From dd45e938564249a5e6897bd92dd29808d8990868 Mon Sep 17 00:00:00 2001 From: rudolf Date: Fri, 24 Oct 2003 08:34:56 +0000 Subject: MOA-ID version 1.1 (initial) git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@19 d688527b-c9ab-4aba-bd8d-4036d912da1d --- .../test/at/gv/egovernment/moa/id/AllTests.java | 41 ++ .../at/gv/egovernment/moa/id/UnitTestCase.java | 35 ++ .../moa/id/auth/AuthenticationServerTest.java | 50 +++ .../moa/id/auth/MOAIDAuthInitialiserTest.java | 55 +++ .../egovernment/moa/id/auth/builder/AllTests.java | 33 ++ .../AuthenticationBlockAssertionBuilderTest.java | 46 ++ .../builder/CreateXMLSignatureBuilderTest.java | 58 +++ .../builder/GetIdentityLinkFormBuilderTest.java | 73 ++++ .../builder/InfoboxReadRequestBuilderTest.java | 29 ++ .../moa/id/auth/builder/PersonDataBuilderTest.java | 51 +++ .../id/auth/builder/SAMLArtifactBuilderTest.java | 52 +++ .../VerifyXMLSignatureRequestBuilderTest.java | 93 +++++ .../moa/id/auth/invoke/MOASPSSTestCase.java | 38 ++ .../id/auth/invoke/SignatureVerificationTest.java | 166 ++++++++ .../egovernment/moa/id/auth/parser/AllTests.java | 29 ++ .../parser/IdentityLinkAssertionParserTest.java | 137 ++++++ .../auth/parser/InfoboxReadResponseParserTest.java | 67 +++ .../moa/id/auth/parser/SAMLArtifactParserTest.java | 55 +++ .../servlet/GetAuthenticationDataServiceTest.java | 91 ++++ .../auth/MOAIDAuthConfigurationProviderTest.java | 112 +++++ .../proxy/MOAIDProxyConfigurationProviderTest.java | 127 ++++++ .../at/gv/egovernment/moa/id/proxy/AllTests.java | 31 ++ .../moa/id/proxy/builder/DOMTreeCompare.java | 462 +++++++++++++++++++++ .../id/proxy/builder/SAMLRequestBuilderTest.java | 32 ++ .../moa/id/proxy/builder/SAMLRequestCompare.java | 19 + .../id/proxy/parser/SAMLResponseParserTest.java | 180 ++++++++ .../gv/egovernment/moa/id/util/SSLUtilsTest.java | 92 ++++ 27 files changed, 2254 insertions(+) create mode 100644 id.server/src/test/at/gv/egovernment/moa/id/AllTests.java create mode 100644 id.server/src/test/at/gv/egovernment/moa/id/UnitTestCase.java create mode 100644 id.server/src/test/at/gv/egovernment/moa/id/auth/AuthenticationServerTest.java create mode 100644 id.server/src/test/at/gv/egovernment/moa/id/auth/MOAIDAuthInitialiserTest.java create mode 100644 id.server/src/test/at/gv/egovernment/moa/id/auth/builder/AllTests.java create mode 100644 id.server/src/test/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilderTest.java create mode 100644 id.server/src/test/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureBuilderTest.java create mode 100644 id.server/src/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java create mode 100644 id.server/src/test/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilderTest.java create mode 100644 id.server/src/test/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilderTest.java create mode 100644 id.server/src/test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java create mode 100644 id.server/src/test/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilderTest.java create mode 100644 id.server/src/test/at/gv/egovernment/moa/id/auth/invoke/MOASPSSTestCase.java create mode 100644 id.server/src/test/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationTest.java create mode 100644 id.server/src/test/at/gv/egovernment/moa/id/auth/parser/AllTests.java create mode 100644 id.server/src/test/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParserTest.java create mode 100644 id.server/src/test/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParserTest.java create mode 100644 id.server/src/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java create mode 100644 id.server/src/test/at/gv/egovernment/moa/id/auth/servlet/GetAuthenticationDataServiceTest.java create mode 100644 id.server/src/test/at/gv/egovernment/moa/id/config/auth/MOAIDAuthConfigurationProviderTest.java create mode 100644 id.server/src/test/at/gv/egovernment/moa/id/config/proxy/MOAIDProxyConfigurationProviderTest.java create mode 100644 id.server/src/test/at/gv/egovernment/moa/id/proxy/AllTests.java create mode 100644 id.server/src/test/at/gv/egovernment/moa/id/proxy/builder/DOMTreeCompare.java create mode 100644 id.server/src/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilderTest.java create mode 100644 id.server/src/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestCompare.java create mode 100644 id.server/src/test/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParserTest.java create mode 100644 id.server/src/test/at/gv/egovernment/moa/id/util/SSLUtilsTest.java (limited to 'id.server/src/test/at/gv/egovernment/moa') diff --git a/id.server/src/test/at/gv/egovernment/moa/id/AllTests.java b/id.server/src/test/at/gv/egovernment/moa/id/AllTests.java new file mode 100644 index 000000000..69ed3d12b --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/AllTests.java @@ -0,0 +1,41 @@ +package test.at.gv.egovernment.moa.id; + +import test.at.gv.egovernment.moa.id.auth.AuthenticationServerTest; +import test.at.gv.egovernment.moa.id.auth.servlet.GetAuthenticationDataServiceTest; +import test.at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationTest; +import test.at.gv.egovernment.moa.id.config.auth.MOAIDAuthConfigurationProviderTest; +import test.at.gv.egovernment.moa.id.config.proxy.MOAIDProxyConfigurationProviderTest; + +import junit.awtui.TestRunner; +import junit.framework.Test; +import junit.framework.TestSuite; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class AllTests { + + public static Test suite() { + TestSuite suite = new TestSuite(); + + suite.addTestSuite(AuthenticationServerTest.class); + suite.addTest(test.at.gv.egovernment.moa.id.auth.builder.AllTests.suite()); + suite.addTest(test.at.gv.egovernment.moa.id.auth.parser.AllTests.suite()); + suite.addTestSuite(GetAuthenticationDataServiceTest.class); + suite.addTestSuite(SignatureVerificationTest.class); + suite.addTestSuite(MOAIDAuthConfigurationProviderTest.class); + suite.addTestSuite(MOAIDProxyConfigurationProviderTest.class); + suite.addTest(test.at.gv.egovernment.moa.id.proxy.AllTests.suite()); + + return suite; + } + + public static void main(String[] args) { + try { + TestRunner.run(AllTests.class); + } catch (Exception e) { + e.printStackTrace(); + } + } +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/UnitTestCase.java b/id.server/src/test/at/gv/egovernment/moa/id/UnitTestCase.java new file mode 100644 index 000000000..8309a4f7e --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/UnitTestCase.java @@ -0,0 +1,35 @@ +package test.at.gv.egovernment.moa.id; + +import test.MOAIDTestCase; + +import at.gv.egovernment.moa.id.config.ConfigurationProvider; + +/** + * Base class for MOA ID test cases. + * + * Provides some utility functions. + * + * @author Patrick Peck + * @version $Id$ + */ +public class UnitTestCase extends MOAIDTestCase { + + protected static final String TESTDATA_ROOT = "data/test/"; + + /** + * Constructor for MOATestCase. + * @param arg0 + */ + public UnitTestCase(String name) { + super(name); + } + /** + * Set up a transaction context with a test configuration. + */ + protected void setUp() throws Exception { + System.setProperty( + ConfigurationProvider.CONFIG_PROPERTY_NAME, + TESTDATA_ROOT + "conf/ConfigurationTest.xml"); + } + +} \ No newline at end of file diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/AuthenticationServerTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/AuthenticationServerTest.java new file mode 100644 index 000000000..753b2ef12 --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/auth/AuthenticationServerTest.java @@ -0,0 +1,50 @@ +package