_TITLE = ATTRIBUTE_URN_EHVD_PREFIX + "title"; + public static final String ATTRIBUTE_URN_EHVD_FIRSTNAME = ATTRIBUTE_URN_EHVD_PREFIX + "firstname"; + public static final String ATTRIBUTE_URN_EHVD_SURNAME = ATTRIBUTE_URN_EHVD_PREFIX + "surname"; + public static final String ATTRIBUTE_URN_EHVD_ZIPCODE = ATTRIBUTE_URN_EHVD_PREFIX + "zip"; + public static final String ATTRIBUTE_URN_EHVD_STATE = ATTRIBUTE_URN_EHVD_PREFIX + "state"; + public static final String ATTRIBUTE_URN_EHVD_ID = ATTRIBUTE_URN_EHVD_PREFIX + "id"; + public static final String ATTRIBUTE_URN_EHVD_OTHERID = ATTRIBUTE_URN_EHVD_PREFIX + "otherid"; + + + private ConfigurationProperties() { + // hide constructor or static class + } +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthModule.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthModule.java new file mode 100644 index 000000000..d087b9fe2 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthModule.java @@ -0,0 +1,147 @@ +/* + * Copyright 2021 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.ehvd; + +import java.util.Collection; +import java.util.Collections; +import java.util.stream.Collectors; + +import javax.annotation.PostConstruct; + +import org.apache.commons.lang3.StringUtils; +import org.springframework.beans.factory.annotation.Autowired; + +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; +import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; +import at.gv.egovernment.moa.id.auth.modules.internal.DefaultCitizenCardAuthModuleImpl; +import at.gv.egovernment.moa.logging.Logger; + +/** + * @author tlenz + * + */ +public class EhvdServiceAuthModule extends DefaultCitizenCardAuthModuleImpl { + + private int priority = 2; + + @Autowired(required = true) + protected IConfigurationWithSP authConfig; + + private Collection<String> uniqueIDsEnabled; + + /* + * (non-Javadoc) + * + * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getPriority() + */ + @Override + public int getPriority() { + return priority; + + } + + /** + * Sets the priority of this module. Default value is {@code 0}. + * + * @param priority The priority. + */ + public void setPriority(int priority) { + this.priority = priority; + + } + + @PostConstruct + private void initialDummyAuthWhiteList() { + if (authConfig.getBasicConfigurationBoolean(ConfigurationProperties.PROP_MODULE_ENABLED, false)) { + Logger.info("AuthModule for 'EHVD injection' is enabled"); + + // load allowed service-provider Id's + uniqueIDsEnabled = authConfig.getBasicConfigurationWithPrefix( + ConfigurationProperties.PROP_MODULE_SP_PREFIX).values().stream() + .filter(el -> StringUtils.isNotEmpty(el)) + .collect(Collectors.toSet()); + + if (!uniqueIDsEnabled.isEmpty()) { + Logger.info("EHVD communication is enabled for ...."); + uniqueIDsEnabled.forEach(el -> Logger.info(" EntityID: " + el)); + + } + + } else { + uniqueIDsEnabled = Collections.emptySet(); + Logger.info("AuthModule for 'EHVD injection' is disabled"); + + } + + } + + /* + * (non-Javadoc) + * + * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv. + * egovernment.moa.id.process.api.ExecutionContext) + */ + @Override + public String selectProcess(ExecutionContext context, IRequest pendingReq) { + + if (authConfig.getBasicConfigurationBoolean(ConfigurationProperties.PROP_MODULE_ENABLED, false)) { + final String spEntityID = pendingReq.getServiceProviderConfiguration().getUniqueIdentifier(); + Logger.trace("Checking EHVD communication for SP: " + spEntityID + " ...."); + final boolean ccAuthRequested = StringUtils.isNotEmpty(super.selectProcess(context, pendingReq)); + if (uniqueIDsEnabled.contains(spEntityID) && ccAuthRequested) { + Logger.debug("EHVD communication is allowed for SP: " + spEntityID); + return "DefaultAuthenticationWithEHVDInteraction"; + + } else { + if (Logger.isDebugEnabled()) { + if (ccAuthRequested) { + Logger.debug("Unique SP-Id: " + spEntityID + " is not in whitelist for EHVD communication."); + + } else { + Logger.trace("No CititzenCard authentication requested. EHVD communication skipped too"); + + } + } + } + + } else { + Logger.trace("'EHVD injection' authentication is disabled"); + + } + + return null; + + } + + /* + * (non-Javadoc) + * + * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getProcessDefinitions() + */ + @Override + public String[] getProcessDefinitions() { + return new String[] { "classpath:/DefaultAuth_with_ehvd_interaction.process.xml" }; + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthSpringResourceProvider.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthSpringResourceProvider.java new file mode 100644 index 000000000..589a316fe --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthSpringResourceProvider.java @@ -0,0 +1,71 @@ +/* + * Copyright 2021 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.ehvd; + +import org.springframework.core.io.ClassPathResource; +import org.springframework.core.io.Resource; + +import at.gv.egiz.components.spring.api.SpringResourceProvider; + +/** + * @author tlenz + * + */ +public class EhvdServiceAuthSpringResourceProvider implements SpringResourceProvider { + + /* + * (non-Javadoc) + * + * @see + * at.gv.egiz.components.spring.api.SpringResourceProvider#getResourcesToLoad() + */ + @Override + public Resource[] getResourcesToLoad() { + final ClassPathResource authConfig = new ClassPathResource("/moaid_ehvd_service_auth.beans.xml", + EhvdServiceAuthSpringResourceProvider.class); + return new Resource[] { authConfig }; + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egiz.components.spring.api.SpringResourceProvider#getPackagesToScan() + */ + @Override + public String[] getPackagesToScan() { + // TODO Auto-generated method stub + return null; + } + + /* + * (non-Javadoc) + * + * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getName() + */ + @Override + public String getName() { + return "Module for 'Dummy Authentication'"; + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/AbstractEhvdAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/AbstractEhvdAttributeBuilder.java new file mode 100644 index 000000000..af413ffc3 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/AbstractEhvdAttributeBuilder.java @@ -0,0 +1,51 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes; + +import org.apache.commons.lang3.StringUtils; + +import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; +import at.gv.egiz.eaaf.core.api.idp.IAuthData; +import at.gv.egiz.eaaf.core.api.idp.IPVPAttributeBuilder; +import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration; +import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; +import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; +import at.gv.egovernment.moa.logging.Logger; + +public abstract class AbstractEhvdAttributeBuilder implements IPVPAttributeBuilder { + + @Override + public <ATT> ATT build(ISPConfiguration spConfig, IAuthData authData, IAttributeGenerator<ATT> g) + throws AttributeBuilderException { + try { + GdaDescriptor fullGdaInfo = + authData.getGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, GdaDescriptor.class); + + if (fullGdaInfo != null) { + String attrValue = generateAttributeValue(fullGdaInfo); + Logger.debug(StringUtils.isEmpty(attrValue) ? "Skip" : "Build" + + "attribute: " + getName()); + return g.buildStringAttribute(getName(), getName(), + StringUtils.isNotEmpty(attrValue) ? attrValue : null); + + } else { + Logger.trace("Skipping attr: " + getName() + " because no GDA info available"); + return null; + + } + + } catch (ClassCastException e) { + Logger.trace("Skipping attr: " + getName() + " because no GDA info available"); + return null; + + } + } + + @Override + public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) { + return g.buildEmptyAttribute(getName(), getName()); + + } + + protected abstract String generateAttributeValue(GdaDescriptor fullGdaInfo); + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdAddressStateAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdAddressStateAttributeBuilder.java new file mode 100644 index 000000000..7056c3099 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdAddressStateAttributeBuilder.java @@ -0,0 +1,28 @@ +//package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes; +// +//import java.util.stream.Collectors; +// +//import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; +// +//@PVPMETADATA +//public class EhvdAddressStateAttributeBuilder extends AbstractEhvdAttributeBuilder { +// +// private static final String ATTR_VALUE_DELIMITER = "|"; +// +// @Override +// public String getName() { +// return ConfigurationProperties.ATTRIBUTE_URN_EHVD_STATE; +// +// } +// +// @Override +// protected String generateAttributeValue(GdaDescriptor fullGdaInfo) { +// return fullGdaInfo.getAddress().stream() +// .map(el -> el.getState() != null ? el.getState() : "") +// .collect(Collectors.joining(ATTR_VALUE_DELIMITER)); +// +// } +// +//} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdAddressZipcodeAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdAddressZipcodeAttributeBuilder.java new file mode 100644 index 000000000..98a0567f2 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdAddressZipcodeAttributeBuilder.java @@ -0,0 +1,28 @@ +//package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes; +// +//import java.util.stream.Collectors; +// +//import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; +// +//@PVPMETADATA +//public class EhvdAddressZipcodeAttributeBuilder extends AbstractEhvdAttributeBuilder { +// +// private static final String ATTR_VALUE_DELIMITER = "|"; +// +// @Override +// public String getName() { +// return ConfigurationProperties.ATTRIBUTE_URN_EHVD_ZIPCODE; +// +// } +// +// @Override +// protected String generateAttributeValue(GdaDescriptor fullGdaInfo) { +// return fullGdaInfo.getAddress().stream() +// .map(el -> el.getZip() != null ? el.getZip() : "") +// .collect(Collectors.joining(ATTR_VALUE_DELIMITER)); +// +// } +// +//} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdFirstnameAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdFirstnameAttributeBuilder.java new file mode 100644 index 000000000..1bb923cf4 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdFirstnameAttributeBuilder.java @@ -0,0 +1,22 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes; + +import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA; +import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; + +@PVPMETADATA +public class EhvdFirstnameAttributeBuilder extends AbstractEhvdAttributeBuilder { + + @Override + public String getName() { + return ConfigurationProperties.ATTRIBUTE_URN_EHVD_FIRSTNAME; + + } + + @Override + protected String generateAttributeValue(GdaDescriptor fullGdaInfo) { + return fullGdaInfo.getFirstname(); + + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdIdAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdIdAttributeBuilder.java new file mode 100644 index 000000000..918b02c2e --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdIdAttributeBuilder.java @@ -0,0 +1,22 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes; + +import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA; +import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; + +@PVPMETADATA +public class EhvdIdAttributeBuilder extends AbstractEhvdAttributeBuilder { + + @Override + public String getName() { + return ConfigurationProperties.ATTRIBUTE_URN_EHVD_ID; + + } + + @Override + protected String generateAttributeValue(GdaDescriptor fullGdaInfo) { + return fullGdaInfo.getId() != null ? fullGdaInfo.getId().getId() : null; + + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdOtherIdAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdOtherIdAttributeBuilder.java new file mode 100644 index 000000000..2d0e20c9c --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdOtherIdAttributeBuilder.java @@ -0,0 +1,54 @@ +//package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes; +// +//import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; +//import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; +//import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; +//import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +//import at.gv.egovernment.moa.logging.Logger; +// +//@PVPMETADATA +//public class EhvdOtherIdAttributeBuilder extends AbstractEhvdAttributeBuilder { +// +// private static final String DEFAULT_ID_PREFIX = "1.2.40.0.34.4.18:"; +// +// private String idPrefix; +// +// public EhvdOtherIdAttributeBuilder() { +// try { +// AuthConfiguration config = AuthConfigurationProviderFactory.getInstance(); +// if (config != null) { +// idPrefix = config.getBasicConfiguration( +// ConfigurationProperties.PROP_MODULE_EHVD_OTHERID_PREFIX, DEFAULT_ID_PREFIX); +// +// } else { +// idPrefix = DEFAULT_ID_PREFIX; +// +// } +// } catch (ConfigurationException e) { +// idPrefix = DEFAULT_ID_PREFIX; +// +// } +// +// Logger.info(" Set-up " + getName() + " with otherId prefix: " + idPrefix); +// +// } +// +// @Override +// public String getName() { +// return ConfigurationProperties.ATTRIBUTE_URN_EHVD_OTHERID; +// +// } +// +// @Override +// protected String generateAttributeValue(GdaDescriptor fullGdaInfo) { +// return fullGdaInfo.getOtherID().stream() +// .filter(el -> el.startsWith(idPrefix)) +// .findFirst() +// .map(el -> el.substring(idPrefix.length())) +// .orElse(null); +// +// } +// +//} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdSurnameAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdSurnameAttributeBuilder.java new file mode 100644 index 000000000..db8de397b --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdSurnameAttributeBuilder.java @@ -0,0 +1,22 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes; + +import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA; +import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; + +@PVPMETADATA +public class EhvdSurnameAttributeBuilder extends AbstractEhvdAttributeBuilder { + + @Override + public String getName() { + return ConfigurationProperties.ATTRIBUTE_URN_EHVD_SURNAME; + + } + + @Override + protected String generateAttributeValue(GdaDescriptor fullGdaInfo) { + return fullGdaInfo.getSurname(); + + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdTitelAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdTitelAttributeBuilder.java new file mode 100644 index 000000000..c978d4dd2 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdTitelAttributeBuilder.java @@ -0,0 +1,22 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes; + +import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA; +import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; + +@PVPMETADATA +public class EhvdTitelAttributeBuilder extends AbstractEhvdAttributeBuilder { + + @Override + public String getName() { + return ConfigurationProperties.ATTRIBUTE_URN_EHVD_TITLE; + + } + + @Override + protected String generateAttributeValue(GdaDescriptor fullGdaInfo) { + return fullGdaInfo.getTitle(); + + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/PvpRoleAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/PvpRoleAttributeBuilder.java new file mode 100644 index 000000000..a79aa86dd --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/PvpRoleAttributeBuilder.java @@ -0,0 +1,57 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes; + +import java.util.stream.Collectors; + +import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; +import at.gv.egiz.eaaf.core.api.idp.IAuthData; +import at.gv.egiz.eaaf.core.api.idp.IPVPAttributeBuilder; +import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration; +import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; +import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA; +import at.gv.egovernment.moa.id.data.IMOAAuthData; +import at.gv.egovernment.moa.logging.Logger; + +@PVPMETADATA +public class PvpRoleAttributeBuilder implements IPVPAttributeBuilder { + + private static final String ROLE_NAME_DELIMITER = ";"; + + @Override + public <ATT> ATT build(ISPConfiguration oaParam, IAuthData authData, + IAttributeGenerator<ATT> g) throws AttributeBuilderException { + if (authData instanceof IMOAAuthData) { + final IMOAAuthData moaAuthData = (IMOAAuthData) authData; + if (moaAuthData.getAuthenticationRoles() != null + && !moaAuthData.getAuthenticationRoles().isEmpty()) { + return g.buildStringAttribute(ROLES_FRIENDLY_NAME, ROLES_NAME, + moaAuthData.getAuthenticationRoles().stream() + .map(el -> el.getRawRoleString()) + .collect(Collectors.joining(ROLE_NAME_DELIMITER))); + + } else { + Logger.trace("No PVP roles available. Skipping attribute: " + ROLES_FRIENDLY_NAME); + + } + + } else { + Logger.info("Attribute: " + ROLES_FRIENDLY_NAME + " is only available in MOA-ID context"); + + } + + return null; + + } + + @Override + public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) { + return g.buildEmptyAttribute(ROLES_FRIENDLY_NAME, ROLES_NAME); + + } + + @Override + public String getName() { + return ROLES_NAME; + + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/exception/EhvdException.