From 33e7890166717f636014aa2c883083d8fc1b4ee8 Mon Sep 17 00:00:00 2001 From: "(no author)" <(no author)@d688527b-c9ab-4aba-bd8d-4036d912da1d> Date: Thu, 2 Aug 2007 14:35:31 +0000 Subject: This commit was manufactured by cvs2svn to create tag 'Build-SPSS-1_4_0'. git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/tags/Build-SPSS-1_4_0@898 d688527b-c9ab-4aba-bd8d-4036d912da1d --- .../test/abnahme/A/Test100StartAuthentication.java | 171 ------ .../test/abnahme/A/Test200VerifyIdentityLink.java | 369 ------------- .../src/test/abnahme/A/Test300VerifyAuthBlock.java | 609 --------------------- .../abnahme/A/Test400GetAuthenticationData.java | 137 ----- .../A/Test500StartAuthenticationServlet.java | 305 ----------- .../A/Test600GetAuthenticationDataService.java | 281 ---------- id.server/src/test/abnahme/A/Test700SelectBKU.java | 63 --- 7 files changed, 1935 deletions(-) delete mode 100644 id.server/src/test/abnahme/A/Test100StartAuthentication.java delete mode 100644 id.server/src/test/abnahme/A/Test200VerifyIdentityLink.java delete mode 100644 id.server/src/test/abnahme/A/Test300VerifyAuthBlock.java delete mode 100644 id.server/src/test/abnahme/A/Test400GetAuthenticationData.java delete mode 100644 id.server/src/test/abnahme/A/Test500StartAuthenticationServlet.java delete mode 100644 id.server/src/test/abnahme/A/Test600GetAuthenticationDataService.java delete mode 100644 id.server/src/test/abnahme/A/Test700SelectBKU.java (limited to 'id.server/src/test/abnahme/A') diff --git a/id.server/src/test/abnahme/A/Test100StartAuthentication.java b/id.server/src/test/abnahme/A/Test100StartAuthentication.java deleted file mode 100644 index 0d72691aa..000000000 --- a/id.server/src/test/abnahme/A/Test100StartAuthentication.java +++ /dev/null @@ -1,171 +0,0 @@ -package test.abnahme.A; - -import test.abnahme.AbnahmeTestCase; -import at.gv.egovernment.moa.id.AuthenticationException; -import at.gv.egovernment.moa.id.auth.WrongParametersException; - -/** - * @author Stefan Knirsch - * @version $Id$ - * - */ -public class Test100StartAuthentication extends AbnahmeTestCase { - - public Test100StartAuthentication(String name) { - super(name); - } - - public void testA101() throws Exception { - try { - String htmlForm = server.startAuthentication("https://localhost:8443/auth", //authURL - "gb", //target - "http://localhost:9080/", //oaURL - "file:" + findXmldata("AuthTemplate.html"), - "http://localhost:3495/http-security-layer-request", - null); - htmlForm = killExclusive(htmlForm, "MOASessionID=","\"","DELETED"); - //writeXmldata("htmlForm_out.html",htmlForm.getBytes("UTF-8")); - assertEquals(readXmldata("htmlForm.html"),htmlForm); - System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA102() throws Exception { - try { - String htmlForm = server.startAuthentication("https://localhost:8443/auth", //authURL - "gb", //target - "http://localhost:9080/", //oaURL - null, - "http://localhost:3495/http-security-layer-request", null); - htmlForm = killExclusive(htmlForm, "MOASessionID=","\"","DELETED"); - //writeXmldata("htmlForm_out.html",htmlForm.getBytes("UTF-8")); - assertEquals(readXmldata("htmlForm.html"),htmlForm); - - System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA103() throws Exception { - try { - String htmlForm = server.startAuthentication("https://localhost:8443/auth", //authURL - "gb", //target - "http://localhost:9080/", //oaURL - "file:" + findXmldata("AuthTemplate.html"), - null, - null); - htmlForm = killExclusive(htmlForm, "MOASessionID=","\"","DELETED"); - //writeXmldata("htmlForm_out.html",htmlForm.getBytes("UTF-8")); - assertEquals(readXmldata("htmlForm.html"),htmlForm); - System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA151() throws Exception { - try { - try { - server.startAuthentication(null, //authURL - "gb", //target - "http://localhost:9080/", //oaURL - null, null, null); - //assertEquals("",htmlForm); - System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); - fail(this.getName() + " hat KEINE FEHLER geworfen"); - } - catch (WrongParametersException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA152() throws Exception { - try { - try { - server.startAuthentication("http://localhost:8080/auth", //authURL - "gb", "http://localhost:9080/", //oaURL - null, null, null); - System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); - fail(this.getName() + " hat KEINE FEHLER geworfen"); - } - catch (AuthenticationException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA153() throws Exception { - try { - try { - server.startAuthentication("https://localhost:8443/auth", //authURL - "gb", "http://host_not_in_config/", //oaURL - null, null, null); - System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); - fail(this.getName() + " hat KEINE FEHLER geworfen"); - } - catch (AuthenticationException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA154() throws Exception { - try { - try { - server.startAuthentication("https://localhost:8443/auth", //authURL - "gb", null, //oaURL - null, null, null); - System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); - fail(this.getName() + " hat KEINE FEHLER geworfen"); - } - catch (WrongParametersException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA155() throws Exception { - try { - try { - server.startAuthentication("https://localhost:8443/auth", //authURL - null, "http://localhost:9080/", //oaURL - null, null, null); - System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); - fail(this.getName() + " hat KEINE FEHLER geworfen"); - } - catch (WrongParametersException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - //assertEquals("",htmlForm); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - -} diff --git a/id.server/src/test/abnahme/A/Test200VerifyIdentityLink.java b/id.server/src/test/abnahme/A/Test200VerifyIdentityLink.java deleted file mode 100644 index 043f51398..000000000 --- a/id.server/src/test/abnahme/A/Test200VerifyIdentityLink.java +++ /dev/null @@ -1,369 +0,0 @@ -package test.abnahme.A; - -import java.util.HashMap; -import java.util.Vector; - -import org.w3c.dom.Element; - -import test.abnahme.AbnahmeTestCase; -import at.gv.egovernment.moa.id.AuthenticationException; -import at.gv.egovernment.moa.id.ParseException; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; -import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; -import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; -import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; -import at.gv.egovernment.moa.id.auth.validator.ValidateException; -import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; - -/** - * @author Stefan Knirsch - * @version $Id$ - * - */ -public class Test200VerifyIdentityLink extends AbnahmeTestCase { - - public Test200VerifyIdentityLink(String name) { - super(name); - } - - public void testA201() throws Exception { - try { - String sessionID = startAuthentication(); - System.out.println(sessionID); - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - String createXMLSignatureRequest = server.verifyIdentityLink(sessionID, parameters); - - InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); - IdentityLink