test.at.gv.egovernment.moa.id.auth; + +import at.gv.egovernment.moa.id.auth.AuthenticationServer; +import at.gv.egovernment.moa.id.data.AuthenticationData; + +import test.at.gv.egovernment.moa.id.UnitTestCase; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class AuthenticationServerTest extends UnitTestCase { + + public AuthenticationServerTest(String name) { + super(name); + } + + public void testStandard() throws Exception { + doTest( + "standard", + "https://localhost:8443/auth", + "gb", + "https://localhost:9443/", + null, + null); + } + public void doTest(String testdataDirectory, String authURL, String target, String oaURL, String bkuURL, String templateURL) throws Exception { + String testdataRoot = TESTDATA_ROOT + "xmldata/" + testdataDirectory + "/"; + AuthenticationServer server = AuthenticationServer.getInstance(); + String htmlForm = server.startAuthentication(authURL, target, oaURL, templateURL, bkuURL, null); + String sessionID = parseSessionIDFromForm(htmlForm); + String infoboxReadResponse = readFile(TESTDATA_ROOT + "xmldata/testperson1/" + "InfoboxReadResponse.xml"); + String createXMLSignatureRequest = server.verifyIdentityLink(sessionID, infoboxReadResponse); + String createXMLSignatureRequestShould = readFile(testdataRoot + "CreateXMLSignatureRequest.xml"); + assertXmlEquals(createXMLSignatureRequestShould, createXMLSignatureRequest); + String createXMLSignatureResponse = readFile(testdataRoot + "CreateXMLSignatureResponse.xml"); + String samlArtifact = server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse); + AuthenticationData authData = server.getAuthenticationData(samlArtifact); + String authDataShould = readFile(testdataRoot + "AuthenticationDataAssertion.xml"); + assertXmlEquals(authDataShould, authData.getSamlAssertion()); + } + private String parseSessionIDFromForm(String htmlForm) { + String parName = "MOASessionID="; + assertTrue("HTML Form enthält keine SessionID", htmlForm.indexOf(parName) >= 0); + int i1 = htmlForm.indexOf(parName) + parName.length(); + int i2 = htmlForm.indexOf("\"", i1); + assertTrue("HTML Form enthält keine gültige SessionID", i2 > i1); + return htmlForm.substring(i1, i2); + } +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/MOAIDAuthInitialiserTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/MOAIDAuthInitialiserTest.java new file mode 100644 index 000000000..afaf4a199 --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/auth/MOAIDAuthInitialiserTest.java @@ -0,0 +1,55 @@ +package test.at.gv.egovernment.moa.id.auth; + +import java.io.ByteArrayInputStream; +import java.security.KeyStore; +import java.util.Enumeration; + +import iaik.pkcs.pkcs12.PKCS12; +import iaik.security.provider.IAIK; + +import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer; +import at.gv.egovernment.moa.id.config.ConfigurationProvider; +import at.gv.egovernment.moa.id.util.SSLUtils; +import at.gv.egovernment.moa.util.FileUtils; +import at.gv.egovernment.moa.util.KeyStoreUtils; + +import test.at.gv.egovernment.moa.id.UnitTestCase; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class MOAIDAuthInitialiserTest extends UnitTestCase { + + public MOAIDAuthInitialiserTest(String name) { + super(name); + } + + public void testInit() throws Exception + { +// System.setProperty( +// ConfigurationProvider.CONFIG_PROPERTY_NAME,"C://Programme/ApacheGroup/abnahme/conf/moa-id/SampleMOAIDConfiguration.xml"); +// System.setProperty( +// ConfigurationProvider.CONFIG_PROPERTY_NAME,"D://Daten/_Projects/moa_id_maengel/SampleMOAIDConfiguration.xml"); + SSLUtils.initialize(); + + try { + KeyStore s = KeyStoreUtils.loadKeyStore("pkcs12","file:C:/Programme/ApacheGroup/abnahme/cert/keystore.p12","changeit"); + System.out.println(s.getProvider().getClass().getName()); + Enumeration enum = s.aliases(); + while (enum.hasMoreElements()) { + String element = (String) enum.nextElement(); + System.out.print(element+":"); + System.out.println(s.getCertificate(element).getPublicKey().getAlgorithm()); + System.out.println(s.getCertificate(element).getType()); + } + + + System.out.println(s.getCertificate("pc41408").getPublicKey().getFormat()); + + } + catch (Exception e) {e.printStackTrace();}; + + } + + } diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/AllTests.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/AllTests.java new file mode 100644 index 000000000..77dff29aa --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/AllTests.java @@ -0,0 +1,33 @@ +package test.at.gv.egovernment.moa.id.auth.builder; + +import junit.awtui.TestRunner; +import junit.framework.Test; +import junit.framework.TestSuite; + +/** + * @author patrick + * @version $Id$ + */ +public class AllTests { + + public static Test suite() { + TestSuite suite = new TestSuite(); + + suite.addTestSuite(AuthenticationBlockAssertionBuilderTest.class); + suite.addTestSuite(CreateXMLSignatureBuilderTest.class); + suite.addTestSuite(GetIdentityLinkFormBuilderTest.class); + suite.addTestSuite(InfoboxReadRequestBuilderTest.class); + suite.addTestSuite(PersonDataBuilderTest.class); + suite.addTestSuite(SAMLArtifactBuilderTest.class); + + return suite; + } + + public static void main(String[] args) { + try { + TestRunner.run(AllTests.class); + } catch (Exception e) { + e.printStackTrace(); + } + } +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilderTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilderTest.java new file mode 100644 index 000000000..2717ee8c0 --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilderTest.java @@ -0,0 +1,46 @@ +package test.at.gv.egovernment.moa.id.auth.builder; + +import test.at.gv.egovernment.moa.id.UnitTestCase; + +import at.gv.egovernment.moa.id.auth.builder.AuthenticationBlockAssertionBuilder; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class AuthenticationBlockAssertionBuilderTest extends UnitTestCase { + private static final String nl = "\n"; + private static final String ISSUER = "Hugo Mustermann"; + private static final String ISSUE_INSTANT = "2003-03-15T22:50:21+01:00"; + private static final String AUTH_URL = "https://auth.moa.gv.at/"; + private static final String TARGET = "Grundbuch"; + private static final String OA_URL = "https://grundbuch.gv.at/"; + + // wird auch von CreateXMLSignatureBuilderTest verwendet ! + public static final String ASSERTION_SHOULD = +"" + nl + +" " + nl + +" " + nl + +" " + AUTH_URL + "" + nl + +" " + nl + +" " + nl + +" " + TARGET + "" + nl + +" " + nl + +" " + nl + +" " + OA_URL + "" + nl + +" " + nl + +" " + nl + +""; + + public AuthenticationBlockAssertionBuilderTest(String name) { + super(name); + } + + public void testBuild() throws Exception { + AuthenticationBlockAssertionBuilder builder = new AuthenticationBlockAssertionBuilder(); + String assertionBuilt = builder.build(ISSUER, ISSUE_INSTANT, AUTH_URL, TARGET, OA_URL); + assertionBuilt = XML_DECL + assertionBuilt; + String assertionShould = XML_DECL + ASSERTION_SHOULD; + assertXmlEquals(assertionShould, assertionBuilt); + } +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureBuilderTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureBuilderTest.java new file mode 100644 index 000000000..13f86efee --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureBuilderTest.java @@ -0,0 +1,58 @@ +package test.at.gv.egovernment.moa.id.auth.builder; + +import at.gv.egovernment.moa.id.auth.builder.CreateXMLSignatureRequestBuilder; + +import test.at.gv.egovernment.moa.id.UnitTestCase; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class CreateXMLSignatureBuilderTest extends UnitTestCase { + private static final String nl = "\n"; + public static