diff options
Diffstat (limited to 'id/server/stork2-saml-engine/src/test/java')
10 files changed, 4873 insertions, 0 deletions
diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/SSETestUtils.java b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/SSETestUtils.java new file mode 100644 index 000000000..eb885eea9 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/SSETestUtils.java @@ -0,0 +1,173 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.test.simple; + +import java.io.IOException; +import java.io.InputStream; +import java.io.StringWriter; + +import javax.xml.XMLConstants; +import javax.xml.parsers.ParserConfigurationException; +import javax.xml.transform.OutputKeys; +import javax.xml.transform.Transformer; +import javax.xml.transform.TransformerException; +import javax.xml.transform.TransformerFactory; +import javax.xml.transform.dom.DOMSource; +import javax.xml.transform.stream.StreamResult; + +import org.apache.commons.io.IOUtils; +import org.bouncycastle.util.encoders.Base64; +import org.opensaml.Configuration; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.Marshaller; +import org.opensaml.xml.io.MarshallerFactory; +import org.opensaml.xml.io.MarshallingException; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.w3c.dom.Document; +import org.w3c.dom.Element; + +/** + * The Class SSETestUtils. + */ +public final class SSETestUtils { + + + /** The Constant LOG. */ + private static final Logger LOG = LoggerFactory + .getLogger(SSETestUtils.class.getName()); + + /** + * Instantiates a new sSE test utils. + */ + private SSETestUtils() { + } + + /** + * Prints the tree DOM. + * + * @param samlToken the SAML token + * @param isIndent the is indent + * + * @return the string + * @throws TransformerException the exception + */ + public static String printTreeDOM(final Element samlToken, final boolean isIndent) throws TransformerException { + // set up a transformer + final TransformerFactory transfac = TransformerFactory.newInstance(); + final Transformer trans = transfac.newTransformer(); + trans.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes"); + trans.setOutputProperty(OutputKeys.INDENT, String.valueOf(isIndent)); + + // create string from XML tree + final StringWriter stringWriter = new StringWriter(); + final StreamResult result = new StreamResult(stringWriter); + final DOMSource source = new DOMSource(samlToken); + trans.transform(source, result); + final String xmlString = stringWriter.toString(); + + return xmlString; + } + + /** + * Marshall. + * + * @param samlToken the SAML token + * + * @return the byte[] + * + * @throws MarshallingException the marshalling exception + * @throws ParserConfigurationException the parser configuration exception + * @throws TransformerException the transformer exception + */ + public static byte[] marshall(final XMLObject samlToken) + throws MarshallingException, ParserConfigurationException, + TransformerException { + + final javax.xml.parsers.DocumentBuilderFactory dbf = javax.xml.parsers.DocumentBuilderFactory + .newInstance(); + dbf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); + dbf.setNamespaceAware(true); + dbf.setIgnoringComments(true); + final javax.xml.parsers.DocumentBuilder docBuild = dbf + .newDocumentBuilder(); + + // Get the marshaller factory + final MarshallerFactory marshallerFactory = Configuration + .getMarshallerFactory(); + + // Get the Subject marshaller + final Marshaller marshaller = marshallerFactory + .getMarshaller(samlToken); + + final Document doc = docBuild.newDocument(); + + // Marshall the SAML token + marshaller.marshall(samlToken, doc); + + // Obtain a byte array representation of the marshalled SAML object + final DOMSource domSource = new DOMSource(doc); + final StringWriter writer = new StringWriter(); + final StreamResult result = new StreamResult(writer); + final TransformerFactory transFact = TransformerFactory.newInstance(); + final Transformer transformer = transFact.newTransformer(); + transformer.transform(domSource, result); + + return writer.toString().getBytes(); + } + + /** + * Encode SAML token. + * + * @param samlToken the SAML token + * + * @return the string + */ + public static String encodeSAMLToken(final byte[] samlToken) { + return new String(Base64.encode(samlToken)); + } + + /** + * Read stork SAML from file. + * + * @param resource the resource + * + * @return the byte[] + * @throws IOException the exception + * + */ + public static byte[] readStorkSamlFromFile(final String resource) + throws IOException { + InputStream inputStream = null; + byte[] bytes; + + try { + inputStream = StorkAuthRequestTest.class + .getResourceAsStream(resource); + + // Create the byte array to hold the data + bytes = new byte[(int) inputStream.available()]; + inputStream.read(bytes); + } catch (IOException e) { + LOG.error("Error read from file: " + resource); + throw e; + } finally { + IOUtils.closeQuietly(inputStream); + } + return bytes; + + } +} diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/SimpleBaseTest.java b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/SimpleBaseTest.java new file mode 100644 index 000000000..c52b8a779 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/SimpleBaseTest.java @@ -0,0 +1,64 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.test.simple; + +import org.junit.Test; + +import junit.framework.Assert; +import junit.framework.TestCase; +import eu.stork.peps.auth.engine.STORKSAMLEngine; + +/** + * The Class SimpleBaseTest. Defines a set of test the initialization of the + * SAML engine. + */ +@SuppressWarnings("deprecation") +public class SimpleBaseTest extends TestCase { + + /** + * Test SAML engine correct configuration name. + */ + + @Test + public final void testSamlEngineCorrectInit() { + Assert.assertNotNull(STORKSAMLEngine.getInstance("CONF1")); + } + + /** + * Test SAML engine error configuration name. + */ + @Test + public final void testSamlEngineErrorNameConf() { + Assert.assertNull(STORKSAMLEngine.getInstance("CONF_ERROR")); + } + + /** + * Test SAML engine error name null. + */ + @Test + public final void testSamlEngineErrorNameNull() { + Assert.assertNull(STORKSAMLEngine.getInstance(null)); + } + + /** + * Test SAML engine correct name configuration with spaces. + */ + @Test + public final void testSamlEngineErrorNameSpaces() { + Assert.assertNotNull(STORKSAMLEngine.getInstance(" CONF1 ")); + } + +} diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAttrQueryRequestTest.java b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAttrQueryRequestTest.java new file mode 100644 index 000000000..0eda1bfbf --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAttrQueryRequestTest.java @@ -0,0 +1,864 @@ +package eu.stork.peps.test.simple; + +import static org.junit.Assert.*; + +import java.io.*; +import java.util.ArrayList; +import java.util.Arrays; + +import org.junit.Ignore; +import org.junit.Test; +import org.opensaml.xml.parse.BasicParserPool; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.PersonalAttributeList; +import eu.stork.peps.auth.commons.STORKAttrQueryRequest; +import eu.stork.peps.auth.engine.STORKSAMLEngine; +import eu.stork.peps.exceptions.STORKSAMLEngineException; + +public class StorkAttrQueryRequestTest { + + /** The engines. */ + private static STORKSAMLEngine engine = STORKSAMLEngine.getInstance("CONF1"); + private static STORKSAMLEngine engine0 = STORKSAMLEngine.getInstance("CONF0"); + private static STORKSAMLEngine engine2 = STORKSAMLEngine.getInstance("CONF2"); + private static STORKSAMLEngine engine3 = STORKSAMLEngine.getInstance("CONF3"); + + + /** + * Instantiates a new stork authentication request test. + */ + public StorkAttrQueryRequestTest() { + pal = new PersonalAttributeList(); + + final PersonalAttribute isAgeOver = new PersonalAttribute(); + isAgeOver.setName("isAgeOver"); + isAgeOver.setIsRequired(true); + final ArrayList<String> ages = new ArrayList<String>(); + ages.add("16"); + ages.add("18"); + isAgeOver.setValue(ages); + pal.add(isAgeOver); + + final PersonalAttribute dateOfBirth = new PersonalAttribute(); + dateOfBirth.setName("dateOfBirth"); + dateOfBirth.setIsRequired(false); + pal.add(dateOfBirth); + + final PersonalAttribute eIDNumber = new PersonalAttribute(); + eIDNumber.setName("eIdentifier"); + eIDNumber.setIsRequired(true); + eIDNumber.setValue(Arrays.asList("ES/IS/1234567890")); + pal.add(eIDNumber); + + final PersonalAttribute givenName = new PersonalAttribute(); + givenName.setName("givenName"); + givenName.setIsRequired(true); + givenName.setValue(Arrays.asList("Sveinbjorn")); + pal.add(givenName); + + destination = "http://A-PEPS.gov.xx/PEPS/AttributeColleagueRequest"; + assertConsumerUrl = "http://S-PEPS.gov.xx/PEPS/ColleagueResponse"; + //spName = "University of Oxford"; + spSector = "EDU001"; + spInstitution = "OXF001"; + spApplication = "APP001"; + spCountry = "IS"; + + spId = "EDU001-OXF001-APP001"; + + } + + /** The destination. */ + private String destination; + + /** The service provider sector. */ + private String spSector; + + /** The service provider institution. */ + private String spInstitution; + + /** The service provider application. */ + private String spApplication; + + /** The service provider country. */ + private String spCountry; + + /** The service provider id. */ + private String spId; + + /** The assertion consumer URL. */ + private String assertConsumerUrl; + + /** The quality authentication assurance level. */ + private static final int QAAL = 3; + + /** The List of Personal Attributes. */ + private IPersonalAttributeList pal; + + /** The attribute query request. */ + private static byte[] attrRequest; + + /** The Constant LOG. */ + private static final Logger LOG = LoggerFactory + .getLogger(StorkAttrQueryRequestTest.class.getName()); + + /** Parser manager used to parse XML. */ + private static BasicParserPool parser; + + static { + parser = new BasicParserPool(); + parser.setNamespaceAware(true); + } + + /** + * Test generate authentication request. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testGenerateAttrQueryRequest() throws STORKSAMLEngineException { + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + + // new parameters + request.setEIDSectorShare(false); + request.setEIDCrossSectorShare(false); + request.setEIDCrossBorderShare(false); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + request.setSpCountry(spCountry); + + STORKAttrQueryRequest req1 = engine0.generateSTORKAttrQueryRequest(request); + byte[] reqByte = req1.getTokenSaml(); + FileOutputStream output = null; + + try { + output = new FileOutputStream(new File(System.getProperty("user.dir") + "/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequest.xml")); + } catch (FileNotFoundException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + try { + output.write(reqByte); + } catch (IOException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + + LOG.info("STORKAttrQueryRequest 1: " + SSETestUtils.encodeSAMLToken(engine.generateSTORKAttrQueryRequest(request).getTokenSaml())); + + request.setCitizenCountryCode("IS"); + LOG.info("STORKAttrQueryRequest 2: " + SSETestUtils.encodeSAMLToken(engine.generateSTORKAttrQueryRequest(request).getTokenSaml())); + } + + /** + * Test generate authentication request error personal attribute name error. + */ + @Test + public final void testGenerateAttrQueryRequestPALsErr1() { + + final IPersonalAttributeList palWrong = new PersonalAttributeList(); + + final PersonalAttribute worngAttr = new PersonalAttribute(); + worngAttr.setName("attrNotValid"); + worngAttr.setIsRequired(true); + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(palWrong); + + // news parameters + request.setEIDSectorShare(false); + request.setEIDCrossSectorShare(false); + request.setEIDCrossBorderShare(false); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + + try { + engine.generateSTORKAttrQueryRequest(request); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + + /** + * Test generate authentication request error personal attribute value error. + */ + @Test + public final void testGenerateAttrQueryRequestPALsErr2() { + + final IPersonalAttributeList palWrong = new PersonalAttributeList(); + + final PersonalAttribute attrNotValid = new PersonalAttribute(); + attrNotValid.setName("attrNotValid"); + attrNotValid.setIsRequired(true); + palWrong.add(attrNotValid); + + + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(palWrong); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + + try { + engine.generateSTORKAttrQueryRequest(request); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test generate authentication request authentication assurance level + * negative value. + */ + @Test + public final void testGenerateAttrQueryRequestQaalErr1() { + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(-1); + request.setPersonalAttributeList(pal); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + + try { + engine.generateSTORKAttrQueryRequest(request); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test generate authentication request service provider sector null. + */ + @Test + public final void testGenerateAttrQueryRequestSectorErr() { + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(null); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + + try { + engine.generateSTORKAttrQueryRequest(request); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + + } + } + + /** + * Test generate authentication request service provider institution null. + */ + @Test + public final void testGenerateAttrQueryRequestDestinationErr() { + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(null); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(null); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + + try { + engine.generateSTORKAttrQueryRequest(request); + fail("generateSTORKAttrQueryRequest(...) should've thrown an STORKSAMLEngineException!"); + + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test generate authentication request service provider application null. + */ + @Test + public final void testGenerateAttrQueryRequestApplicationErr() { + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(null); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + + try { + engine.generateSTORKAttrQueryRequest(request); + + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } + } + + /** + * Test generate authentication request service provider country null. + */ + @Test + public final void testGenerateAttrQueryRequestCountryErr() { + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(null); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + + try { + engine.generateSTORKAttrQueryRequest(request); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test generate authentication request error with quality authentication + * assurance level wrong. + */ + @Test + public final void testGenerateAttrQueryRequestQaalErr2() { + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(0); + request.setPersonalAttributeList(pal); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + + try { + engine.generateSTORKAttrQueryRequest(request); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test generate authentication request personal attribute list null value. + */ + @Test + public final void testGenerateAttrQueryRequestPALErr1() { + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(null); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + + try { + engine.generateSTORKAttrQueryRequest(request); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test validate authentication request null parameter. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAttrQueryRequestNullParam() + throws STORKSAMLEngineException { + try { + engine.validateSTORKAttrQueryRequest(null); + fail("validateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test validate authentication request error bytes encode. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAttrQueryRequestErrorEncode() + throws STORKSAMLEngineException { + try { + engine.validateSTORKAttrQueryRequest("messageError".getBytes()); + fail("validateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test validate authentication request. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAttrQueryRequest() throws STORKSAMLEngineException { + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + attrRequest = engine.generateSTORKAttrQueryRequest(request).getTokenSaml(); + + final STORKAttrQueryRequest validatedRequest = engine.validateSTORKAttrQueryRequest(attrRequest); + + assertEquals("CrossBorderShare incorrect: ", validatedRequest.isEIDCrossBorderShare(), false); + assertEquals("CrossSectorShare incorrect: ", validatedRequest.isEIDCrossSectorShare(), false); + assertEquals("SectorShare incorrect: ", validatedRequest.isEIDSectorShare(), false); + + } + + /** + * Test validate data authenticate request. Verified parameters after + * validation. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateDataAttrQueryRequest() throws STORKSAMLEngineException { + + final STORKAttrQueryRequest request = engine.validateSTORKAttrQueryRequest(attrRequest); + + assertEquals("Sestination incorrect: ", request.getDestination(), destination); + + assertEquals("CrossBorderShare incorrect: ", request.isEIDCrossBorderShare(), false); + assertEquals("CrossSectorShare incorrect: ", request.isEIDCrossSectorShare(), false); + assertEquals("SectorShare incorrect: ", request.isEIDSectorShare(), false); + + assertEquals("QAAL incorrect: ", request.getQaa(), QAAL); + assertEquals("SPSector incorrect: ", request.getSpSector(), spSector); + assertEquals("SPInstitution incorrect: ", request.getSpInstitution(), null); + assertEquals("SPApplication incorrect: ", request.getSpApplication(), spApplication); + assertEquals("CitizenCountryCode incorrect: ", request.getCitizenCountryCode(), null); + + } + + /** + * Test validate file attribute query request. Validate from XML file. + * + * @throws Exception the exception + */ + @Test + public final void testValidateFileAttrQueryRequest() throws Exception { + + final byte[] bytes = SSETestUtils.readStorkSamlFromFile("/data/eu/stork/STORKSAMLEngine/AttrQueryRequest1.xml"); + + try { + engine.validateSTORKAttrQueryRequest(bytes); + fail("testValidateFileAttrQueryRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error(e.getMessage()); + } + } + + /** + * Test validate file authentication request tag delete. + * + * @throws Exception the exception + */ + @Test + public final void testValidateFileAttrRequestTagDelete() throws Exception { + + final byte[] bytes = SSETestUtils.readStorkSamlFromFile("/data/eu/stork/STORKSAMLEngine/AttrQueryRequestTagDelete.xml"); + + try { + engine.validateSTORKAttrQueryRequest(bytes); + fail("validateSTORKAttrQueryRequest(...) should have thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error(e.getMessage()); + + } + } + + /** + * Test validate authentication request not trusted token. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAttrQueryRequestNotTrustedErr1() + throws STORKSAMLEngineException { + + try { + final STORKSAMLEngine engineNotTrusted = STORKSAMLEngine + .getInstance("CONF2"); + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + + final byte[] authReqNotTrust = engineNotTrusted + .generateSTORKAttrQueryRequest(request).getTokenSaml(); + + engine.validateSTORKAttrQueryRequest(authReqNotTrust); + fail("validateSTORKAttrQueryRequestNotTrusted(...) should have thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test validate authentication request trusted. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAttrQueryRequestTrusted() + throws STORKSAMLEngineException { + + final STORKSAMLEngine engineTrusted = STORKSAMLEngine + .getInstance("CONF3"); + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + final byte[] authReqNotTrust = engineTrusted.generateSTORKAttrQueryRequest( + request).getTokenSaml(); + + // engine ("CONF1") no have trust certificate from "CONF2" + engine.validateSTORKAttrQueryRequest(authReqNotTrust); + + } + + + + + /** + * Test generate authentication request service provider application null. + */ + @Test + public final void testGenerateAttrQueryRequestNADA() { + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + + // news parameters + request.setSpSector(null); + request.setSpInstitution(null); + request.setSpApplication(null); + request.setSpCountry(null); + + try { + + engine.validateSTORKAttrQueryRequest(attrRequest); + + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } + } + + /** + * Test validate authentication request with unknown elements. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAttrQueryRequestWithUnknownElements() throws STORKSAMLEngineException { + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + + IPersonalAttributeList pAttList = new PersonalAttributeList(); + + final PersonalAttribute unknown = new PersonalAttribute(); + unknown.setName("unknown"); + unknown.setIsRequired(true); + pAttList.add(unknown); + + final PersonalAttribute eIdentifier = new PersonalAttribute(); + eIdentifier.setName("eIdentifier"); + eIdentifier.setIsRequired(true); + pAttList.add(eIdentifier); + + request.setPersonalAttributeList(pAttList); + + // new parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + STORKAttrQueryRequest req = new STORKAttrQueryRequest(); + + req = engine3.generateSTORKAttrQueryRequest(request); + + req = engine.validateSTORKAttrQueryRequest(req.getTokenSaml()); + + assertNull("The value shouldn't exist", req.getPersonalAttributeList().get("unknown")); + assertNotNull("The value should exist", req.getPersonalAttributeList().get("eIdentifier")); + + } + + /** + * Test generate Request with required elements by default + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testGenerateAttrQueryRequestWithIsRequiredElementsByDefault() throws STORKSAMLEngineException { + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + + IPersonalAttributeList pAttList = new PersonalAttributeList(); + + final PersonalAttribute eIdentifier = new PersonalAttribute(); + eIdentifier.setName("eIdentifier"); + eIdentifier.setIsRequired(true); + pAttList.add(eIdentifier); + + request.setPersonalAttributeList(pAttList); + + // new parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + STORKAttrQueryRequest req = new STORKAttrQueryRequest(); + STORKAttrQueryRequest reqTrue = new STORKAttrQueryRequest(); + STORKAttrQueryRequest reqFalse = new STORKAttrQueryRequest(); + + reqTrue = engine.generateSTORKAttrQueryRequest(request); + reqFalse = engine2.generateSTORKAttrQueryRequest(request); + req = engine3.generateSTORKAttrQueryRequest(request); + + + String token = new String(req.getTokenSaml()); + String reqTrueToken = new String(reqTrue.getTokenSaml()); + String reqFalseToken = new String(reqFalse.getTokenSaml()); + + assertTrue("The token must contain the chain 'isRequired'", token.contains("isRequired")); + assertTrue("The token must contain the chain 'isRequired'", reqTrueToken.contains("isRequired")); + assertFalse("The token must contain the chain 'isRequired'", reqFalseToken.contains("isRequired")); + + } + + /** + * Test validating attribute query and getting alias used to save + * the saml trusted certificate into trustore + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + /*@Test + public final void testValidateAtrrQueryRequestGettingItsAlias() throws STORKSAMLEngineException { + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + + IPersonalAttributeList pAttList = new PersonalAttributeList(); + + final PersonalAttribute eIdentifier = new PersonalAttribute(); + eIdentifier.setName("eIdentifier"); + eIdentifier.setIsRequired(true); + pAttList.add(eIdentifier); + + request.setPersonalAttributeList(pAttList); + + // new parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + STORKAttrQueryRequest req = new STORKAttrQueryRequest(); + + req = engine3.generateSTORKAttrQueryRequest(request); + req = engine.validateSTORKAttrQueryRequest(req.getTokenSaml()); + String prufa = req.getAlias(); + assertTrue("The alias should match this value", req.getAlias().equals("local-demo")); + + req = engine2.generateSTORKAttrQueryRequest(request); + req = engine2.validateSTORKAttrQueryRequest(req.getTokenSaml()); + assertTrue("The alias should match this value", req.getAlias().equals("local-demo2")); + }*/ + + @Test + public final void testGenerateAttrQueryRequestSignDoc() throws STORKSAMLEngineException { + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + PersonalAttributeList pal0 = new PersonalAttributeList(); + + final PersonalAttribute signDoc = new PersonalAttribute(); + signDoc.setName("docRequest"); + signDoc.setIsRequired(true); + signDoc.setValue(Arrays.asList("IS/IS/fbea6e68-0393-401b-b616-f767fff9418c")); + pal0.add(signDoc); + + request.setPersonalAttributeList(pal0); + + // new parameters + /*request.setEIDSectorShare(false); + request.setEIDCrossSectorShare(false); + request.setEIDCrossBorderShare(false);*/ + request.setAssertionConsumerServiceURL(assertConsumerUrl); + request.setSpCountry(spCountry); + + STORKAttrQueryRequest req1 = engine0.generateSTORKAttrQueryRequest(request); + byte[] reqByte = req1.getTokenSaml(); + FileOutputStream output = null; + + STORKAttrQueryRequest req2 = engine0.validateSTORKAttrQueryRequest(reqByte); + //reqByte = req2.getTokenSaml(); + + try { + //output = new FileOutputStream(new File(System.getProperty("user.dir") + "/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestSdoc.xml")); + FileOutputStream fos; + File outputDir = new File(System.getProperty("user.dir") + "/src/test/resources/data/eu/stork/STORKSAMLEngine"); + File saveFile = new File(outputDir, "AttrQueryRequestSdoc.xml"); + fos = new FileOutputStream(saveFile); + fos.write(reqByte); + fos.flush(); + fos.close(); + } catch (Exception e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + try { + output.write(reqByte); + } catch (IOException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + + LOG.info("STORKAttrQueryRequest 1: " + SSETestUtils.encodeSAMLToken(engine.generateSTORKAttrQueryRequest(request).getTokenSaml())); + + request.setCitizenCountryCode("IS"); + LOG.info("STORKAttrQueryRequest 2: " + SSETestUtils.encodeSAMLToken(engine.generateSTORKAttrQueryRequest(request).getTokenSaml())); + } + +} diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAttrQueryResponseTest.java b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAttrQueryResponseTest.java new file mode 100644 index 000000000..a98d5b7c3 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAttrQueryResponseTest.java @@ -0,0 +1,1085 @@ +package eu.stork.peps.test.simple; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertTrue; +import static org.junit.Assert.fail; + +import java.io.File; +import java.io.FileNotFoundException; +import java.io.FileOutputStream; +import java.io.IOException; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; + +import org.junit.Ignore; +import org.junit.Test; +import org.opensaml.xml.parse.BasicParserPool; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PEPSUtil; +import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.PersonalAttributeList; +import eu.stork.peps.auth.commons.STORKAttrQueryRequest; +import eu.stork.peps.auth.commons.STORKAttrQueryResponse; +import eu.stork.peps.auth.commons.STORKAuthnRequest; +import eu.stork.peps.auth.commons.STORKAuthnResponse; +import eu.stork.peps.auth.commons.STORKStatusCode; +import eu.stork.peps.auth.commons.STORKSubStatusCode; +import eu.stork.peps.auth.engine.STORKSAMLEngine; +import eu.stork.peps.exceptions.STORKSAMLEngineException; + +public class StorkAttrQueryResponseTest { + + /** The engine. */ + private static STORKSAMLEngine engine = STORKSAMLEngine.getInstance("CONF1"); + + /** + * Gets the engine. + * + * @return the engine + */ + public static STORKSAMLEngine getEngine() { + return engine; + } + + /** + * Sets the engine. + * + * @param newEngine the new engine + */ + public static void setEngine(final STORKSAMLEngine newEngine) { + StorkAttrQueryResponseTest.engine = newEngine; + } + + /** The destination. */ + private static String destination; + + /** The service provider sector. */ + private static String spSector; + + /** The service provider institution. */ + private static String spInstitution; + + /** The service provider application. */ + private static String spApplication; + + /** The service provider country. */ + private static String spCountry; + + /** The service provider id. */ + private static String spId; + + /** The quality authentication assurance level. */ + private static final int QAAL = 3; + + /** The state. */ + private static String state = "IS"; + + /** The town. */ + private static String town = "Reykjavik"; + + /** The postal code. */ + private static String postalCode = "105"; + + /** The street name. */ + private static String streetName = "Gudrunartun"; + + /** The street number. */ + private static String streetNumber = "10"; + + /** The List of Personal Attributes. */ + private static IPersonalAttributeList pal; + + /** The assertion consumer URL. */ + private static String assertConsumerUrl; + + /** The attribute query request. */ + private static byte[] attrQueryRequest; + + /** The attribute query response. */ + private static byte[] attrQueryResponse; + + /** The attribute query request. */ + private static STORKAttrQueryRequest attrQueryenRequest; + + /** The attribute query response. */ + private static STORKAttrQueryResponse attrQeuryenResponse; + + /** The Constant LOG. */ + private static final Logger LOG = LoggerFactory + .getLogger(StorkAttrQueryResponseTest.class.getName()); + + /** + * Instantiates a new stork response test. + */ + public StorkAttrQueryResponseTest() { + super(); + } + + /** The IP address. */ + private static String ipAddress; + + /** The destination URL. */ + private static String destinationUrl; + + /** The is hashing. */ + private final boolean isHashing = Boolean.TRUE; + + /** The is not hashing. */ + private final boolean isNotHashing = Boolean.FALSE; + + /** The ERROR text. */ + private static final String ERROR_TXT = "generateAttrQueryResponse(...) should've thrown an STORKSAMLEngineException!"; + + + /** Parser manager used to parse XML. */ + private static BasicParserPool parser; + + + + static { + parser = new BasicParserPool(); + parser.setNamespaceAware(true); + + pal = new PersonalAttributeList(); + + PersonalAttribute isAgeOver = new PersonalAttribute(); + isAgeOver.setName("isAgeOver"); + isAgeOver.setIsRequired(false); + ArrayList<String> ages = new ArrayList<String>(); + ages.add("16"); + ages.add("18"); + isAgeOver.setValue(ages); + pal.add(isAgeOver); + + PersonalAttribute dateOfBirth = new PersonalAttribute(); + dateOfBirth.setName("dateOfBirth"); + dateOfBirth.setIsRequired(false); + pal.add(dateOfBirth); + + PersonalAttribute eIDNumber = new PersonalAttribute(); + eIDNumber.setName("eIdentifier"); + List<String> eid = Arrays.asList("IS/IS/1234567890"); + eIDNumber.setValue(eid); + eIDNumber.setIsRequired(true); + pal.add(eIDNumber); + + final PersonalAttribute givenName = new PersonalAttribute(); + givenName.setName("givenName"); + givenName.setIsRequired(true); + pal.add(givenName); + + PersonalAttribute canRessAddress = new PersonalAttribute(); + canRessAddress.setName("canonicalResidenceAddress"); + canRessAddress.setIsRequired(true); + pal.add(canRessAddress); + + PersonalAttribute newAttribute = new PersonalAttribute(); + newAttribute.setName("newAttribute2"); + newAttribute.setIsRequired(true); + pal.add(newAttribute); + + destination = "http://C-PEPS.gov.xx/PEPS/ColleagueRequest"; + assertConsumerUrl = "http://S-PEPS.gov.xx/PEPS/ColleagueResponse"; + spSector = "EDU001"; + spInstitution = "OXF001"; + spApplication = "APP001"; + spCountry = "EN"; + + spId = "EDU001-APP001-APP001"; + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + request.setDestination(destination); + //request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // new parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + + try { + attrQueryRequest = getEngine().generateSTORKAttrQueryRequest(request) + .getTokenSaml(); + + attrQueryenRequest = getEngine().validateSTORKAttrQueryRequest(attrQueryRequest); + + } catch (STORKSAMLEngineException e) { + fail("Error create STORKAuthnRequest"); + } + + ipAddress = "111.222.333.444"; + + destinationUrl = "http://C-PEPS.gov.xx/PEPS/ColleagueRequest"; + + pal = new PersonalAttributeList(); + + isAgeOver = new PersonalAttribute(); + isAgeOver.setName("isAgeOver"); + isAgeOver.setIsRequired(true); + ages = new ArrayList<String>(); + + ages.add("16"); + ages.add("18"); + + isAgeOver.setValue(ages); + isAgeOver.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + pal.add(isAgeOver); + + dateOfBirth = new PersonalAttribute(); + dateOfBirth.setName("dateOfBirth"); + dateOfBirth.setIsRequired(false); + final ArrayList<String> date = new ArrayList<String>(); + date.add("16/12/2008"); + dateOfBirth.setValue(date); + dateOfBirth.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + pal.add(dateOfBirth); + + eIDNumber = new PersonalAttribute(); + eIDNumber.setName("eIdentifier"); + eIDNumber.setIsRequired(true); + final ArrayList<String> idNumber = new ArrayList<String>(); + idNumber.add("123456789IS"); + eIDNumber.setValue(idNumber); + eIDNumber.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + pal.add(eIDNumber); + + canRessAddress = new PersonalAttribute(); + canRessAddress.setName("canonicalResidenceAddress"); + canRessAddress.setIsRequired(true); + canRessAddress.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + final HashMap<String, String> address = new HashMap<String, String>(); + + address.put("state", state); + address.put("town", town); + address.put("postalCode", postalCode); + address.put("streetName", streetName); + address.put("streetNumber", streetNumber); + + canRessAddress.setComplexValue(address); + pal.add(canRessAddress); + + newAttribute = new PersonalAttribute(); + newAttribute.setName("newAttribute2"); + newAttribute.setIsRequired(true); + newAttribute.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + final HashMap<String, String> values = new HashMap<String, String>(); + + values.put("value1", "value1"); + values.put("value2", "value2"); + values.put("value3", "value3"); + values.put("value4", "value4"); + + newAttribute.setComplexValue(values); + pal.add(newAttribute); + + } + + /** + * Test generate attribute query request without errors. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testGenerateAttrQueryResponse() throws STORKSAMLEngineException { + + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + response.setPersonalAttributeList(pal); + + final STORKAttrQueryResponse storkResponse = getEngine() + .generateSTORKAttrQueryResponse(attrQueryenRequest, response, ipAddress, + destinationUrl, isNotHashing); + + attrQueryResponse = storkResponse.getTokenSaml(); + + FileOutputStream output = null; + + try { + output = new FileOutputStream(new File(System.getProperty("user.dir") + "/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryResponse.xml")); + } catch (FileNotFoundException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + try { + output.write(attrQueryResponse); + } catch (IOException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + + LOG.info("RESPONSE: " + SSETestUtils.encodeSAMLToken(attrQueryResponse)); + + + } + + /** + * Test validation id parameter mandatory. + */ + @Test + public final void testResponseMandatoryId() { + final String identifier = attrQueryenRequest.getSamlId(); + attrQueryenRequest.setSamlId(null); + + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + response.setPersonalAttributeList(pal); + + try { + getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, response, + ipAddress, destinationUrl, isHashing); + fail(ERROR_TXT); + } catch (STORKSAMLEngineException e) { + attrQueryenRequest.setSamlId(identifier); + LOG.error("Error"); + } + } + + /** + * Test generate attribute query response in response to err1. + */ + @Test + public final void testResponseMandatoryIssuer() { + + final String issuer = attrQueryenRequest.getIssuer(); + attrQueryenRequest.setIssuer(null); + + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + response.setPersonalAttributeList(pal); + + try { + getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, response, + ipAddress, destinationUrl, isHashing); + fail(ERROR_TXT); + } catch (STORKSAMLEngineException e) { + attrQueryenRequest.setIssuer(issuer); + LOG.error("Error"); + } + } + + + /** + * Test generate attribute query response assertion consumer null. + */ + /*@Test + public final void testResponseMandatoryAssertionConsumerServiceURL() { + final String asserConsumerUrl = attrQueryenRequest + .getAssertionConsumerServiceURL(); + attrQueryenRequest.setAssertionConsumerServiceURL(null); + + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setPersonalAttributeList(pal); + try { + getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, response, + ipAddress, isHashing); + fail("generateAuthnResponse(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + attrQueryenRequest.setAssertionConsumerServiceURL(asserConsumerUrl); + LOG.error("Error"); + } + } + + /** + * Test generate attribute query response IP address null. + */ + @Test + public final void testResponseValidationIP() { + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + response.setPersonalAttributeList(pal); + + try { + getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, response, null, + destinationUrl, isHashing); + fail("generateAuthnResponse(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test generate attribute query response with personal attribute list null. + */ + @Test + public final void testResponseMandatoryPersonalAttributeList() { + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + response.setPersonalAttributeList(null); + + + try { + getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, response, + ipAddress, destinationUrl, isHashing); + fail("generateAuthnResponse(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test validate attribute query response token null. + */ + @Test + public final void testResponseInvalidParametersToken() { + try { + getEngine().validateSTORKAttrQueryResponse(null, ipAddress); + fail(ERROR_TXT); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test validate attribute query response IP null. + */ + @Test + public final void STORKAttrQueryResponse() { + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + response.setPersonalAttributeList(pal); + try { + attrQueryResponse = getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, + response, ipAddress, destinationUrl, isNotHashing).getTokenSaml(); + // In Conf1 ipValidate is false + getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, null); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + /** + * Test validate attribute query response parameter name wrong. + */ + @Test + public final void testResponseInvalidParametersAttr() { + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + final IPersonalAttributeList wrongList = new PersonalAttributeList(); + + final PersonalAttribute worngAttr = new PersonalAttribute(); + worngAttr.setName("AttrWrong"); + wrongList.add(worngAttr); + + + response.setPersonalAttributeList(wrongList); + try { + attrQueryResponse = getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, + response, ipAddress, destinationUrl, isNotHashing).getTokenSaml(); + // In Conf1 ipValidate is false + getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, null); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + /** + * Test validate attribute query response set null value into attribute. + */ + @Test + public final void testResponseInvalidParametersAttrSimpleValue() { + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + final IPersonalAttributeList wrongList = new PersonalAttributeList(); + + final PersonalAttribute worngAttr = new PersonalAttribute(); + worngAttr.setName("isAgeOver"); + worngAttr.setValue(null); + wrongList.add(worngAttr); + + response.setPersonalAttributeList(wrongList); + try { + attrQueryResponse = getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, + response, ipAddress, destinationUrl, isNotHashing).getTokenSaml(); + // In Conf1 ipValidate is false + getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, null); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + /** + * Test validate attribute query response set null value into attribute. + */ + @Test + public final void testResponseInvalidParametersAttrNoValue() { + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + final IPersonalAttributeList wrongList = new PersonalAttributeList(); + + final PersonalAttribute worngAttr = new PersonalAttribute(); + worngAttr.setName("isAgeOver"); + wrongList.add(worngAttr); + + response.setPersonalAttributeList(wrongList); + try { + attrQueryResponse = getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, + response, ipAddress, destinationUrl, isNotHashing).getTokenSaml(); + // In Conf1 ipValidate is false + getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, null); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + /** + * Test validate attribute query response set null value into attribute. + */ + @Test + public final void testResponseInvalidParametersAttrNoName() { + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + final IPersonalAttributeList wrongList = new PersonalAttributeList(); + + final PersonalAttribute worngAttr = new PersonalAttribute(); + wrongList.add(worngAttr); + + response.setPersonalAttributeList(wrongList); + try { + attrQueryResponse = getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, + response, ipAddress, destinationUrl, isNotHashing).getTokenSaml(); + // In Conf1 ipValidate is false + getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, null); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + /** + * Test validate attribute query response set null complex value into attribute. + */ + @Test + public final void testResponseInvalidParametersAttrComplexValue() { + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + final IPersonalAttributeList wrongList = new PersonalAttributeList(); + + final PersonalAttribute worngAttr = new PersonalAttribute(); + worngAttr.setName("isAgeOver"); + worngAttr.setComplexValue(null); + wrongList.add(worngAttr); + + response.setPersonalAttributeList(wrongList); + try { + attrQueryResponse = getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, + response, ipAddress, destinationUrl, isNotHashing).getTokenSaml(); + // In Conf1 ipValidate is false + getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, null); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + + + /** + * Test validate attribute query response IP distinct and disabled validation + * IP. + */ + @Test + public final void testResponseInvalidParametersIPDistinct() { + try { + // ipAddress origin "111.222.333.444" + // ipAddrValidation = false + // Subject Confirmation Bearer. + + getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, "127.0.0.1"); + } catch (STORKSAMLEngineException e) { + fail("validateAttributeQueryResponse(...) should've thrown an STORKSAMLEngineException!"); + LOG.error("Error"); + } + } + + /** + * Test response invalid parameters invalid token. + */ + @Test + public final void testResponseInvalidParametersTokenMsg() { + try { + // ipAddress origin "111.222.333.444" + // Subject Confirmation Bearer. + getEngine().validateSTORKAttrQueryResponse("errorMessage".getBytes(), + ipAddress); + fail("validateAuthenticationResponse(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test validate attribute query response is fail. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + /*@Test + public final void testValidateAuthenticationResponseIsFail() + throws STORKSAMLEngineException { + attrQeuryenResponse = getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, + ipAddress); + + assertFalse("Generate incorrect response: ", attrQeuryenResponse.isFail()); + } + + /** + * Test validate attribute query response destination. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthenticationResponseDestination() + throws STORKSAMLEngineException { + attrQeuryenResponse = getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, + ipAddress); + + assertEquals("Destination incorrect: ", + attrQeuryenResponse.getInResponseTo(), attrQueryenRequest.getSamlId()); + } + + /** + * Test validate attribute query response values. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthenticationResponseValuesComplex() + throws STORKSAMLEngineException { + attrQeuryenResponse = getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, + ipAddress); + + assertEquals("Country incorrect:", attrQeuryenResponse.getCountry(), "ES"); + + final Iterator<PersonalAttribute> iterator = attrQeuryenResponse + .getPersonalAttributeList().iterator(); + + while (iterator.hasNext()) { + final PersonalAttribute attribute = iterator.next(); + if (attribute.getName().equalsIgnoreCase( + "canonicalResidenceAddress")) { + assertEquals("State incorrect: ", state, attribute + .getComplexValue().get("state")); + assertEquals("Town incorrect: ", town, attribute + .getComplexValue().get("town")); + assertEquals("Postal code incorrect: ", postalCode, attribute + .getComplexValue().get("postalCode")); + assertEquals("Street name incorrect: ", streetName, attribute + .getComplexValue().get("streetName")); + assertEquals("Street number incorrect: ", streetNumber, + attribute.getComplexValue().get("streetNumber")); + } + } + } + + /** + * Test generate attribute query response fail in response to it's null. + * @throws STORKSAMLEngineException + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test //( expected=STORKSAMLEngineException.class) + public final void testGenerateAttrQueryResponseFailInResponseToNull() throws STORKSAMLEngineException { + final String identifier = attrQueryenRequest.getSamlId(); + attrQueryenRequest.setSamlId(null); + + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + response.setStatusCode(STORKStatusCode.REQUESTER_URI.toString()); + response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString()); + response.setMessage(""); + + try { + attrQueryResponse = getEngine().generateSTORKAttrQueryResponseFail(attrQueryenRequest, + response, ipAddress, destinationUrl, isNotHashing).getTokenSaml(); + fail(ERROR_TXT); + } catch (STORKSAMLEngineException e) { + attrQueryenRequest.setSamlId(identifier); + LOG.error("Error"); + //throw new STORKSAMLEngineException(e); + } + } + + /** + * Test generate attribute query response fail assertion consumer URL err1. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + /*@Test + public final void testGenerateAuthnResponseFailAssertionConsumerUrlNull() + throws STORKSAMLEngineException { + + final String assertConsumerUrl = attrQueryenRequest + .getAssertionConsumerServiceURL(); + attrQueryenRequest.setAssertionConsumerServiceURL(null); + + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setStatusCode(STORKStatusCode.REQUESTER_URI.toString()); + response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString()); + response.setMessage(""); + + try { + attrQueryResponse = getEngine().generateSTORKAuthnResponseFail(attrQueryenRequest, + response, ipAddress, isNotHashing).getTokenSaml(); + fail("generateAuthnResponseFail(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + attrQueryenRequest.setAssertionConsumerServiceURL(assertConsumerUrl); + LOG.error("Error"); + } + } + + /** + * Test generate attribute query response fail code error err1. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testGenerateAttrQueryResponseFailCodeErrorNull() + throws STORKSAMLEngineException { + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + response.setStatusCode(null); + response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString()); + response.setMessage(""); + + try { + attrQueryResponse = getEngine().generateSTORKAttrQueryResponseFail(attrQueryenRequest, + response, ipAddress, destinationUrl, isNotHashing).getTokenSaml(); + fail("generateAttrQueryResponseFail(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + + + /** + * Test generate attribute query request without errors. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAttrQueryResponse() throws STORKSAMLEngineException { + + IPersonalAttributeList palist = new PersonalAttributeList(); + + PersonalAttribute isAgeOver = new PersonalAttribute(); + isAgeOver.setName("isAgeOver"); + isAgeOver.setIsRequired(true); + ArrayList<String> ages = new ArrayList<String>(); + ages.add("16"); + ages.add("18"); + isAgeOver.setValue(ages); + isAgeOver.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + palist.add(isAgeOver); + + PersonalAttribute dateOfBirth = new PersonalAttribute(); + dateOfBirth.setName("dateOfBirth"); + dateOfBirth.setIsRequired(false); + final ArrayList<String> date = new ArrayList<String>(); + date.add("16/12/2008"); + dateOfBirth.setValue(date); + dateOfBirth.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + palist.add(dateOfBirth); + + + PersonalAttribute eIDNumber = new PersonalAttribute(); + eIDNumber.setName("eIdentifier"); + eIDNumber.setIsRequired(true); + + final ArrayList<String> idNumber = new ArrayList<String>(); + idNumber.add("123456789PÑ"); + + final HashMap<String, String> complex = new HashMap<String, String>(); + complex.put("one", "two"); + + //eIDNumber.setValue(null); + //eIDNumber.setValue(idNumber); + //eIDNumber.setComplexValue(complex); + + eIDNumber.setStatus(STORKStatusCode.STATUS_NOT_AVAILABLE.toString()); + palist.add(eIDNumber); + + PersonalAttribute canRessAddress = new PersonalAttribute(); + canRessAddress.setName("canonicalResidenceAddress"); + canRessAddress.setIsRequired(true); + canRessAddress.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + final HashMap<String, String> address = new HashMap<String, String>(); + + address.put("state", state); + address.put("town", town); + address.put("postalCode", postalCode); + address.put("streetName", streetName); + address.put("streetNumber", streetNumber); + + canRessAddress.setComplexValue(address); + palist.add(canRessAddress); + + + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + + response.setPersonalAttributeList(palist); + + final STORKAttrQueryResponse storkResponse = getEngine() + .generateSTORKAttrQueryResponse(attrQueryenRequest, response, ipAddress, + destinationUrl, isNotHashing); + + attrQueryResponse = storkResponse.getTokenSaml(); + LOG.info("Request id: " + attrQueryenRequest.getSamlId()); + + LOG.info("RESPONSE: " + SSETestUtils.encodeSAMLToken(attrQueryResponse)); + + + attrQeuryenResponse = getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, + ipAddress); + + LOG.info("RESPONSE ID: " + attrQeuryenResponse.getSamlId()); + LOG.info("RESPONSE IN_RESPONSE_TO: " + attrQeuryenResponse.getInResponseTo()); + LOG.info("RESPONSE COUNTRY: " + attrQeuryenResponse.getCountry()); + + } + + + + + + /** + * Test validate attribute query response fail is fail. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAttrQueryResponseFailIsFail() + throws STORKSAMLEngineException { + + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + response.setStatusCode(STORKStatusCode.REQUESTER_URI.toString()); + response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString()); + response.setMessage("message"); + + attrQueryResponse = getEngine().generateSTORKAttrQueryResponseFail(attrQueryenRequest, + response, ipAddress, destinationUrl, isNotHashing).getTokenSaml(); + + LOG.error("ERROR_FAIL: " + PEPSUtil.encodeSAMLToken(attrQueryResponse)); + + attrQeuryenResponse = getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, + ipAddress); + + LOG.info("COUNTRY: " + attrQeuryenResponse.getCountry()); + assertTrue("Generate incorrect response: ", attrQeuryenResponse.isFail()); + } + + /** + * Test generate/validate response with signedDoc + * + * @throws STORKSAMLEngineException + * the STORKSAML engine exception + */ + @Test + public final void testGenerateAttrQueryResponseWithSignedDoc() + throws STORKSAMLEngineException { + + String signedDocResponse = "<dss:SignResponse xmlns:dss=\"urn:oasis:names:tc:dss:1.0:core:schema\" RequestID=\"123456\"> <dss:Result> <dss:ResultMajor>urn:oasis:names:tc:dss:1.0:resultmajor:Success</dss:ResultMajor> </dss:Result> <dss:SignatureObject> <dss:Base64Signature