idl = irrp.parseIdentityLink(); - Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); - Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); - - VerifyXMLSignatureResponseParser respParser = new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); - VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames(), VerifyXMLSignatureResponseValidator.CHECK_IDENTITY_LINK, true); - - /* - * HINWEIS: clearSamlAssertion löscht aus einer beliebiegen String-Repräsentation einer XML-Struktur - * AUSSLIESSLICH die Attribute IssueInstand und die AssertionID heraus, von dem her ist diese - * Method hier verwendbar - */ - - assertXmlEquals(clearSamlAssertion(readXmldata("CreateXMLSignatureRequest.xml")), clearSamlAssertion(createXMLSignatureRequest)); - System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - - } - public void testA251() throws Exception { - try { - startAuthentication(); - String sessionID = "0"; - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - - try { - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); - fail(this.getName() + " hat KEINE FEHLER geworfen"); - } - catch (AuthenticationException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA252() throws Exception { - try { - String sessionID = startAuthentication(); - - server.setSecondsSessionTimeOut(-100); - server.cleanup(); - server.setSecondsSessionTimeOut(1000); - - System.out.println(sessionID); - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - try { - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); - fail(this.getName() + " hat KEINE FEHLER geworfen"); - } - catch (AuthenticationException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA253() throws Exception { - try { - String sessionID = startAuthentication(); - System.out.println(sessionID); - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - try { - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); - fail(this.getName() + " hat KEINE FEHLER geworfen"); - } - catch (AuthenticationException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA254() throws Exception { - try { - String sessionID = startAuthentication(); - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - try { - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); - fail(this.getName() + " hat KEINE FEHLER geworfen"); - } - catch (ValidateException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA255() throws Exception { - try { - String sessionID = startAuthentication(); - System.out.println(sessionID); - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - try { - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - } - catch (ParseException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA256() throws Exception { - try { - String sessionID = startAuthentication(); - System.out.println(sessionID); - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - try { - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - } - catch (ValidateException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA257() throws Exception { - try { - String sessionID = startAuthentication(); - System.out.println(sessionID); - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - try { - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); - fail(this.getName() + " hat KEINE FEHLER geworfen"); - - } - catch (ValidateException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA258() throws Exception { - try { - String sessionID = startAuthentication(); - System.out.println(sessionID); - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - try { - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); - fail(this.getName() + " hat KEINE FEHLER geworfen"); - } - catch (ValidateException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA259() throws Exception { - try { - String sessionID = startAuthentication(); - System.out.println(sessionID); - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - try { - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); - fail(this.getName() + " hat KEINE FEHLER geworfen"); - } - catch (ValidateException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA260() throws Exception { - try { - String sessionID = startAuthentication(); - System.out.println(sessionID); - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - try { - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); - fail(this.getName() + " hat KEINE FEHLER geworfen"); - } - catch (ValidateException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA261() throws Exception { - try { - String sessionID = startAuthentication(); - System.out.println(sessionID); - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - - try { - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); - fail(this.getName() + " hat KEINE FEHLER geworfen"); - } - catch (ValidateException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA262() throws Exception { - try { - String sessionID = startAuthentication(); - System.out.println(sessionID); - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - new InfoboxReadResponseParser(infoboxReadResponse).parseIdentityLink(); - // System.out.println(infoboxReadResponse); - - try { - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); - fail(this.getName() + " hat KEINE FEHLER geworfen"); - } - catch (ValidateException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA263() throws Exception { - try { - String sessionID = startAuthentication(); - System.out.println(sessionID); - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); - IdentityLink idl = irrp.parseIdentityLink(); - Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); - Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); - - VerifyXMLSignatureResponseParser respParser = new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); - - // String createXMLSignatureRequest = server.verifyIdentityLink(sessionID, infoboxReadResponse); - // System.out.println(createXMLSignatureRequest); - // String createXMLSignatureResponse = readFile(TESTDATA_ROOT + "xmldata/standard/"+"CreateXMLSignatureResponse.xml"); - // String samlArtifact = server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); - Vector identityLinkSigners = new Vector(); - identityLinkSigners.add("CN=TEST,OU=TEST,O=TEST,C=AT"); - try { - VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), identityLinkSigners, VerifyXMLSignatureResponseValidator.CHECK_IDENTITY_LINK, true); - System.err.println(this.getName() + " hat KEINE FEHLER geworfen"); - fail(this.getName() + " hat KEINE FEHLER geworfen"); - } - catch (ValidateException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } -} diff --git a/id.server/src/test/abnahme/A/Test300VerifyAuthBlock.java b/id.server/src/test/abnahme/A/Test300VerifyAuthBlock.java deleted file mode 100644 index 9bf92e54b..000000000 --- a/id.server/src/test/abnahme/A/Test300VerifyAuthBlock.java +++ /dev/null @@ -1,609 +0,0 @@ -package test.abnahme.A; - -import java.util.Calendar; -import java.util.HashMap; - -import org.w3c.dom.Element; -import test.abnahme.AbnahmeTestCase; - -import at.gv.egovernment.moa.id.AuthenticationException; -import