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/exception/EhvdException.java new file mode 100644 index 000000000..f621d1bb4 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/exception/EhvdException.java @@ -0,0 +1,19 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.exception; + +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; + +public class EhvdException extends AuthenticationException { + + private static final long serialVersionUID = 380654627005502948L; + + public EhvdException(String messageId, Object[] parameters) { + super(messageId, parameters); + + } + + public EhvdException(String messageId, Object[] parameters, Throwable e) { + super(messageId, parameters, e); + + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java new file mode 100644 index 000000000..b165d05e2 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java @@ -0,0 +1,321 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.service; + +import java.net.URL; +import java.util.ArrayList; +import java.util.List; +import java.util.Map; +import java.util.Optional; +import java.util.Set; +import java.util.regex.Matcher; +import java.util.regex.Pattern; + +import javax.annotation.Nonnull; +import javax.annotation.PostConstruct; +import javax.xml.ws.BindingProvider; +import javax.xml.ws.handler.Handler; +import javax.xml.ws.soap.SOAPFaultException; + +import org.apache.commons.lang3.StringUtils; +import org.apache.cxf.endpoint.Client; +import org.apache.cxf.frontend.ClientProxy; +import org.apache.cxf.transport.http.HTTPConduit; +import org.apache.cxf.transports.http.configuration.ProxyServerType; +import org.springframework.beans.factory.annotation.Autowired; + +import com.google.common.collect.Sets; + +import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink; +import at.gv.egiz.eaaf.core.exceptions.EAAFBuilderException; +import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException; +import at.gv.egiz.eaaf.core.impl.data.Pair; +import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BPKBuilder; +import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.EHVD; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.EHVDService; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaIndexResponse; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GetGdaDescriptors; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.InstanceIdentifier; +import at.gv.egovernment.moa.id.auth.modules.ehvd.exception.EhvdException; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.util.LoggingHandler; + +/** + * Implement interaction with EHVD service to get GDA information. + * + * @author tlenz + * + */ +public class EhvdCommunicationService implements IEhvdCommunication { + + private static final String GDA_RESP_STATUS_ACTIVE = "Aktiv"; + + private static final String ERROR_EHVD_00 = "ehvd.00"; + private static final String ERROR_EHVD_01 = "ehvd.01"; + private static final String ERROR_EHVD_02 = "ehvd.02"; + private static final String ERROR_EHVD_03 = "ehvd.03"; + private static final String ERROR_EHVD_04 = "ehvd.04"; + private static final String ERROR_CONFIG_05 = "config.05"; + + private static final Set<String> SERVICE_ERRORS_LOG_INFO = Sets.newHashSet("6002"); + + @Autowired + IConfiguration config; + + private String ehvdBpkTarget; + + private EHVD ehvdClient; + private Pattern ehvdRolePattern; + + private List<String> ehvhPvpRoleList; + + /** + * Get user's GDA roles from EHVD Service. + * + * @param identityLink IdentityLink of the user + * @return {@link List} of Roles that are received from EHVD + * @throws AuthenticationException In case of an EHVD communication error + * @throws EAAFBuilderException In case of a bPK generation error + */ + @Override + @Nonnull + public EhvdResponseHolder getRoles(IIdentityLink identityLink) throws AuthenticationException, + EAAFBuilderException { + + // get bPK for EHVD request + final Pair<String, String> ehvdBpk = BPKBuilder.generateAreaSpecificPersonIdentifier( + identityLink.getIdentificationValue(), + identityLink.getIdentificationType(), + ehvdBpkTarget); + + // request EHVD and handle errors + final GdaIndexResponse gdaResp = requestingGda(ehvdBpk.getFirst()); + + // parse roles from response + return EhvdResponseHolder.getInstance(gdaResp.getGda(), parseGdaResponse(gdaResp)); + + } + + @Nonnull + private GdaIndexResponse requestingGda(String bpk) throws EhvdException { + try { + final GetGdaDescriptors gdaReq = buildGdaRequest(bpk); + Logger.debug("Requesting EHVD to get GDA status ... "); + final GdaIndexResponse gdaResp = ehvdClient.getGDA(gdaReq); + Logger.debug("Receive GDA status. Starting response validation ... "); + return gdaResp; + + } catch (final SOAPFaultException e) { + throw handleSoapFaultError(e); + + } catch (final Exception e) { + Logger.error("EHVD communication failed with generic error: " + e.getMessage(), e); + throw new EhvdException(ERROR_EHVD_01, new Object[] {}, e); + + } + + } + + private EhvdException handleSoapFaultError(SOAPFaultException e) { + // extract reason for this error + final String errorMsg = e.getFault() != null + ? StringUtils.isNotEmpty(e.getFault().getFaultString()) ? e.getFault().getFaultString() + : e.getMessage() + : e.getMessage(); + + if (SERVICE_ERRORS_LOG_INFO.stream() + .filter(el -> errorMsg.contains(el)) + .findFirst() + .isPresent()) { + Logger.info("EHVD communication failed with SOAP response: " + errorMsg); + return new EhvdException(ERROR_EHVD_03, new Object[] { errorMsg }); + + } else { + Logger.warn("EHVD communication failed with SOAP response: " + errorMsg, e); + return new EhvdException(ERROR_EHVD_02, new Object[] { errorMsg }); + + } + + + + } + + private List<String> parseGdaResponse(GdaIndexResponse ehvdResp) throws EhvdException { + if (ehvdResp.getGda() != null) { + final GdaDescriptor gdaInfo = ehvdResp.getGda(); + if (GDA_RESP_STATUS_ACTIVE.equals(gdaInfo.getStatus().getEhvdstatus())) { + Logger.debug("Find #" + gdaInfo.getRoles().getRole().size() + " roles"); + + // match roles with regex from configuration + final Optional<String> validGdaRole = gdaInfo.getRoles().getRole().stream() + .filter(el -> matchGdaRole(el)) + .findFirst(); + + if (validGdaRole.isPresent()) { + Logger.info("Find valid GDA role: " + validGdaRole.get() + " Set PVP Role: " + + StringUtils.join(ehvhPvpRoleList, ",") + " into Session"); + + // set role into response + return ehvhPvpRoleList; + + } else { + Logger.info("No valid GDA role in EHVD response"); + throw new EhvdException(ERROR_EHVD_04, null); + + } + + } else { + Logger.info("GDA is marked as 'inactive'. Stopping process with an error ... "); + throw new EhvdException(ERROR_EHVD_00, null); + + } + + } else { + Logger.info("Receive empty GDA response"); + throw new EhvdException(ERROR_EHVD_03, new Object[] {}); + + } + } + + private boolean matchGdaRole(String role) { + final Matcher matcher = ehvdRolePattern.matcher(role); + final boolean matches = matcher.matches(); + Logger.trace(matches ? "EHVD role: " + role + " matches" + : "EHVD role: " + role + " does not matche to pattern: " + matcher.toString()); + return matches; + + } + + private GetGdaDescriptors buildGdaRequest(String bPK) { + final GetGdaDescriptors req = new GetGdaDescriptors(); + final InstanceIdentifier gdaIdentifier = new InstanceIdentifier(); + gdaIdentifier.setOidIssuingAuthority(PVPAttributeDefinitions.BPK_OID); + gdaIdentifier.setId(bPK); + req.setHcIdentifier(gdaIdentifier); + return req; + + } + + @PostConstruct + private void initialize() throws EAAFConfigurationException { + if (config.getBasicConfigurationBoolean(ConfigurationProperties.PROP_MODULE_ENABLED, false)) { + initializeEhvdClient(); + + // load EHVD bPK target + ehvdBpkTarget = config.getBasicConfiguration( + ConfigurationProperties.PROP_MODULE_SERVICE_TARGET, + ConfigurationProperties.DEFAULT_EHVD_SERVICE_TARGET); + Logger.info("Set-up EHVD Client with bPK target: " + ehvdBpkTarget); + + // load Regex to match EHVD Roles to PVP Roles + final String ehvdRoleRegex = config.getBasicConfiguration( + ConfigurationProperties.PROP_MODULE_EHVD_ROLE_REGEX); + checkConfigPropertyNotNull(ehvdRoleRegex, ConfigurationProperties.PROP_MODULE_EHVD_ROLE_REGEX); + ehvdRolePattern = Pattern.compile(ehvdRoleRegex); + + Logger.info("Set-up EHVD Client with Role regex: " + ehvdRolePattern.toString()); + + // load PVP Roles for EHVD integration + final String ehvdPvpRole = config.getBasicConfiguration( + ConfigurationProperties.PROP_MODULE_PVP_ROLE); + checkConfigPropertyNotNull(ehvdPvpRole, ConfigurationProperties.PROP_MODULE_PVP_ROLE); + ehvhPvpRoleList = KeyValueUtils.getListOfCSVValues(ehvdPvpRole); + Logger.info("Set-up EHVD module with PVP Role: " + StringUtils.join(ehvhPvpRoleList, ",")); + + } else { + Logger.info("Skipping EHVD client because it's not active"); + + } + } + + private void checkConfigPropertyNotNull(String valueToCheck, String configPropName) + throws EAAFConfigurationException { + if (StringUtils.isEmpty(valueToCheck)) { + Logger.error("Missing configuration for EHVD module. " + + "(Property: " + configPropName + ")"); + throw new EAAFConfigurationException(ERROR_CONFIG_05, + new Object[] { configPropName }); + + } + + } + + private void initializeEhvdClient() throws EAAFConfigurationException { + Logger.debug("Initializing EHVD client ... "); + final URL url = EhvdCommunicationService.class.getResource("/wsdl/eHVD.wsdl"); + final EHVDService service = new EHVDService(url); + ehvdClient = service.getEHVDPort12(); + + // load service end-point URL from configuration + final String ehvdEndpointUrl = config.getBasicConfiguration( + ConfigurationProperties.PROP_MODULE_SERVICE_ENDPOINT); + if (StringUtils.isEmpty(ehvdEndpointUrl)) { + Logger.error("Missing configuration for EHVD WebService endpoint. " + + "(Property: " + ConfigurationProperties.PROP_MODULE_SERVICE_ENDPOINT + ")"); + throw new EAAFConfigurationException(ERROR_CONFIG_05, + new Object[] { ConfigurationProperties.PROP_MODULE_SERVICE_ENDPOINT }); + + } + + // inject service end-point URL + final Map<String, Object> requestContext = ((BindingProvider) ehvdClient).getRequestContext(); + requestContext.put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, ehvdEndpointUrl); + + // inject Logging handler + List<Handler> handlerList = ((BindingProvider) ehvdClient).getBinding().getHandlerChain(); + if (handlerList == null) { + handlerList = new ArrayList<>(); + + } + + handlerList.add(new LoggingHandler()); + ((BindingProvider) ehvdClient).getBinding().setHandlerChain(handlerList); + + Logger.info("Initialize EHVD Client with service end-point: " + ehvdEndpointUrl); + + // these code is only for local testing + final String socksPort = config.getBasicConfiguration( + ConfigurationProperties.PROP_MODULE_PROXY_SOCKS_PORT); + if (StringUtils.isNotEmpty(socksPort)) { + Logger.warn("Injecting SOCKS5 Proxy for service communication!"); + final Client client = ClientProxy.getClient(ehvdClient); + final HTTPConduit http = (HTTPConduit) client.getConduit(); + http.getClient().setProxyServerType(ProxyServerType.SOCKS); + http.getClient().setProxyServer("127.0.0.1"); + http.getClient().setProxyServerPort(Integer.valueOf(socksPort)); + + } + } + + public static class EhvdResponseHolder { + final List<String> roles; + final GdaDescriptor fullGdaResponse; + + + public static EhvdResponseHolder getInstance(GdaDescriptor gdaInfo, List<String> processedRoles) { + return new EhvdResponseHolder(gdaInfo, processedRoles); + + } + + private EhvdResponseHolder(GdaDescriptor gdaInfo, List<String> processedRoles) { + this.roles = processedRoles; + this.fullGdaResponse = gdaInfo; + + } + + public List<String> getRoles() { + return roles; + } + + public GdaDescriptor getFullGdaResponse() { + return fullGdaResponse; + } + + + + } +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/IEhvdCommunication.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/IEhvdCommunication.java new file mode 100644 index 000000000..6b7c7e2f5 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/IEhvdCommunication.java @@ -0,0 +1,20 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.service; + +import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink; +import at.gv.egiz.eaaf.core.exceptions.EAAFBuilderException; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.modules.ehvd.service.EhvdCommunicationService.EhvdResponseHolder; + +public interface IEhvdCommunication { + + /** + * Get user's GDA roles from EHVD Service. + * + * @param identityLink IdentityLink of the user + * @return {@link EhvdResponseHolder} that contains the Roles received from EHVD and the full GDA response + * @throws AuthenticationException In case of an EHVD communication error + * @throws EAAFBuilderException In case of a bPK generation error + */ + EhvdResponseHolder getRoles(IIdentityLink identityLink) throws AuthenticationException, EAAFBuilderException; + +}
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/task/InjectEhvdInformationTask.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/task/InjectEhvdInformationTask.java new file mode 100644 index 000000000..ee5dbb2fd --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/task/InjectEhvdInformationTask.java @@ -0,0 +1,109 @@ +/* + * Copyright 2021 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.modules.ehvd.task; + +import java.util.List; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.lang3.StringUtils; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; + +import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions; +import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; +import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; +import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +import at.gv.egovernment.moa.id.auth.modules.ehvd.service.EhvdCommunicationService.EhvdResponseHolder; +import at.gv.egovernment.moa.id.auth.modules.ehvd.service.IEhvdCommunication; +import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; +import at.gv.egovernment.moa.logging.Logger; + +/** + * @author tlenz + * + */ +@Component("InjectEhvdInformationTask") +public class InjectEhvdInformationTask extends AbstractAuthServletTask { + + @Autowired + IEhvdCommunication ehvdService; + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask#execute(at.gv. + * egovernment.moa.id.process.api.ExecutionContext, + * javax.servlet.http.HttpServletRequest, + * javax.servlet.http.HttpServletResponse) + */ + @Override + public void execute(ExecutionContext executionContext, HttpServletRequest request, + HttpServletResponse response) + throws TaskExecutionException { + try { + final AuthenticationSessionWrapper session = pendingReq.getSessionData( + AuthenticationSessionWrapper.class); + + // validate internal state + validateInternalState(session); + + // requesting roles from EHVD + final EhvdResponseHolder ehvdResponse = ehvdService.getRoles(session.getIdentityLink()); + + // inject EHVD roles + session.setGenericDataToSession(PVPAttributeDefinitions.ROLES_NAME, + StringUtils.join(ehvdResponse.getRoles(), ";")); + + // inject full EHVD response + session.setGenericDataToSession(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, + ehvdResponse.getFullGdaResponse()); + + // store MOASession into database + requestStoreage.storePendingRequest(pendingReq); + + } catch (final MOAIDException e) { + throw new TaskExecutionException(pendingReq, e.getMessage(), e); + + } catch (final Exception e) { + throw new TaskExecutionException(pendingReq, e.getMessage(), e); + + } + } + + private void validateInternalState(AuthenticationSessionWrapper session) throws AuthenticationException { + // check if identityLink is available + if (session.getIdentityLink() == null) { + Logger.error("No IdentityLink in session. There is an internal error in process definition"); + throw new AuthenticationException("process.04", null); + + } + + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/DefaultAuth_with_ehvd_interaction.process.xml b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/DefaultAuth_with_ehvd_interaction.process.xml new file mode 100644 index 000000000..2ff0d552f --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/DefaultAuth_with_ehvd_interaction.process.xml @@ -0,0 +1,32 @@ +<?xml version="1.0" encoding="UTF-8"?> +<pd:ProcessDefinition id="DefaultAuthenticationWithEHVDInteraction" xmlns:pd="http://reference.e-government.gv.at/namespace/moa/process/definition/v1"> + + <!-- Tasks involved in this authentication flow --> + <pd:Task id="initializeBKUAuthentication" class="InitializeBKUAuthenticationTask" /> + <pd:Task id="createIdentityLinkForm" class="CreateIdentityLinkFormTask" /> + <pd:Task id="verifyIdentityLink" class="VerifyIdentityLinkTask" async="true" /> + <pd:Task id="prepareAuthBlockSignature" class="PrepareAuthBlockSignatureTask" /> + <pd:Task id="verifyAuthBlock" class="VerifyAuthenticationBlockTask" async="true" /> + + <pd:Task id="injectEhvdInformation" class="InjectEhvdInformationTask" /> + <pd:Task id="userRestrictionTask" class="UserRestrictionTask" /> + + <pd:Task id="finalizeAuthentication" class="FinalizeAuthenticationTask" /> + + + <!-- definition of the authentication flow --> + <pd:StartEvent id="start" /> + + <pd:Transition from="start" to="initializeBKUAuthentication" /> + <pd:Transition from="initializeBKUAuthentication" to="createIdentityLinkForm" /> + <pd:Transition from="createIdentityLinkForm" to="verifyIdentityLink" /> + <pd:Transition from="verifyIdentityLink" to="prepareAuthBlockSignature" /> + <pd:Transition from="prepareAuthBlockSignature" to="verifyAuthBlock" /> + <pd:Transition from="verifyAuthBlock" to="userRestrictionTask" /> + <pd:Transition from="userRestrictionTask" to="injectEhvdInformation" /> + <pd:Transition from="injectEhvdInformation" to="finalizeAuthentication" /> + <pd:Transition from="finalizeAuthentication" to="end" /> + + <pd:EndEvent id="end" /> + +</pd:ProcessDefinition> diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider new file mode 100644 index 000000000..6985f2b7d --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider @@ -0,0 +1 @@ +at.gv.egovernment.moa.id.auth.modules.ehvd.EhvdServiceAuthSpringResourceProvider