final String TRANSFORMS_INFO = + " " + nl + + " " + nl + + " " + nl + + " " + nl + +"" + nl + +"" + nl + +"" + nl + +"" + nl + +"" + nl + +"" + nl + +"" + nl + +"" + nl + + " " + nl + + " " + nl + + " " + nl + + " text/html" + nl + + " " + nl + + " " + nl; + public static final String REQUEST_SHOULD = +"" + nl + +"" + nl + +" SecureSignatureKeypair" + nl + +" " + nl + +" " + nl + +TRANSFORMS_INFO + +" " + nl + +" " + nl + +" " + nl + +" " + AuthenticationBlockAssertionBuilderTest.ASSERTION_SHOULD + "" + nl + +" " + nl + +" /saml:Assertion" + nl + +" " + nl + +""; + + public CreateXMLSignatureBuilderTest(String name) { + super(name); + } + + public void testBuild() throws Exception { + String request = new CreateXMLSignatureRequestBuilder().build( + AuthenticationBlockAssertionBuilderTest.ASSERTION_SHOULD, + new String[] {TRANSFORMS_INFO}); + assertXmlEquals(REQUEST_SHOULD, request); + } +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java new file mode 100644 index 000000000..9142a8e42 --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java @@ -0,0 +1,73 @@ +package test.at.gv.egovernment.moa.id.auth.builder; + +import java.text.MessageFormat; + +import junit.framework.TestCase; + +import at.gv.egovernment.moa.id.auth.builder.CertInfoVerifyXMLSignatureRequestBuilder; +import at.gv.egovernment.moa.id.auth.builder.GetIdentityLinkFormBuilder; +import at.gv.egovernment.moa.id.auth.builder.InfoboxReadRequestBuilder; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class GetIdentityLinkFormBuilderTest extends TestCase { + private static String nl = "\n"; + public static String FORM = + "" + nl + + "" + nl + + "" + nl + + "Auslesen der Personenbindung" + nl + + "" + nl + + "" + nl + + "
" + nl + + " " + nl + + " " + nl + + " " + nl + + "
" + nl + + "
" + nl + + " " + nl + + " " + nl + + " " + nl + + "
" + nl + + "" + nl + + ""; + public static String BKU = + "http://localhost:3495/http-security-layer-request"; + + public void testBuild() throws Exception { + String xmlRequest = new InfoboxReadRequestBuilder().build(); + String dataURL = "https://1.2.3.4/auth/VerifyIdentityLink?MOASessionID=1234567"; + String infoRequest = new CertInfoVerifyXMLSignatureRequestBuilder().build(); + String infoDataURL = "https://1.2.3.4/auth/StartAuthentication?Target=gb&OA=https://oa.gv.at/"; + String form = new GetIdentityLinkFormBuilder().build(null, null, xmlRequest, dataURL, infoRequest, infoDataURL); + String formShould = MessageFormat.format( + FORM, new Object[] { BKU, xmlRequest, dataURL, infoRequest, infoDataURL }); + assertEquals(formShould, form); + } + public void testBuildCustomBKU() throws Exception { + String xmlRequest = new InfoboxReadRequestBuilder().build(); + String dataURL = "https://1.2.3.4/auth/AuthServlet/StartAuthentication?MOASessionID=1234567"; + String infoRequest = new CertInfoVerifyXMLSignatureRequestBuilder().build(); + String infoDataURL = "https://1.2.3.4/auth/StartAuthentication?Target=gb&OA=https://oa.gv.at/"; + String bkuURL = "http://bku.at/"; + String form = new GetIdentityLinkFormBuilder().build(null, bkuURL, xmlRequest, dataURL, infoRequest, infoDataURL); + String formShould = MessageFormat.format( + FORM, new Object[] { bkuURL, xmlRequest, dataURL, infoRequest, infoDataURL }); + assertEquals(formShould, form); + } + +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilderTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilderTest.java new file mode 100644 index 000000000..b65fc9ecf --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilderTest.java @@ -0,0 +1,29 @@ +package test.at.gv.egovernment.moa.id.auth.builder; + +import org.w3c.dom.Document; +import test.at.gv.egovernment.moa.id.UnitTestCase; + +import at.gv.egovernment.moa.id.auth.builder.InfoboxReadRequestBuilder; +import at.gv.egovernment.moa.util.Constants; +import at.gv.egovernment.moa.util.DOMUtils; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class InfoboxReadRequestBuilderTest extends UnitTestCase implements Constants { + + public InfoboxReadRequestBuilderTest(String name) { + super(name); + } + + public void testBuild() throws Exception { + InfoboxReadRequestBuilder builder = new InfoboxReadRequestBuilder(); + String xmlBuilt = builder.build(); + Document docBuilt = DOMUtils.parseDocument(xmlBuilt, false, ALL_SCHEMA_LOCATIONS, null); + String xmlBuiltSerialized = DOMUtils.serializeNode(docBuilt); + // xmlShould was generated by Hot:Sign Tester + String xmlShould = "IdentityLink"; + assertXmlEquals(xmlShould, xmlBuiltSerialized); + } +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilderTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilderTest.java new file mode 100644 index 000000000..504679fd5 --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilderTest.java @@ -0,0 +1,51 @@ +package test.at.gv.egovernment.moa.id.auth.builder; + +import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder; +import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; +import at.gv.egovernment.moa.util.Constants; + +import test.at.gv.egovernment.moa.id.UnitTestCase; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class PersonDataBuilderTest extends UnitTestCase implements Constants { + + /** + * Constructor for PersonDataBuilderTest. + */ + public PersonDataBuilderTest(String arg) { + super(arg); + } + public void testBuild() throws Exception { + String xmlInfoboxReadResponse = readFile("data/test/xmldata/testperson1/InfoboxReadResponse.xml"); + IdentityLink il = new InfoboxReadResponseParser(xmlInfoboxReadResponse).parseIdentityLink(); + String xmlPersonData = new PersonDataBuilder().build(il, true); + String xmlPersonDataShould = "123456789012http://reference.e-government.gv.at/names/persondata/20020228#zmr-zahlHermannMuster1968-10-22"; + assertPersonDataEquals(xmlPersonDataShould, xmlPersonData); + } + public void testBuildNoZMRZahl() throws Exception { + String xmlInfoboxReadResponse = readFile("data/test/xmldata/testperson1/InfoboxReadResponse.xml"); + IdentityLink il = new InfoboxReadResponseParser(xmlInfoboxReadResponse).parseIdentityLink(); + String xmlPersonData = new PersonDataBuilder().build(il, false); + String xmlPersonDataShould = XML_DECL + "HermannMuster1968-10-22"; + assertPersonDataEquals(xmlPersonDataShould, xmlPersonData); + } + private void assertPersonDataEquals(String s1, String s2) throws Exception { + String ss1 = insertPrNS(s1); + String ss2 = insertPrNS(s2); + assertXmlEquals(ss1, ss2); + } + private String insertPrNS(String xmlPersonData) { + int startNS = xmlPersonData.indexOf("Person") + "Person".length() + 1; + String s = + xmlPersonData.substring(0, startNS) + + "xmlns:pr=\"" + PD_NS_URI + "\" " + + "xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" " + + xmlPersonData.substring(startNS); + return s; + } + +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java new file mode 100644 index 000000000..3ec73ee4c --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java @@ -0,0 +1,52 @@ +package test.at.gv.egovernment.moa.id.auth.builder; + +import at.gv.egovernment.moa.id.BuildException; +import at.gv.egovernment.moa.id.auth.builder.SAMLArtifactBuilder; +import at.gv.egovernment.moa.util.Base64Utils; + +import test.at.gv.egovernment.moa.id.UnitTestCase; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class SAMLArtifactBuilderTest extends UnitTestCase { + + private static final String AUTH_URL = "https://moa.gv.at/auth/"; + private static final String SESSION_ID_1 = "123456"; + private static final String SESSION_ID_2 = "123457"; + private static final String SESSION_ID_3 = "1234567"; + + private SAMLArtifactBuilder builder; + private