at.gv.egovernment.moa.id.BuildException; -import at.gv.egovernment.moa.id.ParseException; -import at.gv.egovernment.moa.id.auth.AuthenticationServer; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataAssertionBuilder; -import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder; -import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; -import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; -import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; -import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; -import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser; -import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; -import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; -import at.gv.egovernment.moa.id.auth.validator.CreateXMLSignatureResponseValidator; -import at.gv.egovernment.moa.id.auth.validator.ValidateException; -import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.data.AuthenticationData; -import at.gv.egovernment.moa.id.util.Random; -import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.egovernment.moa.util.DateTimeUtils; - -/** - * @author Stefan Knirsch - * @version $Id$ - * - */ - -public class Test300VerifyAuthBlock extends AbnahmeTestCase { - - public Test300VerifyAuthBlock(String name) { - super(name); - } - - public void testA301() throws Exception { - try { - String sessionID = startAuthentication(); - AuthenticationData authData = initServer(sessionID); - //authDataWriter(authData,this.getName()+"new.xml"); - assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); - System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA302() throws Exception { - try { - String sessionID = startAuthentication(); - AuthenticationData authData = initServer(sessionID); - //authDataWriter(authData,this.getName()+"new.xml"); - assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); - System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA303() throws Exception { - try { - String sessionID = startAuthentication(); - AuthenticationData authData = initServer(sessionID); - assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); - System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA304() throws Exception { - try { - String sessionID = startAuthentication(); - AuthenticationData authData = initServer(sessionID); - assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); - System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA305() throws Exception { - try { - String sessionID = startAuthentication(); - AuthenticationData authData = initServer(sessionID); - assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); - System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA306() throws Exception { - try { - String sessionID = startAuthentication(); - AuthenticationData authData = initServer(sessionID); - assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); - System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA307() throws Exception { - try { - String sessionID = startAuthentication(); - AuthenticationData authData = initServer(sessionID); - assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); - System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA308() throws Exception { - try { - String sessionID = startAuthentication(); - AuthenticationData authData = initServer(sessionID); - assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); - System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - - } - - public void testA309() throws Exception { - try { - String sessionID = startAuthentication(); - AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID); - assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); - System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA310() throws Exception { - try { - String sessionID = startAuthentication(); - AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID); - assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); - System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA311() throws Exception { - try { - String sessionID = startAuthentication(); - AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID); - assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion())); - System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA351() throws Exception { - try { - String sessionID = startAuthentication(); - System.out.println(sessionID); - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); - IdentityLink idl = irrp.parseIdentityLink(); - Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); - Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); - new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); - //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); - // System.out.println(createXMLSignatureRequest); - String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); - - // nicht existierende Session.... - try { - server.verifyAuthenticationBlock("0", createXMLSignatureResponse); - fail(); - } - catch (AuthenticationException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA352() throws Exception { - try { - String sessionID = startAuthentication(); - System.out.println(sessionID); - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - server.setSecondsSessionTimeOut(-100); - server.cleanup(); - InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); - IdentityLink idl = irrp.parseIdentityLink(); - Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); - Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); - new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); - //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); - // System.out.println(createXMLSignatureRequest); - String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); - - // abgelaufene Session.... - server.setSecondsSessionTimeOut(1000); - try { - server.verifyAuthenticationBlock("0", createXMLSignatureResponse); - fail(); - } - catch (AuthenticationException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA353() throws Exception { - try { - String sessionID = startAuthentication(); - System.out.println(sessionID); - - String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); - - // Session for VerifyIdentityLink-Aufruf - try { - - server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); - fail(); - } - //NOCH SEHR UNSCHÖN..... (fliegt raus im AuthenticationServer, Methode buildAuthenticationData - // ( IdentityLink identityLink = session.getIdentityLink(); ==> liefert dann NULL... - catch (NullPointerException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA354() throws Exception { - try { - String sessionID = startAuthentication(); - System.out.println(sessionID); - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); - IdentityLink idl = irrp.parseIdentityLink(); - Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); - Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); - new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); - //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); - // System.out.println(createXMLSignatureRequest); - String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); - - // nicht