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder new file mode 100644 index 000000000..44f8d26cf --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder @@ -0,0 +1,5 @@ +at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.PvpRoleAttributeBuilder +at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder +at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdFirstnameAttributeBuilder +at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdSurnameAttributeBuilder +at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdIdAttributeBuilder diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/moaid_ehvd_service_auth.beans.xml b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/moaid_ehvd_service_auth.beans.xml new file mode 100644 index 000000000..4ef523ec8 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/moaid_ehvd_service_auth.beans.xml @@ -0,0 +1,23 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:tx="http://www.springframework.org/schema/tx" + xmlns:aop="http://www.springframework.org/schema/aop" + xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + + <bean id="ehvdServiceAuthModule" class="at.gv.egovernment.moa.id.auth.modules.ehvd.EhvdServiceAuthModule"> + <property name="priority" value="4" /> + </bean> + + <bean id="ehvdCommunicationService" + class="at.gv.egovernment.moa.id.auth.modules.ehvd.service.EhvdCommunicationService"/> + + <bean id="InjectEhvdInformationTask" + class="at.gv.egovernment.moa.id.auth.modules.ehvd.task.InjectEhvdInformationTask" + scope="prototype"/> + +</beans>
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/id_messages.properties b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/id_messages.properties new file mode 100644 index 000000000..b4a752a2d --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/id_messages.properties @@ -0,0 +1,7 @@ +ehvd.00=Für den abgefragtem GDA liegt keine Berechtigung vor +ehvd.01=Technischer Fehler bei der Abfrage von GDA Informationen. Ursache: {0} +ehvd.02=Fehler bei der Abfrage von GDA Informationen. Ursache: {0} +ehvd.03=Antwort des EHVD Service beinhaltet keine GDA Informationen +ehvd.04=Keine gültige EHVD Role gefunden + +ehvd.99=Allgemeiner Fehler bei der Abfrage des EHVD Service diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/protocol_response_statuscodes.properties b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/protocol_response_statuscodes.properties new file mode 100644 index 000000000..d3ba65c11 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/protocol_response_statuscodes.properties @@ -0,0 +1,9 @@ +test.01=aabbccdd +test.02=zzzyyyxxx + +ehvd.00=7000 +ehvd.01=7001 +ehvd.02=7001 +ehvd.03=7003 +ehvd.04=7002 +ehvd.99=7099
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/wsdl/eHVD.wsdl b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/wsdl/eHVD.wsdl new file mode 100644 index 000000000..a1138f068 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/wsdl/eHVD.wsdl @@ -0,0 +1,220 @@ +<?xml version="1.0" encoding="UTF-8"?><wsdl:definitions xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:tns="eHVD" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:mime="http://www.w3.org/2003/01/wsdl/mime" targetNamespace="eHVD"> + + <wsdl:documentation> + Service: eHVD + Version: 2 + Owner: BRZ + </wsdl:documentation> + + <wsdl:types> + <xs:schema xmlns:ehvd="eHVD" xmlns:jaxb="http://java.sun.com/xml/ns/jaxb" xmlns:xjc="http://java.sun.com/xml/ns/jaxb/xjc" xmlns:xs="http://www.w3.org/2001/XMLSchema" jaxb:extensionBindingPrefixes="xjc" jaxb:version="2.0" elementFormDefault="qualified" targetNamespace="eHVD" version="1.0"> + <xs:annotation> + <xs:appinfo> + <jaxb:globalBindings> + <jaxb:serializable uid="1"/> + </jaxb:globalBindings> + </xs:appinfo> + </xs:annotation> + + <xs:complexType name="InstanceIdentifier"> + <xs:sequence> + <xs:element maxOccurs="1" minOccurs="0" name="oidIssuingAuthority" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="1" name="id" type="xs:string"/> + </xs:sequence> + </xs:complexType> + + <xs:complexType name="InstanceIdentifierSearch"> + <xs:sequence> + <xs:element maxOccurs="1" minOccurs="0" name="firstname" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="1" name="surname" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="0" name="rolecode" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="0" name="postcode" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="0" name="streetNumber" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="0" name="streetName" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="0" name="city" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="0" name="state" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="1" name="maxResults" type="xs:integer"/> + <xs:element maxOccurs="1" minOccurs="0" name="ehvdstatus" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="0" name="elgastatus" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="0" name="description" type="xs:string"/> + </xs:sequence> + </xs:complexType> + + <xs:complexType name="GDAStatus"> + <xs:sequence> + <xs:element maxOccurs="1" minOccurs="1" name="ehvdstatus" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="1" name="elgastatus" type="xs:string"/> + </xs:sequence> + </xs:complexType> + + <xs:complexType name="GDARoles"> + <xs:sequence> + <xs:element maxOccurs="unbounded" minOccurs="0" name="role" type="xs:string"/> + <xs:element maxOccurs="unbounded" minOccurs="0" name="elgaRole" type="xs:string"/> + <xs:element maxOccurs="unbounded" minOccurs="0" name="specialisation" type="xs:string"/> + </xs:sequence> + </xs:complexType> + + <xs:complexType name="GdaAddress"> + <xs:sequence> + <xs:element maxOccurs="1" minOccurs="0" name="streetNumber" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="0" name="streetName" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="0" name="city" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="0" name="state" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="0" name="zip" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="0" name="country" type="xs:string"/> + </xs:sequence> + </xs:complexType> + + <xs:complexType name="GDARelationship"> + <xs:sequence> + <xs:element maxOccurs="unbounded" minOccurs="0" name="memberof" type="xs:string"/> + <xs:element maxOccurs="unbounded" minOccurs="0" name="ownerof" type="xs:string"/> + </xs:sequence> + </xs:complexType> + + <xs:complexType name="GDADBTimestamps"> + <xs:sequence> + <xs:element maxOccurs="1" minOccurs="0" name="add" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="0" name="modify" type="xs:string"/> + </xs:sequence> + </xs:complexType> + + <xs:complexType name="GdaDescriptor"> + <xs:sequence> + <xs:element maxOccurs="1" minOccurs="1" name="id" type="ehvd:InstanceIdentifier"/> + <xs:element maxOccurs="unbounded" minOccurs="0" name="otherID" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="1" name="status" type="ehvd:GDAStatus"/> + <xs:element maxOccurs="1" minOccurs="0" name="firstname" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="1" name="surname" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="0" name="gender" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="0" name="title" type="xs:string"/> + <xs:element maxOccurs="unbounded" minOccurs="0" name="knownname" type="xs:string"/> + <xs:element maxOccurs="unbounded" minOccurs="0" name="address" type="ehvd:GdaAddress"/> + <xs:element maxOccurs="unbounded" minOccurs="1" name="description" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="1" name="roles" type="ehvd:GDARoles"/> + <xs:element maxOccurs="1" minOccurs="0" name="relations" type="ehvd:GDARelationship"/> + <xs:element maxOccurs="1" minOccurs="0" name="tel" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="0" name="fax" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="0" name="web" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="0" name="mail" type="xs:string"/> + <xs:element maxOccurs="1" minOccurs="1" name="timestamps" type="ehvd:GDADBTimestamps"/> + </xs:sequence> + </xs:complexType> + + <xs:element name="GetGdaSearch"> + <xs:complexType> + <xs:sequence> + <xs:element maxOccurs="1" minOccurs="1" name="hcIdentifierSearch" type="ehvd:InstanceIdentifierSearch"/> + </xs:sequence> + </xs:complexType> + </xs:element> + + <xs:element name="GetGdaDescriptors"> + <xs:complexType> + <xs:sequence> + <xs:element maxOccurs="1" minOccurs="1" name="hcIdentifier" type="ehvd:InstanceIdentifier"/> + </xs:sequence> + </xs:complexType> + </xs:element> + + <xs:element name="GdaIndexResponse"> + <xs:complexType> + <xs:sequence> + <xs:element maxOccurs="1" minOccurs="0" name="gda" type="ehvd:GdaDescriptor"/> + </xs:sequence> + </xs:complexType> + </xs:element> + + <xs:element name="GdaIndexResponseList"> + <xs:complexType> + <xs:sequence> + <xs:element maxOccurs="unbounded" minOccurs="0" name="gda" type="ehvd:GdaDescriptor"/> + </xs:sequence> + </xs:complexType> + </xs:element> + + </xs:schema> + </wsdl:types> + + <wsdl:message name="GetGdaDescriptors"> + <wsdl:part element="tns:GetGdaDescriptors" name="GetGdaDescriptors"> + </wsdl:part> + </wsdl:message> + + <wsdl:message name="GetGdaSearch"> + <wsdl:part element="tns:GetGdaSearch" name="GetGdaSearch"> + </wsdl:part> + </wsdl:message> + + + <wsdl:message name="GdaIndexResponse"> + <wsdl:part element="tns:GdaIndexResponse" name="GdaIndexResponse"> + </wsdl:part> + </wsdl:message> + + <wsdl:message name="GdaIndexResponseList"> + <wsdl:part element="tns:GdaIndexResponseList" name="GdaIndexResponseList"> + </wsdl:part> + </wsdl:message> + + <wsdl:portType name="eHVD"> + + <wsdl:documentation>eHVD Service Interfaces + </wsdl:documentation> + + <wsdl:operation name="GetGDA"> + <wsdl:input message="tns:GetGdaDescriptors" name="GetGdaDescriptors"> + </wsdl:input> + <wsdl:output message="tns:GdaIndexResponse" name="GdaIndexResponse"> + </wsdl:output> + </wsdl:operation> + + <wsdl:operation name="GdaSearch"> + <wsdl:input message="tns:GetGdaSearch" name="GetGdaSearch"> + </wsdl:input> + <wsdl:output message="tns:GdaIndexResponseList" name="GdaIndexResponseList"> + </wsdl:output> + </wsdl:operation> + + </wsdl:portType> + + <wsdl:binding name="eHVDSOAPBinding12" type="tns:eHVD"> + <wsdl:documentation>SOAP 1.2 Binding</wsdl:documentation> + + <soap12:binding transport="http://schemas.xmlsoap.org/soap/http" style="document"/> + + <wsdl:operation name="GetGDA"> + <soap12:operation soapAction="eHVD/GetGDA"/> + <wsdl:input name="GetGdaDescriptors"> + <mime:content type="application/soap+xml"/> + <soap12:body use="literal"/> + </wsdl:input> + <wsdl:output name="GdaIndexResponse"> + <soap12:body use="literal"/> + </wsdl:output> + </wsdl:operation> + + <wsdl:operation name="GdaSearch"> + <soap12:operation soapAction="eHVD/GdaSearch"/> + <wsdl:input name="GetGdaSearch"> + <mime:content type="application/soap+xml"/> + <soap12:body use="literal"/> + </wsdl:input> + <wsdl:output name="GdaIndexResponseList"> + <soap12:body use="literal"/> + </wsdl:output> + </wsdl:operation> + + </wsdl:binding> + + <wsdl:service name="eHVDService"> + <wsdl:documentation>eHVD Service</wsdl:documentation> + + <wsdl:port name="eHVDPort12" binding="tns:eHVDSOAPBinding12"> + <soap12:address location="https://ehvdws.gesundheit.gv.at"/> + </wsdl:port> + + </wsdl:service> + +</wsdl:definitions>
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/BeanCreationTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/BeanCreationTest.java new file mode 100644 index 000000000..91bf67b2d --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/BeanCreationTest.java @@ -0,0 +1,39 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.test; + +import static org.junit.Assert.assertNotNull; + +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.ApplicationContext; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + +import at.gv.egovernment.moa.id.auth.modules.ehvd.EhvdServiceAuthModule; +import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/test_ehvd_service_auth_lazy.beans.xml" }) +public class BeanCreationTest { + + @Autowired + DummyAuthConfigMap config; + @Autowired + ApplicationContext context; + + @Before + public void initialize() { + // re-set config + config.putConfigValue("modules.ehvd.enabled", String.valueOf(false)); + + } + + @Test + public void authModuleDeactivated() { + assertNotNull("AuthModule", context.getBean(EhvdServiceAuthModule.class)); + + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthModuleTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthModuleTest.java new file mode 100644 index 000000000..4a7c98803 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthModuleTest.java @@ -0,0 +1,101 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.test; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertNull; + +import java.util.Arrays; +import java.util.HashMap; +import java.util.Map; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + +import at.gv.egiz.eaaf.core.api.data.EAAFConfigConstants; +import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration; +import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; +import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration; +import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; +import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; +import at.gv.egovernment.moa.id.auth.modules.ehvd.EhvdServiceAuthModule; +import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap; +import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/test_ehvd_service_auth.beans.xml" }) +public class EhvdServiceAuthModuleTest { + + @Autowired DummyAuthConfigMap config; + @Autowired EhvdServiceAuthModule module; + + private ExecutionContext context; + private TestRequestImpl pendingReq; + private Map<String, String> spConfigMap; + + @Before + public void initialize() { + context = new ExecutionContextImpl(); + + spConfigMap = new HashMap<>(); + spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphanumeric(10)); + + ISPConfiguration spConfig = new DummySPConfiguration(spConfigMap, config); + pendingReq = new TestRequestImpl(); + pendingReq.setSpConfig(spConfig); + + // re-set config + config.putConfigValue("modules.ehvd.enabled", String.valueOf(true)); + + context.put(MOAIDAuthConstants.PROCESSCONTEXT_PERFORM_BKUSELECTION, String.valueOf(false)); + context.put(MOAIDAuthConstants.PARAM_BKU, RandomStringUtils.randomAlphabetic(5)); + + } + + @Test + public void checkProcessDefinition() { + String[] def = module.getProcessDefinitions(); + + assertNotNull("no process definition", def); + Arrays.asList(def).stream().forEach( + el -> EhvdServiceAuthModuleTest.class.getResourceAsStream(el)); + + } + + @Test + public void bkuSelectionActiv() { + context.put(MOAIDAuthConstants.PROCESSCONTEXT_PERFORM_BKUSELECTION, String.valueOf(true)); + + assertNull("wrong authModule selected", module.selectProcess(context, pendingReq)); + + } + + @Test + public void deactivated() { + config.putConfigValue("modules.ehvd.enabled", String.valueOf(false)); + + assertNull("wrong authModule selected", module.selectProcess(context, pendingReq)); + + } + + @Test + public void unknownServiceProvider() { + assertNull("wrong authModule selected", module.selectProcess(context, pendingReq)); + + } + + @Test + public void allowedServiceProviderAndRequested() { + spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, "yyasdfasfsa2323"); + + assertEquals("wrong authmethod identifier", "DefaultAuthenticationWithEHVDInteraction", + module.selectProcess(context, pendingReq)); + + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthSpringResourceProviderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthSpringResourceProviderTest.java new file mode 100644 index 000000000..b584e8753 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthSpringResourceProviderTest.java @@ -0,0 +1,56 