byte[] artifact1; + private byte[] artifact2; + private byte[] artifact3; + + public SAMLArtifactBuilderTest(String name) { + super(name); + } + protected void setUp() throws Exception { + builder = new SAMLArtifactBuilder(); + artifact1 = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_1), false); + artifact2 = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_2), false); + artifact3 = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_3), false); + } + + public void testBuildArtifactLength() throws BuildException { + assertEquals(42, artifact1.length); + assertEquals(42, artifact2.length); + assertEquals(42, artifact3.length); + } + public void testBuildSameArtifact() throws Exception { + byte[] artifact1Clone = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_1), false); + assertEquals(new String(artifact1), new String(artifact1Clone)); + } + public void testBuildDifferentArtifacts() throws BuildException { + String msg = "SAML Artifacts should be different"; + assertFalse(msg, new String(artifact1).equals(new String(artifact2))); + assertFalse(msg, new String(artifact1).equals(new String(artifact3))); + assertFalse(msg, new String(artifact3).equals(new String(artifact2))); + } + + +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilderTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilderTest.java new file mode 100644 index 000000000..5b3bb5906 --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilderTest.java @@ -0,0 +1,93 @@ +package test.at.gv.egovernment.moa.id.auth.builder; + +import java.io.FileInputStream; +import java.io.RandomAccessFile; + +import org.w3c.dom.Element; +import test.at.gv.egovernment.moa.id.auth.invoke.MOASPSSTestCase; + +import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; +import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; +import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser; +import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; +import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; +import at.gv.egovernment.moa.id.config.ConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; + + + +/** + * Test case for the signature verification web service. + * + * This test requires a running SignatureVerification web service. + * + * @author Stefan Knirsch + * @version $Id$ + */ +public class VerifyXMLSignatureRequestBuilderTest extends MOASPSSTestCase { + + + private SignatureVerificationInvoker caller; + + public VerifyXMLSignatureRequestBuilderTest(String name) { + super(name); + } + + public void setUp() { + System.setProperty( + ConfigurationProvider.CONFIG_PROPERTY_NAME, + "data/test/conf/ConfigurationTest.xml"); + caller = new SignatureVerificationInvoker(); + } + + public void testVerifyXMLSignatureRequestBuilderIdentityLink() throws Exception { + + RandomAccessFile infoBox = new RandomAccessFile( + "data/test/xmldata/testperson1/InfoboxReadResponse.xml","r"); + byte[] b = new byte[(int) infoBox.length()]; + infoBox.read(b); + infoBox.close(); + String xmlInfoboxReadResponse = new String(b, "UTF-8"); + + + RandomAccessFile vr = new RandomAccessFile( + "data/test/xmldata/standard/VerifyXMLSignatureRequestIdentityLink.xml","r"); + b = new byte[(int) vr.length()]; + vr.read(b); + vr.close(); + String xmlResponse = new String(b, "UTF-8"); + + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(xmlInfoboxReadResponse); + IdentityLink idl = irrp.parseIdentityLink(); + VerifyXMLSignatureRequestBuilder vsrb = new VerifyXMLSignatureRequestBuilder(); + AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance(); + + Element requestBuild = vsrb.build(idl, authConf.getMoaSpIdentityLinkTrustProfileID()); + + assertXmlEquals(requestBuild, xmlResponse); + + } + + public void testVerifyXMLSignature2() throws Exception { + + RandomAccessFile s = new RandomAccessFile("data/test/xmldata/standard/CreateXMLSignatureResponse.xml","r"); + byte[] b = new byte[(int) s.length()]; + s.read(b); + s.close(); + String xmlCreateXMLSignatureResponse = new String(b, "UTF-8"); + + CreateXMLSignatureResponseParser cXMLsrp = new CreateXMLSignatureResponseParser(xmlCreateXMLSignatureResponse); + CreateXMLSignatureResponse csr = cXMLsrp.parseResponse(); + + VerifyXMLSignatureRequestBuilder vsrb = new VerifyXMLSignatureRequestBuilder(); + + AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance(); + + Element request = vsrb.build(csr, authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs(), authConf.getMoaSpIdentityLinkTrustProfileID()); + + // check the result + assertXmlEquals(request, new FileInputStream("data/test/xmldata/standard/VerifyXMLSignatureRequestCreateXML.xml")); + + } + } diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/invoke/MOASPSSTestCase.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/invoke/MOASPSSTestCase.java new file mode 100644 index 000000000..7ae6f70ef --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/auth/invoke/MOASPSSTestCase.java @@ -0,0 +1,38 @@ +package test.at.gv.egovernment.moa.id.auth.invoke; + +import java.security.Security; + +import test.at.gv.egovernment.moa.id.UnitTestCase; + +/** + * Base class for end-to-end tests of MOA web-services. + * + * Initializes the test system and provides some properties. + * + * @author Patrick Peck + * @version $Id$ + */ +public class MOASPSSTestCase extends UnitTestCase { + + public MOASPSSTestCase(String name) { + super(name); + } + + + protected void setupSSL() { + System.setProperty("javax.net.debug", "all"); + Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); + System.setProperty( + "java.protocol.handler.pkgs", + "com.sun.net.ssl.internal.www.protocol"); + System.setProperty( + "javax.net.ssl.keyStore", + "data/test/security/client.keystore"); + System.setProperty("javax.net.ssl.keyStorePassword", "changeit"); + System.setProperty( + "javax.net.ssl.trustStore", + "data/test/security/client.keystore"); + System.setProperty("javax.net.ssl.trustStorePassword", "changeit"); + } + +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationTest.java new file mode 100644 index 000000000..e56dcde91 --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationTest.java @@ -0,0 +1,166 @@ +package test.at.gv.egovernment.moa.id.auth.invoke; + +import java.io.RandomAccessFile; + +import org.w3c.dom.Element; + +import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; +import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; +import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; +import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser; +import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; +import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; +import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; +import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator; +import at.gv.egovernment.moa.id.config.ConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.util.DOMUtils; + + + +/** + * Test case for the signature verification web service. + * + * This test requires a running SignatureVerification web service. + * + * @author Patrick Peck + * @author Fatemeh Philippi + * @version $Id$ + */ +public class SignatureVerificationTest extends MOASPSSTestCase { + + + private SignatureVerificationInvoker caller; + + public SignatureVerificationTest(String name) { + super(name); + } + + public void setUp() { +System.setProperty( + ConfigurationProvider.CONFIG_PROPERTY_NAME, + "data/test/conf/ConfigurationTest.xml"); + caller = new SignatureVerificationInvoker(); + } + +/* public void testVerifyCMSSignature() throws Exception { + Element request = + parseXml("data/test/xml/VCSQ000.xml").getDocumentElement(); + Element