existierende Session.... - - server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); - try { - server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); - fail(); - } - catch (AuthenticationException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA355() throws Exception { - try { - String sessionID = startAuthentication(); - try { - initServer(sessionID); - fail(); - } - catch (ParseException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA356() throws Exception { - try { - String sessionID = startAuthentication(); - try { - initServer(sessionID); - fail(); - } - catch (ParseException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA357() throws Exception { - try { - String sessionID = startAuthentication(); - try { - initServer(sessionID); - fail(); - } - catch (ValidateException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA358() throws Exception { - try { - String sessionID = startAuthentication(); - try { - initServer(sessionID); - fail(); - } - catch (ValidateException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA359() throws Exception { - try { - String sessionID = startAuthentication(); - try { - initServer(sessionID); - fail(); - } - catch (ValidateException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA360() throws Exception { - try { - String sessionID = startAuthentication(); - try { - initServer(sessionID); - fail(); - } - catch (ValidateException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA361() throws Exception { - try { - String sessionID = startAuthentication(); - try { - initServer(sessionID); - fail(); - } - catch (ValidateException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA362() throws Exception { - try { - String sessionID = startAuthentication(); - try { - initServer(sessionID); - fail(); - } - catch (ValidateException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA363() throws Exception { - try { - String sessionID = startAuthentication(); - try { - initServer(sessionID); - fail(); - } - catch (ValidateException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA364() throws Exception { - try { - String sessionID = startAuthentication(); - try { - - initServer(sessionID); - fail(); - } - catch (ValidateException e) { - System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - /* public void testA365() throws Exception { - String sessionID = startAuthentication(); - try { - // wegen sinnlosigkeit gestrichen - initServer(sessionID); - fail(); - } - catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");} - }*/ - - public void testA366() throws Exception { - - String sessionID = startAuthentication(); - try { - initServer(sessionID); - fail(); - } - catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");} - } - public void testA367() throws Exception { - String sessionID = startAuthentication(); - try { - initServer(sessionID); - fail(); - } - catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");} - } - - - private AuthenticationData initServer(String sessionID) throws Exception { - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); - IdentityLink idl = irrp.parseIdentityLink(); - Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, "TrustProfile1"); - Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); - new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); - //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); - // System.out.println(createXMLSignatureRequest); - String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); - // CreateXMLSignatureResponseValidator.getInstance().validate(new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(),"gb","https://localhost:9443/"); - String samlArtifact = server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); - AuthenticationData authData = server.getAuthenticationData(samlArtifact); - return authData; - } - - private AuthenticationData initServerWithoutValidateAuthBlock(String sessionID) throws Exception { - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); - IdentityLink idl = irrp.parseIdentityLink(); - Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, "TrustProfile1"); - Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); - new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); - //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); - // System.out.println(createXMLSignatureRequest); - String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); - // CreateXMLSignatureResponseValidator.getInstance().validate(new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(),"gb","https://localhost:9443/"); - - AuthenticationSession session = AuthenticationServer.getSession(sessionID); - AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance(); - // parses - CreateXMLSignatureResponse csresp = - new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(); - // validates - new CreateXMLSignatureResponseValidator().validate(csresp, session); - // builds a for a MOA-SPSS call - String[] vtids = authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs(); - String tpid = authConf.getMoaSpAuthBlockTrustProfileID(); - Element domVsreq = new VerifyXMLSignatureRequestBuilder().build(csresp, vtids, tpid); - // invokes the call - Element domVsresp = new SignatureVerificationInvoker().verifyXMLSignature(domVsreq); - // parses the - VerifyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponseParser(domVsresp).parseData(); - // validates the - VerifyXMLSignatureResponseValidator.getInstance().validate(vsresp, null, VerifyXMLSignatureResponseValidator.CHECK_AUTH_BLOCK, true); - // compares the public keys from the identityLink with the AuthBlock - - // builds authentication data and stores it together with a SAML artifact - AuthenticationData authData = buildAuthenticationData(session, vsresp); - return authData; - } - private AuthenticationData buildAuthenticationData( - AuthenticationSession session, - VerifyXMLSignatureResponse verifyXMLSigResp) - throws ConfigurationException, BuildException { - - IdentityLink identityLink = session.getIdentityLink(); - AuthenticationData authData = new AuthenticationData(); - authData.setMajorVersion(1); - authData.setMinorVersion(0); - authData.setAssertionID(Random.nextRandom()); - authData.setIssuer(session.getAuthURL()); - authData.setIssueInstant(DateTimeUtils.buildDateTime(Calendar.getInstance())); - String vpkBase64 = new BPKBuilder().buildBPK( - identityLink.getIdentificationValue(), session.getTarget()); - authData.setBPK(vpkBase64); - authData.setGivenName(identityLink.getGivenName()); - authData.setFamilyName(identityLink.getFamilyName()); - authData.setDateOfBirth(identityLink.getDateOfBirth()); - authData.setQualifiedCertificate(verifyXMLSigResp.isQualifiedCertificate()); - authData.setPublicAuthority(verifyXMLSigResp.isPublicAuthority()); - authData.setPublicAuthorityCode(verifyXMLSigResp.getPublicAuthorityCode()); - OAAuthParameter oaParam = - AuthConfigurationProvider.getInstance().getOnlineApplicationParameter( - session.getPublicOAURLPrefix()); - String prPerson = new