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.test; + +import java.io.IOException; +import java.io.InputStream; + +import org.apache.commons.io.IOUtils; +import org.junit.Assert; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.BlockJUnit4ClassRunner; +import org.springframework.core.io.Resource; + +import at.gv.egovernment.moa.id.auth.modules.ehvd.EhvdServiceAuthSpringResourceProvider; + + + +@RunWith(BlockJUnit4ClassRunner.class) +public class EhvdServiceAuthSpringResourceProviderTest { + + @Test + public void testSpringConfig() { + final EhvdServiceAuthSpringResourceProvider test = + new EhvdServiceAuthSpringResourceProvider(); + for (final Resource el : test.getResourcesToLoad()) { + try { + IOUtils.toByteArray(el.getInputStream()); + + } catch (final IOException e) { + Assert.fail("Ressouce: " + el.getFilename() + " not found"); + } + + } + + Assert.assertNotNull("no Name", test.getName()); + Assert.assertNull("Find package definitions", test.getPackagesToScan()); + + } + + @Test + public void testSpILoaderConfig() { + final InputStream el = this.getClass().getResourceAsStream( + "/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider"); + try { + final String spiFile = IOUtils.toString(el, "UTF-8"); + + Assert.assertEquals("Wrong classpath in SPI file", + EhvdServiceAuthSpringResourceProvider.class.getName(), spiFile); + + + } catch (final IOException e) { + Assert.fail("Ressouce: '/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider' not found"); + + } + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/AbstractEhvdAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/AbstractEhvdAttributeBuilderTest.java new file mode 100644 index 000000000..b1ac7d99a --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/AbstractEhvdAttributeBuilderTest.java @@ -0,0 +1,97 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertNull; + +import java.util.Collections; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Before; +import org.junit.Test; +import org.springframework.beans.factory.annotation.Autowired; + +import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder; +import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; +import at.gv.egiz.eaaf.core.api.idp.IAuthData; +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; +import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException; +import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData; +import at.gv.egiz.eaaf.core.impl.idp.builder.SimpleStringAttributeGenerator; +import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration; +import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PVPAttributeBuilder; +import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaAddress; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; + +public abstract class AbstractEhvdAttributeBuilderTest { + + @Autowired + protected IConfiguration basicConfig; + + protected DummySPConfiguration oaParam; + protected AuthenticationData authData; + protected IAttributeGenerator<String> g = new SimpleStringAttributeGenerator(); + + protected abstract String expectedAttrName(); + protected abstract IAttributeBuilder getAttributeBuilderUnderTest(); + + protected GdaAddress generateAddress(String zip, String state) { + GdaAddress addr = new GdaAddress(); + addr.setZip(zip); + addr.setState(state); + return addr; + + } + + @Before + public void initialize() { + oaParam = new DummySPConfiguration(Collections.emptyMap(), basicConfig); + authData = new AuthenticationData(); + + } + + @Test + public void checkAttributeRegistration() { + assertNotNull("Attribute: " + expectedAttrName() + " not registrated", + PVPAttributeBuilder.getAttributeBuilder(expectedAttrName())); + + } + + @Test + public void checkName() { + assertEquals("wrong attr. name", expectedAttrName(), getAttributeBuilderUnderTest().getName()); + + } + + @Test + public void checkEmptyAttribute() { + assertNull("wrong empty attr.", getAttributeBuilderUnderTest().buildEmpty(g)); + + } + + @Test + public void noGdaInfos() throws AttributeBuilderException { + IAuthData authData = new AuthenticationData(); + assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g)); + + } + + @Test + public void wrongGdaInfos() throws AttributeBuilderException, EAAFStorageException { + AuthenticationData authData = new AuthenticationData(); + authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, RandomStringUtils.randomAlphabetic(10)); + assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g)); + + } + + @Test + public void emptyGdaInfos() throws AttributeBuilderException, EAAFStorageException { + AuthenticationData authData = new AuthenticationData(); + authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, new GdaDescriptor()); + assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g)); + + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdAddressStateAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdAddressStateAttributeBuilderTest.java new file mode 100644 index 000000000..d342d331b --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdAddressStateAttributeBuilderTest.java @@ -0,0 +1,106 @@ +//package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes; +// +//import static org.junit.Assert.assertEquals; +//import static org.junit.Assert.assertNull; +// +//import org.apache.commons.lang3.RandomStringUtils; +//import org.junit.Test; +//import org.junit.runner.RunWith; +//import org.springframework.test.context.ContextConfiguration; +//import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +// +//import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder; +//import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; +//import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdAddressStateAttributeBuilder; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdAddressZipcodeAttributeBuilder; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdFirstnameAttributeBuilder; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdOtherIdAttributeBuilder; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdSurnameAttributeBuilder; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaAddress; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.InstanceIdentifier; +// +//@RunWith(SpringJUnit4ClassRunner.class) +//@ContextConfiguration({ +// "/test_ehvd_service_auth.beans.xml" }) +//public class EhvdAddressStateAttributeBuilderTest extends AbstractEhvdAttributeBuilderTest { +// +// @Override +// protected String expectedAttrName() { +// return "urn:brzgvat:attributes.ehvd.state"; +// +// } +// +// @Override +// protected IAttributeBuilder getAttributeBuilderUnderTest() { +// return new EhvdAddressStateAttributeBuilder(); +// +// } +// +// @Test +// public void checkMissing() throws EAAFStorageException, AttributeBuilderException { +// final GdaDescriptor gdaInfo = new GdaDescriptor(); +// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo); +// assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g)); +// +// } +// +// @Test +// public void singleAddress() throws EAAFStorageException, AttributeBuilderException { +// String state = RandomStringUtils.randomAlphabetic(5); +// final GdaDescriptor gdaInfo = new GdaDescriptor(); +// gdaInfo.getAddress().add(generateAddress(RandomStringUtils.randomNumeric(5), state)); +// +// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo); +// assertEquals("wrong empty attr.", state, +// getAttributeBuilderUnderTest().build(oaParam, authData, g)); +// +// } +// +// @Test +// public void multiAddress() throws EAAFStorageException, AttributeBuilderException { +// String state1 = RandomStringUtils.randomAlphabetic(4); +// String state2 = RandomStringUtils.randomAlphabetic(4); +// final GdaDescriptor gdaInfo = new GdaDescriptor(); +// gdaInfo.getAddress().add(generateAddress(RandomStringUtils.randomNumeric(4), state1)); +// gdaInfo.getAddress().add(generateAddress(RandomStringUtils.randomNumeric(4), state2)); +// +// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo); +// assertEquals("wrong empty attr.", state1 + "|" + state2, +// getAttributeBuilderUnderTest().build(oaParam, authData, g)); +// +// } +// +// @Test +// public void multiAddressNullBefore() throws EAAFStorageException, AttributeBuilderException { +// String state1 = null; +// String state2 = RandomStringUtils.randomAlphabetic(4); +// final GdaDescriptor gdaInfo = new GdaDescriptor(); +// gdaInfo.getAddress().add(generateAddress(RandomStringUtils.randomNumeric(4), state1)); +// gdaInfo.getAddress().add(generateAddress(RandomStringUtils.randomNumeric(4), state2)); +// +// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo); +// assertEquals("wrong empty attr.", "|" + state2, +// getAttributeBuilderUnderTest().build(oaParam, authData, g)); +// +// } +// +// @Test +// public void multiAddressNullAfter() throws EAAFStorageException, AttributeBuilderException { +// String state1 = RandomStringUtils.randomAlphabetic(4); +// String state2 = null; +// final GdaDescriptor gdaInfo = new GdaDescriptor(); +// gdaInfo.getAddress().add(generateAddress(RandomStringUtils.randomNumeric(4), state1)); +// gdaInfo.getAddress().add(generateAddress(RandomStringUtils.randomNumeric(4), state2)); +// +// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo); +// assertEquals("wrong empty attr.", state1 + "|", +// getAttributeBuilderUnderTest().build(oaParam, authData, g)); +// +// } +// +// +//} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdAddressZipAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdAddressZipAttributeBuilderTest.java new file mode 100644 index 000000000..69d17f8c3 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdAddressZipAttributeBuilderTest.java @@ -0,0 +1,107 @@ +//package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes; +// +//import static org.junit.Assert.assertEquals; +//import static org.junit.Assert.assertNull; +// +//import org.apache.commons.lang3.RandomStringUtils; +//import org.junit.Test; +//import org.junit.runner.RunWith; +//import org.springframework.test.context.ContextConfiguration; +//import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +// +//import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder; +//import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; +//import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdAddressZipcodeAttributeBuilder; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdFirstnameAttributeBuilder; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdOtherIdAttributeBuilder; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdSurnameAttributeBuilder; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaAddress; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.InstanceIdentifier; +// +//@RunWith(SpringJUnit4ClassRunner.class) +//@ContextConfiguration({ +// "/test_ehvd_service_auth.beans.xml" }) +//public class EhvdAddressZipAttributeBuilderTest extends AbstractEhvdAttributeBuilderTest { +// +// @Override +// protected String expectedAttrName() { +// return "urn:brzgvat:attributes.ehvd.zip"; +// +// } +// +// @Override +// protected IAttributeBuilder getAttributeBuilderUnderTest() { +// return new EhvdAddressZipcodeAttributeBuilder(); +// +// } +// +// @Test +// public void checkMissing() throws EAAFStorageException, AttributeBuilderException { +// final GdaDescriptor gdaInfo = new GdaDescriptor(); +// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo); +// assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g)); +// +// } +// +// @Test +// public void singleAddress() throws EAAFStorageException, AttributeBuilderException { +// String zip = RandomStringUtils.randomNumeric(4); +// final GdaDescriptor gdaInfo = new GdaDescriptor(); +// gdaInfo.getAddress().add(generateAddress( +// zip, +// RandomStringUtils.randomAlphabetic(5))); +// +// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo); +// assertEquals("wrong empty attr.", zip, +// getAttributeBuilderUnderTest().build(oaParam, authData, g)); +// +// } +// +// @Test +// public void multiAddress() throws EAAFStorageException, AttributeBuilderException { +// String zip1 = RandomStringUtils.randomNumeric(4); +// String zip2 = RandomStringUtils.randomNumeric(4); +// final GdaDescriptor gdaInfo = new GdaDescriptor(); +// gdaInfo.getAddress().add(generateAddress(zip1, RandomStringUtils.randomAlphabetic(5))); +// gdaInfo.getAddress().add(generateAddress(zip2, RandomStringUtils.randomAlphabetic(5))); +// +// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo); +// assertEquals("wrong empty attr.", zip1 + "|" + zip2, +// getAttributeBuilderUnderTest().build(oaParam, authData, g)); +// +// } +// +// @Test +// public void multiAddressNullBefore() throws EAAFStorageException, AttributeBuilderException { +// String zip1 = null; +// String zip2 = RandomStringUtils.randomNumeric(4); +// final GdaDescriptor gdaInfo = new GdaDescriptor(); +// gdaInfo.getAddress().add(generateAddress(zip1, RandomStringUtils.randomAlphabetic(5))); +// gdaInfo.getAddress().add(generateAddress(zip2, RandomStringUtils.randomAlphabetic(5))); +// +// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo); +// assertEquals("wrong empty attr.", "|" + zip2, +// getAttributeBuilderUnderTest().build(oaParam, authData, g)); +// +// } +// +// @Test +// public void multiAddressNullAfter() throws EAAFStorageException, AttributeBuilderException { +// String zip1 = RandomStringUtils.randomNumeric(4); +// String zip2 = null; +// final GdaDescriptor gdaInfo = new GdaDescriptor(); +// gdaInfo.getAddress().add(generateAddress(zip1, RandomStringUtils.randomAlphabetic(5))); +// gdaInfo.getAddress().add(generateAddress(zip2, RandomStringUtils.randomAlphabetic(5))); +// +// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo); +// assertEquals("wrong empty attr.", zip1 + "|", +// getAttributeBuilderUnderTest().build(oaParam, authData, g)); +// +// } +// +// +//} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdFirstnameAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdFirstnameAttributeBuilderTest.java new file mode 100644 index 000000000..66f1b5028 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdFirstnameAttributeBuilderTest.java @@ -0,0 +1,47 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes; + +import static org.junit.Assert.assertEquals; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + +import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder; +import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; +import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException; +import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdFirstnameAttributeBuilder; +import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/test_ehvd_service_auth.beans.xml" }) +public class EhvdFirstnameAttributeBuilderTest extends AbstractEhvdAttributeBuilderTest { + + @Override + protected String expectedAttrName() { + return "urn:brzgvat:attributes.ehvd.firstname"; + + } + + @Override + protected IAttributeBuilder getAttributeBuilderUnderTest() { + return new EhvdFirstnameAttributeBuilder(); + + } + + @Test + public void checkValid() throws EAAFStorageException, AttributeBuilderException { + final GdaDescriptor gdaInfo = new GdaDescriptor(); + gdaInfo.setFirstname(RandomStringUtils.randomAlphabetic(5)); + + authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo); + assertEquals("wrong empty attr.", gdaInfo.getFirstname(), + getAttributeBuilderUnderTest().build(oaParam, authData, g)); + + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdIdAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdIdAttributeBuilderTest.java new file mode 100644 index 000000000..db73f9191 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdIdAttributeBuilderTest.java @@ -0,0 +1,64 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertNull; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + +import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder; +import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; +import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException; +import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdFirstnameAttributeBuilder; +import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdIdAttributeBuilder; +import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdSurnameAttributeBuilder; +import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.InstanceIdentifier; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/test_ehvd_service_auth.beans.xml" }) +public class EhvdIdAttributeBuilderTest extends AbstractEhvdAttributeBuilderTest { + + @Override + protected String expectedAttrName() { + return "urn:brzgvat:attributes.ehvd.id"; + + } + + @Override + protected IAttributeBuilder getAttributeBuilderUnderTest() { + return new EhvdIdAttributeBuilder(); + + } + + @Test + public void checkMissingId() throws EAAFStorageException, AttributeBuilderException { + final GdaDescriptor gdaInfo = new GdaDescriptor(); + InstanceIdentifier id = new InstanceIdentifier(); + gdaInfo.setId(id ); + + authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo); + assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g)); + + } + + @Test + public void checkValid() throws EAAFStorageException, AttributeBuilderException { + final GdaDescriptor gdaInfo = new GdaDescriptor(); + InstanceIdentifier id = new InstanceIdentifier(); + id.setId(RandomStringUtils.randomAlphabetic(5)); + gdaInfo.setId(id ); + + authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo); + assertEquals("wrong empty attr.", id.getId(), + getAttributeBuilderUnderTest().build(oaParam, authData, g)); + + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdOtherIdAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdOtherIdAttributeBuilderTest.java new file mode 100644 index 000000000..bce8924d9 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdOtherIdAttributeBuilderTest.java @@ -0,0 +1,86 @@ +//package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes; +// +//import static org.junit.Assert.assertEquals; +//import static org.junit.Assert.assertNull; +// +//import org.apache.commons.lang3.RandomStringUtils; +//import org.junit.Test; +//import org.junit.runner.RunWith; +//import org.springframework.test.context.ContextConfiguration; +//import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +// +//import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder; +//import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; +//import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdFirstnameAttributeBuilder; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdOtherIdAttributeBuilder; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdSurnameAttributeBuilder; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; +//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.InstanceIdentifier; +// +//@RunWith(SpringJUnit4ClassRunner.class) +//@ContextConfiguration({ +// "/test_ehvd_service_auth.beans.xml" }) +//public class EhvdOtherIdAttributeBuilderTest extends AbstractEhvdAttributeBuilderTest { +// +// @Override +// protected String expectedAttrName() { +// return "urn:brzgvat:attributes.ehvd.otherid"; +// +// } +// +// @Override +// protected IAttributeBuilder getAttributeBuilderUnderTest() { +// return new EhvdOtherIdAttributeBuilder(); +// +// } +// +// @Test +// public void checkMissingId() throws EAAFStorageException, AttributeBuilderException { +// final GdaDescriptor gdaInfo = new GdaDescriptor(); +// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo); +// assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g)); +// +// } +// +// @Test +// public void checkWrongId() throws EAAFStorageException, AttributeBuilderException { +// final GdaDescriptor gdaInfo = new GdaDescriptor(); +// gdaInfo.getOtherID().add(RandomStringUtils.randomAlphabetic(10)); +// +// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo); +// assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g)); +// +// } +// +// @Test +// public void checkValidRandom() throws EAAFStorageException, AttributeBuilderException { +// String value = RandomStringUtils.randomAlphabetic(5); +// final GdaDescriptor gdaInfo = new GdaDescriptor(); +// gdaInfo.getOtherID().add(RandomStringUtils.randomAlphabetic(10)); +// gdaInfo.getOtherID().add("1.2.40.0.34.4.18:" + value); +// +// +// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo); +// assertEquals("wrong empty attr.", value, +// getAttributeBuilderUnderTest().build(oaParam, authData, g)); +// +// } +// +// @Test +// public void checkValidBrzReal() throws EAAFStorageException, AttributeBuilderException { +// final GdaDescriptor gdaInfo = new GdaDescriptor(); +// gdaInfo.getOtherID().add(RandomStringUtils.randomAlphabetic(10)); +// gdaInfo.getOtherID().add("1.2.40.0.34.4.18:1234-12"); +// gdaInfo.getOtherID().add("1.2.40.0.34.4.17:aabbccdd"); +// +// +// authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo); +// assertEquals("wrong empty attr.", "1234-12", +// getAttributeBuilderUnderTest().build(oaParam, authData, g)); +// +// } +// +//} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdSurnameAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdSurnameAttributeBuilderTest.java new file mode 100644 index 000000000..af9e60cb7 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdSurnameAttributeBuilderTest.java @@ -0,0 +1,48 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes; + +import static org.junit.Assert.assertEquals; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + +import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder; +import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; +import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException; +import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdFirstnameAttributeBuilder; +import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdSurnameAttributeBuilder; +import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/test_ehvd_service_auth.beans.xml" }) +public class EhvdSurnameAttributeBuilderTest extends AbstractEhvdAttributeBuilderTest { + + @Override + protected String expectedAttrName() { + return "urn:brzgvat:attributes.ehvd.surname"; + + } + + @Override + protected IAttributeBuilder getAttributeBuilderUnderTest() { + return new EhvdSurnameAttributeBuilder(); + + } + + @Test + public void checkValid() throws EAAFStorageException, AttributeBuilderException { + final GdaDescriptor gdaInfo = new GdaDescriptor(); + gdaInfo.setSurname(RandomStringUtils.randomAlphabetic(5)); + + authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo); + assertEquals("wrong empty attr.", gdaInfo.getSurname(), + getAttributeBuilderUnderTest().build(oaParam, authData, g)); + + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdTitelAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdTitelAttributeBuilderTest.java new file mode 100644 index 000000000..2863c3508 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdTitelAttributeBuilderTest.java @@ -0,0 +1,46 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes; + +import static org.junit.Assert.assertEquals; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + +import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder; +import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; +import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException; +import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/test_ehvd_service_auth.beans.xml" }) +public class EhvdTitelAttributeBuilderTest extends AbstractEhvdAttributeBuilderTest { + + @Override + protected String expectedAttrName() { + return "urn:brzgvat:attributes.ehvd.title"; + + } + + @Override + protected IAttributeBuilder getAttributeBuilderUnderTest() { + return new EhvdTitelAttributeBuilder(); + + } + + @Test + public void checkTitelValid() throws EAAFStorageException, AttributeBuilderException { + final GdaDescriptor gdaInfo = new GdaDescriptor(); + gdaInfo.setTitle(RandomStringUtils.randomAlphabetic(5)); + + authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo); + assertEquals("wrong empty attr.", gdaInfo.getTitle(), + getAttributeBuilderUnderTest().build(oaParam, authData, g)); + + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/PvpRoleAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/PvpRoleAttributeBuilderTest.java new file mode 100644 index 000000000..624abff5f --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/PvpRoleAttributeBuilderTest.java @@ -0,0 +1,159 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertNull; + +import java.util.Arrays; +import java.util.Collections; +import java.util.List; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.BlockJUnit4ClassRunner; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + +import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator; +import at.gv.egiz.eaaf.core.api.idp.IAuthData; +import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration; +import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException; +import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData; +import at.gv.egiz.eaaf.core.impl.idp.builder.SimpleStringAttributeGenerator; +import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration; +import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PVPAttributeBuilder; +import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.PvpRoleAttributeBuilder; +import at.gv.egovernment.moa.id.data.AuthenticationRole; +import at.gv.egovernment.moa.id.data.AuthenticationRoleFactory; +import at.gv.egovernment.moa.id.data.MOAAuthenticationData; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/test_ehvd_service_auth.beans.xml" }) +public class PvpRoleAttributeBuilderTest { + + @Autowired + private IConfiguration basicConfig; + + private PvpRoleAttributeBuilder toTest = new PvpRoleAttributeBuilder(); + private IAttributeGenerator<String> g = new SimpleStringAttributeGenerator(); + private ISPConfiguration oaParam; + + + @Before + public void initialize() { + oaParam = new DummySPConfiguration(Collections.emptyMap(), basicConfig); + + } + + @Test + public void checkAttributeRegistration() { + assertNotNull("Attribute: urn:oid:1.2.40.0.10.2.1.1.261.30 not registrated", + PVPAttributeBuilder.getAttributeBuilder("urn:oid:1.2.40.0.10.2.1.1.261.30")); + + } + + @Test + public void checkName() { + assertEquals("wrong attr. name", "urn:oid:1.2.40.0.10.2.1.1.261.30", toTest.getName()); + + } + + @Test + public void checkEmptyAttribute() { + assertNull("wrong empty attr.", toTest.buildEmpty(g)); + + } + + @Test + public void wrongAuthData() throws AttributeBuilderException { + IAuthData authData = new AuthenticationData(); + assertNull("wrong attr. value", toTest.build(oaParam, authData, g)); + + } + + @Test + public void noRoles() throws AttributeBuilderException { + IAuthData authData = generateAuthData(null); + assertNull("wrong attr. value", toTest.build(oaParam, authData, g)); + + } + + @Test + public void emptyRoles() throws AttributeBuilderException { + IAuthData authData = generateAuthData(Collections.emptyList()); + assertNull("wrong attr. value", toTest.build(oaParam, authData, g)); + + } + + @Test + public void randomRoles() throws AttributeBuilderException { + String role1 = RandomStringUtils.randomAlphabetic(5); + String role2 = RandomStringUtils.randomAlphabetic(5); + String role3 = RandomStringUtils.randomAlphabetic(5); + String role4 = RandomStringUtils.randomAlphabetic(5); + + IAuthData authData = generateAuthData(Arrays.asList( + new AuthenticationRole(role1, role1), + new AuthenticationRole(role2, role2), + new AuthenticationRole(role3, role3 + "()"), + new AuthenticationRole(role4, role4 + "(\"aaa\"=\"bbb\")") + )); + + // perform test + String attrValue = toTest.build(oaParam, authData, g); + + // validate state + assertNotNull("wrong attr. value", attrValue); + assertFalse("List delimiter after last element" ,attrValue.endsWith(";")); + + + String[] el = attrValue.split(";"); + assertEquals("wrong role count", 4, el.length); + assertEquals("wrong 1. role", role1, el[0]); + assertEquals("wrong 2. role", role2, el[1]); + assertEquals("wrong 3. role", role3 + "()", el[2]); + assertEquals("wrong 4. role", role4 + "(\"aaa\"=\"bbb\")", el[3]); + + + } + + @Test + public void brzProductionRole() throws AttributeBuilderException { + + IAuthData authData = generateAuthData(Arrays.asList( + AuthenticationRoleFactory.buildFormPVPole("EPI-GDA()"))); + + // perform test + String attrValue = toTest.build(oaParam, authData, g); + + // validate state + assertNotNull("wrong attr. value", attrValue); + assertFalse("List delimiter after last element" ,attrValue.endsWith(";")); + + + String[] el = attrValue.split(";"); + assertEquals("wrong role count", 1, el.length); + assertEquals("wrong 1. role", "EPI-GDA()", el[0]); + + assertEquals("wrong role attr. value", "EPI-GDA()", attrValue); + + } + + private IAuthData generateAuthData(List<AuthenticationRole> roles) { + MOAAuthenticationData authData = new MOAAuthenticationData(null); + if (roles != null) { + roles.forEach(el -> authData.addAuthenticationRole(el)); + + } + + return authData; + + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/DummyAuthConfigMap.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/DummyAuthConfigMap.java new file mode 100644 index 000000000..865cf7157 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/DummyAuthConfigMap.java @@ -0,0 +1,136 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy; + +import java.io.IOException; +import java.io.InputStream; +import java.net.URI; +import java.net.URL; +import java.util.HashMap; +import java.util.Map; +import java.util.Properties; + +import org.apache.commons.lang3.StringUtils; + +import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP; +import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration; +import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException; +import at.gv.egiz.eaaf.core.exceptions.EAAFException; +import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; + +/** + * Dummy Application-configuration implementation for jUnit tests. + * + * @author tlenz + * + */ +public class DummyAuthConfigMap implements IConfigurationWithSP { + + private Map<String, String> config = new HashMap<>(); + + public DummyAuthConfigMap() { + + } + + /** + * Dummy Application-configuration. + * + * @param configIs Property based configuration + * @throws IOException In case of an configuration read error + */ + public DummyAuthConfigMap(final InputStream configIs) throws IOException { + + final Properties props = new Properties(); + props.load(configIs); + + config = KeyValueUtils.convertPropertiesToMap(props); + + } + + /** + * Dummy Application-configuration. + * + * @param path Path to property based configuration + * @throws IOException In case of an configuration read error + */ + public DummyAuthConfigMap(final String path) throws IOException { + + final Properties props = new Properties(); + props.load(this.getClass().getResourceAsStream(path)); + + config = KeyValueUtils.convertPropertiesToMap(props); + + } + + + @Override + public String getBasicConfiguration(final String key) { + return config.get(key); + + } + + @Override + public String getBasicConfiguration(final String key, final String defaultValue) { + final String value = getBasicConfiguration(key); + if (StringUtils.isEmpty(value)) { + return defaultValue; + } else { + return value; + } + + } + + @Override + public Boolean getBasicConfigurationBoolean(final String key) { + final String value = getBasicConfiguration(key); + if (StringUtils.isEmpty(value)) { + return false; + } else { + return Boolean.valueOf(value); + } + } + + @Override + public boolean getBasicConfigurationBoolean(final String key, final boolean defaultValue) { + return Boolean.parseBoolean(getBasicConfiguration(key, String.valueOf(defaultValue))); + + } + + @Override + public Map<String, String> getBasicConfigurationWithPrefix(final String prefix) { + return KeyValueUtils.getSubSetWithPrefix(config, prefix); + + } + + @Override + public ISPConfiguration getServiceProviderConfiguration(final String uniqueID) + throws EAAFConfigurationException { + return null; + } + + @Override + public <T> T getServiceProviderConfiguration(final String spIdentifier, final Class<T> decorator) + throws EAAFConfigurationException { + return null; + } + + @Override + public URI getConfigurationRootDirectory() { + return new java.io.File(".").toURI(); + + } + + @Override + public String validateIDPURL(final URL authReqUrl) throws EAAFException { + return null; + } + + public void putConfigValue(final String key, final String value) { + config.put(key, value); + } + + public void removeConfigValue(final String key) { + config.remove(key); + + } + + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/TestUtils.