result; + + // call the service + result = caller.verifyXMLSignature(request); + + // check the result + assertEquals("VerifyCMSSignatureResponse", result.getTagName()); + }*/ + + public void testVerifyXMLSignature1() throws Exception { + + //Momentan zeigt die Konfiguration als Endpunkt aus localhost:8081 zum + //Protokollieren per TCPMon... der ECHT Endpunkt ist 10.16.46.108:8080 + RandomAccessFile s = + new RandomAccessFile( + "data/test/xmldata/testperson1/InfoboxReadResponse.xml","r"); + byte[] b = new byte[(int) s.length()]; + s.read(b); + String xmlInfoboxReadResponse =new String(b,"UTF8"); + + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(xmlInfoboxReadResponse); + IdentityLink idl = irrp.parseIdentityLink(); + VerifyXMLSignatureRequestBuilder vsrb = new VerifyXMLSignatureRequestBuilder(); + + AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance(); + + Element request = vsrb.build(idl, authConf.getMoaSpIdentityLinkTrustProfileID()); + s =new RandomAccessFile("D://PatricksVerifyXMLSignatureRequestWithInfoboxReadResponse.xml","rw"); + s.write(DOMUtils.serializeNode(request).getBytes("UTF-8")); + s.close(); +// Element request = DOMUtils.parseDocument(vsrb.build(xmlInfoboxReadResponse,"TrustProfile1"),false,null,null).getDocumentElement(); +// Element request = DOMUtils.parseDocument(xmlInfoboxReadResponse,false,null,null).getDocumentElement(); +// call the service + Element response = caller.verifyXMLSignature(request); + VerifyXMLSignatureResponseParser vParser = new VerifyXMLSignatureResponseParser(response); + VerifyXMLSignatureResponse vData = vParser.parseData(); + VerifyXMLSignatureResponseValidator vValidate = VerifyXMLSignatureResponseValidator.getInstance(); + vValidate.validate(vData, authConf.getIdentityLinkX509SubjectNames(), VerifyXMLSignatureResponseValidator.CHECK_IDENTITY_LINK); + vValidate.validateCertificate(vData,idl); + + // check the result + assertXmlEquals(response, request); + + } + + public void testVerifyXMLSignature2() throws Exception { + // Prüft den 2. Aufruf mit dem CreateXMLSIgnatureResponse als Parameter + //Momentan zeigt die Konfiguration als Endpunkt aus localhost:8081 zum + //Protokollieren per TCPMon... der ECHT Endpunkt ist 10.16.46.108:8080 + RandomAccessFile s = + new RandomAccessFile( + "data/test/xmldata/standard/CreateXMLSignatureResponse.xml","r"); + byte[] b = new byte[(int) s.length()]; + s.read(b); + String xmlCreateXMLSignatureResponse = new String(b, "UTF8"); + + CreateXMLSignatureResponseParser cXMLsrp = new CreateXMLSignatureResponseParser(xmlCreateXMLSignatureResponse); +// CreateXMLSignatureResponseParser cXMLsrp = new CreateXMLSignatureResponseParser(xmlCreateXMLSignatureResponse); + CreateXMLSignatureResponse csr = cXMLsrp.parseResponse(); + + VerifyXMLSignatureRequestBuilder vsrb = new VerifyXMLSignatureRequestBuilder(); + + AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance(); + + Element request = vsrb.build(csr, authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs(), authConf.getMoaSpIdentityLinkTrustProfileID()); + // Element request = DOMUtils.parseDocument(vsrb.build(xmlInfoboxReadResponse,"TrustProfile1"),false,null,null).getDocumentElement(); +// Element request = DOMUtils.parseDocument(xmlInfoboxReadResponse,false,null,null).getDocumentElement(); + Element result; +/*s =new RandomAccessFile("D://PatricksVerifyXMLSignatureRequestWithAuthBlock.xml","rw"); + s.write(DOMUtils.serializeNode(request).getBytes("UTF-8")); + s.close();*/ + // call the service + result = caller.verifyXMLSignature(request); + // check the result + assertEquals("VerifyXMLSignatureResponse", result.getTagName()); + + } + + + public void testParseCreateXMLSignatureResponse() throws Exception { + + //Später soll die Datei direkt vom Server geholt werden... + + RandomAccessFile s = + new RandomAccessFile( + "data/test/xmldata/standard/CreateXMLSignatureResponse.xml", + + "r"); + byte[] b = new byte[(int) s.length()]; + s.read(b); + String xmlCreateXMLSignatureResponse = new String(b, "UTF-8"); + + CreateXMLSignatureResponseParser cXMLsrp = new CreateXMLSignatureResponseParser(xmlCreateXMLSignatureResponse); + CreateXMLSignatureResponse csr = cXMLsrp.parseResponse(); + + } + + public void testParseVerifyXMLSignatureResponse() throws Exception { + + //Später soll die Datei direkt vom Server geholt werden... + + RandomAccessFile s = + new RandomAccessFile( + "data/test/xmldata/standard/VerifyXMLSignaterResponse.xml", + + "r"); + byte[] b = new byte[(int) s.length()]; + s.read(b); + String xmlVerifyXMLSignatureResponse = new String(b, "UTF-8"); + + VerifyXMLSignatureResponseParser vXMLsrp = new VerifyXMLSignatureResponseParser(xmlVerifyXMLSignatureResponse); + VerifyXMLSignatureResponse vsr = vXMLsrp.parseData(); + + } + + + } diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/parser/AllTests.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/parser/AllTests.java new file mode 100644 index 000000000..84f5110b0 --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/auth/parser/AllTests.java @@ -0,0 +1,29 @@ +package test.at.gv.egovernment.moa.id.auth.parser; + +import junit.awtui.TestRunner; +import junit.framework.Test; +import junit.framework.TestSuite; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class AllTests { + + public static Test suite() { + TestSuite suite = new TestSuite(); + + suite.addTestSuite(IdentityLinkAssertionParserTest.class); + suite.addTestSuite(SAMLArtifactParserTest.class); + + return suite; + } + + public static void main(String[] args) { + try { + TestRunner.run(AllTests.class); + } catch (Exception e) { + e.printStackTrace(); + } + } +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParserTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParserTest.java new file mode 100644 index 000000000..77eb360bc --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParserTest.java @@ -0,0 +1,137 @@ +package test.at.gv.egovernment.moa.id.auth.parser; + +import iaik.security.rsa.RSAPublicKey; + +import java.io.FileOutputStream; +import java.io.RandomAccessFile; +import java.security.PublicKey; + +import org.w3c.dom.Document; + +import test.at.gv.egovernment.moa.id.UnitTestCase; + +import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; +import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.parser.ECDSAKeyValueConverter; +import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; +import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; +import at.gv.egovernment.moa.id.auth.validator.IdentityLinkValidator; +import at.gv.egovernment.moa.util.Constants; +import at.gv.egovernment.moa.util.DOMUtils; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class IdentityLinkAssertionParserTest extends UnitTestCase { + + IdentityLinkAssertionParser ilap; + + public IdentityLinkAssertionParserTest(String name) { + super(name); + } + + public void setUp() { + try { + RandomAccessFile s = + new RandomAccessFile( + "data/test/xmldata/testperson1/InfoboxReadResponse.xml", + "r"); + byte[] b = new byte[(int) s.length()]; + s.read(b); + String xmlInfoboxReadResponse = new String(b, "UTF-8"); + + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(xmlInfoboxReadResponse); + ilap = new IdentityLinkAssertionParser(irrp.parseSAMLAssertion()); + } + catch (Exception e) { + e.printStackTrace(); + } + } + + public void testParseIdentityLink() throws Exception { + IdentityLink idl = ilap.parseIdentityLink(); + System.out.println(idl.getGivenName()); + System.out.println(idl.getFamilyName()); + System.out.println(idl.getDateOfBirth()); + System.out.println(idl.getIdentificationValue()); + + VerifyXMLSignatureRequestBuilder