PersonDataBuilder().build( - identityLink, oaParam.getProvideStammzahl()); - - try { - String ilAssertion = - oaParam.getProvideIdentityLink() ? DOMUtils.serializeNode(identityLink.getSamlAssertion()) : ""; - String authBlock = oaParam.getProvideAuthBlock() ? session.getAuthBlock() : ""; - String samlAssertion = new AuthenticationDataAssertionBuilder().build( - authData, prPerson, authBlock, ilAssertion, session.getBkuURL(), "", false, null); - authData.setSamlAssertion(samlAssertion); - return authData; - } - catch (Throwable ex) { - throw new BuildException( - "builder.00", - new Object[] { "AuthenticationData", ex.getMessage() }, - ex); - } - } -} diff --git a/id.server/src/test/abnahme/A/Test400GetAuthenticationData.java b/id.server/src/test/abnahme/A/Test400GetAuthenticationData.java deleted file mode 100644 index 3db0a6d69..000000000 --- a/id.server/src/test/abnahme/A/Test400GetAuthenticationData.java +++ /dev/null @@ -1,137 +0,0 @@ -package test.abnahme.A; - -import java.util.HashMap; - -import org.w3c.dom.Element; -import test.abnahme.AbnahmeTestCase; - -import at.gv.egovernment.moa.id.AuthenticationException; -import at.gv.egovernment.moa.id.auth.AuthenticationServer; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; -import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; -import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser; -import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; -import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; -import at.gv.egovernment.moa.id.auth.validator.CreateXMLSignatureResponseValidator; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; -import at.gv.egovernment.moa.id.data.AuthenticationData; - -/** - * @author Stefan Knirsch - * @version $Id$ - */ - -public class Test400GetAuthenticationData extends AbnahmeTestCase { - - private String samlArtifact; - - public Test400GetAuthenticationData(String name) { - super(name); - } - - protected void setUp() throws Exception { - super.setUp(); - String sessionID = startAuthentication(); - AuthenticationSession session = AuthenticationServer.getSession(sessionID); - String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml"); - HashMap parameters = new HashMap(1); - parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse); - server.verifyIdentityLink(sessionID, parameters); - InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse); - IdentityLink idl = irrp.parseIdentityLink(); - Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID()); - Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest); - new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse); - //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames()); - // System.out.println(createXMLSignatureRequest); - String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml"); - CreateXMLSignatureResponseValidator.getInstance().validate(new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(), session); - samlArtifact = server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); - } - - public void testA401() throws Exception { - try { - - AuthenticationData authData = server.getAuthenticationData(samlArtifact); -// authDataWriter(authData,"NEWA401"); - assertXmlEquals(clearSamlAssertion(authData.getSamlAssertion()), readXmldata("AuthenticationData.xml")); - System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA451() throws Exception { - try { - try { - AuthenticationData authData = server.getAuthenticationData("AAGu1JFbyGKqJ+3NAonwMu5bNyUc7kooeMK6bxeXBbnK6NL0DfuVJsGi"); - authDataWriter(authData, "A45"); - if (authData != null) - fail(); - } - catch (AuthenticationException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA452() throws Exception { - try { - server.getAuthenticationData(samlArtifact); - try { - server.getAuthenticationData(samlArtifact); - fail(); - } - catch (AuthenticationException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA453() throws Exception { - try { - server.setSecondsAuthDataTimeOut(-1000); - server.cleanup(); - try { - server.getAuthenticationData(samlArtifact); - fail(); - } - catch (AuthenticationException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA454() throws Exception { - try { - try { - server.getAuthenticationData("blabla123"); - fail(); - } - catch (AuthenticationException e) { - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "\n-----------------------"); - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - -} diff --git a/id.server/src/test/abnahme/A/Test500StartAuthenticationServlet.java b/id.server/src/test/abnahme/A/Test500StartAuthenticationServlet.java deleted file mode 100644 index f4f37a871..000000000 --- a/id.server/src/test/abnahme/A/Test500StartAuthenticationServlet.java +++ /dev/null @@ -1,305 +0,0 @@ -package test.abnahme.A; - -import java.io.OutputStream; -import java.net.URL; -import java.security.Security; - -import javax.net.ssl.SSLSocketFactory; - -import test.abnahme.AbnahmeTestCase; - -import at.gv.egovernment.moa.util.StreamUtils; -import at.gv.egovernment.moa.util.URLEncoder; - -import com.sun.net.ssl.HostnameVerifier; -import com.sun.net.ssl.HttpsURLConnection; - -/** - * @author Stefan Knirsch - * @version $Id$ - * - */ -public class Test500StartAuthenticationServlet extends AbnahmeTestCase { - - private String testdataRoot = TESTDATA_ROOT + "xmldata/standard/"; - SSLSocketFactory ssf; - public Test500StartAuthenticationServlet(String name) { - super(name); - } - protected void setUp() throws Exception { - super.setUp(); - Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); - System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol"); - System.setProperty("javax.net.ssl.trustStore", "C:/Programme/ApacheGroup/abnahme/server.keystore"); - System.setProperty("javax.net.ssl.trustStorePassword", "changeit"); - } - - public void testA501() throws Exception { - //NUR einmal für alle folgenden Testfälle - //---------------------------------------- - - //---------------------------------------- - - try { - String targetURL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); - HttpsURLConnection conn = giveConnection(targetURL, "GET"); - conn.connect(); - int resultCode = conn.getResponseCode(); - String contentType = conn.getHeaderField("Content-Type"); - if (resultCode != 200) - fail("Wrong HTTP-Code"); - if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/html")) - fail("Wrong contentType: expected text/html and was " + conn.getHeaderField("Content-Type")); - conn.disconnect(); - System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); - - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA502() throws Exception { - try { - String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); - HttpsURLConnection conn = giveConnection(URL, "GET"); - conn.connect(); - int resultCode = conn.getResponseCode(); - String contentType = conn.getHeaderField("Content-Type"); - if (resultCode != 200) - fail("Wrong HTTP-Code: expected '200' and was '" + resultCode + "'"); - if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/html")) - fail("Wrong contentType: expected text/html and was " + conn.getHeaderField("Content-Type")); - String