Type=\"urn:ietf:rfc:3275\">PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48ZHM6U2lnbmF0dXJlIHhtbG5zOmRzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIiBJZD0iU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1TaWduYXR1cmUiPjxkczpTaWduZWRJbmZvPjxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvVFIvMjAwMS9SRUMteG1sLWMxNG4tMjAwMTAzMTUiLz48ZHM6U2lnbmF0dXJlTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3JzYS1zaGExIi8+PGRzOlJlZmVyZW5jZSBJZD0iUmVmZXJlbmNlLWJhYmE0ZDFhLWExN2UtNDJjNi05N2QyLWJlZWUxMzUwOTUwMyIgVHlwZT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI09iamVjdCIgVVJJPSIjT2JqZWN0LTk4NzMzY2RlLThiY2MtNDhhMC05Yjc3LTBlOTk5N2JkZDA1OCI+PGRzOlRyYW5zZm9ybXM+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNiYXNlNjQiLz48L2RzOlRyYW5zZm9ybXM+PGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzOkRpZ2VzdFZhbHVlPkNrMVZxTmQ0NVFJdnEzQVpkOFhZUUx2RWh0QT08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjxkczpSZWZlcmVuY2UgVHlwZT0iaHR0cDovL3VyaS5ldHNpLm9yZy8wMTkwMyNTaWduZWRQcm9wZXJ0aWVzIiBVUkk9IiNTaWduYXR1cmUtOGVhYmQwYTUtNjYwZC00YWZkLTk5MDUtMGFiYzc1NTNkMTkyLVNpZ25lZFByb3BlcnRpZXMiPjxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSIvPjxkczpEaWdlc3RWYWx1ZT5BNVk5MW40cXBMZ3l0VFc3ZnhqWENVZVJ2NTQ9PC9kczpEaWdlc3RWYWx1ZT48L2RzOlJlZmVyZW5jZT48ZHM6UmVmZXJlbmNlIFVSST0iI1NpZ25hdHVyZS04ZWFiZDBhNS02NjBkLTRhZmQtOTkwNS0wYWJjNzU1M2QxOTItS2V5SW5mbyI+PGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzOkRpZ2VzdFZhbHVlPlZQWDRuS0Z5UzZyRitGNmNSUjBQck5aZHc2Zz08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjwvZHM6U2lnbmVkSW5mbz48ZHM6U2lnbmF0dXJlVmFsdWUgSWQ9IlNpZ25hdHVyZS04ZWFiZDBhNS02NjBkLTRhZmQtOTkwNS0wYWJjNzU1M2QxOTItU2lnbmF0dXJlVmFsdWUiPkxiS04vL0M3WGt5eFR0WVRpQ1VScjhuWnp4QW1zdGNNZDBDZ0VBQ3JLMWR5Z1JIcUdjSzR4dHMrV0NVOFB5RXFXclJJVFl6SXV3LzcNClY0Wno5VFQ2MHA0S1RNZXd1UUw2NHNrRVN4MllnMkVkaWtTTyt0S3hXa2hyYVVzbVZiR2JQbW1jbUR2OTd0SER3ODg3NDdlRnE1RjUNCnYrYVZTeUF6MDNpVUttdVNlSDg9PC9kczpTaWduYXR1cmVWYWx1ZT48ZHM6S2V5SW5mbyBJZD0iU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1LZXlJbmZvIj48ZHM6S2V5VmFsdWU+PGRzOlJTQUtleVZhbHVlPjxkczpNb2R1bHVzPnd1Y21qOXRJV3J2d2JTVFVEZndLbCtKdERNTUVSMGNMZDZEa0JTcjc5MHQrckdOakVTcVlqUndFSWVCbktvUUhQeDVIb1JlRjg4L3QNCnFZOStDaEVYcExITHM5cDVhWDdTREp1YnBRTWZwMXRERlgzNHl3Z3hTUXZjZWVKUVdCWGppZXVJbWZDMjFzNGJPY2dKYlYxaGJpZ1MNCnpPS1RRS3IxVHpkR1IrdVJ5MDA9PC9kczpNb2R1bHVzPjxkczpFeHBvbmVudD5BUUFCPC9kczpFeHBvbmVudD48L2RzOlJTQUtleVZhbHVlPjwvZHM6S2V5VmFsdWU+PGRzOlg1MDlEYXRhPjxkczpYNTA5Q2VydGlmaWNhdGU+TUlJSW1UQ0NCNEdnQXdJQkFnSURBWFVVTUEwR0NTcUdTSWIzRFFFQkJRVUFNSUlCT3pFTE1Ba0dBMVVFQmhNQ1JWTXhPekE1QmdOVg0KQkFvVE1rRm5aVzVqYVdFZ1EyRjBZV3hoYm1FZ1pHVWdRMlZ5ZEdsbWFXTmhZMmx2SUNoT1NVWWdVUzB3T0RBeE1UYzJMVWtwTVRRdw0KTWdZRFZRUUhFeXRRWVhOellYUm5aU0JrWlNCc1lTQkRiMjVqWlhCamFXOGdNVEVnTURnd01EZ2dRbUZ5WTJWc2IyNWhNUzR3TEFZRA0KVlFRTEV5VlRaWEoyWldseklGQjFZbXhwWTNNZ1pHVWdRMlZ5ZEdsbWFXTmhZMmx2SUVWRFZpMHlNVFV3TXdZRFZRUUxFeXhXWldkbA0KZFNCb2RIUndjem92TDNkM2R5NWpZWFJqWlhKMExtNWxkQzkyWlhKRFNVTXRNaUFvWXlrd016RTFNRE1HQTFVRUN4TXNSVzUwYVhSaA0KZENCd2RXSnNhV05oSUdSbElHTmxjblJwWm1sallXTnBieUJrWlNCamFYVjBZV1JoYm5NeEd6QVpCZ05WQkFNVEVsQlNSVkJTVDBSVg0KUTBOSlR5QkpSRU5oZERBZUZ3MHhNREF5TVRFeE9ESXlNRFJhRncweE5EQXlNVEF4T0RJeU1EUmFNSUd3TVFzd0NRWURWUVFHRXdKRg0KVXpFMU1ETUdBMVVFQ3hNc1ZtVm5aWFVnYUhSMGNITTZMeTkzZDNjdVkyRjBZMlZ5ZEM1dVpYUXZkbVZ5U1VSRFlYUWdLR01wTURNeA0KRmpBVUJnTlZCQVFURFVKRlVreEJUa2RCSUZOUFZFOHhGekFWQmdOVkJDb1REazFCVWtsQklFVk9SMUpCUTBsQk1SSXdFQVlEVlFRRg0KRXdreE1EQXdNRGswTkZNeEpUQWpCZ05WQkFNVEhFMUJVa2xCSUVWT1IxSkJRMGxCSUVKRlVreEJUa2RCSUZOUFZFOHdnWjh3RFFZSg0KS29aSWh2Y05BUUVCQlFBRGdZMEFNSUdKQW9HQkFNTG5Kby9iU0ZxNzhHMGsxQTM4Q3BmaWJRekRCRWRIQzNlZzVBVXErL2RMZnF4ag0KWXhFcW1JMGNCQ0hnWnlxRUJ6OGVSNkVYaGZQUDdhbVBmZ29SRjZTeHk3UGFlV2wrMGd5Ym02VURINmRiUXhWOStNc0lNVWtMM0huaQ0KVUZnVjQ0bnJpSm53dHRiT0d6bklDVzFkWVc0b0VzemlrMENxOVU4M1JrZnJrY3ROQWdNQkFBR2pnZ1N3TUlJRXJEQU1CZ05WSFJNQg0KQWY4RUFqQUFNQTRHQTFVZER3RUIvd1FFQXdJRm9EQ0J6QVlEVlIwUkJJSEVNSUhCZ1E5aWMyOTBiMEJuYldGcGJDNWpiMjJrZ1lVdw0KZ1lJeEN6QUpCZ05WQkFZVEFrVlRNU3N3S1FZRFZRUUtGQ0pCWjhPb2JtTnBZU0JEWVhSaGJHRnVZU0JrWlNCRFpYSjBhV1pwWTJGag0KYWNPek1RNHdEQVlEVlFRTEV3VkpSRU5CVkRFUE1BMEdBMVVFQlJNR01ERTNOVEUwTVNVd0l3WURWUVFERXh4TlFWSkpRU0JGVGtkUw0KUVVOSlFTQkNSVkpNUVU1SFFTQlRUMVJQb0JBR0Npc0dBUVFCOVhnQkFRR2dBZ3dBb0JRR0RsWUVBQUVEQmdFRUFmVjRBUUVDb0FJTQ0KQURBZkJnTlZIUklFR0RBV2dSUmxZMTlwWkdOaGRFQmpZWFJqWlhKMExtNWxkREFkQmdOVkhRNEVGZ1FVQUZYanVOc2tCMk1seXZVQg0KaDdwOFRKMHVKMHd3Z2dGSUJnTlZIU01FZ2dFL01JSUJPNEFVUkt2Y2tVaE4xNGg0Q24vZ2RPRG42NzIzS1Z5aGdnRVBwSUlCQ3pDQw0KQVFjeEN6QUpCZ05WQkFZVEFrVlRNVHN3T1FZRFZRUUtFekpCWjJWdVkybGhJRU5oZEdGc1lXNWhJR1JsSUVObGNuUnBabWxqWVdOcA0KYnlBb1RrbEdJRkV0TURnd01URTNOaTFKS1RFb01DWUdBMVVFQ3hNZlUyVnlkbVZwY3lCUWRXSnNhV056SUdSbElFTmxjblJwWm1sag0KWVdOcGJ6RThNRG9HQTFVRUN4TXpWbVZuWlhVZ2FIUjBjSE02THk5M2QzY3VZMkYwWTJWeWRDNXVaWFF2ZG1WeWNISmxjSEp2WkhWag0KWTJsdklDaGpLVEF6TVRVd013WURWUVFMRXl4S1pYSmhjbkYxYVdFZ1JXNTBhWFJoZEhNZ1pHVWdRMlZ5ZEdsbWFXTmhZMmx2SUVOaA0KZEdGc1lXNWxjekVjTUJvR0ExVUVBeE1UVUZKRlVGSlBSRlZEUTBsUElFVkRMVUZEUTRJUWR3S1R0TTFFRVU5RkVQWFVZSGdnaERBZA0KQmdOVkhTVUVGakFVQmdnckJnRUZCUWNEQWdZSUt3WUJCUVVIQXdRd0VRWUpZSVpJQVliNFFnRUJCQVFEQWdXZ01EUUdDQ3NHQVFVRg0KQndFQkJDZ3dKakFrQmdnckJnRUZCUWN3QVlZWWFIUjBjSE02THk5dlkzTndMbU5oZEdObGNuUXVibVYwTUJnR0NDc0dBUVVGQndFRA0KQkF3d0NqQUlCZ1lFQUk1R0FRRXdnWVlHQTFVZEh3Ui9NSDB3UEtBNm9EaUdObWgwZEhBNkx5OWxjSE5qWkM1allYUmpaWEowTG01bA0KZEM5amNtd3ZjSEpsY0hKdlpIVmpZMmx2WDJWakxXbGtZMkYwTG1OeWJEQTlvRHVnT1lZM2FIUjBjRG92TDJWd2MyTmtNaTVqWVhSag0KWlhKMExtNWxkQzlqY213dmNISmxjSEp2WkhWalkybHZYMlZqTFdsa1kyRjBMbU55YkRDQjlnWURWUjBnQklIdU1JSHJNSUhvQmd3cg0KQmdFRUFmVjRBUU1CVmdFd2dkY3dMQVlJS3dZQkJRVUhBZ0VXSUdoMGRIQnpPaTh2ZDNkM0xtTmhkR05sY25RdWJtVjBMM1psY2tsRQ0KUTJGME1JR21CZ2dyQmdFRkJRY0NBakNCbVJxQmxrRnhkV1Z6ZENEdnY3MXpJSFZ1SUdObGNuUnBabWxqWVhRZ2NHVnljMjl1WVd3Zw0KU1VSRFFWUXNJSEpsWTI5dVpXZDFkQ0JrSjJsa1pXNTBhV1pwWTJGajc3KzlMQ0J6YVdkdVlYUjFjbUVnYVNCNGFXWnlZWFFnWkdVZw0KWTJ4aGMzTmxJRElnYVc1a2FYWnBaSFZoYkM0Z1ZtVm5aWFVnYUhSMGNITTZMeTkzZDNjdVkyRjBZMlZ5ZEM1dVpYUXZkbVZ5UkVOaA0KZERBdEJnTlZIUWtFSmpBa01CQUdDQ3NHQVFVRkJ3a0VNUVFUQWtWVE1CQUdDQ3NHQVFVRkJ3a0ZNUVFUQWtWVE1BMEdDU3FHU0liMw0KRFFFQkJRVUFBNElCQVFDcTc3ODBSR1FNTEIxZ2tkTk1mTFhuZ3FNb1JIR0taYnZ6a3JxSUFtVDhXQWQxRThyQXBoUjkveExKVXRwNQ0KbGJnMmZScjVibDJqOE9WREJLMlltRzQxaDhBRG40U1RJL0FwZU5JTlNmalpzNk5Sc25XekZ5ZlhYbVBDSFlGQi9YV3p5aW1DRXhndg0KdnR1SCszUUF3Y3dobjUwUExFdWh3NUM1dmxYN0x5NUs2ckxMTUZOVVVNYldWeTFoWmVsSy9DQlRjQWpJTzM4TlkrdllSQU1LU2Y0TQ0KL2daUXo0cUJlRlZKYTUyUjdOY0FxQ2ZyZkxmYVhwYkRTZzk4eG9CZU5zMmluR3p4OFVTZ0VyTFpqS0pzZG4vS2pURDlnUy9zVGRRNg0KUTdpZHFsZDJMRlZsTzIvYjk0Wk5aQmNTLzc4RU9EWGdkV2ZreVBDN1J3OHJlOW5JMy9qVDwvZHM6WDUwOUNlcnRpZmljYXRlPjwvZHM6WDUwOURhdGE+PC9kczpLZXlJbmZvPjxkczpPYmplY3QgRW5jb2Rpbmc9ImJhc2U2NCIgSWQ9Ik9iamVjdC05ODczM2NkZS04YmNjLTQ4YTAtOWI3Ny0wZTk5OTdiZGQwNTgiIE1pbWVUeXBlPSJhcHBsaWNhdGlvbi9vY3RldC1zdHJlYW0iPlNHVnNiRzhnVjI5eWJHUT08L2RzOk9iamVjdD48ZHM6T2JqZWN0Pjx4YWRlczpRdWFsaWZ5aW5nUHJvcGVydGllcyB4bWxuczp4YWRlcz0iaHR0cDovL3VyaS5ldHNpLm9yZy8wMTkwMy92MS4zLjIjIiBJZD0iU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1RdWFsaWZ5aW5nUHJvcGVydGllcyIgVGFyZ2V0PSIjU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1TaWduYXR1cmUiPjx4YWRlczpTaWduZWRQcm9wZXJ0aWVzIElkPSJTaWduYXR1cmUtOGVhYmQwYTUtNjYwZC00YWZkLTk5MDUtMGFiYzc1NTNkMTkyLVNpZ25lZFByb3BlcnRpZXMiPjx4YWRlczpTaWduZWRTaWduYXR1cmVQcm9wZXJ0aWVzPjx4YWRlczpTaWduaW5nVGltZT4yMDExLTAzLTIxVDExOjQ0OjQyKzAxOjAwPC94YWRlczpTaWduaW5nVGltZT48eGFkZXM6U2lnbmluZ0NlcnRpZmljYXRlPjx4YWRlczpDZXJ0Pjx4YWRlczpDZXJ0RGlnZXN0PjxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSIvPjxkczpEaWdlc3RWYWx1ZT4zbTZ3OTlUb3lTZDlKcEJsMWdCazhEei9iYlU9PC9kczpEaWdlc3RWYWx1ZT48L3hhZGVzOkNlcnREaWdlc3Q+PHhhZGVzOklzc3VlclNlcmlhbD48ZHM6WDUwOUlzc3Vlck5hbWU+Q049UFJFUFJPRFVDQ0lPIElEQ2F0LCBPVT1FbnRpdGF0IHB1YmxpY2EgZGUgY2VydGlmaWNhY2lvIGRlIGNpdXRhZGFucywgT1U9VmVnZXUgaHR0cHM6Ly93d3cuY2F0Y2VydC5uZXQvdmVyQ0lDLTIgKGMpMDMsIE9VPVNlcnZlaXMgUHVibGljcyBkZSBDZXJ0aWZpY2FjaW8gRUNWLTIsIEw9UGFzc2F0Z2UgZGUgbGEgQ29uY2VwY2lvIDExIDA4MDA4IEJhcmNlbG9uYSwgTz1BZ2VuY2lhIENhdGFsYW5hIGRlIENlcnRpZmljYWNpbyAoTklGIFEtMDgwMTE3Ni1JKSwgQz1FUzwvZHM6WDUwOUlzc3Vlck5hbWU+PGRzOlg1MDlTZXJpYWxOdW1iZXI+OTU1MDg8L2RzOlg1MDlTZXJpYWxOdW1iZXI+PC94YWRlczpJc3N1ZXJTZXJpYWw+PC94YWRlczpDZXJ0PjwveGFkZXM6U2lnbmluZ0NlcnRpZmljYXRlPjwveGFkZXM6U2lnbmVkU2lnbmF0dXJlUHJvcGVydGllcz48eGFkZXM6U2lnbmVkRGF0YU9iamVjdFByb3BlcnRpZXM+PHhhZGVzOkRhdGFPYmplY3RGb3JtYXQgT2JqZWN0UmVmZXJlbmNlPSIjUmVmZXJlbmNlLWJhYmE0ZDFhLWExN2UtNDJjNi05N2QyLWJlZWUxMzUwOTUwMyI+PHhhZGVzOk1pbWVUeXBlPmFwcGxpY2F0aW9uL29jdGV0LXN0cmVhbTwveGFkZXM6TWltZVR5cGU+PHhhZGVzOkVuY29kaW5nPmJhc2U2NDwveGFkZXM6RW5jb2Rpbmc+PC94YWRlczpEYXRhT2JqZWN0Rm9ybWF0PjwveGFkZXM6U2lnbmVkRGF0YU9iamVjdFByb3BlcnRpZXM+PC94YWRlczpTaWduZWRQcm9wZXJ0aWVzPjwveGFkZXM6UXVhbGlmeWluZ1Byb3BlcnRpZXM+PC9kczpPYmplY3Q+PC9kczpTaWduYXR1cmU+</dss:Base64Signature> </dss:SignatureObject> </dss:SignResponse>"; + + IPersonalAttributeList palist = new PersonalAttributeList(); + + PersonalAttribute signedDoc = new PersonalAttribute(); + signedDoc.setName("signedDoc"); + signedDoc.setIsRequired(false); + ArrayList<String> signed = new ArrayList<String>(); + signed.add(signedDocResponse); + signedDoc.setValue(signed); + palist.add(signedDoc); + + PersonalAttribute isAgeOver = new PersonalAttribute(); + isAgeOver.setName("isAgeOver"); + isAgeOver.setIsRequired(false); + ArrayList<String> ages = new ArrayList<String>(); + ages.add("16"); + ages.add("18"); + isAgeOver.setValue(ages); + palist.add(isAgeOver); + + attrQueryenRequest.setPersonalAttributeList(palist); + + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + + response.setPersonalAttributeList(palist); + + final STORKAttrQueryResponse storkResponse = getEngine() + .generateSTORKAttrQueryResponse(attrQueryenRequest, response, ipAddress, + destinationUrl, isNotHashing); + + attrQueryResponse = storkResponse.getTokenSaml(); + attrQeuryenResponse = getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, + ipAddress); + + assertTrue("SignedDoc response should be the same: ", attrQeuryenResponse + .getPersonalAttributeList().get("signedDoc").getValue().get(0) + .equals(signedDocResponse)); + + } + + @Test + public final void testEncodeDecode() { + STORKAttrQueryRequest attrRequest = new STORKAttrQueryRequest(); + STORKAttrQueryRequest request; + IPersonalAttributeList list = null; + boolean outcome = false; + + try { + //STEP 1: Create the STORKAttrQueryRequest and get the SAML bytes + attrRequest.setSpSector("NOT AVAILABLE"); + attrRequest.setSpInstitution("NOT AVAILABLE"); + attrRequest.setSpApplication("NOT AVAILABLE"); + attrRequest.setSpCountry("NOT AVAILABLE"); + + attrRequest.setIssuer("123"); + attrRequest.setDestination("456"); + attrRequest.setAssertionConsumerServiceURL("789"); + attrRequest.setQaa(2); + attrRequest.setPersonalAttributeList(pal); + + System.out.println("Original PAL:"); + System.out.println(pal.toString()); + + attrRequest = engine.generateSTORKAttrQueryRequest(attrRequest); + + byte[] saml = attrRequest.getTokenSaml(); + + //STEP 2: RE-Create the STORKAttrQueryRequest from the SAML bytes + request = engine.validateSTORKAttrQueryRequest(saml); + + System.out.println("STORKAttrQueryRequest Issuer: " + request.getIssuer()); + System.out.println("STORKAttrQueryRequest Destination: " + request.getDestination()); + System.out.println("STORKAttrQueryRequest ServiceURL: " + request.getAssertionConsumerServiceURL()); + System.out.println("STORKAttrQueryRequest Attributes: " + request.getPersonalAttributeList().toString()); + System.out.println("STORKAttrQueryRequest QAA: " + request.getQaa()); + //------------------------------ + list = request.getPersonalAttributeList(); + + List<String> values = new ArrayList<String>(); + values.add("test1"); + values.add("test2"); + values.add("test3"); + list.get("newAttribute2").setValue(values); + + System.out.println("Values added in newAttribute2 PAL:"); + System.out.println(list.toString()); + + ////////////////////////////////////////////////////////////////////////// + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + response.setPersonalAttributeList(list); + + final STORKAttrQueryResponse storkResponse = + engine.generateSTORKAttrQueryResponse(request, response, "127.0.0.1", + request.getAssertionConsumerServiceURL(), false); + + byte[] samlBytes = storkResponse.getTokenSaml(); + + //STEP 3: RE-Create the STORKAttrQueryResponse from the SAML bytes + STORKAttrQueryResponse attrResponse = null; + attrResponse = + engine.validateSTORKAttrQueryResponse(samlBytes, "127.0.0.1"); + + System.out.println("Response decoded PAL:"); + System.out.println(attrResponse.getPersonalAttributeList().toString()); + + values = attrResponse.getPersonalAttributeList().get("newAttribute2").getValue(); + if ( values.contains("test1") && values.contains("test2") && values.contains("test3") ) + outcome = true; + } catch (final STORKSAMLEngineException e) { + LOG.error("Errror genereating SAML Token for Authentication Request", e); + } + + assertTrue(outcome); + } + + @Test + public final void testGenerateAttrRequestWithMultipleAssertions() + throws STORKSAMLEngineException { + STORKAttrQueryRequest req = null; + STORKAttrQueryResponse res0 = null; + STORKAttrQueryResponse res1 = null; + STORKAttrQueryResponse res2 = null; + STORKAttrQueryResponse res = null; + STORKAttrQueryResponse restotal = null; + + try { + req = getEngine().validateSTORKAttrQueryRequest(attrQueryRequest); + + attrQueryenRequest = getEngine().validateSTORKAttrQueryRequest(attrQueryRequest); + + } catch (STORKSAMLEngineException e) { + fail("Error validating STORKAuthnRequest"); + } + + IPersonalAttributeList pList = req.getPersonalAttributeList(); + for (int i =0; i < pList.size(); i++) + { + PersonalAttribute attr = pList.get("dateOfBirth"); + attr.setValue(Arrays.asList("19820919")); + pList.remove("dateOfBirth"); + pList.add(attr); + PersonalAttribute attr1 = pList.get("givenName"); + attr1.setValue(Arrays.asList("Sveinborn Oskarsson")); + pList.remove("givenName"); + pList.add(attr1); + PersonalAttribute attr2 = pList.get("isAgeOver"); + attr2.setValue(Arrays.asList("true")); + pList.remove("isAgeOver"); + pList.add(attr2); + } + + res = new STORKAttrQueryResponse(); + res.setPersonalAttributeList(pList); + + STORKAttrQueryResponse storkResponse = getEngine() + .generateSTORKAttrQueryResponse(req, res, ipAddress, + destinationUrl, isNotHashing); + + res0 = getEngine().validateSTORKAttrQueryResponse(storkResponse.getTokenSaml(), ipAddress); + + storkResponse = getEngine() + .generateSTORKAttrQueryResponse(req, res, ipAddress, + destinationUrl, isNotHashing); + res1 = getEngine().validateSTORKAttrQueryResponse(storkResponse.getTokenSaml(), ipAddress); + + storkResponse = getEngine() + .generateSTORKAttrQueryResponse(req, res, ipAddress, + destinationUrl, isNotHashing); + res2 = getEngine().validateSTORKAttrQueryResponse(storkResponse.getTokenSaml(), ipAddress); + + List<STORKAttrQueryResponse> responses = new ArrayList(); + responses.add(res0); + responses.add(res1); + responses.add(res2); + + STORKAttrQueryResponse resfinal = new STORKAttrQueryResponse(); + storkResponse = getEngine().generateSTORKAttrQueryResponseWithAssertions(req, resfinal, responses, + ipAddress, destinationUrl, isNotHashing); + + attrQueryResponse = storkResponse.getTokenSaml(); + FileOutputStream output = null; + try { + output = new FileOutputStream(new File(System.getProperty("user.dir") + "/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryMultiAssertResponse.xml")); + } catch (FileNotFoundException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + try { + output.write(attrQueryResponse); + } catch (IOException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + + res = null; + res = getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, ipAddress); + System.out.println(res.getTotalPersonalAttributeList().toString()); + assertNotNull(res); + } +} diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAuthRequestTest.java b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAuthRequestTest.java new file mode 100644 index 000000000..02a8a6fab --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAuthRequestTest.java @@ -0,0 +1,968 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.test.simple; + +import static org.junit.Assert.*; + +import java.util.ArrayList; + +import org.junit.Ignore; +import org.junit.Test; + +import org.opensaml.xml.parse.BasicParserPool; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.PersonalAttributeList; +import eu.stork.peps.auth.commons.STORKAuthnRequest; +import eu.stork.peps.auth.engine.STORKSAMLEngine; +import eu.stork.peps.exceptions.STORKSAMLEngineException; + +/** + * The Class StorkAuthRequestTest defines a class to . + */ +public class StorkAuthRequestTest { + + /** The engines. */ + private static STORKSAMLEngine engine = STORKSAMLEngine.getInstance("CONF1"); + private static STORKSAMLEngine engine2 = STORKSAMLEngine.getInstance("CONF2"); + private static STORKSAMLEngine engine3 = STORKSAMLEngine.getInstance("CONF3"); + + + /** + * Instantiates a new stork authentication request test. + */ + public StorkAuthRequestTest() { + pal = new PersonalAttributeList(); + + final PersonalAttribute isAgeOver = new PersonalAttribute(); + isAgeOver.setName("isAgeOver"); + isAgeOver.setIsRequired(true); + final ArrayList<String> ages = new ArrayList<String>(); + ages.add("16"); + ages.add("18"); + isAgeOver.setValue(ages); + pal.add(isAgeOver); + + final PersonalAttribute dateOfBirth = new PersonalAttribute(); + dateOfBirth.setName("dateOfBirth"); + dateOfBirth.setIsRequired(false); + pal.add(dateOfBirth); + + final PersonalAttribute eIDNumber = new PersonalAttribute(); + eIDNumber.setName("eIdentifier"); + eIDNumber.setIsRequired(true); + pal.add(eIDNumber); + + destination = "http://C-PEPS.gov.xx/PEPS/ColleagueRequest"; + assertConsumerUrl = "http://S-PEPS.gov.xx/PEPS/ColleagueResponse"; + + spName = "University of Oxford"; + spSector = "EDU001"; + spInstitution = "OXF001"; + spApplication = "APP001"; + spCountry = "EN"; + + spId = "EDU001-OXF001-APP001"; + + } + + /** The destination. */ + private String destination; + + /** The service provider name. */ + private String spName; + + /** The service provider sector. */ + private String spSector; + + /** The service provider institution. */ + private String spInstitution; + + /** The service provider application. */ + private String spApplication; + + /** The service provider country. */ + private String spCountry; + + /** The service provider id. */ + private String spId; + + /** The quality authentication assurance level. */ + private static final int QAAL = 3; + + /** The List of Personal Attributes. */ + private IPersonalAttributeList pal; + + /** The assertion consumer URL. */ + private String assertConsumerUrl; + + /** The authentication request. */ + private static byte[] authRequest; + + /** The Constant LOG. */ + private static final Logger LOG = LoggerFactory + .getLogger(StorkAuthRequestTest.class.getName()); + + /** Parser manager used to parse XML. */ + private static BasicParserPool parser; + + static { + parser = new BasicParserPool(); + parser.setNamespaceAware(true); + } + + /** + * Test generate authentication request. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testGenerateAuthnRequest() throws STORKSAMLEngineException { + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // new parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + //engine.generateSTORKAuthnRequest(request); + + LOG.info("STORKAuthnRequest 1: " + SSETestUtils.encodeSAMLToken(engine.generateSTORKAuthnRequest(request).getTokenSaml())); + request.setCitizenCountryCode("ES"); + LOG.info("STORKAuthnRequest 2: " + SSETestUtils.encodeSAMLToken(engine.generateSTORKAuthnRequest(request).getTokenSaml())); + } + + + /** + * Test generate authentication request error personal attribute name error. + */ + @Test + public final void testGenerateAuthnRequestPALsErr1() { + + final IPersonalAttributeList palWrong = new PersonalAttributeList(); + + final PersonalAttribute worngAttr = new PersonalAttribute(); + worngAttr.setName("attrNotValid"); + worngAttr.setIsRequired(true); + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(palWrong); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + try { + engine.generateSTORKAuthnRequest(request); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + + /** + * Test generate authentication request error personal attribute value error. + */ + @Test + public final void testGenerateAuthnRequestPALsErr2() { + + final IPersonalAttributeList palWrong = new PersonalAttributeList(); + + final PersonalAttribute attrNotValid = new PersonalAttribute(); + attrNotValid.setName("attrNotValid"); + attrNotValid.setIsRequired(true); + palWrong.add(attrNotValid); + + + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(palWrong); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + try { + engine.generateSTORKAuthnRequest(request); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test generate authentication request error provider name null. + */ + @Test + public final void testGenerateAuthnRequestSPNAmeErr1() { + + + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(null); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + try + { + engine.generateSTORKAuthnRequest(request); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } + catch (STORKSAMLEngineException e) + { + LOG.error("Error"); + } + } + + /** + * Test generate authentication request authentication assurance level + * negative value. + */ + @Test + public final void testGenerateAuthnRequestQaalErr1() { + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(-1); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + + try { + engine.generateSTORKAuthnRequest(request); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test generate authentication request service provider sector null. + */ + @Test + public final void testGenerateAuthnRequestSectorErr() { + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(null); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + try { + engine.generateSTORKAuthnRequest(request); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + + } + } + + /** + * Test generate authentication request service provider institution null. + */ + @Test + public final void testGenerateAuthnRequestInstitutionrErr() { + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(null); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + try { + engine.generateSTORKAuthnRequest(request); + + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } + } + + /** + * Test generate authentication request service provider application null. + */ + @Test + public final void testGenerateAuthnRequestApplicationErr() { + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(null); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + try { + engine.generateSTORKAuthnRequest(request); + + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } + } + + /** + * Test generate authentication request service provider country null. + */ + @Test + public final void testGenerateAuthnRequestCountryErr() { + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(null); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + try { + engine.generateSTORKAuthnRequest(request); + LOG.error("Error"); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test generate authentication request error with quality authentication + * assurance level wrong. + */ + @Test + public final void testGenerateAuthnRequestQaalErr2() { + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(0); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + try { + engine.generateSTORKAuthnRequest(request); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test generate authentication request personal attribute list null value. + */ + @Test + public final void testGenerateAuthnRequestPALErr1() { + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(null); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + try { + engine.generateSTORKAuthnRequest(request); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test generate authentication request error with assertion consumer URL + * null. + */ + @Test + public final void testGenerateAuthnRequestAssertionConsumerErr1() { + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(null); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + try { + engine.generateSTORKAuthnRequest(request); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test validate authentication request null parameter. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthnRequestNullParam() + throws STORKSAMLEngineException { + try { + engine.validateSTORKAuthnRequest(null); + fail("validateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test validate authentication request error bytes encode. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthnRequestErrorEncode() + throws STORKSAMLEngineException { + try { + engine.validateSTORKAuthnRequest("messageError".getBytes()); + fail("validateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test validate authentication request. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthnRequest() throws STORKSAMLEngineException { + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + authRequest = engine.generateSTORKAuthnRequest(request).getTokenSaml(); + + final STORKAuthnRequest validatedRequest = engine.validateSTORKAuthnRequest(authRequest); + + assertEquals("CrossBorderShare incorrect: ", validatedRequest.isEIDCrossBorderShare(), false); + assertEquals("CrossSectorShare incorrect: ", validatedRequest.isEIDCrossSectorShare(), false); + assertEquals("SectorShare incorrect: ", validatedRequest.isEIDSectorShare(), false); + + } + + /** + * Test validate data authenticate request. Verified parameters after + * validation. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateDataAuthnRequest() throws STORKSAMLEngineException { + + final STORKAuthnRequest request = engine.validateSTORKAuthnRequest(authRequest); + + assertEquals("Sestination incorrect: ", request.getDestination(), destination); + + assertEquals("CrossBorderShare incorrect: ", request.isEIDCrossBorderShare(), false); + assertEquals("CrossSectorShare incorrect: ", request.isEIDCrossSectorShare(), false); + assertEquals("SectorShare incorrect: ", request.isEIDSectorShare(), false); + + assertEquals("Service provider incorrect: ", request.getProviderName(), spName); + assertEquals("QAAL incorrect: ", request.getQaa(), QAAL); + assertEquals("SPSector incorrect: ", request.getSpSector(), spSector); + assertEquals("SPInstitution incorrect: ", request.getSpInstitution(), null); + assertEquals("SPApplication incorrect: ", request.getSpApplication(), spApplication); + assertEquals("Asserition consumer URL incorrect: ", request.getAssertionConsumerServiceURL(), assertConsumerUrl); + + assertEquals("SP Country incorrect: ", request.getSpCountry(), spCountry); + assertEquals("SP Id incorrect: ", request.getSPID(), spId); + assertEquals("CitizenCountryCode incorrect: ", request.getCitizenCountryCode(), "ES"); + + } + + /** + * Test validate file authentication request. Validate from XML file. + * + * @throws Exception the exception + */ + @Test + public final void testValidateFileAuthnRequest() throws Exception { + + final byte[] bytes = SSETestUtils.readStorkSamlFromFile("/data/eu/stork/STORKSAMLEngine/AuthnRequest.xml"); + + try { + engine.validateSTORKAuthnRequest(bytes); + fail("testValidateFileAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error(e.getMessage()); + } + } + + /** + * Test validate file authentication request tag delete. + * + * @throws Exception the exception + */ + @Test + public final void testValidateFileAuthnRequestTagDelete() throws Exception { + + final byte[] bytes = SSETestUtils.readStorkSamlFromFile("/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDelete.xml"); + + try { + engine.validateSTORKAuthnRequest(bytes); + fail("validateSTORKAuthnRequest(...) should have thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error(e.getMessage()); + + } + } + + /** + * Test validate authentication request not trusted token. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthnRequestNotTrustedErr1() + throws STORKSAMLEngineException { + + try { + final STORKSAMLEngine engineNotTrusted = STORKSAMLEngine + .getInstance("CONF2"); + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + + final byte[] authReqNotTrust = engineNotTrusted + .generateSTORKAuthnRequest(request).getTokenSaml(); + + engine.validateSTORKAuthnRequest(authReqNotTrust); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + fail("validateSTORKAuthnRequestNotTrusted(...) should not have thrown an STORKSAMLEngineException!"); + } + } + + /** + * Test validate authentication request trusted. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthnRequestTrusted() + throws STORKSAMLEngineException { + + final STORKSAMLEngine engineTrusted = STORKSAMLEngine + .getInstance("CONF3"); + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + + final byte[] authReqNotTrust = engineTrusted.generateSTORKAuthnRequest( + request).getTokenSaml(); + + // engine ("CONF1") no have trust certificate from "CONF2" + engine.validateSTORKAuthnRequest(authReqNotTrust); + + } + + + + + /** + * Test generate authentication request service provider application null. + */ + @Test + public final void testGenerateAuthnRequestNADA() { + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(null); + request.setSpInstitution(null); + request.setSpApplication(null); + request.setSpCountry(null); + + try { + + engine.validateSTORKAuthnRequest(authRequest); + + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } + } + + /** + * Test validate authentication request with unknown elements. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthnRequestWithUnknownElements() throws STORKSAMLEngineException { + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + IPersonalAttributeList pAttList = new PersonalAttributeList(); + + final PersonalAttribute unknown = new PersonalAttribute(); + unknown.setName("unknown"); + unknown.setIsRequired(true); + pAttList.add(unknown); + + final PersonalAttribute eIdentifier = new PersonalAttribute(); + eIdentifier.setName("eIdentifier"); + eIdentifier.setIsRequired(true); + pAttList.add(eIdentifier); + + request.setPersonalAttributeList(pAttList); + + // new parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + STORKAuthnRequest req = new STORKAuthnRequest(); + + req = engine3.generateSTORKAuthnRequest(request); + + req = engine.validateSTORKAuthnRequest(req.getTokenSaml()); + + assertNull("The value shouldn't exist", req.getPersonalAttributeList().get("unknown")); + assertNotNull("The value should exist", req.getPersonalAttributeList().get("eIdentifier")); + + } + + /** + * Test generate Request with required elements by default + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testGenerateAuthnRequestWithIsRequiredElementsByDefault() throws STORKSAMLEngineException { + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + IPersonalAttributeList pAttList = new PersonalAttributeList(); + + final PersonalAttribute eIdentifier = new PersonalAttribute(); + eIdentifier.setName("eIdentifier"); + eIdentifier.setIsRequired(true); + pAttList.add(eIdentifier); + + request.setPersonalAttributeList(pAttList); + + // new parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + STORKAuthnRequest req = new STORKAuthnRequest(); + STORKAuthnRequest reqTrue = new STORKAuthnRequest(); + STORKAuthnRequest reqFalse = new STORKAuthnRequest(); + + reqTrue = engine.generateSTORKAuthnRequest(request); + reqFalse = engine2.generateSTORKAuthnRequest(request); + req = engine3.generateSTORKAuthnRequest(request); + + + String token = new String(req.getTokenSaml()); + String reqTrueToken = new String(reqTrue.getTokenSaml()); + String reqFalseToken = new String(reqFalse.getTokenSaml()); + + assertTrue("The token must contain the chain 'isRequired'", token.contains("isRequired")); + assertTrue("The token must contain the chain 'isRequired'", reqTrueToken.contains("isRequired")); + assertFalse("The token must contain the chain 'isRequired'", reqFalseToken.contains("isRequired")); + + } + + /** + * Test validating request and getting alias used to save + * the saml trusted certificate into trustore + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthnRequestGettingItsAlias() throws STORKSAMLEngineException { + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + IPersonalAttributeList pAttList = new PersonalAttributeList(); + + final PersonalAttribute eIdentifier = new PersonalAttribute(); + eIdentifier.setName("eIdentifier"); + eIdentifier.setIsRequired(true); + pAttList.add(eIdentifier); + + request.setPersonalAttributeList(pAttList); + + // new parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + STORKAuthnRequest req = new STORKAuthnRequest(); + + req = engine3.generateSTORKAuthnRequest(request); + req = engine.validateSTORKAuthnRequest(req.getTokenSaml()); + assertTrue("The alias should match this value", req.getAlias().equals("local-demo-cert")); + + req = engine2.generateSTORKAuthnRequest(request); + req = engine2.validateSTORKAuthnRequest(req.getTokenSaml()); + assertTrue("The alias should match this value", req.getAlias().equals("local-demo-cert")); + + + + } + + /** + * Test generating/validating request with signedDoc + * + * @throws STORKSAMLEngineException + * the STORKSAML engine exception + */ + @Test + public final void testGenerateAuthnRequestWithSignedDoc() + throws STORKSAMLEngineException { + + String signedDocRequest = "<dss:SignRequest xmlns:dss=\"urn:oasis:names:tc:dss:1.0:core:schema\" RequestID=\"_d96b62a87d18f1095170c1f44c90b5fd\"><dss:InputDocuments><dss:Document><dss:Base64Data MimeType=\"text/plain\">VGVzdCB0ZXh0</dss:Base64Data></dss:Document></dss:InputDocuments></dss:SignRequest>"; + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + PersonalAttributeList paler = new PersonalAttributeList(); + + final PersonalAttribute eIDNumber = new PersonalAttribute(); + eIDNumber.setName("eIdentifier"); + eIDNumber.setIsRequired(true); + paler.add(eIDNumber); + + final PersonalAttribute isAgeOver = new PersonalAttribute(); + isAgeOver.setName("isAgeOver"); + isAgeOver.setIsRequired(true); + final ArrayList<String> ages = new ArrayList<String>(); + ages.add("16"); + ages.add("18"); + isAgeOver.setValue(ages); + paler.add(isAgeOver); + + final PersonalAttribute signedDoc = new PersonalAttribute(); + signedDoc.setName("signedDoc"); + final ArrayList<String> signedDocs = new ArrayList<String>(); + signedDocs.add(signedDocRequest); + signedDoc.setValue(signedDocs); + signedDoc.setIsRequired(false); + paler.add(signedDoc); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(paler); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // new parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + STORKAuthnRequest req = new STORKAuthnRequest(); + + req = engine.generateSTORKAuthnRequest(request); + req = engine.validateSTORKAuthnRequest(req.getTokenSaml()); + + assertTrue("SignedDoc request should be the same: ", req + .getPersonalAttributeList().get("signedDoc").getValue().get(0) + .equals(signedDocRequest)); + + + } + +} diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkLogoutRequestTest.java b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkLogoutRequestTest.java new file mode 100644 index 000000000..46904788f --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkLogoutRequestTest.java @@ -0,0 +1,89 @@ +package eu.stork.peps.test.simple; + +import java.io.File; +import java.io.FileNotFoundException; +import java.io.FileOutputStream; +import java.io.IOException; + +import org.junit.Test; +import org.opensaml.xml.parse.BasicParserPool; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.STORKLogoutRequest; +import eu.stork.peps.auth.engine.STORKSAMLEngine; +import eu.stork.peps.exceptions.STORKSAMLEngineException; + + +public class StorkLogoutRequestTest { + + /** The engines. */ + private static STORKSAMLEngine engine = STORKSAMLEngine.getInstance("CONF1"); + private static STORKSAMLEngine engine0 = STORKSAMLEngine.getInstance("CONF0"); + private static STORKSAMLEngine engine2 = STORKSAMLEngine.getInstance("CONF2"); + private static STORKSAMLEngine engine3 = STORKSAMLEngine.getInstance("CONF3"); + + public StorkLogoutRequestTest() { + destination = "http://C-PEPS.gov.xx/PEPS/ColleagueRequest"; + spUserId = "IS/IS/1234567890"; + } + + /** The destination. */ + private String destination; + + /** The user id. */ + private String spUserId; + + /** The logout request. */ + private static byte[] logoutRequest; + + /** The Constant LOG. */ + private static final Logger LOG = LoggerFactory + .getLogger(StorkLogoutRequestTest.class.getName()); + + /** Parser manager used to parse XML. */ + private static BasicParserPool parser; + + static { + parser = new BasicParserPool(); + parser.setNamespaceAware(true); + } + + /** + * Test generate authentication request. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testGenerateLogoutRequest() throws STORKSAMLEngineException { + + final STORKLogoutRequest request = new STORKLogoutRequest(); + + request.setDestination(destination); + + request.setSpProvidedId(spUserId); + + STORKLogoutRequest req1 = engine0.generateSTORKLogoutRequest(request); + byte[] reqByte = req1.getTokenSaml(); + FileOutputStream output = null; + + try { + output = new FileOutputStream(new File(System.getProperty("user.dir") + "/src/test/resources/data/eu/stork/STORKSAMLEngine/LogoutRequest.xml")); + } catch (FileNotFoundException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + try { + output.write(reqByte); + } catch (IOException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + + LOG.info("STORKAttrQueryRequest 1: " + SSETestUtils.encodeSAMLToken(engine.generateSTORKLogoutRequest(request).getTokenSaml())); + + LOG.info("STORKAttrQueryRequest 2: " + SSETestUtils.encodeSAMLToken(engine.generateSTORKLogoutRequest(request).getTokenSaml())); + } + +} diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkLogoutResponseTest.java b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkLogoutResponseTest.java new file mode 100644 index 000000000..2d05e04aa --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkLogoutResponseTest.java @@ -0,0 +1,142 @@ +package eu.stork.peps.test.simple; + +import static org.junit.Assert.*; + +import java.io.File; +import java.io.FileNotFoundException; +import java.io.FileOutputStream; +import java.io.IOException; + +import junit.framework.Assert; + +import org.junit.Test; +import org.opensaml.xml.parse.BasicParserPool; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import eu.stork.peps.auth.commons.STORKLogoutRequest; +import eu.stork.peps.auth.commons.STORKLogoutResponse; +import eu.stork.peps.auth.engine.STORKSAMLEngine; +import eu.stork.peps.exceptions.STORKSAMLEngineException; + + +public class StorkLogoutResponseTest { + + /** The engines. */ + private static STORKSAMLEngine engine = STORKSAMLEngine.getInstance("CONF1"); + private static STORKSAMLEngine engine0 = STORKSAMLEngine.getInstance("CONF0"); + private static STORKSAMLEngine engine2 = STORKSAMLEngine.getInstance("CONF2"); + private static STORKSAMLEngine engine3 = STORKSAMLEngine.getInstance("CONF3"); + + public StorkLogoutResponseTest() { + destination = "http://C-PEPS.gov.xx/PEPS/ColleagueRequest"; + spUserId = "IS/IS/1234567890"; + } + + /** The destination. */ + private String destination; + + /** The user id. */ + private String spUserId; + + /** The logout request. */ + private static byte[] logoutRequest; + + /** The logout response. */ + private static byte[] logoutResponse; + + /** The Constant LOG. */ + private static final Logger LOG = LoggerFactory + .getLogger(StorkLogoutResponseTest.class.getName()); + + /** Parser manager used to parse XML. */ + private static BasicParserPool parser; + + static { + parser = new BasicParserPool(); + parser.setNamespaceAware(true); + } + + /** + * Test generate authentication request. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testGenerateLogoutRequest() throws STORKSAMLEngineException { + + final STORKLogoutRequest request = new STORKLogoutRequest(); + + final STORKLogoutResponse response = new STORKLogoutResponse(); + + request.setDestination(destination); + response.setDestination(destination); + + request.setSpProvidedId(spUserId); + + STORKLogoutRequest req1 = engine0.generateSTORKLogoutRequest(request); + + STORKLogoutResponse res = engine0.generateSTORKLogoutResponse(req1, response); + + byte[] reqByte = res.getTokenSaml(); + FileOutputStream output = null; + + try { + output = new FileOutputStream(new File(System.getProperty("user.dir") + "/src/test/resources/data/eu/stork/STORKSAMLEngine/LogoutResponse.xml")); + } catch (FileNotFoundException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + try { + output.write(reqByte); + } catch (IOException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + + + assertNotNull(reqByte); + } + + /** + * Test generate authentication request. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testGenerateLogoutRequestFail() throws STORKSAMLEngineException { + + final STORKLogoutRequest request = new STORKLogoutRequest(); + + final STORKLogoutResponse response = new STORKLogoutResponse(); + + request.setDestination(destination); + response.setDestination(destination); + response.setStatusMessage("User not found."); + response.setStatusCode("1234"); + request.setSpProvidedId(spUserId); + + STORKLogoutRequest req1 = engine0.generateSTORKLogoutRequest(request); + + STORKLogoutResponse res = engine0.generateSTORKLogoutResponseFail(req1, response); + + byte[] reqByte = res.getTokenSaml(); + FileOutputStream output = null; + + try { + output = new FileOutputStream(new File(System.getProperty("user.dir") + "/src/test/resources/data/eu/stork/STORKSAMLEngine/LogoutResponseFail.xml")); + } catch (FileNotFoundException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + try { + output.write(reqByte); + } catch (IOException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + + assertNotNull(reqByte); + } + +} diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkNewResponseTest.java b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkNewResponseTest.java new file mode 100644 index 000000000..62e9cfb18 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkNewResponseTest.java @@ -0,0 +1,533 @@ +package eu.stork.peps.test.simple; + +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.fail; + +import java.io.File; +import java.io.FileNotFoundException; +import java.io.FileOutputStream; +import java.io.IOException; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; + +import org.junit.Test; +import org.opensaml.xml.parse.BasicParserPool; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.PersonalAttributeList; +import eu.stork.peps.auth.commons.STORKAttrQueryRequest; +import eu.stork.peps.auth.commons.STORKAttrQueryResponse; +import eu.stork.peps.auth.commons.STORKAuthnRequest; +import eu.stork.peps.auth.commons.STORKAuthnResponse; +import eu.stork.peps.auth.commons.STORKStatusCode; +import eu.stork.peps.auth.engine.STORKSAMLEngine; +import eu.stork.peps.exceptions.STORKSAMLEngineException; + + +public class StorkNewResponseTest { + /** The engine. */ + private static STORKSAMLEngine engine = STORKSAMLEngine.getInstance("CONF1"); + private static STORKSAMLEngine engine0 = STORKSAMLEngine.getInstance("CONF0"); + + /** + * Gets the engine. + * + * @return the engine + */ + public static STORKSAMLEngine getEngine() { + return engine; + } + + public static STORKSAMLEngine getEngine2() { + return engine0; + } + + /** + * Sets the engine. + * + * @param newEngine the new engine + */ + public static void setEngine(final STORKSAMLEngine newEngine) { + StorkNewResponseTest.engine = newEngine; + } + + /** The destination. */ + private static String destination; + + /** The service provider name. */ + private static String spName; + + /** The service provider sector. */ + private static String spSector; + + /** The service provider institution. */ + private static String spInstitution; + + /** The service provider application. */ + private static String spApplication; + + /** The service provider country. */ + private static String spCountry; + + /** The service provider id. */ + private static String spId; + + /** The quality authentication assurance level. */ + private static final int QAAL = 3; + + /** The state. */ + private static String state = "ES"; + + /** The town. */ + private static String town = "Madrid"; + + /** The municipality code. */ + private static String municipalityCode = "MA001"; + + /** The postal code. */ + private static String postalCode = "28038"; + + /** The street name. */ + private static String streetName = "Marchamalo"; + + /** The street number. */ + private static String streetNumber = "3"; + + /** The apartament number. */ + private static String apartamentNumber = "5º E"; + + /** The List of Personal Attributes. */ + private static IPersonalAttributeList pal; + + /** The List of Personal Attributes. */ + private static IPersonalAttributeList pal2; + + /** The assertion consumer URL. */ + private static String assertConsumerUrl; + + /** The authentication request. */ + private static byte[] authRequest; + + /** The authentication response. */ + private static byte[] authResponse; + + /** The authentication request. */ + private static STORKAuthnRequest authenRequest; + + /** The authentication response. */ + private static STORKAuthnResponse authnResponse; + + /** The Constant LOG. */ + private static final Logger LOG = LoggerFactory + .getLogger(StorkResponseTest.class.getName()); + + /** + * Instantiates a new stork response test. + */ + public StorkNewResponseTest() { + super(); + } + + /** The IP address. */ + private static String ipAddress; + + /** The is hashing. */ + private final boolean isHashing = Boolean.TRUE; + + /** The is not hashing. */ + private final boolean isNotHashing = Boolean.FALSE; + + /** The ERROR text. */ + private static final String ERROR_TXT = "generateAuthnResponse(...) should've thrown an STORKSAMLEngineException!"; + + + /** Parser manager used to parse XML. */ + private static BasicParserPool parser; + + /** The attribute query request. */ + private static STORKAttrQueryRequest attrQueryenRequest; + + /** The attribute query response. */ + private static STORKAttrQueryResponse attrQeuryenResponse; + + /** The attribute query request. */ + private static byte[] attrQueryRequest; + + /** The attribute query response. */ + private static byte[] attrQueryResponse; + + + + static { + parser = new BasicParserPool(); + parser.setNamespaceAware(true); + + pal = new PersonalAttributeList(); + pal2 = new PersonalAttributeList(); + + PersonalAttribute isAgeOver = new PersonalAttribute(); + isAgeOver.setName("isAgeOver"); + isAgeOver.setIsRequired(false); + ArrayList<String> ages = new ArrayList<String>(); + ages.add("16"); + ages.add("18"); + isAgeOver.setValue(ages); + pal.add(isAgeOver); + + PersonalAttribute dateOfBirth = new PersonalAttribute(); + dateOfBirth.setName("dateOfBirth"); + dateOfBirth.setIsRequired(false); + pal.add(dateOfBirth); + + PersonalAttribute eIDNumber = new PersonalAttribute(); + eIDNumber.setName("eIdentifier"); + eIDNumber.setIsRequired(true); + pal.add(eIDNumber); + + final PersonalAttribute givenName = new PersonalAttribute(); + givenName.setName("givenName"); + givenName.setIsRequired(true); + pal.add(givenName); + + PersonalAttribute canRessAddress = new PersonalAttribute(); + canRessAddress.setName("canonicalResidenceAddress"); + canRessAddress.setIsRequired(true); + pal.add(canRessAddress); + + PersonalAttribute newAttribute = new PersonalAttribute(); + newAttribute.setName("newAttribute2"); + newAttribute.setIsRequired(true); + pal.add(newAttribute); + + PersonalAttribute hasDegree = new PersonalAttribute(); + hasDegree.setName("hasDegree"); + List<String> vals = new ArrayList<String>(); + vals.add("Engineering"); + vals.add("Computer Science"); + hasDegree.setValue(vals); + pal2.add(hasDegree); + + PersonalAttribute mandate = new PersonalAttribute(); + mandate.setName("mandateContent"); + List<String> manvalues = new ArrayList<String>(); + manvalues.add("Powers"); + mandate.setValue(manvalues); + pal2.add(mandate); + + destination = "http://C-PEPS.gov.xx/PEPS/ColleagueRequest"; + assertConsumerUrl = "http://S-PEPS.gov.xx/PEPS/ColleagueResponse"; + spName = "University Oxford"; + + spName = "University of Oxford"; + spSector = "EDU001"; + spInstitution = "OXF001"; + spApplication = "APP001"; + spCountry = "EN"; + + spId = "EDU001-APP001-APP001"; + + final STORKAuthnRequest request = new STORKAuthnRequest(); + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + try { + authRequest = getEngine().generateSTORKAuthnRequest(request) + .getTokenSaml(); + + authenRequest = getEngine().validateSTORKAuthnRequest(authRequest); + + } catch (STORKSAMLEngineException e) { + fail("Error create STORKAuthnRequest"); + } + + ipAddress = "111.222.333.444"; + + pal = new PersonalAttributeList(); + + isAgeOver = new PersonalAttribute(); + isAgeOver.setName("isAgeOver"); + isAgeOver.setIsRequired(true); + ages = new ArrayList<String>(); + + ages.add("16"); + ages.add("18"); + + isAgeOver.setValue(ages); + isAgeOver.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + pal.add(isAgeOver); + + dateOfBirth = new PersonalAttribute(); + dateOfBirth.setName("dateOfBirth"); + dateOfBirth.setIsRequired(false); + final ArrayList<String> date = new ArrayList<String>(); + date.add("16/12/2008"); + dateOfBirth.setValue(date); + dateOfBirth.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + pal.add(dateOfBirth); + + eIDNumber = new PersonalAttribute(); + eIDNumber.setName("eIdentifier"); + eIDNumber.setIsRequired(true); + final ArrayList<String> idNumber = new ArrayList<String>(); + idNumber.add("123456789PA"); + eIDNumber.setValue(idNumber); + eIDNumber.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + pal.add(eIDNumber); + + canRessAddress = new PersonalAttribute(); + canRessAddress.setName("canonicalResidenceAddress"); + canRessAddress.setIsRequired(true); + canRessAddress.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + final HashMap<String, String> address = new HashMap<String, String>(); + + address.put("state", state); + address.put("municipalityCode", municipalityCode); + address.put("town", town); + address.put("postalCode", postalCode); + address.put("streetName", streetName); + address.put("streetNumber", streetNumber); + address.put("apartamentNumber", apartamentNumber); + + canRessAddress.setComplexValue(address); + pal.add(canRessAddress); + + newAttribute = new PersonalAttribute(); + newAttribute.setName("newAttribute2"); + newAttribute.setIsRequired(true); + newAttribute.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + final HashMap<String, String> values = new HashMap<String, String>(); + + values.put("value1", "value1"); + values.put("value2", "value2"); + values.put("value3", "value3"); + values.put("value4", "value4"); + + newAttribute.setComplexValue(values); + pal.add(newAttribute); + + final STORKAttrQueryRequest arequest = new STORKAttrQueryRequest(); + arequest.setDestination(destination); + //request.setProviderName(spName); + arequest.setQaa(QAAL); + arequest.setPersonalAttributeList(pal2); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + arequest.setSpSector(spSector); + arequest.setSpInstitution(spInstitution); + arequest.setSpApplication(spApplication); + arequest.setSpCountry(spCountry); + arequest.setSPID(spId); + arequest.setCitizenCountryCode("IS"); + arequest.setAssertionConsumerServiceURL(assertConsumerUrl); + + try { + attrQueryRequest = getEngine().generateSTORKAttrQueryRequest(arequest) + .getTokenSaml(); + + attrQueryenRequest = getEngine().validateSTORKAttrQueryRequest(attrQueryRequest); + + } catch (STORKSAMLEngineException e) { + fail("Error create STORKAuthnRequest"); + } + + } + + /** + * Test generate authentication request without errors. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testGenerateAuthnResponseWithSimpleRes() throws STORKSAMLEngineException { + + //Create the response holding pal + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setPersonalAttributeList(pal); + + //List of query responses + List<STORKAttrQueryResponse> resList = new ArrayList<STORKAttrQueryResponse>(); + + final STORKAttrQueryResponse aResponse1 = new STORKAttrQueryResponse(); + aResponse1.setPersonalAttributeList(pal2); + + final STORKAttrQueryResponse aStorkResponse1 = getEngine2() + .generateSTORKAttrQueryResponse(attrQueryenRequest, aResponse1, ipAddress, + destination, isNotHashing); + + attrQueryResponse = aStorkResponse1.getTokenSaml(); + + resList.add(getEngine2().validateSTORKAttrQueryResponse(attrQueryResponse, ipAddress)); + + final STORKAttrQueryResponse aResponse2 = new STORKAttrQueryResponse(); + aResponse2.setPersonalAttributeList(pal2); + + final STORKAttrQueryResponse aStorkResponse2 = getEngine() + .generateSTORKAttrQueryResponse(attrQueryenRequest, aResponse2, ipAddress, + destination, isNotHashing); + + attrQueryResponse = aStorkResponse2.getTokenSaml(); + + resList.add(getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, ipAddress)); + + //Create the final response containing query responses + final STORKAuthnResponse storkResponse = getEngine() + .generateSTORKAuthnResponseAfterQuery(authenRequest, response, ipAddress, + isNotHashing, resList); + + authResponse = storkResponse.getTokenSaml(); + + //Validate, write out and print out the attribute lists a + STORKAuthnResponse finalResponse = getEngine().validateSTORKAuthnResponseWithQuery(authResponse, ipAddress); + System.out.println("The original pal: " + finalResponse.getPersonalAttributeList().toString()); + for (int i = 0; i < finalResponse.getPersonalAttributeLists().size(); i++) + { + System.out.println("Pal "+ Integer.toString(i) + ": " + finalResponse.getPersonalAttributeLists().get(i).toString()); + } + System.out.println("The total pal: " + finalResponse.getTotalPersonalAttributeList().toString()); + + FileOutputStream output = null; + + try { + output = new FileOutputStream(new File(System.getProperty("user.dir") + "/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthAttrQResponse.xml")); + } catch (FileNotFoundException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + try { + output.write(authResponse); + } catch (IOException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + /** + * Test generate authentication request without errors. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testGenerateAuthnResponseWithComplexRes() throws STORKSAMLEngineException { + + //Create the response holding pal + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setPersonalAttributeList(pal); + + //Create a list for the attribute query responses we have + List<STORKAttrQueryResponse> resList = new ArrayList<STORKAttrQueryResponse>(); + + //Create the first attribute query response + final STORKAttrQueryResponse aResponse1 = new STORKAttrQueryResponse(); + aResponse1.setPersonalAttributeList(pal2); + + //Generate the first response + final STORKAttrQueryResponse aStorkResponse1 = getEngine2() + .generateSTORKAttrQueryResponse(attrQueryenRequest, aResponse1, ipAddress, + destination, isNotHashing); + + attrQueryResponse = aStorkResponse1.getTokenSaml(); + + //Validate it and add to the response list + resList.add(getEngine2().validateSTORKAttrQueryResponse(attrQueryResponse, ipAddress)); + + //Create a second response like the first + final STORKAttrQueryResponse aResponse2 = new STORKAttrQueryResponse(); + aResponse2.setPersonalAttributeList(pal2); + + final STORKAttrQueryResponse aStorkResponse2 = getEngine() + .generateSTORKAttrQueryResponse(attrQueryenRequest, aResponse2, ipAddress, + destination, isNotHashing); + + attrQueryResponse = aStorkResponse2.getTokenSaml(); + + resList.add(getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, ipAddress)); + + //Create a attribute query response which contains multiple assertions from an AP + final STORKAttrQueryResponse aResponseMulti = new STORKAttrQueryResponse(); + aResponseMulti.setPersonalAttributeList(pal2); + + //Create a list for the responses which the multiple assertion response will hold + List<STORKAttrQueryResponse> multiResponses = new ArrayList(); + + //Create two more simple responses which the multi assertion response will hold + final STORKAttrQueryResponse aResponse3 = new STORKAttrQueryResponse(); + aResponse3.setPersonalAttributeList(pal2); + + final STORKAttrQueryResponse aStorkResponse3 = getEngine2() + .generateSTORKAttrQueryResponse(attrQueryenRequest, aResponse3, ipAddress, + destination, isNotHashing); + + attrQueryResponse = aStorkResponse3.getTokenSaml(); + //Validate and add to the multi response + multiResponses.add(getEngine2().validateSTORKAttrQueryResponse(attrQueryResponse, ipAddress)); + + final STORKAttrQueryResponse aResponse4 = new STORKAttrQueryResponse(); + aResponse4.setPersonalAttributeList(pal2); + + final STORKAttrQueryResponse aStorkResponse4 = getEngine() + .generateSTORKAttrQueryResponse(attrQueryenRequest, aResponse4, ipAddress, + destination, isNotHashing); + + attrQueryResponse = aStorkResponse4.getTokenSaml(); + + multiResponses.add(getEngine2().validateSTORKAttrQueryResponse(attrQueryResponse, ipAddress)); + + //Generate the multi assertion query response + final STORKAttrQueryResponse aStorkResponseMulti = getEngine() + .generateSTORKAttrQueryResponseWithAssertions(attrQueryenRequest, aResponseMulti, multiResponses, + ipAddress, destination, isNotHashing); + + attrQueryResponse = aStorkResponseMulti.getTokenSaml(); + + //Add to the list of query responses + resList.add(getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, ipAddress)); + + //Generate the stork response with all the query responses + final STORKAuthnResponse storkResponse = getEngine() + .generateSTORKAuthnResponseAfterQuery(authenRequest, response, ipAddress, + isNotHashing, resList); + + authResponse = storkResponse.getTokenSaml(); + + //Validate it, write out and print out the personal attribute lists + STORKAuthnResponse finalResponse = getEngine().validateSTORKAuthnResponseWithQuery(authResponse, ipAddress); + System.out.println("The original pal: " + finalResponse.getPersonalAttributeList().toString()); + for (int i = 0; i < finalResponse.getPersonalAttributeLists().size(); i++) + { + System.out.println("Pal "+ Integer.toString(i) + ": " + finalResponse.getPersonalAttributeLists().get(i).toString()); + } + System.out.println("The total pal: " + finalResponse.getTotalPersonalAttributeList().toString()); + + FileOutputStream output = null; + + try { + output = new FileOutputStream(new File(System.getProperty("user.dir") + "/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthAttrQMultiAssertResponse.xml")); + } catch (FileNotFoundException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + try { + output.write(authResponse); + } catch (IOException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + assertNotNull(finalResponse); + } +} diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkResponseTest.java b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkResponseTest.java new file mode 100644 index 000000000..fe6fcd4f6 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkResponseTest.java @@ -0,0 +1,935 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.test.simple; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; +import static org.junit.Assert.fail; + +import java.util.ArrayList; +import java.util.Arrays; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; + +import org.junit.Ignore; +import org.junit.Test; +import org.opensaml.xml.parse.BasicParserPool; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PEPSUtil; +import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.PersonalAttributeList; +import eu.stork.peps.auth.commons.STORKAttrQueryRequest; +import eu.stork.peps.auth.commons.STORKAttrQueryResponse; +import eu.stork.peps.auth.commons.STORKAuthnRequest; +import eu.stork.peps.auth.commons.STORKAuthnResponse; +import eu.stork.peps.auth.commons.STORKStatusCode; +import eu.stork.peps.auth.commons.STORKSubStatusCode; +import eu.stork.peps.auth.engine.STORKSAMLEngine; +import eu.stork.peps.exceptions.STORKSAMLEngineException; + +/** + * The Class AuthRequestTest. + */ +public class StorkResponseTest { + + /** The engine. */ + private static STORKSAMLEngine engine = STORKSAMLEngine.getInstance("CONF1"); + + /** + * Gets the engine. + * + * @return the engine + */ + public static STORKSAMLEngine getEngine() { + return engine; + } + + /** + * Sets the engine. + * + * @param newEngine the new engine + */ + public static void setEngine(final STORKSAMLEngine newEngine) { + StorkResponseTest.engine = newEngine; + } + + /** The destination. */ + private static String destination; + + /** The service provider name. */ + private static String spName; + + /** The service provider sector. */ + private static String spSector; + + /** The service provider institution. */ + private static String spInstitution; + + /** The service provider application. */ + private static String spApplication; + + /** The service provider country. */ + private static String spCountry; + + /** The service provider id. */ + private static String spId; + + /** The quality authentication assurance level. */ + private static final int QAAL = 3; + + /** The state. */ + private static String state = "ES"; + + /** The town. */ + private static String town = "Madrid"; + + /** The municipality code. */ + private static String municipalityCode = "MA001"; + + /** The postal code. */ + private static String postalCode = "28038"; + + /** The street name. */ + private static String streetName = "Marchamalo"; + + /** The street number. */ + private static String streetNumber = "3"; + + /** The apartament number. */ + private static String apartamentNumber = "5º E"; + + /** The List of Personal Attributes. */ + private static IPersonalAttributeList pal; + + /** The assertion consumer URL. */ + private static String assertConsumerUrl; + + /** The authentication request. */ + private static byte[] authRequest; + + /** The authentication response. */ + private static byte[] authResponse; + + /** The authentication request. */ + private static STORKAuthnRequest authenRequest; + + /** The authentication response. */ + private static STORKAuthnResponse authnResponse; + + /** The Constant LOG. */ + private static final Logger LOG = LoggerFactory + .getLogger(StorkResponseTest.class.getName()); + + /** + * Instantiates a new stork response test. + */ + public StorkResponseTest() { + super(); + } + + /** The IP address. */ + private static String ipAddress; + + /** The is hashing. */ + private final boolean isHashing = Boolean.TRUE; + + /** The is not hashing. */ + private final boolean isNotHashing = Boolean.FALSE; + + /** The ERROR text. */ + private static final String ERROR_TXT = "generateAuthnResponse(...) should've thrown an STORKSAMLEngineException!"; + + + /** Parser manager used to parse XML. */ + private static BasicParserPool parser; + + static { + parser = new BasicParserPool(); + parser.setNamespaceAware(true); + + pal = new PersonalAttributeList(); + + PersonalAttribute isAgeOver = new PersonalAttribute(); + isAgeOver.setName("isAgeOver"); + isAgeOver.setIsRequired(false); + ArrayList<String> ages = new ArrayList<String>(); + ages.add("16"); + ages.add("18"); + isAgeOver.setValue(ages); + pal.add(isAgeOver); + + PersonalAttribute dateOfBirth = new PersonalAttribute(); + dateOfBirth.setName("dateOfBirth"); + dateOfBirth.setIsRequired(false); + pal.add(dateOfBirth); + + PersonalAttribute eIDNumber = new PersonalAttribute(); + eIDNumber.setName("eIdentifier"); + eIDNumber.setIsRequired(true); + pal.add(eIDNumber); + + final PersonalAttribute givenName = new PersonalAttribute(); + givenName.setName("givenName"); + givenName.setIsRequired(true); + pal.add(givenName); + + PersonalAttribute canRessAddress = new PersonalAttribute(); + canRessAddress.setName("canonicalResidenceAddress"); + canRessAddress.setIsRequired(true); + pal.add(canRessAddress); + + PersonalAttribute newAttribute = new PersonalAttribute(); + newAttribute.setName("newAttribute2"); + newAttribute.setIsRequired(true); + pal.add(newAttribute); + + destination = "http://C-PEPS.gov.xx/PEPS/ColleagueRequest"; + assertConsumerUrl = "http://S-PEPS.gov.xx/PEPS/ColleagueResponse"; + spName = "University Oxford"; + + spName = "University of Oxford"; + spSector = "EDU001"; + spInstitution = "OXF001"; + spApplication = "APP001"; + spCountry = "EN"; + + spId = "EDU001-APP001-APP001"; + + final STORKAuthnRequest request = new STORKAuthnRequest(); + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + try { + authRequest = getEngine().generateSTORKAuthnRequest(request) + .getTokenSaml(); + + authenRequest = getEngine().validateSTORKAuthnRequest(authRequest); + + } catch (STORKSAMLEngineException e) { + fail("Error create STORKAuthnRequest"); + } + + ipAddress = "111.222.333.444"; + + pal = new PersonalAttributeList(); + + isAgeOver = new PersonalAttribute(); + isAgeOver.setName("isAgeOver"); + isAgeOver.setIsRequired(true); + ages = new ArrayList<String>(); + + ages.add("16"); + ages.add("18"); + + isAgeOver.setValue(ages); + isAgeOver.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + pal.add(isAgeOver); + + dateOfBirth = new PersonalAttribute(); + dateOfBirth.setName("dateOfBirth"); + dateOfBirth.setIsRequired(false); + final ArrayList<String> date = new ArrayList<String>(); + date.add("16/12/2008"); + dateOfBirth.setValue(date); + dateOfBirth.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + pal.add(dateOfBirth); + + eIDNumber = new PersonalAttribute(); + eIDNumber.setName("eIdentifier"); + eIDNumber.setIsRequired(true); + final ArrayList<String> idNumber = new ArrayList<String>(); + idNumber.add("123456789PÑ"); + eIDNumber.setValue(idNumber); + eIDNumber.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + pal.add(eIDNumber); + + canRessAddress = new PersonalAttribute(); + canRessAddress.setName("canonicalResidenceAddress"); + canRessAddress.setIsRequired(true); + canRessAddress.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + final HashMap<String, String> address = new HashMap<String, String>(); + + address.put("state", state); + address.put("municipalityCode", municipalityCode); + address.put("town", town); + address.put("postalCode", postalCode); + address.put("streetName", streetName); + address.put("streetNumber", streetNumber); + address.put("apartamentNumber", apartamentNumber); + + canRessAddress.setComplexValue(address); + pal.add(canRessAddress); + + newAttribute = new PersonalAttribute(); + newAttribute.setName("newAttribute2"); + newAttribute.setIsRequired(true); + newAttribute.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + final HashMap<String, String> values = new HashMap<String, String>(); + + values.put("value1", "value1"); + values.put("value2", "value2"); + values.put("value3", "value3"); + values.put("value4", "value4"); + + newAttribute.setComplexValue(values); + pal.add(newAttribute); + + } + + /** + * Test generate authentication request without errors. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testGenerateAuthnResponse() throws STORKSAMLEngineException { + + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setPersonalAttributeList(pal); + + final STORKAuthnResponse storkResponse = getEngine() + .generateSTORKAuthnResponse(authenRequest, response, ipAddress, + isNotHashing); + + authResponse = storkResponse.getTokenSaml(); + + LOG.info("RESPONSE: " + SSETestUtils.encodeSAMLToken(authResponse)); + + + } + + /** + * Test validation id parameter mandatory. + */ + @Test + public final void testResponseMandatoryId() { + final String identifier = authenRequest.getSamlId(); + authenRequest.setSamlId(null); + + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setPersonalAttributeList(pal); + + try { + getEngine().generateSTORKAuthnResponse(authenRequest, response, + ipAddress, isHashing); + fail(ERROR_TXT); + } catch (STORKSAMLEngineException e) { + authenRequest.setSamlId(identifier); + LOG.error("Error"); + } + } + + /** + * Test generate authentication response in response to err1. + */ + @Test + public final void testResponseMandatoryIssuer() { + + final String issuer = authenRequest.getIssuer(); + authenRequest.setIssuer(null); + + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setPersonalAttributeList(pal); + + try { + getEngine().generateSTORKAuthnResponse(authenRequest, response, + ipAddress, isHashing); + fail(ERROR_TXT); + } catch (STORKSAMLEngineException e) { + authenRequest.setIssuer(issuer); + LOG.error("Error"); + } + } + + /** + * Test generate authentication response assertion consumer null. + */ + @Test + public final void testResponseMandatoryAssertionConsumerServiceURL() { + final String asserConsumerUrl = authenRequest + .getAssertionConsumerServiceURL(); + authenRequest.setAssertionConsumerServiceURL(null); + + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setPersonalAttributeList(pal); + try { + getEngine().generateSTORKAuthnResponse(authenRequest, response, + ipAddress, isHashing); + fail("generateAuthnResponse(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + authenRequest.setAssertionConsumerServiceURL(asserConsumerUrl); + LOG.error("Error"); + } + } + + /** + * Test generate authentication response IP address null. + */ + @Test + public final void testResponseValidationIP() { + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setPersonalAttributeList(pal); + + try { + getEngine().generateSTORKAuthnResponse(authenRequest, response, null, + isHashing); + fail("generateAuthnResponse(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test generate authentication response with personal attribute list null. + */ + @Test + public final void testResponseMandatoryPersonalAttributeList() { + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setPersonalAttributeList(null); + + + try { + getEngine().generateSTORKAuthnResponse(authenRequest, response, + ipAddress, isHashing); + fail("generateAuthnResponse(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test validate authentication response token null. + */ + @Test + public final void testResponseInvalidParametersToken() { + try { + getEngine().validateSTORKAuthnResponse(null, ipAddress); + fail(ERROR_TXT); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test validate authentication response IP null. + */ + @Test + public final void testResponseInvalidParametersIP() { + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setPersonalAttributeList(pal); + try { + authResponse = getEngine().generateSTORKAuthnResponse(authenRequest, + response, ipAddress, isNotHashing).getTokenSaml(); + // In Conf1 ipValidate is false + getEngine().validateSTORKAuthnResponse(authResponse, null); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + /** + * Test validate authentication response parameter name wrong. + */ + @Test + public final void testResponseInvalidParametersAttr() { + final STORKAuthnResponse response = new STORKAuthnResponse(); + final IPersonalAttributeList wrongList = new PersonalAttributeList(); + + final PersonalAttribute worngAttr = new PersonalAttribute(); + worngAttr.setName("AttrWrong"); + wrongList.add(worngAttr); + + + response.setPersonalAttributeList(wrongList); + try { + authResponse = getEngine().generateSTORKAuthnResponse(authenRequest, + response, ipAddress, isNotHashing).getTokenSaml(); + // In Conf1 ipValidate is false + getEngine().validateSTORKAuthnResponse(authResponse, null); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + /** + * Test validate authentication response set null value into attribute. + */ + @Test + public final void testResponseInvalidParametersAttrSimpleValue() { + final STORKAuthnResponse response = new STORKAuthnResponse(); + final IPersonalAttributeList wrongList = new PersonalAttributeList(); + + final PersonalAttribute worngAttr = new PersonalAttribute(); + worngAttr.setName("isAgeOver"); + worngAttr.setValue(null); + wrongList.add(worngAttr); + + response.setPersonalAttributeList(wrongList); + try { + authResponse = getEngine().generateSTORKAuthnResponse(authenRequest, + response, ipAddress, isNotHashing).getTokenSaml(); + // In Conf1 ipValidate is false + getEngine().validateSTORKAuthnResponse(authResponse, null); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + /** + * Test validate authentication response set null value into attribute. + */ + @Test + public final void testResponseInvalidParametersAttrNoValue() { + final STORKAuthnResponse response = new STORKAuthnResponse(); + final IPersonalAttributeList wrongList = new PersonalAttributeList(); + + final PersonalAttribute worngAttr = new PersonalAttribute(); + worngAttr.setName("isAgeOver"); + wrongList.add(worngAttr); + + response.setPersonalAttributeList(wrongList); + try { + authResponse = getEngine().generateSTORKAuthnResponse(authenRequest, + response, ipAddress, isNotHashing).getTokenSaml(); + // In Conf1 ipValidate is false + getEngine().validateSTORKAuthnResponse(authResponse, null); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + /** + * Test validate authentication response set null value into attribute. + */ + @Test + public final void testResponseInvalidParametersAttrNoName() { + final STORKAuthnResponse response = new STORKAuthnResponse(); + final IPersonalAttributeList wrongList = new PersonalAttributeList(); + + final PersonalAttribute worngAttr = new PersonalAttribute(); + wrongList.add(worngAttr); + + response.setPersonalAttributeList(wrongList); + try { + authResponse = getEngine().generateSTORKAuthnResponse(authenRequest, + response, ipAddress, isNotHashing).getTokenSaml(); + // In Conf1 ipValidate is false + getEngine().validateSTORKAuthnResponse(authResponse, null); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + /** + * Test validate authentication response set null complex value into attribute. + */ + @Test + public final void testResponseInvalidParametersAttrComplexValue() { + final STORKAuthnResponse response = new STORKAuthnResponse(); + final IPersonalAttributeList wrongList = new PersonalAttributeList(); + + final PersonalAttribute worngAttr = new PersonalAttribute(); + worngAttr.setName("isAgeOver"); + worngAttr.setComplexValue(null); + wrongList.add(worngAttr); + + response.setPersonalAttributeList(wrongList); + try { + authResponse = getEngine().generateSTORKAuthnResponse(authenRequest, + response, ipAddress, isNotHashing).getTokenSaml(); + // In Conf1 ipValidate is false + getEngine().validateSTORKAuthnResponse(authResponse, null); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + + + /** + * Test validate authentication response IP distinct and disabled validation + * IP. + */ + @Test + public final void testResponseInvalidParametersIPDistinct() { + try { + // ipAddress origin "111.222.333.444" + // ipAddrValidation = false + // Subject Confirmation Bearer. + + getEngine().validateSTORKAuthnResponse(authResponse, "127.0.0.1"); + fail("validateAuthenticationResponse(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test response invalid parameters invalid token. + */ + @Test + public final void testResponseInvalidParametersTokenMsg() { + try { + // ipAddress origin "111.222.333.444" + // Subject Confirmation Bearer. + getEngine().validateSTORKAuthnResponse("errorMessage".getBytes(), + ipAddress); + fail("validateAuthenticationResponse(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test validate authentication response is fail. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthenticationResponseIsFail() + throws STORKSAMLEngineException { + if (authResponse == null) + testGenerateAuthnResponse(); + + authnResponse = getEngine().validateSTORKAuthnResponse(authResponse, + ipAddress); + + assertFalse("Generate incorrect response: ", authnResponse.isFail()); + } + + /** + * Test validate authentication response destination. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthenticationResponseDestination() + throws STORKSAMLEngineException { + authnResponse = getEngine().validateSTORKAuthnResponse(authResponse, + ipAddress); + + assertEquals("Destination incorrect: ", + authnResponse.getInResponseTo(), authenRequest.getSamlId()); + } + + /** + * Test validate authentication response values. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public final void testValidateAuthenticationResponseValuesComplex() + throws STORKSAMLEngineException { + authnResponse = getEngine().validateSTORKAuthnResponse(authResponse, + ipAddress); + + assertEquals("Country incorrect:", authnResponse.getCountry(), "EN"); + + final Iterator<PersonalAttribute> iterator = authnResponse + .getPersonalAttributeList().iterator(); + + while (iterator.hasNext()) { + final PersonalAttribute attribute = iterator.next(); + if (attribute.getName().equalsIgnoreCase( + "canonicalResidenceAddress")) { + assertEquals("State incorrect: ", state, attribute + .getComplexValue().get("state")); + assertEquals("Municipality Code incorrect: ", municipalityCode, + attribute.getComplexValue().get("municipalityCode")); + assertEquals("Town incorrect: ", town, attribute + .getComplexValue().get("town")); + assertEquals("Postal code incorrect: ", postalCode, attribute + .getComplexValue().get("postalCode")); + assertEquals("Street name incorrect: ", streetName, attribute + .getComplexValue().get("streetName")); + assertEquals("Street number incorrect: ", streetNumber, + attribute.getComplexValue().get("streetNumber")); + assertEquals("Apartament number incorrect: ", apartamentNumber, + attribute.getComplexValue().get("apartamentNumber")); + } + } + } + + /** + * Test generate authenticate response fail in response to it's null. + * @throws STORKSAMLEngineException + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test //( expected=STORKSAMLEngineException.class) + public final void testGenerateAuthnResponseFailInResponseToNull() throws STORKSAMLEngineException { + final String identifier = authenRequest.getSamlId(); + authenRequest.setSamlId(null); + + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setStatusCode(STORKStatusCode.REQUESTER_URI.toString()); + response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString()); + response.setMessage(""); + + try { + authResponse = getEngine().generateSTORKAuthnResponseFail(authenRequest, + response, ipAddress, isNotHashing).getTokenSaml(); + fail(ERROR_TXT); + } catch (STORKSAMLEngineException e) { + authenRequest.setSamlId(identifier); + LOG.error("Error"); + //throw new STORKSAMLEngineException(e); + } + } + + /** + * Test generate authenticate response fail assertion consumer URL err1. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testGenerateAuthnResponseFailAssertionConsumerUrlNull() + throws STORKSAMLEngineException { + + final String assertConsumerUrl = authenRequest + .getAssertionConsumerServiceURL(); + authenRequest.setAssertionConsumerServiceURL(null); + + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setStatusCode(STORKStatusCode.REQUESTER_URI.toString()); + response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString()); + response.setMessage(""); + + try { + authResponse = getEngine().generateSTORKAuthnResponseFail(authenRequest, + response, ipAddress, isNotHashing).getTokenSaml(); + fail("generateAuthnResponseFail(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + authenRequest.setAssertionConsumerServiceURL(assertConsumerUrl); + LOG.error("Error"); + } + } + + /** + * Test generate authentication response fail code error err1. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testGenerateAuthnResponseFailCodeErrorNull() + throws STORKSAMLEngineException { + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setStatusCode(null); + response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString()); + response.setMessage(""); + + try { + authResponse = getEngine().generateSTORKAuthnResponseFail(authenRequest, + response, ipAddress, isNotHashing).getTokenSaml(); + fail("generateAuthnResponseFail(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + + + /** + * Test generate authentication request without errors. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthnResponse() throws STORKSAMLEngineException { + + IPersonalAttributeList palist = new PersonalAttributeList(); + + PersonalAttribute isAgeOver = new PersonalAttribute(); + isAgeOver.setName("isAgeOver"); + isAgeOver.setIsRequired(true); + ArrayList<String> ages = new ArrayList<String>(); + ages.add("16"); + ages.add("18"); + isAgeOver.setValue(ages); + isAgeOver.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + palist.add(isAgeOver); + + PersonalAttribute dateOfBirth = new PersonalAttribute(); + dateOfBirth.setName("dateOfBirth"); + dateOfBirth.setIsRequired(false); + final ArrayList<String> date = new ArrayList<String>(); + date.add("16/12/2008"); + dateOfBirth.setValue(date); + dateOfBirth.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + palist.add(dateOfBirth); + + + PersonalAttribute eIDNumber = new PersonalAttribute(); + eIDNumber.setName("eIdentifier"); + eIDNumber.setIsRequired(true); + + final ArrayList<String> idNumber = new ArrayList<String>(); + idNumber.add("123456789PÑ"); + + final HashMap<String, String> complex = new HashMap<String, String>(); + complex.put("one", "two"); + + //eIDNumber.setValue(null); + //eIDNumber.setValue(idNumber); + //eIDNumber.setComplexValue(complex); + + eIDNumber.setStatus(STORKStatusCode.STATUS_NOT_AVAILABLE.toString()); + palist.add(eIDNumber); + + PersonalAttribute canRessAddress = new PersonalAttribute(); + canRessAddress.setName("canonicalResidenceAddress"); + canRessAddress.setIsRequired(true); + canRessAddress.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + final HashMap<String, String> address = new HashMap<String, String>(); + + address.put("state", state); + address.put("municipalityCode", municipalityCode); + address.put("town", town); + address.put("postalCode", postalCode); + address.put("streetName", streetName); + address.put("streetNumber", streetNumber); + address.put("apartamentNumber", apartamentNumber); + + canRessAddress.setComplexValue(address); + palist.add(canRessAddress); + + + final STORKAuthnResponse response = new STORKAuthnResponse(); + + response.setPersonalAttributeList(palist); + + final STORKAuthnResponse storkResponse = getEngine() + .generateSTORKAuthnResponse(authenRequest, response, ipAddress, + isNotHashing); + + authResponse = storkResponse.getTokenSaml(); + LOG.info("Request id: " + authenRequest.getSamlId()); + + LOG.info("RESPONSE: " + SSETestUtils.encodeSAMLToken(authResponse)); + + + authnResponse = getEngine().validateSTORKAuthnResponse(authResponse, + ipAddress); + + LOG.info("RESPONSE ID: " + authnResponse.getSamlId()); + LOG.info("RESPONSE IN_RESPONSE_TO: " + authnResponse.getInResponseTo()); + LOG.info("RESPONSE COUNTRY: " + authnResponse.getCountry()); + + } + + + + + + /** + * Test validate authentication response fail is fail. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthenticationResponseFailIsFail() + throws STORKSAMLEngineException { + + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setStatusCode(STORKStatusCode.REQUESTER_URI.toString()); + response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString()); + response.setMessage("message"); + + authResponse = getEngine().generateSTORKAuthnResponseFail(authenRequest, + response, ipAddress, isNotHashing).getTokenSaml(); + + LOG.error("ERROR_FAIL: " + PEPSUtil.encodeSAMLToken(authResponse)); + + authnResponse = getEngine().validateSTORKAuthnResponse(authResponse, + ipAddress); + + LOG.info("COUNTRY: " + authnResponse.getCountry()); + assertTrue("Generate incorrect response: ", authnResponse.isFail()); + } + + /** + * Test generate/validate response with signedDoc + * + * @throws STORKSAMLEngineException + * the STORKSAML engine exception + */ + @Test + public final void testGenerateAuthenResponseWithSignedDoc() + throws STORKSAMLEngineException { + + String signedDocResponse = "<dss:SignResponse xmlns:dss=\"urn:oasis:names:tc:dss:1.0:core:schema\" RequestID=\"123456\"> <dss:Result> <dss:ResultMajor>urn:oasis:names:tc:dss:1.0:resultmajor:Success</dss:ResultMajor> </dss:Result> <dss:SignatureObject> <dss:Base64Signature Type=\"urn:ietf:rfc:3275\">PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48ZHM6U2lnbmF0dXJlIHhtbG5zOmRzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIiBJZD0iU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1TaWduYXR1cmUiPjxkczpTaWduZWRJbmZvPjxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvVFIvMjAwMS9SRUMteG1sLWMxNG4tMjAwMTAzMTUiLz48ZHM6U2lnbmF0dXJlTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3JzYS1zaGExIi8+PGRzOlJlZmVyZW5jZSBJZD0iUmVmZXJlbmNlLWJhYmE0ZDFhLWExN2UtNDJjNi05N2QyLWJlZWUxMzUwOTUwMyIgVHlwZT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI09iamVjdCIgVVJJPSIjT2JqZWN0LTk4NzMzY2RlLThiY2MtNDhhMC05Yjc3LTBlOTk5N2JkZDA1OCI+PGRzOlRyYW5zZm9ybXM+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNiYXNlNjQiLz48L2RzOlRyYW5zZm9ybXM+PGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzOkRpZ2VzdFZhbHVlPkNrMVZxTmQ0NVFJdnEzQVpkOFhZUUx2RWh0QT08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjxkczpSZWZlcmVuY2UgVHlwZT0iaHR0cDovL3VyaS5ldHNpLm9yZy8wMTkwMyNTaWduZWRQcm9wZXJ0aWVzIiBVUkk9IiNTaWduYXR1cmUtOGVhYmQwYTUtNjYwZC00YWZkLTk5MDUtMGFiYzc1NTNkMTkyLVNpZ25lZFByb3BlcnRpZXMiPjxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSIvPjxkczpEaWdlc3RWYWx1ZT5BNVk5MW40cXBMZ3l0VFc3ZnhqWENVZVJ2NTQ9PC9kczpEaWdlc3RWYWx1ZT48L2RzOlJlZmVyZW5jZT48ZHM6UmVmZXJlbmNlIFVSST0iI1NpZ25hdHVyZS04ZWFiZDBhNS02NjBkLTRhZmQtOTkwNS0wYWJjNzU1M2QxOTItS2V5SW5mbyI+PGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzOkRpZ2VzdFZhbHVlPlZQWDRuS0Z5UzZyRitGNmNSUjBQck5aZHc2Zz08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjwvZHM6U2lnbmVkSW5mbz48ZHM6U2lnbmF0dXJlVmFsdWUgSWQ9IlNpZ25hdHVyZS04ZWFiZDBhNS02NjBkLTRhZmQtOTkwNS0wYWJjNzU1M2QxOTItU2lnbmF0dXJlVmFsdWUiPkxiS04vL0M3WGt5eFR0WVRpQ1VScjhuWnp4QW1zdGNNZDBDZ0VBQ3JLMWR5Z1JIcUdjSzR4dHMrV0NVOFB5RXFXclJJVFl6SXV3LzcNClY0Wno5VFQ2MHA0S1RNZXd1UUw2NHNrRVN4MllnMkVkaWtTTyt0S3hXa2hyYVVzbVZiR2JQbW1jbUR2OTd0SER3ODg3NDdlRnE1RjUNCnYrYVZTeUF6MDNpVUttdVNlSDg9PC9kczpTaWduYXR1cmVWYWx1ZT48ZHM6S2V5SW5mbyBJZD0iU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1LZXlJbmZvIj48ZHM6S2V5VmFsdWU+PGRzOlJTQUtleVZhbHVlPjxkczpNb2R1bHVzPnd1Y21qOXRJV3J2d2JTVFVEZndLbCtKdERNTUVSMGNMZDZEa0JTcjc5MHQrckdOakVTcVlqUndFSWVCbktvUUhQeDVIb1JlRjg4L3QNCnFZOStDaEVYcExITHM5cDVhWDdTREp1YnBRTWZwMXRERlgzNHl3Z3hTUXZjZWVKUVdCWGppZXVJbWZDMjFzNGJPY2dKYlYxaGJpZ1MNCnpPS1RRS3IxVHpkR1IrdVJ5MDA9PC9kczpNb2R1bHVzPjxkczpFeHBvbmVudD5BUUFCPC9kczpFeHBvbmVudD48L2RzOlJTQUtleVZhbHVlPjwvZHM6S2V5VmFsdWU+PGRzOlg1MDlEYXRhPjxkczpYNTA5Q2VydGlmaWNhdGU+TUlJSW1UQ0NCNEdnQXdJQkFnSURBWFVVTUEwR0NTcUdTSWIzRFFFQkJRVUFNSUlCT3pFTE1Ba0dBMVVFQmhNQ1JWTXhPekE1QmdOVg0KQkFvVE1rRm5aVzVqYVdFZ1EyRjBZV3hoYm1FZ1pHVWdRMlZ5ZEdsbWFXTmhZMmx2SUNoT1NVWWdVUzB3T0RBeE1UYzJMVWtwTVRRdw0KTWdZRFZRUUhFeXRRWVhOellYUm5aU0JrWlNCc1lTQkRiMjVqWlhCamFXOGdNVEVnTURnd01EZ2dRbUZ5WTJWc2IyNWhNUzR3TEFZRA0KVlFRTEV5VlRaWEoyWldseklGQjFZbXhwWTNNZ1pHVWdRMlZ5ZEdsbWFXTmhZMmx2SUVWRFZpMHlNVFV3TXdZRFZRUUxFeXhXWldkbA0KZFNCb2RIUndjem92TDNkM2R5NWpZWFJqWlhKMExtNWxkQzkyWlhKRFNVTXRNaUFvWXlrd016RTFNRE1HQTFVRUN4TXNSVzUwYVhSaA0KZENCd2RXSnNhV05oSUdSbElHTmxjblJwWm1sallXTnBieUJrWlNCamFYVjBZV1JoYm5NeEd6QVpCZ05WQkFNVEVsQlNSVkJTVDBSVg0KUTBOSlR5QkpSRU5oZERBZUZ3MHhNREF5TVRFeE9ESXlNRFJhRncweE5EQXlNVEF4T0RJeU1EUmFNSUd3TVFzd0NRWURWUVFHRXdKRg0KVXpFMU1ETUdBMVVFQ3hNc1ZtVm5aWFVnYUhSMGNITTZMeTkzZDNjdVkyRjBZMlZ5ZEM1dVpYUXZkbVZ5U1VSRFlYUWdLR01wTURNeA0KRmpBVUJnTlZCQVFURFVKRlVreEJUa2RCSUZOUFZFOHhGekFWQmdOVkJDb1REazFCVWtsQklFVk9SMUpCUTBsQk1SSXdFQVlEVlFRRg0KRXdreE1EQXdNRGswTkZNeEpUQWpCZ05WQkFNVEhFMUJVa2xCSUVWT1IxSkJRMGxCSUVKRlVreEJUa2RCSUZOUFZFOHdnWjh3RFFZSg0KS29aSWh2Y05BUUVCQlFBRGdZMEFNSUdKQW9HQkFNTG5Kby9iU0ZxNzhHMGsxQTM4Q3BmaWJRekRCRWRIQzNlZzVBVXErL2RMZnF4ag0KWXhFcW1JMGNCQ0hnWnlxRUJ6OGVSNkVYaGZQUDdhbVBmZ29SRjZTeHk3UGFlV2wrMGd5Ym02VURINmRiUXhWOStNc0lNVWtMM0huaQ0KVUZnVjQ0bnJpSm53dHRiT0d6bklDVzFkWVc0b0VzemlrMENxOVU4M1JrZnJrY3ROQWdNQkFBR2pnZ1N3TUlJRXJEQU1CZ05WSFJNQg0KQWY4RUFqQUFNQTRHQTFVZER3RUIvd1FFQXdJRm9EQ0J6QVlEVlIwUkJJSEVNSUhCZ1E5aWMyOTBiMEJuYldGcGJDNWpiMjJrZ1lVdw0KZ1lJeEN6QUpCZ05WQkFZVEFrVlRNU3N3S1FZRFZRUUtGQ0pCWjhPb2JtTnBZU0JEWVhSaGJHRnVZU0JrWlNCRFpYSjBhV1pwWTJGag0KYWNPek1RNHdEQVlEVlFRTEV3VkpSRU5CVkRFUE1BMEdBMVVFQlJNR01ERTNOVEUwTVNVd0l3WURWUVFERXh4TlFWSkpRU0JGVGtkUw0KUVVOSlFTQkNSVkpNUVU1SFFTQlRUMVJQb0JBR0Npc0dBUVFCOVhnQkFRR2dBZ3dBb0JRR0RsWUVBQUVEQmdFRUFmVjRBUUVDb0FJTQ0KQURBZkJnTlZIUklFR0RBV2dSUmxZMTlwWkdOaGRFQmpZWFJqWlhKMExtNWxkREFkQmdOVkhRNEVGZ1FVQUZYanVOc2tCMk1seXZVQg0KaDdwOFRKMHVKMHd3Z2dGSUJnTlZIU01FZ2dFL01JSUJPNEFVUkt2Y2tVaE4xNGg0Q24vZ2RPRG42NzIzS1Z5aGdnRVBwSUlCQ3pDQw0KQVFjeEN6QUpCZ05WQkFZVEFrVlRNVHN3T1FZRFZRUUtFekpCWjJWdVkybGhJRU5oZEdGc1lXNWhJR1JsSUVObGNuUnBabWxqWVdOcA0KYnlBb1RrbEdJRkV0TURnd01URTNOaTFKS1RFb01DWUdBMVVFQ3hNZlUyVnlkbVZwY3lCUWRXSnNhV056SUdSbElFTmxjblJwWm1sag0KWVdOcGJ6RThNRG9HQTFVRUN4TXpWbVZuWlhVZ2FIUjBjSE02THk5M2QzY3VZMkYwWTJWeWRDNXVaWFF2ZG1WeWNISmxjSEp2WkhWag0KWTJsdklDaGpLVEF6TVRVd013WURWUVFMRXl4S1pYSmhjbkYxYVdFZ1JXNTBhWFJoZEhNZ1pHVWdRMlZ5ZEdsbWFXTmhZMmx2SUVOaA0KZEdGc1lXNWxjekVjTUJvR0ExVUVBeE1UVUZKRlVGSlBSRlZEUTBsUElFVkRMVUZEUTRJUWR3S1R0TTFFRVU5RkVQWFVZSGdnaERBZA0KQmdOVkhTVUVGakFVQmdnckJnRUZCUWNEQWdZSUt3WUJCUVVIQXdRd0VRWUpZSVpJQVliNFFnRUJCQVFEQWdXZ01EUUdDQ3NHQVFVRg0KQndFQkJDZ3dKakFrQmdnckJnRUZCUWN3QVlZWWFIUjBjSE02THk5dlkzTndMbU5oZEdObGNuUXVibVYwTUJnR0NDc0dBUVVGQndFRA0KQkF3d0NqQUlCZ1lFQUk1R0FRRXdnWVlHQTFVZEh3Ui9NSDB3UEtBNm9EaUdObWgwZEhBNkx5OWxjSE5qWkM1allYUmpaWEowTG01bA0KZEM5amNtd3ZjSEpsY0hKdlpIVmpZMmx2WDJWakxXbGtZMkYwTG1OeWJEQTlvRHVnT1lZM2FIUjBjRG92TDJWd2MyTmtNaTVqWVhSag0KWlhKMExtNWxkQzlqY213dmNISmxjSEp2WkhWalkybHZYMlZqTFdsa1kyRjBMbU55YkRDQjlnWURWUjBnQklIdU1JSHJNSUhvQmd3cg0KQmdFRUFmVjRBUU1CVmdFd2dkY3dMQVlJS3dZQkJRVUhBZ0VXSUdoMGRIQnpPaTh2ZDNkM0xtTmhkR05sY25RdWJtVjBMM1psY2tsRQ0KUTJGME1JR21CZ2dyQmdFRkJRY0NBakNCbVJxQmxrRnhkV1Z6ZENEdnY3MXpJSFZ1SUdObGNuUnBabWxqWVhRZ2NHVnljMjl1WVd3Zw0KU1VSRFFWUXNJSEpsWTI5dVpXZDFkQ0JrSjJsa1pXNTBhV1pwWTJGajc3KzlMQ0J6YVdkdVlYUjFjbUVnYVNCNGFXWnlZWFFnWkdVZw0KWTJ4aGMzTmxJRElnYVc1a2FYWnBaSFZoYkM0Z1ZtVm5aWFVnYUhSMGNITTZMeTkzZDNjdVkyRjBZMlZ5ZEM1dVpYUXZkbVZ5UkVOaA0KZERBdEJnTlZIUWtFSmpBa01CQUdDQ3NHQVFVRkJ3a0VNUVFUQWtWVE1CQUdDQ3NHQVFVRkJ3a0ZNUVFUQWtWVE1BMEdDU3FHU0liMw0KRFFFQkJRVUFBNElCQVFDcTc3ODBSR1FNTEIxZ2tkTk1mTFhuZ3FNb1JIR0taYnZ6a3JxSUFtVDhXQWQxRThyQXBoUjkveExKVXRwNQ0KbGJnMmZScjVibDJqOE9WREJLMlltRzQxaDhBRG40U1RJL0FwZU5JTlNmalpzNk5Sc25XekZ5ZlhYbVBDSFlGQi9YV3p5aW1DRXhndg0KdnR1SCszUUF3Y3dobjUwUExFdWh3NUM1dmxYN0x5NUs2ckxMTUZOVVVNYldWeTFoWmVsSy9DQlRjQWpJTzM4TlkrdllSQU1LU2Y0TQ0KL2daUXo0cUJlRlZKYTUyUjdOY0FxQ2ZyZkxmYVhwYkRTZzk4eG9CZU5zMmluR3p4OFVTZ0VyTFpqS0pzZG4vS2pURDlnUy9zVGRRNg0KUTdpZHFsZDJMRlZsTzIvYjk0Wk5aQmNTLzc4RU9EWGdkV2ZreVBDN1J3OHJlOW5JMy9qVDwvZHM6WDUwOUNlcnRpZmljYXRlPjwvZHM6WDUwOURhdGE+PC9kczpLZXlJbmZvPjxkczpPYmplY3QgRW5jb2Rpbmc9ImJhc2U2NCIgSWQ9Ik9iamVjdC05ODczM2NkZS04YmNjLTQ4YTAtOWI3Ny0wZTk5OTdiZGQwNTgiIE1pbWVUeXBlPSJhcHBsaWNhdGlvbi9vY3RldC1zdHJlYW0iPlNHVnNiRzhnVjI5eWJHUT08L2RzOk9iamVjdD48ZHM6T2JqZWN0Pjx4YWRlczpRdWFsaWZ5aW5nUHJvcGVydGllcyB4bWxuczp4YWRlcz0iaHR0cDovL3VyaS5ldHNpLm9yZy8wMTkwMy92MS4zLjIjIiBJZD0iU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1RdWFsaWZ5aW5nUHJvcGVydGllcyIgVGFyZ2V0PSIjU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1TaWduYXR1cmUiPjx4YWRlczpTaWduZWRQcm9wZXJ0aWVzIElkPSJTaWduYXR1cmUtOGVhYmQwYTUtNjYwZC00YWZkLTk5MDUtMGFiYzc1NTNkMTkyLVNpZ25lZFByb3BlcnRpZXMiPjx4YWRlczpTaWduZWRTaWduYXR1cmVQcm9wZXJ0aWVzPjx4YWRlczpTaWduaW5nVGltZT4yMDExLTAzLTIxVDExOjQ0OjQyKzAxOjAwPC94YWRlczpTaWduaW5nVGltZT48eGFkZXM6U2lnbmluZ0NlcnRpZmljYXRlPjx4YWRlczpDZXJ0Pjx4YWRlczpDZXJ0RGlnZXN0PjxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSIvPjxkczpEaWdlc3RWYWx1ZT4zbTZ3OTlUb3lTZDlKcEJsMWdCazhEei9iYlU9PC9kczpEaWdlc3RWYWx1ZT48L3hhZGVzOkNlcnREaWdlc3Q+PHhhZGVzOklzc3VlclNlcmlhbD48ZHM6WDUwOUlzc3Vlck5hbWU+Q049UFJFUFJPRFVDQ0lPIElEQ2F0LCBPVT1FbnRpdGF0IHB1YmxpY2EgZGUgY2VydGlmaWNhY2lvIGRlIGNpdXRhZGFucywgT1U9VmVnZXUgaHR0cHM6Ly93d3cuY2F0Y2VydC5uZXQvdmVyQ0lDLTIgKGMpMDMsIE9VPVNlcnZlaXMgUHVibGljcyBkZSBDZXJ0aWZpY2FjaW8gRUNWLTIsIEw9UGFzc2F0Z2UgZGUgbGEgQ29uY2VwY2lvIDExIDA4MDA4IEJhcmNlbG9uYSwgTz1BZ2VuY2lhIENhdGFsYW5hIGRlIENlcnRpZmljYWNpbyAoTklGIFEtMDgwMTE3Ni1JKSwgQz1FUzwvZHM6WDUwOUlzc3Vlck5hbWU+PGRzOlg1MDlTZXJpYWxOdW1iZXI+OTU1MDg8L2RzOlg1MDlTZXJpYWxOdW1iZXI+PC94YWRlczpJc3N1ZXJTZXJpYWw+PC94YWRlczpDZXJ0PjwveGFkZXM6U2lnbmluZ0NlcnRpZmljYXRlPjwveGFkZXM6U2lnbmVkU2lnbmF0dXJlUHJvcGVydGllcz48eGFkZXM6U2lnbmVkRGF0YU9iamVjdFByb3BlcnRpZXM+PHhhZGVzOkRhdGFPYmplY3RGb3JtYXQgT2JqZWN0UmVmZXJlbmNlPSIjUmVmZXJlbmNlLWJhYmE0ZDFhLWExN2UtNDJjNi05N2QyLWJlZWUxMzUwOTUwMyI+PHhhZGVzOk1pbWVUeXBlPmFwcGxpY2F0aW9uL29jdGV0LXN0cmVhbTwveGFkZXM6TWltZVR5cGU+PHhhZGVzOkVuY29kaW5nPmJhc2U2NDwveGFkZXM6RW5jb2Rpbmc+PC94YWRlczpEYXRhT2JqZWN0Rm9ybWF0PjwveGFkZXM6U2lnbmVkRGF0YU9iamVjdFByb3BlcnRpZXM+PC94YWRlczpTaWduZWRQcm9wZXJ0aWVzPjwveGFkZXM6UXVhbGlmeWluZ1Byb3BlcnRpZXM+PC9kczpPYmplY3Q+PC9kczpTaWduYXR1cmU+</dss:Base64Signature> </dss:SignatureObject> </dss:SignResponse>"; + + IPersonalAttributeList palist = new PersonalAttributeList(); + + PersonalAttribute signedDoc = new PersonalAttribute(); + signedDoc.setName("signedDoc"); + signedDoc.setIsRequired(false); + ArrayList<String> signed = new ArrayList<String>(); + signed.add(signedDocResponse); + signedDoc.setValue(signed); + palist.add(signedDoc); + + PersonalAttribute isAgeOver = new PersonalAttribute(); + isAgeOver.setName("isAgeOver"); + isAgeOver.setIsRequired(false); + ArrayList<String> ages = new ArrayList<String>(); + ages.add("16"); + ages.add("18"); + isAgeOver.setValue(ages); + palist.add(isAgeOver); + + authenRequest.setPersonalAttributeList(palist); + + final STORKAuthnResponse response = new STORKAuthnResponse(); + + response.setPersonalAttributeList(palist); + + final STORKAuthnResponse storkResponse = getEngine() + .generateSTORKAuthnResponse(authenRequest, response, ipAddress, + isNotHashing); + + authResponse = storkResponse.getTokenSaml(); + authnResponse = getEngine().validateSTORKAuthnResponse(authResponse, + ipAddress); + + assertTrue("SignedDoc response should be the same: ", authnResponse + .getPersonalAttributeList().get("signedDoc").getValue().get(0) + .equals(signedDocResponse)); + + } +} diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/package-info.java b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/package-info.java new file mode 100644 index 000000000..1c34e2ad5 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/package-info.java @@ -0,0 +1,20 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +/** + * Provides the classes necessary to create a SAML message. + * @since 1.0 + */ +package eu.stork.peps.test.simple;
\ No newline at end of file |