vx = new VerifyXMLSignatureRequestBuilder(); + + // Element zurück bekommen: vx.build(idl.getSamlAssertion()); + + IdentityLinkValidator idVali = IdentityLinkValidator.getInstance(); + idVali.validate(idl); + + } + + public void testParseIdentityLinkECC() throws Exception { + RandomAccessFile s = + new RandomAccessFile( + "data/test/xmldata/IL.ResponseToRequest.01.ECDSA.xml", + "r"); + byte[] b = new byte[(int) s.length()]; + s.read(b); + String xmlInfoboxReadResponse = new String(b); + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(xmlInfoboxReadResponse); + String SAML = irrp.parseSAMLAssertion(); + ilap = new IdentityLinkAssertionParser(SAML); + IdentityLink idl = ilap.parseIdentityLink(); + System.out.println(idl.getGivenName()); + System.out.println(idl.getFamilyName()); + System.out.println(idl.getDateOfBirth()); + System.out.println(idl.getIdentificationValue()); + + VerifyXMLSignatureRequestBuilder vx = new VerifyXMLSignatureRequestBuilder(); + + // Element zurück bekommen: vx.build(idl.getSamlAssertion()); + + IdentityLinkValidator idVali = IdentityLinkValidator.getInstance(); + idVali.validate(idl); + + } + + public void testRSAPublicKeys() throws Exception { + if (ilap.getPublicKeys()[0].getClass().getName().equals("iaik.security.rsa.RSAPublicKey")) + { + + for (int i = 0; i < ilap.getPublicKeys().length; i++) { + RSAPublicKey result = (RSAPublicKey)ilap.getPublicKeys()[i]; + System.out.println("RSA Public Key No" + i); + System.out.println("Modulus: " + result.getModulus()); + System.out.println("Exponent: " + result.getPublicExponent()); + } + + } + } + + public void testECDSAPublicKeys() throws Exception { + + RandomAccessFile s = + new RandomAccessFile( + "data/test/xmldata/ECDSAKeyExample.xml", + "r"); + byte[] b = new byte[(int) s.length()]; + s.read(b); + String ecdsaKey = new String(b, "UTF-8"); + Document e = DOMUtils.parseDocument(ecdsaKey,true,Constants.ALL_SCHEMA_LOCATIONS, null); + PublicKey p = ECDSAKeyValueConverter.element2ECDSAPublicKey(e.getDocumentElement()); + + } + + + public void testDsigCertificates() throws Exception { + + String[] result = ilap.getCertificates(); + for (int i = 0; i < result.length; i++) { + + System.out.println("DSIG Certificate Length: " + result[i].length() + " No" + i + "\n" + result[i]); + FileOutputStream raf = new FileOutputStream("data/test/certs/cert" + i + ".cer"); + raf.write(result[i].getBytes()); + raf.flush(); + raf.close(); + } + + } + +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParserTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParserTest.java new file mode 100644 index 000000000..9a878be2c --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParserTest.java @@ -0,0 +1,67 @@ +package test.at.gv.egovernment.moa.id.auth.parser; + +import java.io.RandomAccessFile; + +import test.at.gv.egovernment.moa.id.UnitTestCase; + +import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; +import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class InfoboxReadResponseParserTest extends UnitTestCase { + + IdentityLinkAssertionParser ilap; + + public InfoboxReadResponseParserTest(String name) { + super(name); + } + + public void setUp() { + } + + public void testParseInfoboxReadResponse() throws Exception { + RandomAccessFile s = + new RandomAccessFile( + "data/test/xmldata/testperson1/InfoboxReadResponse.xml", + "r"); + byte[] b = new byte[(int) s.length()]; + s.read(b); + String xmlInfoboxReadResponse = new String(b, "UTF-8"); + + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(xmlInfoboxReadResponse); + ilap = new IdentityLinkAssertionParser(irrp.parseSAMLAssertion()); + + IdentityLink idl = ilap.parseIdentityLink(); + System.out.println(idl.getGivenName()); + System.out.println(idl.getFamilyName()); + System.out.println(idl.getDateOfBirth()); + System.out.println(idl.getIdentificationValue()); + + } + + public void testParseInfoboxReadResponseError() throws Exception { + RandomAccessFile s = + new RandomAccessFile( + "data/test/xmldata/ErrorResponse.xml", + "r"); + byte[] b = new byte[(int) s.length()]; + s.read(b); + String xmlInfoboxReadResponse = new String(b, "UTF-8"); + + InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(xmlInfoboxReadResponse); + ilap = new IdentityLinkAssertionParser(irrp.parseSAMLAssertion()); + + IdentityLink idl = ilap.parseIdentityLink(); + System.out.println(idl.getGivenName()); + System.out.println(idl.getFamilyName()); + System.out.println(idl.getDateOfBirth()); + System.out.println(idl.getIdentificationValue()); + + } + + +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java new file mode 100644 index 000000000..992e799bd --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java @@ -0,0 +1,55 @@ +package test.at.gv.egovernment.moa.id.auth.parser; + +import at.gv.egovernment.moa.id.auth.builder.SAMLArtifactBuilder; +import at.gv.egovernment.moa.id.auth.parser.SAMLArtifactParser; +import at.gv.egovernment.moa.id.util.Random; +import test.at.gv.egovernment.moa.id.UnitTestCase; + +/* + * @author Paul Ivancsics + * @version $Id$ + */ +public class SAMLArtifactParserTest extends UnitTestCase { + + private static String URL1 = "http://moa.gv.at/auth"; + private static String URL2 = "https://moa.gv.at/auth"; + + public SAMLArtifactParserTest(String name) { + super(name); + } + + public void testParseTypeCode() throws Exception { + String sessionID = Random.nextRandom(); + String samlArtifact = new SAMLArtifactBuilder().build(URL1, sessionID); + byte[] typeCode = new SAMLArtifactParser(samlArtifact).parseTypeCode(); + assertEquals(typeCode[0], 0); + assertEquals(typeCode[1], 1); + } + public void testParseAssertionHandleSameSessionID() throws Exception { + // SAML artifacts for different authURL's but same sessionID MUST give same assertion handle + String sessionID = Random.nextRandom(); + String samlArtifact1 = new SAMLArtifactBuilder().build(URL1, sessionID); + String samlArtifact2 = new SAMLArtifactBuilder().build(URL2, sessionID); + String assertionHandle1 = new SAMLArtifactParser(samlArtifact1).parseAssertionHandle(); + String assertionHandle2 = new SAMLArtifactParser(samlArtifact2).parseAssertionHandle(); + assertEquals(assertionHandle1, assertionHandle2); + } + public void testParseAssertionHandleSameURL() throws Exception { + // SAML artifacts for same authURL but different sessionID's MUST give different assertion handles + String sessionID1 = Random.nextRandom(); + String sessionID2 = Random.nextRandom(); + String samlArtifact1 = new SAMLArtifactBuilder().build(URL1, sessionID1); + String samlArtifact2 = new SAMLArtifactBuilder().build(URL1, sessionID2); + String assertionHandle1 = new SAMLArtifactParser(samlArtifact1).parseAssertionHandle(); + String assertionHandle2 = new SAMLArtifactParser(samlArtifact2).parseAssertionHandle(); + assertFalse(assertionHandle1.equals(assertionHandle2)); + } + public void testParseAssertionHandleSameSAMLArtifact() throws Exception { + // SAML artifact parsed twice MUST give same assertion handle each time + String sessionID = Random.nextRandom(); + String samlArtifact = new SAMLArtifactBuilder().build(URL1, sessionID); + String assertionHandle1 = new SAMLArtifactParser(samlArtifact).parseAssertionHandle(); + String assertionHandle2 = new SAMLArtifactParser(samlArtifact).parseAssertionHandle(); + assertEquals(assertionHandle1, assertionHandle2); + } +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/servlet/GetAuthenticationDataServiceTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/servlet/GetAuthenticationDataServiceTest.java new file mode 100644 index 000000000..c78651fdb --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/auth/servlet/GetAuthenticationDataServiceTest.java @@ -0,0 +1,91 @@ +package test.at.gv.egovernment.moa.id.auth.servlet; + +import org.w3c.dom.Element; + +import test.at.gv.egovernment.moa.id.UnitTestCase; + +import at.gv.egovernment.moa.id.auth.servlet.GetAuthenticationDataService; +import at.gv.egovernment.moa.util.Constants; +import at.gv.egovernment.moa.util.DOMUtils; +import at.gv.egovernment.moa.util.XPathUtils; + +/** + * Test case instantiates GetAuthenticationDataService and calls the Request() method. + * It DOES NOT call the web service via Axis. + * + * @author Paul Ivancsics + * @version $Id$ + */ +public class GetAuthenticationDataServiceTest extends UnitTestCase implements Constants { + + private GetAuthenticationDataService service; + + public GetAuthenticationDataServiceTest(String arg0) { + super(arg0); + } + protected void setUp() throws Exception { + service = new GetAuthenticationDataService(); + } + + public void testService2Requests() throws Exception { + String requestString = + "" + + "" + + "123" + + ""; + Element request = DOMUtils.parseDocument(requestString, false, ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); + Element response = service.Request(new Element[] {request, request})[0]; + assertStatus(response, "samlp:Requester", "samlp:TooManyResponses"); + } + public void testServiceNoSAMLArtifact() throws Exception { + String requestString = + "" + + "" + + "123" + + ""; + Element request = DOMUtils.parseDocument(requestString, false, ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); + Element response = service.Request(new Element[] {request})[0]; + assertStatus(response, "samlp:Requester", null); + } + public void testService2SAMLArtifacts() throws Exception { + String requestString = + "" + + "" + + "123" + + "456" + + ""; + Element request = DOMUtils.parseDocument(requestString, false, ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); + Element response = service.Request(new Element[] {request})[0]; + assertStatus(response, "samlp:Requester", "samlp:TooManyResponses"); + } + public void testServiceWrongFormat() throws Exception { + String requestString = + "" + + "" + + ""; + Element request = DOMUtils.parseDocument(requestString, false, ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); + Element response = service.Request(new Element[] {request})[0]; + assertStatus(response, "samlp:Requester", null); + } + public void testServiceWrongSAMLArtifact() throws Exception { + String requestString = + "" + + "" + + "WRONGARTIFACT" + + ""; + Element request = DOMUtils.parseDocument(requestString, false, ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); + Element response = service.Request(new Element[] {request})[0]; + assertStatus(response, "samlp:Requester", "samlp:ResourceNotRecognized"); + } + private void assertStatus(Element response, String statusCodeShould, String subStatusCodeShould) throws Exception { + Element statusCodeNode = (Element)XPathUtils.selectSingleNode(response, "//samlp:StatusCode"); + String statusCode = statusCodeNode.getAttribute("Value"); + Element subStatusCodeNode = (Element)XPathUtils.selectSingleNode(statusCodeNode, "//samlp:StatusCode/samlp:StatusCode"); + String subStatusCode = subStatusCodeNode == null ? null : subStatusCodeNode.getAttribute("Value"); + System.out.println(statusCode + subStatusCode); + assertEquals(statusCodeShould, statusCode); + assertEquals(subStatusCodeShould, subStatusCode); + } + + +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/config/auth/MOAIDAuthConfigurationProviderTest.java b/id.server/src/test/at/gv/egovernment/moa/id/config/auth/MOAIDAuthConfigurationProviderTest.java new file mode 100644 index 000000000..7935c5179 --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/config/auth/MOAIDAuthConfigurationProviderTest.java @@ -0,0 +1,112 @@ +package test.at.gv.egovernment.moa.id.config.auth; + +import java.util.Map; + +import test.at.gv.egovernment.moa.id.UnitTestCase; + +import at.gv.egovernment.moa.id.config.ConnectionParameter; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; + +/** + * @author Stefan Knirsch + * @version $Id$ + */ +public class MOAIDAuthConfigurationProviderTest extends UnitTestCase { + private AuthConfigurationProvider provider; + + /** + * Constructor for MOAAuthConfigTest. + * @param name + */ + public MOAIDAuthConfigurationProviderTest(String name) { + super(name); + } + + protected void setUp() throws Exception { + + provider = + new AuthConfigurationProvider(TESTDATA_ROOT + "conf/ConfigurationTest.xml"); + + } + public void testGetTransformsInfoFileNames() { + String[] transformsInfoFileNames; + transformsInfoFileNames = provider.getTransformsInfoFileNames(); +// for (int i = 0; i < transformsInfoFileNames.length; i++) { +// System.out.println( +// "getTransformsInfoFileNames: " + transformsInfoFileNames[i]); + assertEquals(transformsInfoFileNames[0],"http://StringsecLayerTranformsInfo1"); + assertEquals(transformsInfoFileNames[1],"http://StringsecLayerTranformsInfo2"); +// } + + } + + public void testGetMOASPConnectionParameters() { + ConnectionParameter cp; + cp = provider.getMoaSpConnectionParameter(); + assertEquals(cp.getUrl(),"MOA-SP-URL"); + assertEquals(cp.getAcceptedServerCertificates(),"http://AcceptedServerCertificates"); + assertEquals(cp.getClientKeyStorePassword(),"Keystore Pass"); + assertEquals(cp.getClientKeyStore(),"URLtoClientKeystoreAUTH"); +/* System.out.println(); + System.out.println("getMoaSpConnectionParameter :" + cp.getUrl()); + System.out.println( + "getMoaSpConnectionParameter :" + cp.getAcceptedServerCertificates()); + System.out.println( + "getMoaSpConnectionParameter :" + cp.getClientKeyStorePassword()); + System.out.println( + "getMoaSpConnectionParameter :" + cp.getClientKeyStore());*/ + } + public void testGetMoaSpIdentityLinkTrustProfileID() { + + assertEquals(provider.getMoaSpIdentityLinkTrustProfileID(),"StringVerifyIdentiyLinkTrustID"); + + } + public void testGetMoaSpAuthBlockTrustProfileID() { + assertEquals(provider.getMoaSpAuthBlockTrustProfileID(),"StringVerifyAuthBlockTransformID"); + } + + public void testGetMoaSpAuthBlockVerifyTransformsInfoIDs() { + String[] result = provider.getMoaSpAuthBlockVerifyTransformsInfoIDs(); + assertEquals(result[0],"StringVerifyTransformsInfoID1"); + assertEquals(result[1],"StringVerifyTransformsInfoID2"); + + } + + public void testGetOnlineApplicationAuthParameter() { + OAAuthParameter[] result = provider.getOnlineApplicationParameters(); + + assertEquals(result[0].getPublicURLPrefix(),"StringOALoginURL"); + assertEquals(result[0].getProvideZMRZahl(),false); + assertEquals(result[0].getProvideAuthBlock(),false); + assertEquals(result[0].getProvideIdentityLink(),false); + + assertEquals(result[1].getPublicURLPrefix(),"StringOALoginURL2"); + assertEquals(result[1].getProvideZMRZahl(),true); + assertEquals(result[1].getProvideAuthBlock(),true); + assertEquals(result[1].getProvideIdentityLink(),true); + + +/* for (int i = 0; i < result.length; i++) { + System.out.println(); + System.out.println("getOnlineApplicationParameters Url: " + result[i].getUrl()); + System.out.println("getOnlineApplicationParameters ProvideZMRZahl: " + result[i].getProvideZMRZahl()); + System.out.println("getOnlineApplicationParameters ProvideAuthBlock: " + result[i].getProvideAuthBlock()); + System.out.println("getOnlineApplicationParameters ProvideIdentityLink: " + result[i].getProvideIdentityLink()); + }*/ + } + + public void testGetGenericConfiguration() { + Map result = provider.getGenericConfiguration(); + assertEquals(result.containsKey("Generic Name 