result = new String(StreamUtils.readStream(conn.getInputStream())); - - conn.disconnect(); - - URL = parseDataURL(result); - conn = giveConnection(URL, "POST"); - conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); - - String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); - System.out.println("File gelesen, Daten in Outputstream einpflegen"); - OutputStream out = conn.getOutputStream(); - out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes("UTF-8")); - out.flush(); - out.close(); - - System.out.println("Verbinden zu " + URL); - conn.connect(); - resultCode = conn.getResponseCode(); - System.out.println("resultCode :" + resultCode); - String redirectLoc = conn.getHeaderField("Location"); - System.out.println("redirectLoc :" + redirectLoc); - // Austausch von VerifyIdentityLink in der POST-URL durch VerifyAuthBlock... rest MUSS gleich sein! - if (!killInclusive(URL, "VerifyI", "Link", "VerifyAuthBlock").equals(redirectLoc)) - fail("Wrong Redirect-Location: expected " + URL + " and was " + conn.getHeaderField("Location")); - if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/xml")) - fail("Wrong contentType: expected text/xml and was " + conn.getHeaderField("Content-Type")); - conn.disconnect(); - System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA503() throws Exception { - try { - String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); - HttpsURLConnection conn = giveConnection(URL, "GET"); - conn.connect(); - - assertEquals(200,conn.getResponseCode()); - if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/html")) - fail("Wrong contentType: expected text/html and was " + conn.getHeaderField("Content-Type")); - String result = new String(StreamUtils.readStream(conn.getInputStream())); - URL = parseDataURL(result); - - conn.disconnect(); - conn = giveConnection(URL, "POST"); - conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); - String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); - OutputStream out = conn.getOutputStream(); - out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); - out.flush(); - out.close(); - conn.connect(); - String redirectLoc = conn.getHeaderField("Location"); - // Austausch von VerifyIdentityLink in der POST-URL durch VerifyAuthBlock... rest MUSS gleich sein! - if (!killInclusive(URL, "VerifyI", "Link", "VerifyAuthBlock").equals(redirectLoc)) - fail("Wrong Redirect-Location: expected " + URL + " and was " + conn.getHeaderField("Location")); - if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/xml")) - fail("Wrong contentType: expected text/xml and was " + conn.getHeaderField("Content-Type")); - conn.disconnect(); - - conn = giveConnection(redirectLoc, "POST"); - System.out.println("Redirect Location: " + redirectLoc); - String createXMLSignatureResponse = URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8"); - out = conn.getOutputStream(); - out.write(("XMLResponse=" +createXMLSignatureResponse).getBytes()); - out.flush(); - out.close(); - - System.out.println("Sending Data to " + redirectLoc); - conn.connect(); - - redirectLoc = conn.getHeaderField("Location"); - System.out.println("redirectLoc: " + redirectLoc); - /* RandomAccessFile raf = new RandomAccessFile("C://503.xml", "rw"); - raf.write(StreamUtils.readStream(conn.getInputStream())); - raf.close();*/ - conn.disconnect(); - assertEquals(302, conn.getResponseCode()); - assertTrue(redirectLoc.startsWith("https://localhost:9443/?Target=gb&SAMLArtifact=")); - System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); - - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA551() throws Exception { - try { - String targetURL = getURL("https://localhost:8443/moa-id-auth/", "gb", ""); - HttpsURLConnection conn = giveConnection(targetURL, "GET"); - conn.connect(); - String result = new String(StreamUtils.readStream(conn.getInputStream())); - assertTrue(result.indexOf("Die Angabe der Parameter ist unvollständig") >= 0); - conn.disconnect(); - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: Die Angabe der Parameter ist unvollständig.\n-----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA552() throws Exception { - try { - String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); - HttpsURLConnection conn = giveConnection(URL, "GET"); - conn.connect(); - int resultCode = conn.getResponseCode(); - assertEquals(200, resultCode); - if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/html")) - fail("Wrong contentType: expected text/html and was " + conn.getHeaderField("Content-Type")); - conn.disconnect(); - URL = "https://localhost:8443/moa-id-auth/" + "VerifyIdentityLink?MOASessionID=0000"; - conn = giveConnection(URL, "POST"); - conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); - - String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); - OutputStream out = conn.getOutputStream(); - out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); - out.flush(); - out.close(); - - conn.connect(); - String result = new String(StreamUtils.readStream(conn.getInputStream())); - assertTrue(result.indexOf("MOASessionID ist unbekannt") >= 0); - System.out.println("Fehler in testA552 erfolgreich abgefangen: MOASessionID ist unbekannt"); - conn.disconnect(); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - public void testA553() throws Exception { - try { - String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); - HttpsURLConnection conn = giveConnection(URL, "GET"); - conn.connect(); - int resultCode = conn.getResponseCode(); - assertEquals(200,resultCode); - if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/html")) - fail("Wrong contentType: expected text/html and was " + conn.getHeaderField("Content-Type")); - String result = new String(StreamUtils.readStream(conn.getInputStream())); - String MOASessionID = parseSessionIDFromForm(result); - URL = parseDataURL(result); - conn.disconnect(); - - conn = giveConnection(URL, "POST"); - conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); - - String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); - OutputStream out = conn.getOutputStream(); - out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); - out.flush(); - out.close(); - conn.connect(); - result = new String(StreamUtils.readStream(conn.getInputStream())); - String redirectLoc = conn.getHeaderField("Location"); - // Austausch von VerifyIdentityLink in der POST-URL durch VerifyAuthBlock... rest MUSS gleich sein! - if (!killInclusive(URL, "VerifyI", "Link", "VerifyAuthBlock").equals(redirectLoc)) - fail("Wrong Redirect-Location: expected " + URL + " and was " + conn.getHeaderField("Location")); - if (!conn.getHeaderField("Content-Type").equalsIgnoreCase("text/xml")) - fail("Wrong contentType: expected text/xml and was " + conn.getHeaderField("Content-Type")); - conn.disconnect(); - conn = giveConnection(redirectLoc + "XXX", "POST"); - System.out.println("Redirect Location: " + redirectLoc + "XXX"); - String createXMLSignatureResponse = "XMLResponse=" + URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8"); - - out = conn.getOutputStream(); - out.write(new String("MOASessionID=" + MOASessionID + "&").getBytes()); - out.write(createXMLSignatureResponse.getBytes("UTF-8")); - out.flush(); - out.close(); - System.out.println("Sending Data to " + redirectLoc); - conn.connect(); - resultCode = conn.getResponseCode(); - - result = new String(StreamUtils.readStream(conn.getInputStream())); - conn.disconnect(); - assertEquals(200, resultCode); - assertTrue(result.indexOf("MOASessionID ist unbekannt") >= 0); - System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - private String parseDataURL(String input) { - String ret = getSubString(input.substring(input.indexOf("DataURL"), input.length()), "value=\"", "\""); - return ret; - } - - private String getSubString(String input, String startsWith, String endsWith) { - return input.substring(input.indexOf(startsWith) + startsWith.length(), input.indexOf(endsWith, input.indexOf(startsWith) + startsWith.length())); - } - private String getURL(String authURL, String target, String oaURL) { - return authURL + "StartAuthentication?Target=" + target + "&OA=" + oaURL; - } - private String parseSessionIDFromForm(String htmlForm) { - String parName = "MOASessionID="; - assertTrue("HTML Form enthält keine SessionID", htmlForm.indexOf(parName) >= 0); - int i1 = htmlForm.indexOf(parName) + parName.length(); - int i2 = htmlForm.indexOf("\"", i1); - assertTrue("HTML Form enthält keine gültige SessionID", i2 > i1); - return htmlForm.substring(i1, i2); - } - - private class HostnameVerifierHack implements HostnameVerifier { - public boolean verify(String arg0, String arg1) { - return true; - } - } - private HttpsURLConnection giveConnection(String targetURL, String requestMethod) throws Exception { - URL url = new URL(targetURL); - HttpsURLConnection conn = (HttpsURLConnection) url.openConnection(); - conn.setRequestMethod(requestMethod); - conn.setDoInput(true); - conn.setDoOutput(true); - conn.setUseCaches(false); - conn.setAllowUserInteraction(false); - conn.setHostnameVerifier(new HostnameVerifierHack()); - return conn; - } - -} \ No newline at end of file diff --git a/id.server/src/test/abnahme/A/Test600GetAuthenticationDataService.java b/id.server/src/test/abnahme/A/Test600GetAuthenticationDataService.java deleted file mode 100644 index b44852346..000000000 --- a/id.server/src/test/abnahme/A/Test600GetAuthenticationDataService.java +++ /dev/null @@ -1,281 +0,0 @@ -package test.abnahme.A; - -import java.io.OutputStream; -import java.net.URL; -import java.security.Security; -import java.util.Calendar; -import java.util.Vector; - -import javax.xml.namespace.QName; -import javax.xml.rpc.Call; -import javax.xml.rpc.Service; -import javax.xml.rpc.ServiceFactory; - -import org.apache.axis.message.SOAPBodyElement; -import org.w3c.dom.Element; - -import com.sun.net.ssl.HostnameVerifier; -import com.sun.net.ssl.HttpsURLConnection; - -import test.abnahme.AbnahmeTestCase; - -import at.gv.egovernment.moa.id.proxy.builder.SAMLRequestBuilder; -import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.egovernment.moa.util.DateTimeUtils; -import at.gv.egovernment.moa.util.StreamUtils; -import at.gv.egovernment.moa.util.URLDecoder; -import at.gv.egovernment.moa.util.URLEncoder; - -/** - * @author Stefan Knirsch - * @version $Id$ - */ - -public class Test600GetAuthenticationDataService extends AbnahmeTestCase { - - private String moaSessionID; - private String samlArtifact; - private static final QName SERVICE_QNAME = new QName("SignatureCreation"); - - public Test600GetAuthenticationDataService(String name) { - super(name); - } - - protected void setUp() throws Exception { - super.setUp(); - Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); - System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol"); - System.setProperty("javax.net.ssl.trustStore", "C:/Programme/ApacheGroup/abnahme/server.keystore"); - System.setProperty("javax.net.ssl.trustStorePassword", "changeit"); - } - - public void testA601() throws Exception { - try { - - // Anmelden - String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); - HttpsURLConnection conn = giveConnection(URL, "GET"); - conn.connect(); - String result = new String(StreamUtils.readStream(conn.getInputStream())); - String MOASessionID = parseSessionIDFromForm(result); - conn.disconnect(); - - URL = parseDataURL(result); - // Verify Identity Link - conn = giveConnection(URL, "POST"); - conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); - String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); - OutputStream out = conn.getOutputStream(); - out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); - out.flush(); - out.close(); - conn.connect(); - String redirectLoc = conn.getHeaderField("Location"); - conn.disconnect(); - //Verify Auth Block - conn = giveConnection(redirectLoc, "POST"); - String createXMLSignatureResponse = URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8"); - out = conn.getOutputStream(); - out.write(("MOASessionID=" + moaSessionID + "&XMLResponse=" + createXMLSignatureResponse).getBytes("UTF-8")); - out.flush(); - out.close(); - conn.connect(); - redirectLoc = conn.getHeaderField("Location"); - samlArtifact = parseSamlArtifact(redirectLoc); - System.out.println("SamlArtifact: " + samlArtifact); - conn.disconnect(); - - assertTrue(redirectLoc.startsWith("https://localhost:9443/?Target=gb&SAMLArtifact=")); - - conn = null; - - SAMLRequestBuilder srb = new SAMLRequestBuilder(); - - Element erg = doCall(srb.build(moaSessionID,URLDecoder.decode(samlArtifact, "UTF-8"))); - result = DOMUtils.serializeNode(erg); - result = killInclusive(result,"IssueInstant=\"","\"",""); - result = killInclusive(result,"AssertionID=\"","\"",""); - result = killInclusive(result,"ResponseID=\"","\"",""); - -// writeXmldata("GetAuthenticationDataWebServiceResponse.xml", result.getBytes("UTF-8")); - - assertEquals(result,readXmldata("GetAuthenticationDataWebServiceResponse.xml")); - - System.out.println("-----------------------\nTestfall " + this.getName() + " erfolgreich abgearbeitet! \n-----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA651() throws Exception { - try { - - // Anmelden - String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); - HttpsURLConnection conn = giveConnection(URL, "GET"); - conn.connect(); - String result = new String(StreamUtils.readStream(conn.getInputStream())); - String MOASessionID = parseSessionIDFromForm(result); - conn.disconnect(); - - URL = parseDataURL(result); - // Verify Identity Link - conn = giveConnection(URL, "POST"); - conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); - String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); - OutputStream out = conn.getOutputStream(); - out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); - out.flush(); - out.close(); - conn.connect(); - String redirectLoc = conn.getHeaderField("Location"); - conn.disconnect(); - //Verify Auth Block - conn = giveConnection(redirectLoc, "POST"); - String createXMLSignatureResponse = URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8"); - out = conn.getOutputStream(); - out.write(("MOASessionID=" + moaSessionID + "&XMLResponse=" + createXMLSignatureResponse).getBytes("UTF-8")); - out.flush(); - out.close(); - conn.connect(); - redirectLoc = conn.getHeaderField("Location"); - samlArtifact = "AAGu1JFbyGKqJ+3NAonwMu5bNyUc7kooeMK6bxeXBbnK6NL0DfuVJsGi"; - System.out.println("SamlArtifact: " + samlArtifact); - conn.disconnect(); - - assertTrue(redirectLoc.startsWith("https://localhost:9443/?Target=gb&SAMLArtifact=")); - - conn = null; - - SAMLRequestBuilder srb = new SAMLRequestBuilder(); - Element samlPRequest = srb.build(moaSessionID,samlArtifact); - - assertTrue(DOMUtils.serializeNode(doCall(samlPRequest)).indexOf("unbekanntes SAML-Artifakt")!