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/TestUtils.java new file mode 100644 index 000000000..9ab52a27e --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/TestUtils.java @@ -0,0 +1,150 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy; + +import java.io.IOException; +import java.security.PublicKey; + +import javax.xml.transform.TransformerException; + +import org.w3c.dom.Element; + +import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink; + +public class TestUtils { + + public static IIdentityLink generateDummyIdl(String baseId, String baseIdType) { + return new IIdentityLink() { + + @Override + public void setSamlAssertion(Element samlAssertion) throws TransformerException, IOException { + // TODO Auto-generated method stub + + } + + @Override + public void setPublicKey(PublicKey[] publicKey) { + // TODO Auto-generated method stub + + } + + @Override + public void setPrPerson(Element prPerson) { + // TODO Auto-generated method stub + + } + + @Override + public void setIssueInstant(String issueInstant) { + // TODO Auto-generated method stub + + } + + @Override + public void setIdentificationValue(String identificationValue) { + // TODO Auto-generated method stub + + } + + @Override + public void setIdentificationType(String identificationType) { + // TODO Auto-generated method stub + + } + + @Override + public void setGivenName(String givenName) { + // TODO Auto-generated method stub + + } + + @Override + public void setFamilyName(String familyName) { + // TODO Auto-generated method stub + + } + + @Override + public void setDsigReferenceTransforms(Element[] dsigReferenceTransforms) { + // TODO Auto-generated method stub + + } + + @Override + public void setDateOfBirth(String dateOfBirth) { + // TODO Auto-generated method stub + + } + + @Override + public String getSerializedSamlAssertion() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Element getSamlAssertion() { + // TODO Auto-generated method stub + return null; + } + + @Override + public PublicKey[] getPublicKey() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Element getPrPerson() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getName() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getIssueInstant() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getIdentificationValue() { + return baseId; + + } + + @Override + public String getIdentificationType() { + return baseIdType; + + } + + @Override + public String getGivenName() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getFamilyName() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Element[] getDsigReferenceTransforms() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getDateOfBirth() { + // TODO Auto-generated method stub + return null; + } + }; + } +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java new file mode 100644 index 000000000..8bccefc8d --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java @@ -0,0 +1,171 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.test.tasks; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.fail; +import static org.mockito.ArgumentMatchers.any; +import static org.mockito.Mockito.when; + +import java.net.SocketTimeoutException; +import java.util.Arrays; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; +import java.util.Locale; +import java.util.Map; + +import javax.xml.namespace.QName; +import javax.xml.soap.Detail; +import javax.xml.soap.Name; +import javax.xml.soap.SOAPElement; +import javax.xml.soap.SOAPException; +import javax.xml.soap.SOAPFault; +import javax.xml.ws.soap.SOAPFaultException; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Rule; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.mock.web.MockHttpServletRequest; +import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.test.annotation.IfProfileValue; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.util.Assert; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; +import org.w3c.dom.Attr; +import org.w3c.dom.DOMException; +import org.w3c.dom.Document; +import org.w3c.dom.NamedNodeMap; +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; +import org.w3c.dom.TypeInfo; +import org.w3c.dom.UserDataHandler; + +import com.github.skjolber.mockito.soap.Soap12EndpointRule; + +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.IRequestStorage; +import at.gv.egiz.eaaf.core.api.data.EAAFConfigConstants; +import at.gv.egiz.eaaf.core.api.data.EAAFConstants; +import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration; +import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; +import at.gv.egiz.eaaf.core.exceptions.EAAFException; +import at.gv.egiz.eaaf.core.exceptions.EAAFParserException; +import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException; +import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; +import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration; +import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; +import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.EHVD; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GDARoles; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GDAStatus; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaIndexResponse; +import at.gv.egovernment.moa.id.auth.modules.ehvd.task.InjectEhvdInformationTask; +import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap; +import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.TestUtils; +import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/test_ehvd_qs_service_auth.beans.xml" }) +@IfProfileValue(name = "spring.profiles.active", value = "devEnvironment") +public class InjectEhvdIdentityInformationQsSystemTest { + + @Autowired + InjectEhvdInformationTask task; + @Autowired + DummyAuthConfigMap config; + @Autowired + IRequestStorage storage; + + protected MockHttpServletRequest httpReq; + protected MockHttpServletResponse httpResp; + private ExecutionContext context; + private TestRequestImpl pendingReq; + private Map<String, String> spConfigMap; + + @BeforeClass + public static void classInitializer() { + System.setProperty( + "https.cipherSuites", + //high secure RSA bases ciphers + "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384" + + ",TLS_DHE_RSA_WITH_AES_128_GCM_SHA256" + + ",TLS_DHE_RSA_WITH_AES_256_CBC_SHA256" + + ",TLS_DHE_RSA_WITH_AES_128_CBC_SHA256" + + + //high secure ECC bases ciphers + ",TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384" + + ",TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384" + + ",TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256" + + ",TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256" + + ",TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384" + + ",TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384" + + ",TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256" + + ",TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256" + + + //secure backup chipers + ",TLS_DHE_RSA_WITH_AES_256_CBC_SHA" + + ",TLS_DHE_RSA_WITH_AES_128_CBC_SHA" + + ",TLS_RSA_WITH_AES_128_CBC_SHA" + + ",TLS_RSA_WITH_AES_256_CBC_SHA" + ); + + } + + @Before + public void initialize() throws EAAFParserException { + httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler"); + httpResp = new MockHttpServletResponse(); + RequestContextHolder.resetRequestAttributes(); + RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); + + context = new ExecutionContextImpl(); + + spConfigMap = new HashMap<>(); + spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphanumeric(10)); + + final ISPConfiguration spConfig = new DummySPConfiguration(spConfigMap, config); + pendingReq = new TestRequestImpl(); + pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10)); + pendingReq.setSpConfig(spConfig); + + // re-set config + config.putConfigValue("modules.dummyauth.enabled", String.valueOf(true)); + + } + + @Test + public void validateState() throws TaskExecutionException, PendingReqIdValidationException { + // inject identityLink + final AuthenticationSessionWrapper moaSession = pendingReq.getSessionData( + AuthenticationSessionWrapper.class); + moaSession.setIdentityLink(TestUtils.generateDummyIdl( + "SUTFhJ/FXHmLGfTFchYnnWG/e3A=", + EAAFConstants.URN_PREFIX_CDID + "GH")); + + task.execute(pendingReq, context); + + // validate state + final IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId()); + assertNotNull("pendingReq not stored", storedReq); + + final AuthenticationSessionWrapper moaSessionStored = storedReq.getSessionData( + AuthenticationSessionWrapper.class); + + assertFalse("foreign", moaSessionStored.isForeigner()); + assertFalse("mandate", moaSessionStored.isMandateUsed()); + assertEquals("missing attributes", 1, moaSessionStored.getGenericSessionDataStorage().size()); + assertNotNull("no Role attr", moaSessionStored.getGenericDataFromSession(PVPConstants.ROLES_NAME)); + + } +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationTaskTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationTaskTest.java new file mode 100644 index 000000000..818a2c34b --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationTaskTest.java @@ -0,0 +1,1086 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.test.tasks; + +import static org.hamcrest.CoreMatchers.instanceOf; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertTrue; +import static org.junit.Assert.fail; +import static org.mockito.ArgumentMatchers.any; +import static org.mockito.Mockito.when; + +import java.util.Arrays; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; +import java.util.Locale; +import java.util.Map; + +import javax.xml.namespace.QName; +import javax.xml.soap.Detail; +import javax.xml.soap.Name; +import javax.xml.soap.SOAPElement; +import javax.xml.soap.SOAPException; +import javax.xml.soap.SOAPFault; +import javax.xml.ws.soap.SOAPFaultException; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Before; +import org.junit.Rule; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.mock.web.MockHttpServletRequest; +import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.util.Assert; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; +import org.w3c.dom.Attr; +import org.w3c.dom.DOMException; +import org.w3c.dom.Document; +import org.w3c.dom.NamedNodeMap; +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; +import org.w3c.dom.TypeInfo; +import org.w3c.dom.UserDataHandler; + +import com.github.skjolber.mockito.soap.Soap12EndpointRule; + +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.IRequestStorage; +import at.gv.egiz.eaaf.core.api.data.EAAFConfigConstants; +import at.gv.egiz.eaaf.core.api.data.EAAFConstants; +import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration; +import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; +import at.gv.egiz.eaaf.core.exceptions.EAAFException; +import at.gv.egiz.eaaf.core.exceptions.EAAFParserException; +import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException; +import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; +import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration; +import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; +import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.EHVD; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GDARoles; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GDAStatus; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaAddress; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaIndexResponse; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.InstanceIdentifier; +import at.gv.egovernment.moa.id.auth.modules.ehvd.task.InjectEhvdInformationTask; +import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap; +import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.TestUtils; +import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/test_ehvd_service_auth.beans.xml" }) +public class InjectEhvdIdentityInformationTaskTest { + + @Autowired + InjectEhvdInformationTask task; + @Autowired + DummyAuthConfigMap config; + @Autowired + IRequestStorage storage; + + @Rule + public final Soap12EndpointRule soap = Soap12EndpointRule.newInstance(); + + protected MockHttpServletRequest httpReq; + protected MockHttpServletResponse httpResp; + private ExecutionContext context; + private TestRequestImpl pendingReq; + private Map<String, String> spConfigMap; + + private EHVD ehvdService; + + @Before + public void initialize() throws EAAFParserException { + httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler"); + httpResp = new MockHttpServletResponse(); + RequestContextHolder.resetRequestAttributes(); + RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); + + context = new ExecutionContextImpl(); + + spConfigMap = new HashMap<>(); + spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphanumeric(10)); + + final ISPConfiguration spConfig = new DummySPConfiguration(spConfigMap, config); + pendingReq = new TestRequestImpl(); + pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10)); + pendingReq.setSpConfig(spConfig); + + // re-set config + config.putConfigValue("modules.dummyauth.enabled", String.valueOf(true)); + + // inject identityLink + final AuthenticationSessionWrapper moaSession = pendingReq.getSessionData( + AuthenticationSessionWrapper.class); + moaSession.setIdentityLink(TestUtils.generateDummyIdl( + RandomStringUtils.randomAlphanumeric(10), + EAAFConstants.URN_PREFIX_BASEID)); + + // mock EHVD service + ehvdService = soap.mock(EHVD.class, "http://localhost:1234/ehvd"); + + } + + @Test + public void noIdentityLinkInSession() { + final AuthenticationSessionWrapper moaSession = pendingReq.getSessionData( + AuthenticationSessionWrapper.class); + moaSession.setIdentityLink(null); + + try { + task.execute(pendingReq, context); + fail("wrong state not detected"); + + } catch (final TaskExecutionException e) { + Assert.isInstanceOf(AuthenticationException.class, e.getOriginalException(), "wrong execpetion"); + assertEquals("wrong errorCode", "process.04", ((EAAFException) e.getOriginalException()).getErrorId()); + + } + } + + @Test + public void noActiveGda() throws TaskExecutionException, PendingReqIdValidationException { + // set-up EHVD response + String role1 = RandomStringUtils.randomAlphabetic(10); + when(ehvdService.getGDA(any())).thenReturn(generateGdaResponse(false, Arrays.asList(role1))); + + try { + task.execute(pendingReq, context); + fail("wrong state not detected"); + + } catch (final TaskExecutionException e) { + Assert.isInstanceOf(AuthenticationException.class, e.getOriginalException(), "wrong execpetion"); + assertEquals("wrong errorCode", "ehvd.00", ((EAAFException) e.getOriginalException()).getErrorId()); + + } + } + + @Test + public void gdaGenericServiceError() throws TaskExecutionException, PendingReqIdValidationException { + // set-up EHVD response + when(ehvdService.getGDA(any())).thenThrow(new RuntimeException("No anwser from Service")); + + try { + task.execute(pendingReq, context); + fail("wrong state not detected"); + + } catch (final TaskExecutionException e) { + Assert.isInstanceOf(AuthenticationException.class, e.getOriginalException(), "wrong execpetion"); + assertEquals("wrong errorCode", "ehvd.02", ((EAAFException) e.getOriginalException()).getErrorId()); + + } + } + + @Test + public void gdaServiceError() throws TaskExecutionException, PendingReqIdValidationException { + // set-up EHVD response + String msg = RandomStringUtils.randomAlphabetic(10); + SOAPFault fault = generateSoaFault(msg); + SOAPFaultException error = new SOAPFaultException(fault ); + when(ehvdService.getGDA(any())).thenThrow(error); + + try { + task.execute(pendingReq, context); + fail("wrong state not detected"); + + } catch (final TaskExecutionException e) { + Assert.isInstanceOf(AuthenticationException.class, e.getOriginalException(), "wrong execpetion"); + assertEquals("wrong errorCode", "ehvd.02", ((EAAFException) e.getOriginalException()).getErrorId()); + + } + } + + @Test + public void noGdaInfosInResponse() throws TaskExecutionException, PendingReqIdValidationException { + // set-up EHVD response + GdaIndexResponse gdaResponse = new GdaIndexResponse(); + when(ehvdService.getGDA(any())).thenReturn(gdaResponse); + + try { + task.execute(pendingReq, context); + fail("wrong state not detected"); + + } catch (final TaskExecutionException e) { + Assert.isInstanceOf(AuthenticationException.class, e.getOriginalException(), "wrong execpetion"); + assertEquals("wrong errorCode", "ehvd.03", ((EAAFException) e.getOriginalException()).getErrorId()); + + } + } + + + @Test + public void noValidGdaRole() throws TaskExecutionException, PendingReqIdValidationException { + // set-up EHVD response + String role1 = RandomStringUtils.randomAlphabetic(10); + String role2 = RandomStringUtils.randomAlphabetic(10); + when(ehvdService.getGDA(any())).thenReturn(generateGdaResponse(true, Arrays.asList(role1, role2))); + + try { + task.execute(pendingReq, context); + fail("wrong state not detected"); + + } catch (final TaskExecutionException e) { + Assert.isInstanceOf(AuthenticationException.class, e.getOriginalException(), "wrong execpetion"); + assertEquals("wrong errorCode", "ehvd.04", ((EAAFException) e.getOriginalException()).getErrorId()); + + } + } + + + @Test + public void validateStateWithRandomData() throws TaskExecutionException, PendingReqIdValidationException { + // set-up EHVD response + String role1 = RandomStringUtils.randomAlphabetic(10); + String role2 = "1.2.40.0.34.5.2:101"; + String role3 = RandomStringUtils.randomAlphabetic(10); + when(ehvdService.getGDA(any())).thenReturn(generateGdaResponse(true, Arrays.asList(role1, role2, role3))); + + task.execute(pendingReq, context); + + // validate state + final IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId()); + assertNotNull("pendingReq not stored", storedReq); + + final AuthenticationSessionWrapper moaSession = storedReq.getSessionData( + AuthenticationSessionWrapper.class); + + assertFalse("foreign", moaSession.isForeigner()); + assertFalse("mandate", moaSession.isMandateUsed()); + assertEquals("missing attributes", 2, moaSession.getGenericSessionDataStorage().size()); + assertNotNull("no Role attr", moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME)); + assertEquals("wrong role attr", + "EPI-GDA()", + moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME, String.class)); + + } + + @Test + public void validateState() throws