=-1); - - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: Fehler beim Abholen der Anmeldedaten, unbekanntes SAML-Artifakt\n-----------------------"); - } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - public void testA652() throws Exception { - try { - - // Anmelden - String URL = getURL("https://localhost:8443/moa-id-auth/", "gb", "https://localhost:9443/"); - HttpsURLConnection conn = giveConnection(URL, "GET"); - conn.connect(); - String result = new String(StreamUtils.readStream(conn.getInputStream())); - String MOASessionID = parseSessionIDFromForm(result); - conn.disconnect(); - - URL = parseDataURL(result); - // Verify Identity Link - conn = giveConnection(URL, "POST"); - conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); - String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); - OutputStream out = conn.getOutputStream(); - out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); - out.flush(); - out.close(); - conn.connect(); - String redirectLoc = conn.getHeaderField("Location"); - conn.disconnect(); - //Verify Auth Block - conn = giveConnection(redirectLoc, "POST"); - String createXMLSignatureResponse = URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8"); - out = conn.getOutputStream(); - out.write(("MOASessionID=" + moaSessionID + "&XMLResponse=" + createXMLSignatureResponse).getBytes("UTF-8")); - out.flush(); - out.close(); - conn.connect(); - redirectLoc = conn.getHeaderField("Location"); - samlArtifact = parseSamlArtifact(redirectLoc); - System.out.println("SamlArtifact: " + samlArtifact); - conn.disconnect(); - - assertTrue(redirectLoc.startsWith("https://localhost:9443/?Target=gb&SAMLArtifact=")); - - conn = null; - String request = - "" + - ""; - - Element samlPRequest = DOMUtils.parseDocument(request, false, ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); - - assertTrue(DOMUtils.serializeNode(doCall(samlPRequest)).indexOf("Fehlerhaftes Requestformat")!=-1); -// writeXmldata("GetAuthenticationDataWebServiceResponse.xml", result.getBytes("UTF-8")); - System.out.println("-----------------------\nFehler in " + this.getName() + " erfolgreich abgefangen: Fehlerhaftes Requestformat\n-----------------------"); } - catch (Exception e) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage()); - throw e; - } - } - - protected Element doCall(Element request) - throws Exception { - QName serviceName = new QName("GetAuthenticationData"); - String endPoint = "http://localhost:8080/moa-id-auth/services/GetAuthenticationData"; - Service service = ServiceFactory.newInstance().createService(serviceName); - Call call = service.createCall(); - SOAPBodyElement body = - new SOAPBodyElement(request); - SOAPBodyElement[] params = new SOAPBodyElement[] {body}; - Vector responses; - SOAPBodyElement response; - - call.setTargetEndpointAddress(endPoint); - responses = (Vector) call.invoke(params); - response = (SOAPBodyElement) responses.get(0); - - return response.getAsDOM(); - } - - private String parseDataURL(String input) - { - return getSubString(input.substring(input.indexOf("DataURL"),input.length()),"value=\"","\""); - } - private String parseSamlArtifact(String input) - { - return getSubString(input+"@@@","SAMLArtifact=","@@@"); - } - private String getSubString(String input, String startsWith, String endsWith) - { - return input.substring(input.indexOf(startsWith)+startsWith.length(), input.indexOf(endsWith, input.indexOf(startsWith)+startsWith.length())); - } - private String getURL(String authURL, String target, String oaURL) - { - return authURL + "StartAuthentication?Target=" + target + "&OA=" + oaURL; - } - private String parseSessionIDFromForm(String htmlForm) { - String parName = "MOASessionID="; - assertTrue( - "HTML Form enthält keine SessionID", - htmlForm.indexOf(parName) >= 0); - int i1 = htmlForm.indexOf(parName) + parName.length(); - int i2 = htmlForm.indexOf("\"", i1); - assertTrue("HTML Form enthält keine gültige SessionID", i2 > i1); - return htmlForm.substring(i1, i2); - } - private HttpsURLConnection giveConnection(String targetURL, String requestMethod) throws Exception { - HttpsURLConnection conn = (HttpsURLConnection) new URL(targetURL).openConnection(); - conn.setRequestMethod(requestMethod); - conn.setDoInput(true); - conn.setDoOutput(true); - conn.setUseCaches(false); - conn.setAllowUserInteraction(false); - conn.setHostnameVerifier(new HostnameVerifierHack()); - return conn; - } - private class HostnameVerifierHack implements HostnameVerifier { - public boolean verify(String arg0, String arg1) { - return true; - } - } -} diff --git a/id.server/src/test/abnahme/A/Test700SelectBKU.java b/id.server/src/test/abnahme/A/Test700SelectBKU.java deleted file mode 100644 index 9cfa47033..000000000 --- a/id.server/src/test/abnahme/A/Test700SelectBKU.java +++ /dev/null @@ -1,63 +0,0 @@ -package test.abnahme.A; - -import test.abnahme.AbnahmeTestCase; - -/* - * @author Paul Ivancsics - * @version $Id$ - */ -public class Test700SelectBKU extends AbnahmeTestCase { - - public Test700SelectBKU(String name) { - super(name); - } - - public void testA701() throws Exception { - try { - String form = server.selectBKU( - "https://localhost:8443/auth", - "gb", - "https://localhost:9443/", - "file:" + getTestCaseDirectory() + "BKUSelectionTemplate.html", - "file:" + getTestCaseDirectory() + "Template.html"); - //writeXmldata("SelectBKUForm_out.html", form.getBytes()); - assertEqualsIgnoreSessionID(readXmldata("SelectBKUForm.html"), form); - } - catch (Exception ex) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + ex.getLocalizedMessage()); - throw ex; - } - } - public void testA702() throws Exception { - try { - String form = server.selectBKU( - "https://localhost:8443/auth", - "gb", - "https://localhost:9443/", - null, - null); - //writeXmldata("SelectBKUForm_out.html", form.getBytes()); - assertEqualsIgnoreSessionID(readXmldata("SelectBKUForm.html"), form); - } - catch (Exception ex) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + ex.getLocalizedMessage()); - throw ex; - } - } - public void testA703() throws Exception { - try { - String form = server.selectBKU( - "https://localhost:8443/auth", - "gb", - "https://localhost:9443/", - null, - null); - //writeXmldata("SelectBKUForm_out.html", form.getBytes()); - assertEqualsIgnoreSessionID(readXmldata("SelectBKUForm.html"), form); - } - catch (Exception ex) { - System.err.println("------ FEHLER IN " + this.getName() + ":" + ex.getLocalizedMessage()); - throw ex; - } - } -} -- cgit v1.2.3