TaskExecutionException, PendingReqIdValidationException { + // set-up EHVD response + String role1 = "1.2.40.0.33.5.2.101"; + String role2 = "1.2.40.0.34.5.2:100"; + String role3 = RandomStringUtils.randomAlphabetic(10); + when(ehvdService.getGDA(any())).thenReturn(generateGdaResponse(true, Arrays.asList(role1, role2, role3))); + + task.execute(pendingReq, context); + + // validate state + final IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId()); + assertNotNull("pendingReq not stored", storedReq); + + final AuthenticationSessionWrapper moaSession = storedReq.getSessionData( + AuthenticationSessionWrapper.class); + + assertFalse("foreign", moaSession.isForeigner()); + assertFalse("mandate", moaSession.isMandateUsed()); + assertEquals("missing attributes", 2, moaSession.getGenericSessionDataStorage().size()); + assertNotNull("no Role attr", moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME)); + assertEquals("wrong role attr", + "EPI-GDA()", + moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME, String.class)); + + } + + @Test + public void validateStateSecondOid() throws TaskExecutionException, PendingReqIdValidationException { + // set-up EHVD response + String role1 = "1.2.40.0.33.5.2.101"; + String role2 = "1.2.40.0.34.5.2:158"; + String role3 = RandomStringUtils.randomAlphabetic(10); + GdaIndexResponse gdaResponse = generateGdaResponse(true, Arrays.asList(role1, role2, role3)); + when(ehvdService.getGDA(any())).thenReturn(gdaResponse); + + task.execute(pendingReq, context); + + // validate state + final IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId()); + assertNotNull("pendingReq not stored", storedReq); + + final AuthenticationSessionWrapper moaSession = storedReq.getSessionData( + AuthenticationSessionWrapper.class); + + assertFalse("foreign", moaSession.isForeigner()); + assertFalse("mandate", moaSession.isMandateUsed()); + assertEquals("missing attributes", 2, moaSession.getGenericSessionDataStorage().size()); + assertNotNull("no Role attr", moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME)); + assertEquals("wrong role attr", + "EPI-GDA()", + moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME, String.class)); + + assertNotNull("no full GDA response", + moaSession.getGenericDataFromSession(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX)); + assertTrue("wrong GDA response type", + moaSession.getGenericDataFromSession(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX) instanceof GdaDescriptor); + + + } + + private GdaIndexResponse generateGdaResponse(boolean isActive, List<String> roles) { + GdaIndexResponse resp = new GdaIndexResponse(); + GdaDescriptor gda = new GdaDescriptor(); + resp.setGda(gda); + + GDAStatus status = new GDAStatus(); + gda.setStatus(status); + status.setEhvdstatus(isActive ? "Aktiv" : "Inaktiv"); + + gda.setFirstname(RandomStringUtils.randomAlphabetic(5)); + gda.setSurname(RandomStringUtils.randomAlphabetic(5)); + gda.setTitle(RandomStringUtils.randomAlphabetic(5)); + + InstanceIdentifier id = new InstanceIdentifier(); + id.setId(RandomStringUtils.randomAlphabetic(5)); + gda.setId(id); + + gda.getOtherID().add(RandomStringUtils.randomAlphabetic(5)); + gda.getOtherID().add(RandomStringUtils.randomAlphabetic(5)); + + gda.getAddress().add(generateAddress()); + gda.getAddress().add(generateAddress()); + + GDARoles gdaRoles = new GDARoles(); + gda.setRoles(gdaRoles); + gdaRoles.getRole().addAll(roles); + + return resp; + } + + private GdaAddress generateAddress() { + GdaAddress address = new GdaAddress(); + address.setZip(RandomStringUtils.randomNumeric(4)); + address.setState(RandomStringUtils.randomAlphabetic(10)); + return address; + + } + + private SOAPFault generateSoaFault(String msg) { + return new SOAPFault() { + + @Override + public void setIdAttributeNode(Attr idAttr, boolean isId) throws DOMException { + // TODO Auto-generated method stub + + } + + @Override + public void setIdAttributeNS(String namespaceURI, String localName, boolean isId) throws DOMException { + // TODO Auto-generated method stub + + } + + @Override + public void setIdAttribute(String name, boolean isId) throws DOMException { + // TODO Auto-generated method stub + + } + + @Override + public Attr setAttributeNodeNS(Attr newAttr) throws DOMException { + // TODO Auto-generated method stub + return null; + } + + @Override + public Attr setAttributeNode(Attr newAttr) throws DOMException { + // TODO Auto-generated method stub + return null; + } + + @Override + public void setAttributeNS(String namespaceURI, String qualifiedName, String value) throws DOMException { + // TODO Auto-generated method stub + + } + + @Override + public void setAttribute(String name, String value) throws DOMException { + // TODO Auto-generated method stub + + } + + @Override + public Attr removeAttributeNode(Attr oldAttr) throws DOMException { + // TODO Auto-generated method stub + return null; + } + + @Override + public void removeAttributeNS(String namespaceURI, String localName) throws DOMException { + // TODO Auto-generated method stub + + } + + @Override + public void removeAttribute(String name) throws DOMException { + // TODO Auto-generated method stub + + } + + @Override + public boolean hasAttributeNS(String namespaceURI, String localName) throws DOMException { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean hasAttribute(String name) { + // TODO Auto-generated method stub + return false; + } + + @Override + public String getTagName() { + // TODO Auto-generated method stub + return null; + } + + @Override + public TypeInfo getSchemaTypeInfo() { + // TODO Auto-generated method stub + return null; + } + + @Override + public NodeList getElementsByTagNameNS(String namespaceURI, String localName) throws DOMException { + // TODO Auto-generated method stub + return null; + } + + @Override + public NodeList getElementsByTagName(String name) { + // TODO Auto-generated method stub + return null; + } + + @Override + public Attr getAttributeNodeNS(String namespaceURI, String localName) throws DOMException { + // TODO Auto-generated method stub + return null; + } + + @Override + public Attr getAttributeNode(String name) { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getAttributeNS(String namespaceURI, String localName) throws DOMException { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getAttribute(String name) { + // TODO Auto-generated method stub + return null; + } + + @Override + public Object setUserData(String key, Object data, UserDataHandler handler) { + // TODO Auto-generated method stub + return null; + } + + @Override + public void setTextContent(String textContent) throws DOMException { + // TODO Auto-generated method stub + + } + + @Override + public void setPrefix(String prefix) throws DOMException { + // TODO Auto-generated method stub + + } + + @Override + public void setNodeValue(String nodeValue) throws DOMException { + // TODO Auto-generated method stub + + } + + @Override + public Node replaceChild(Node newChild, Node oldChild) throws DOMException { + // TODO Auto-generated method stub + return null; + } + + @Override + public Node removeChild(Node oldChild) throws DOMException { + // TODO Auto-generated method stub + return null; + } + + @Override + public void normalize() { + // TODO Auto-generated method stub + + } + + @Override + public String lookupPrefix(String namespaceURI) { + // TODO Auto-generated method stub + return null; + } + + @Override + public String lookupNamespaceURI(String prefix) { + // TODO Auto-generated method stub + return null; + } + + @Override + public boolean isSupported(String feature, String version) { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean isSameNode(Node other) { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean isEqualNode(Node arg) { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean isDefaultNamespace(String namespaceURI) { + // TODO Auto-generated method stub + return false; + } + + @Override + public Node insertBefore(Node newChild, Node refChild) throws DOMException { + // TODO Auto-generated method stub + return null; + } + + @Override + public boolean hasChildNodes() { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean hasAttributes() { + // TODO Auto-generated method stub + return false; + } + + @Override + public Object getUserData(String key) { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getTextContent() throws DOMException { + // TODO Auto-generated method stub + return null; + } + + @Override + public Node getPreviousSibling() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getPrefix() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Node getParentNode() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Document getOwnerDocument() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getNodeValue() throws DOMException { + // TODO Auto-generated method stub + return null; + } + + @Override + public short getNodeType() { + // TODO Auto-generated method stub + return 0; + } + + @Override + public String getNodeName() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Node getNextSibling() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getNamespaceURI() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getLocalName() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Node getLastChild() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Node getFirstChild() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Object getFeature(String feature, String version) { + // TODO Auto-generated method stub + return null; + } + + @Override + public NodeList getChildNodes() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getBaseURI() { + // TODO Auto-generated method stub + return null; + } + + @Override + public NamedNodeMap getAttributes() { + // TODO Auto-generated method stub + return null; + } + + @Override + public short compareDocumentPosition(Node other) throws DOMException { + // TODO Auto-generated method stub + return 0; + } + + @Override + public Node cloneNode(boolean deep) { + // TODO Auto-generated method stub + return null; + } + + @Override + public Node appendChild(Node newChild) throws DOMException { + // TODO Auto-generated method stub + return null; + } + + @Override + public void setValue(String value) { + // TODO Auto-generated method stub + + } + + @Override + public void setParentElement(SOAPElement parent) throws SOAPException { + // TODO Auto-generated method stub + + } + + @Override + public void recycleNode() { + // TODO Auto-generated method stub + + } + + @Override + public String getValue() { + // TODO Auto-generated method stub + return null; + } + + @Override + public SOAPElement getParentElement() { + // TODO Auto-generated method stub + return null; + } + + @Override + public void detachNode() { + // TODO Auto-generated method stub + + } + + @Override + public void setEncodingStyle(String encodingStyle) throws SOAPException { + // TODO Auto-generated method stub + + } + + @Override + public SOAPElement setElementQName(QName newName) throws SOAPException { + // TODO Auto-generated method stub + return null; + } + + @Override + public boolean removeNamespaceDeclaration(String prefix) { + // TODO Auto-generated method stub + return false; + } + + @Override + public void removeContents() { + // TODO Auto-generated method stub + + } + + @Override + public boolean removeAttribute(QName qname) { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean removeAttribute(Name name) { + // TODO Auto-generated method stub + return false; + } + + @Override + public Iterator getVisibleNamespacePrefixes() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getNamespaceURI(String prefix) { + // TODO Auto-generated method stub + return null; + } + + @Override + public Iterator getNamespacePrefixes() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getEncodingStyle() { + // TODO Auto-generated method stub + return null; + } + + @Override + public QName getElementQName() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Name getElementName() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Iterator getChildElements(QName qname) { + // TODO Auto-generated method stub + return null; + } + + @Override + public Iterator getChildElements(Name name) { + // TODO Auto-generated method stub + return null; + } + + @Override + public Iterator getChildElements() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getAttributeValue(QName qname) { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getAttributeValue(Name name) { + // TODO Auto-generated method stub + return null; + } + + @Override + public Iterator getAllAttributesAsQNames() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Iterator getAllAttributes() { + // TODO Auto-generated method stub + return null; + } + + @Override + public QName createQName(String localName, String prefix) throws SOAPException { + // TODO Auto-generated method stub + return null; + } + + @Override + public SOAPElement addTextNode(String text) throws SOAPException { + // TODO Auto-generated method stub + return null; + } + + @Override + public SOAPElement addNamespaceDeclaration(String prefix, String uri) throws SOAPException { + // TODO Auto-generated method stub + return null; + } + + @Override + public SOAPElement addChildElement(String localName, String prefix, String uri) throws SOAPException { + // TODO Auto-generated method stub + return null; + } + + @Override + public SOAPElement addChildElement(String localName, String prefix) throws SOAPException { + // TODO Auto-generated method stub + return null; + } + + @Override + public SOAPElement addChildElement(SOAPElement element) throws SOAPException { + // TODO Auto-generated method stub + return null; + } + + @Override + public SOAPElement addChildElement(String localName) throws SOAPException { + // TODO Auto-generated method stub + return null; + } + + @Override + public SOAPElement addChildElement(QName qname) throws SOAPException { + // TODO Auto-generated method stub + return null; + } + + @Override + public SOAPElement addChildElement(Name name) throws SOAPException { + // TODO Auto-generated method stub + return null; + } + + @Override + public SOAPElement addAttribute(QName qname, String value) throws SOAPException { + // TODO Auto-generated method stub + return null; + } + + @Override + public SOAPElement addAttribute(Name name, String value) throws SOAPException { + // TODO Auto-generated method stub + return null; + } + + @Override + public void setFaultString(String faultString, Locale locale) throws SOAPException { + // TODO Auto-generated method stub + + } + + @Override + public void setFaultString(String faultString) throws SOAPException { + // TODO Auto-generated method stub + + } + + @Override + public void setFaultRole(String uri) throws SOAPException { + // TODO Auto-generated method stub + + } + + @Override + public void setFaultNode(String uri) throws SOAPException { + // TODO Auto-generated method stub + + } + + @Override + public void setFaultCode(String faultCode) throws SOAPException { + // TODO Auto-generated method stub + + } + + @Override + public void setFaultCode(QName faultCodeQName) throws SOAPException { + // TODO Auto-generated method stub + + } + + @Override + public void setFaultCode(Name faultCodeQName) throws SOAPException { + // TODO Auto-generated method stub + + } + + @Override + public void setFaultActor(String faultActor) throws SOAPException { + // TODO Auto-generated method stub + + } + + @Override + public void removeAllFaultSubcodes() { + // TODO Auto-generated method stub + + } + + @Override + public boolean hasDetail() { + // TODO Auto-generated method stub + return false; + } + + @Override + public Iterator getFaultSubcodes() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Locale getFaultStringLocale() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getFaultString() { + return msg; + + } + + @Override + public String getFaultRole() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Iterator getFaultReasonTexts() throws SOAPException { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getFaultReasonText(Locale locale) throws SOAPException { + // TODO Auto-generated method stub + return null; + } + + @Override + public Iterator getFaultReasonLocales() throws SOAPException { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getFaultNode() { + // TODO Auto-generated method stub + return null; + } + + @Override + public QName getFaultCodeAsQName() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Name getFaultCodeAsName() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getFaultCode() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getFaultActor() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Detail getDetail() { + // TODO Auto-generated method stub + return null; + } + + @Override + public void appendFaultSubcode(QName subcode) throws SOAPException { + // TODO Auto-generated method stub + + } + + @Override + public void addFaultReasonText(String text, Locale locale) throws SOAPException { + // TODO Auto-generated method stub + + } + + @Override + public Detail addDetail() throws SOAPException { + // TODO Auto-generated method stub + return null; + } + }; + + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AttributeBuilderRegistrationTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AttributeBuilderRegistrationTest.java new file mode 100644 index 000000000..5ff8ffba7 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AttributeBuilderRegistrationTest.java @@ -0,0 +1,41 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.test.utils; + +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; + +import java.util.List; + +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.BlockJUnit4ClassRunner; +import org.opensaml.saml2.core.Attribute; +import org.opensaml.xml.ConfigurationException; + +import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions; +import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PVPAttributeBuilder; +import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EAAFDefaultSAML2Bootstrap; + +@RunWith(BlockJUnit4ClassRunner.class) +public class AttributeBuilderRegistrationTest { + + @BeforeClass + public static void classInitializer() throws ConfigurationException { + EAAFDefaultSAML2Bootstrap.bootstrap(); + + } + + @Test + public void checkRegistratedAttributeBuilder() { + + List<Attribute> supportedAttributes = PVPAttributeBuilder.buildSupportedEmptyAttributes(); + + assertFalse("Registered Attribute-Builder is empty", supportedAttributes.isEmpty()); + assertTrue("No role attribute registrated", supportedAttributes.stream() + .filter(el -> PVPAttributeDefinitions.ROLES_NAME.equals(el.getName())) + .findFirst() + .isPresent()); + + } +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AuthenticationRoleFactoryTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AuthenticationRoleFactoryTest.java new file mode 100644 index 000000000..6d39b926e --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AuthenticationRoleFactoryTest.java @@ -0,0 +1,65 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.test.utils; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertNull; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.BlockJUnit4ClassRunner; + +import at.gv.egovernment.moa.id.data.AuthenticationRole; +import at.gv.egovernment.moa.id.data.AuthenticationRoleFactory; + +@RunWith(BlockJUnit4ClassRunner.class) +public class AuthenticationRoleFactoryTest { + + @Test + public void simpleRole() { + String role = RandomStringUtils.randomAlphabetic(5); + + AuthenticationRole toCheck = AuthenticationRoleFactory.buildFormPVPole(role); + + assertEquals("wrong role name", role, toCheck.getRoleName()); + assertEquals("wrong raw role", role, toCheck.getRawRoleString()); + assertNull("wrong role attr", toCheck.getParams()); + + } + + @Test + public void complexeRoleEmptyParams() { + String role = RandomStringUtils.randomAlphabetic(5); + String fullRole = role + "()"; + + AuthenticationRole toCheck = AuthenticationRoleFactory.buildFormPVPole(fullRole); + + assertEquals("wrong role name", role, toCheck.getRoleName()); + assertEquals("wrong raw role", fullRole, toCheck.getRawRoleString()); + assertNull("wrong role attr", toCheck.getParams()); + + } + + @Test + public void complexeRoleWithParams() { + String p1 = RandomStringUtils.randomAlphabetic(5); + String v1 = RandomStringUtils.randomAlphabetic(5); + String p2 = RandomStringUtils.randomAlphabetic(5); + String v2 = RandomStringUtils.randomAlphabetic(5); + + String role = RandomStringUtils.randomAlphabetic(5); + String fullRole = role + "(\"" + + p1 + "\"=\"" + v1 + "\"," + + p2 + "\"=\"" + v2 + "\"" + +")"; + + AuthenticationRole toCheck = AuthenticationRoleFactory.buildFormPVPole(fullRole); + + assertEquals("wrong role name", role, toCheck.getRoleName()); + assertEquals("wrong raw role", fullRole, toCheck.getRawRoleString()); + assertNotNull("wrong role attr", toCheck.getParams()); + assertEquals("wrong param size", 2, toCheck.getParams().size()); + + } + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/MoaStatusMessagerTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/MoaStatusMessagerTest.java new file mode 100644 index 000000000..387aca540 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/MoaStatusMessagerTest.java @@ -0,0 +1,55 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.test.utils; + +import static org.junit.Assert.assertEquals; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + +import at.gv.egiz.eaaf.core.api.IStatusMessenger; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({"/test_ehvd_service_messager_auth.beans.xml"}) +public class MoaStatusMessagerTest { + + @Autowired IStatusMessenger messager; + + + @Test + public void checkErrorCodeMapper() { + assertEquals("default errorcode", "9199", + messager.getResponseErrorCode(new NullPointerException())); + + + assertEquals("new errorCode file", "aabbccdd", + messager.mapInternalErrorToExternalError("test.01")); + assertEquals("new errorCode file", "zzzyyyxxx", + messager.mapInternalErrorToExternalError("test.02")); + + assertEquals("existing errorCode file", "4401", + messager.mapInternalErrorToExternalError("auth.34")); + assertEquals("existing errorCode file", "1101", + messager.mapInternalErrorToExternalError("parser.07")); + + } + + @Test + public void checkErrorMessages() { + assertEquals("new error msg", + "Für den abgefragtem GDA liegt keine Berechtigung vor", messager.getMessage("ehvd.00", null)); + assertEquals("new error msg", + "Allgemeiner Fehler bei der Abfrage des EHVD Service", messager.getMessage("ehvd.99", null)); + + + assertEquals("existing error msg", + "Zertifikat konnte nicht ausgelesen werden.", messager.getMessage("auth.14", null)); + assertEquals("existing error msg", + "\"Issuer\" im AUTH-Block nicht vorhanden.", messager.getMessage("validator.32", null)); + + } + + +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/com/github/skjolber/mockito/soap/Soap12EndpointRule.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/com/github/skjolber/mockito/soap/Soap12EndpointRule.java new file mode 100644 index 000000000..547401cc3 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/com/github/skjolber/mockito/soap/Soap12EndpointRule.java @@ -0,0 +1,195 @@ +package com.github.skjolber.mockito.soap; + +import java.io.IOException; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import javax.xml.ws.soap.SOAPBinding; +import javax.xml.ws.spi.Provider; + +import org.apache.cxf.Bus; +import org.apache.cxf.endpoint.EndpointException; +import org.apache.cxf.endpoint.ServerImpl; +import org.apache.cxf.jaxws.EndpointImpl; +import org.apache.cxf.jaxws.JaxWsServerFactoryBean; +import org.apache.cxf.jaxws.support.JaxWsServiceFactoryBean; +import org.apache.cxf.service.ServiceImpl; +import org.apache.cxf.service.model.EndpointInfo; +import org.apache.cxf.transport.ChainInitiationObserver; +import org.apache.cxf.transport.Destination; +import org.apache.cxf.transport.DestinationFactory; +import org.apache.cxf.transport.DestinationFactoryManager; + + +/** + * Fork of {@link SoapEndpointRule} that set <i>endpoint.setBindingUri(SOAPBinding.SOAP12HTTP_BINDING)</i> + * into {@link EndpointImpl}. + * + * @author tlenz + * + */ +public class Soap12EndpointRule extends SoapServerRule { + private static final int PORT_RANGE_START = 1024 + 1; + private static final int PORT_RANGE_END = PortManager.PORT_RANGE_MAX; + + public static Soap12EndpointRule newInstance() { + return new Soap12EndpointRule(); + } + + private final Map<String, EndpointImpl> endpoints = new HashMap<>(); + + private PortManager<Destination> portManager; + + public Soap12EndpointRule() { + this(PORT_RANGE_START, PORT_RANGE_END); + } + + public Soap12EndpointRule(String... portNames) { + this(PORT_RANGE_START, PORT_RANGE_END, portNames); + } + + public Soap12EndpointRule(int portRangeStart, int portRangeEnd, String... portNames) { + portManager = new PortManager<Destination>(portRangeStart, portRangeEnd) { + @Override + public Destination reserve(int port) throws Exception { + return createDestination(port); + } + + @Override + public void release(Destination destination) { + destination.shutdown(); + } + }; + + portManager.add(portNames); + } + + /** + * Returns the port number that was reserved for the given name. + * + * @param portName port name + * @return a valid port number if the port has been reserved, -1 otherwise + */ + public int getPort(String portName) { + return portManager.getPort(portName); + } + + /** + * Returns all port names and respective port numbers. + * + * @return a map of port name and port value (a valid port number if the port + * has been reserved, or -1 otherwise) + */ + public Map<String, Integer> getPorts() { + return portManager.getPorts(); + } + + /** + * Attempt to reserve a port by starting a server. + * + * @param port port to reserve + * @return destination if successful + * @throws IOException + * @throws EndpointException + */ + private Destination createDestination(int port) throws IOException, EndpointException { + final JaxWsServiceFactoryBean jaxWsServiceFactoryBean = new JaxWsServiceFactoryBean(); + + final JaxWsServerFactoryBean serverFactoryBean = new JaxWsServerFactoryBean(jaxWsServiceFactoryBean); + final Bus bus = serverFactoryBean.getBus(); + + final String address = "http://localhost:" + port; + serverFactoryBean.setAddress(address); + + final DestinationFactory destinationFactory = bus.getExtension(DestinationFactoryManager.class) + .getDestinationFactoryForUri(address); + + final EndpointInfo ei = new EndpointInfo(null, Integer.toString(port)); + ei.setAddress(address); + + final Destination destination = destinationFactory.getDestination(ei, bus); + + final ServiceImpl serviceImpl = new ServiceImpl(); + + final org.apache.cxf.endpoint.Endpoint endpoint = new org.apache.cxf.endpoint.EndpointImpl(bus, + serviceImpl, ei); + destination.setMessageObserver(new ChainInitiationObserver(endpoint, bus)); + return destination; + } + + @Override + public <T> void proxy(T target, Class<T> port, String address, String wsdlLocation, + List<String> schemaLocations, Map<String, Object> properties) { + assertValidParams(target, port, address); + + if (endpoints.containsKey(address)) { + throw new IllegalArgumentException("Endpoint " + address + " already exists"); + } + + final T serviceInterface = SoapServiceProxy.newInstance(target); + + final EndpointImpl endpoint = (EndpointImpl) Provider.provider().createEndpoint(null, serviceInterface); + endpoint.setBindingUri(SOAPBinding.SOAP12HTTP_BINDING); + + if (wsdlLocation != null) { + endpoint.setWsdlLocation(wsdlLocation); + } + + if (schemaLocations != null) { + endpoint.setSchemaLocations(schemaLocations); + } + + endpoint.setProperties(processProperties(properties, wsdlLocation, schemaLocations)); + + final Destination destination = portManager.getData(parsePort(address)); + if (destination != null) { + final ServerImpl server = endpoint.getServer(); + server.setDestination(destination); + } + + endpoint.publish(address); + + endpoints.put(address, endpoint); + } + + @Override + protected void before() { + // reserve all ports + portManager.start(); + } + + @Override + protected void after() { + destroy(); + } + + /** + * Stop and remove endpoints, keeping port reservations. + */ + public void clear() { + endpoints.values().forEach(EndpointImpl::stop); + endpoints.clear(); + } + + @Override + public void destroy() { + endpoints.values().forEach(endpoint -> { + endpoint.stop(); + endpoint.getBus().shutdown(true); + }); + endpoints.clear(); + portManager.stop(); + } + + @Override + public void stop() { + endpoints.values().forEach(endpoint -> endpoint.getServer().stop()); + } + + @Override + public void start() { + // republish + endpoints.values().forEach(endpoint -> endpoint.getServer().start()); + } +} diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config1.properties b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config1.properties new file mode 100644 index 000000000..580af5559 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config1.properties @@ -0,0 +1,11 @@ +modules.ehvd.enabled=true +modules.ehvd.sp.1=aaabbccddeeffgg +modules.ehvd.sp.2=yyasdfasfsa2323 +modules.ehvd.sp.3= +modules.ehvd.sp.4=435344534egewgegf + +modules.ehvd.service.url=http://localhost:1234/ehvd +#modules.ehvd.service.url=https://ehvdwsqs.gesundheit.gv.at + +modules.ehvd.role.pvp=EPI-GDA() +modules.ehvd.service.role.regex=^1\.2\.40\.0\.34\.5\.2\:(100|101|158)$ diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config2.properties b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config2.properties new file mode 100644 index 000000000..4e666c204 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config2.properties @@ -0,0 +1,4 @@ +modules.ehvd.enabled=false +modules.ehvd.sp.1=aaabbccddeeffgg +modules.ehvd.sp.2=yyasdfasfsa2323 +modules.ehvd.sp.3=435344534egewgegf diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config_qs_service.properties b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config_qs_service.properties new file mode 100644 index 000000000..dc8fe54d5 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config_qs_service.properties @@ -0,0 +1,12 @@ +modules.ehvd.enabled=true +modules.ehvd.sp.1=aaabbccddeeffgg +modules.ehvd.sp.2=yyasdfasfsa2323 +modules.ehvd.sp.3= +modules.ehvd.sp.4=435344534egewgegf + +modules.ehvd.service.url=https://ehvdwsqs.gesundheit.gv.at +#modules.ehvd.service.bpk.target= +modules.ehvd.proxy.socks.port=12345 +modules.ehvd.role.pvp=EPI-GDA() +modules.ehvd.service.role.regex=^1\.2\.40\.0\.34\.5\.2\:(100|101|158)$ +#modules.ehvd.service.otherid.prefix=1.2.40.0.34.4.18:
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_qs_service_auth.beans.xml b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_qs_service_auth.beans.xml new file mode 100644 index 000000000..0595d4eb4 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_qs_service_auth.beans.xml @@ -0,0 +1,19 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:tx="http://www.springframework.org/schema/tx" + xmlns:aop="http://www.springframework.org/schema/aop" + xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + + <import resource="classpath:/SpringTest-context_authManager.xml" /> + <import resource="classpath:/moaid_ehvd_service_auth.beans.xml" /> + + <bean id="dummyConfig" class="at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap"> + <constructor-arg name="path" value="/config/config_qs_service.properties" /> + </bean> + +</beans>
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth.beans.xml b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth.beans.xml new file mode 100644 index 000000000..b499ad395 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth.beans.xml @@ -0,0 +1,19 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:tx="http://www.springframework.org/schema/tx" + xmlns:aop="http://www.springframework.org/schema/aop" + xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + + <import resource="classpath:/SpringTest-context_authManager.xml" /> + <import resource="classpath:/moaid_ehvd_service_auth.beans.xml" /> + + <bean id="dummyConfig" class="at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap"> + <constructor-arg name="path" value="/config/config1.properties" /> + </bean> + +</beans>
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth_lazy.beans.xml b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth_lazy.beans.xml new file mode 100644 index 000000000..7116034b7 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth_lazy.beans.xml @@ -0,0 +1,24 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:tx="http://www.springframework.org/schema/tx" + xmlns:aop="http://www.springframework.org/schema/aop" + xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + + <import resource="classpath:/SpringTest-context_authManager.xml" /> + + <bean id="dummyConfig" class="at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap"> + <constructor-arg name="path" value="/config/config2.properties" /> + </bean> + + <beans default-lazy-init="true"> + <bean id="ehvdServiceAuthModule" class="at.gv.egovernment.moa.id.auth.modules.ehvd.EhvdServiceAuthModule"> + <property name="priority" value="4" /> + </bean> + + </beans> +</beans>
\ No newline at end of file diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_messager_auth.beans.xml b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_messager_auth.beans.xml new file mode 100644 index 000000000..5d8e03fb5 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_messager_auth.beans.xml @@ -0,0 +1,15 @@ +<?xml version="1.0" encoding="UTF-8"?> +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:tx="http://www.springframework.org/schema/tx" + xmlns:aop="http://www.springframework.org/schema/aop" + xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + + <bean id="testMsgProvider" + class="at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider"/> + +</beans>
\ No newline at end of file |