1"),true); + assertEquals(result.containsKey("Generic Name 2"),true); + assertEquals(result.get("Generic Name 1"),"Value1"); + assertEquals(result.get("Generic Name 2"),"Value2"); + /* for (Iterator iter = result.keySet().iterator(); iter.hasNext();) { + String element = (String) iter.next(); + System.out.println("getGenericConfiguration Key:" + element); + System.out.println("getGenericConfiguration Value:" + result.get(element)); + }*/ + } + +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/config/proxy/MOAIDProxyConfigurationProviderTest.java b/id.server/src/test/at/gv/egovernment/moa/id/config/proxy/MOAIDProxyConfigurationProviderTest.java new file mode 100644 index 000000000..12eddf8c3 --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/config/proxy/MOAIDProxyConfigurationProviderTest.java @@ -0,0 +1,127 @@ +package test.at.gv.egovernment.moa.id.config.proxy; + +import java.util.Map; + +import at.gv.egovernment.moa.id.config.ConnectionParameter; +import at.gv.egovernment.moa.id.config.proxy.OAConfiguration; +import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider; +import at.gv.egovernment.moa.id.config.proxy.OAProxyParameter; + +import test.at.gv.egovernment.moa.id.UnitTestCase; + + + +/** + * @author Stefan Knirsch + * @version $Id$ + */ +public class MOAIDProxyConfigurationProviderTest extends UnitTestCase { + private ProxyConfigurationProvider provider; + + /** + * Constructor for MOAProxyConfigTest. + * @param name + */ + public MOAIDProxyConfigurationProviderTest(String name) { + super(name); + } + + protected void setUp() throws Exception { + + provider = +// new ProxyConfigurationProvider(TESTDATA_ROOT + "conf/ConfigurationTest.xml"); + new ProxyConfigurationProvider("data/deploy/conf/moa-id/ConfigurationTest.xml"); + } + public void testGetAuthComponentConnectionParameter() + { + ConnectionParameter cp; + cp = provider.getAuthComponentConnectionParameter(); + assertEquals(cp.getUrl(),"AuthComponentURL"); + assertEquals( cp.getAcceptedServerCertificates(),"http://www.altova.com"); + assertEquals(cp.getClientKeyStorePassword(),"String"); + assertEquals(cp.getClientKeyStore(),"http://www.altova.com"); + /* System.out.println(); + System.out.println("getProxyComponentConnectionParameter :" + cp.getUrl()); + System.out.println( + "getProxyComponentConnectionParameter :" + cp.getAcceptedServerCertificates()); + System.out.println( + "getProxyComponentConnectionParameter :" + cp.getClientKeyStorePassword()); + System.out.println( + "getProxyComponentConnectionParameter :" + cp.getClientKeyStore());*/ +} + + public void testGetOAProxyParameter() { + OAProxyParameter[] result = provider.getOnlineApplicationParameters(); + + assertEquals("http://localhost:9080/", result[0].getPublicURLPrefix()); + assertEquals("file:data/test/conf/OAConfParamAuth.xml", result[0].getConfigFileURL()); + assertEquals(10, result[0].getSessionTimeOut()); + assertEquals("StringloginParameterResolverImpl1", result[0].getLoginParameterResolverImpl()); + assertEquals("StringconnectionBuilderImpl1", result[0].getConnectionBuilderImpl()); + + assertEquals("ProxyComponentURL", result[0].getConnectionParameter().getUrl()); + assertEquals("url:AcceptedServerCertificates", result[0].getConnectionParameter().getAcceptedServerCertificates()); + assertEquals("URL:toClientKeystoreOA", result[0].getConnectionParameter().getClientKeyStore()); + assertEquals("ClientKeystoreOAPAss", result[0].getConnectionParameter().getClientKeyStorePassword()); + + assertEquals("StringOALoginURL2", result[1].getPublicURLPrefix()); + assertEquals("file:data/test/conf/OAConfHeaderAuth.xml", result[1].getConfigFileURL()); + assertEquals(20, result[1].getSessionTimeOut()); + assertEquals("StringloginParameterResolverImpl2",result[1].getLoginParameterResolverImpl()); + assertEquals("StringconnectionBuilderImpl2", result[1].getConnectionBuilderImpl()); + + assertEquals("ProxyComponentURL2", result[1].getConnectionParameter().getUrl()); + assertEquals("url:AcceptedServerCertificates2", result[1].getConnectionParameter().getAcceptedServerCertificates()); + assertEquals("URL:toClientKeystoreOA2", result[1].getConnectionParameter().getClientKeyStore()); + assertEquals("ClientKeystoreOAPAss2", result[1].getConnectionParameter().getClientKeyStorePassword()); + + assertEquals("StringOALoginURL3", result[2].getPublicURLPrefix()); + assertEquals("file:data/test/conf/OAConfBasicAuth.xml", result[2].getConfigFileURL()); + assertEquals(20, result[2].getSessionTimeOut()); + assertEquals("StringloginParameterResolverImpl3",result[2].getLoginParameterResolverImpl()); + assertEquals("StringconnectionBuilderImpl3", result[2].getConnectionBuilderImpl()); + + assertEquals("ProxyComponentURL3", result[2].getConnectionParameter().getUrl()); + assertEquals("url:AcceptedServerCertificates3", result[2].getConnectionParameter().getAcceptedServerCertificates()); + assertEquals("URL:toClientKeystoreOA3", result[2].getConnectionParameter().getClientKeyStore()); + assertEquals("ClientKeystoreOAPAss3", result[2].getConnectionParameter().getClientKeyStorePassword()); + } + + public void testGetGenericConfiguration() { + Map result = provider.getGenericConfiguration(); + assertEquals(true, result.containsKey("authenticationSessionTimeOut")); + assertEquals(true, result.containsKey("authenticationDataTimeOut")); + assertEquals("600", result.get("authenticationSessionTimeOut")); + assertEquals("120", result.get("authenticationDataTimeOut")); + } + + public void testOAConfigurationProvider() throws Exception + { + OAProxyParameter[] result = provider.getOnlineApplicationParameters(); + // für jeden Parameter müsste theoretisch bereits ein Provider instanziiert worden sein, + // aus diesem Grund braucht man NICHT mehr die File-URL anzugeben, PublicURLPrefix reicht + + // sollte ParamAuth sein + OAConfiguration oac1 = result[0].getOaConfiguration(); + assertEquals(OAConfiguration.PARAM_AUTH, oac1.getAuthType()); + assertEquals("MOADateOfBirth", oac1.getParamAuthMapping().get("Param1")); + assertEquals("MOAVPK", oac1.getParamAuthMapping().get("Param2")); + // sollte HeaderAuth sein + OAConfiguration oac2 = result[1].getOaConfiguration(); + assertEquals(OAConfiguration.HEADER_AUTH, oac2.getAuthType()); + assertEquals("MOAPublicAuthority", oac2.getHeaderAuthMapping().get("Param1")); + assertEquals("MOABKZ", oac2.getHeaderAuthMapping().get("Param2")); + assertEquals("MOAQualifiedCertificate", oac2.getHeaderAuthMapping().get("Param3")); + assertEquals("MOAZMRZahl", oac2.getHeaderAuthMapping().get("Param4")); + assertEquals("MOAIPAddress", oac2.getHeaderAuthMapping().get("Param5")); + + // sollte BasicAuth sein + OAConfiguration oac3 = result[2].getOaConfiguration(); + assertEquals(OAConfiguration.BASIC_AUTH, oac3.getAuthType()); + assertEquals("MOAGivenName", oac3.getBasicAuthUserIDMapping()); + assertEquals("MOAFamilyName", oac3.getBasicAuthPasswordMapping()); + //Fehlerfall: + + + } +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/proxy/AllTests.java b/id.server/src/test/at/gv/egovernment/moa/id/proxy/AllTests.java new file mode 100644 index 000000000..2dd6cd35e --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/proxy/AllTests.java @@ -0,0 +1,31 @@ +package test.at.gv.egovernment.moa.id.proxy; + +import test.at.gv.egovernment.moa.id.proxy.builder.SAMLRequestBuilderTest; +import test.at.gv.egovernment.moa.id.proxy.parser.SAMLResponseParserTest; +import junit.awtui.TestRunner; +import junit.framework.Test; +import junit.framework.TestSuite; + +/** + * @author Paul Ivancsics + * @version $Id$ + */ +public class AllTests { + + public static Test suite() { + TestSuite suite = new TestSuite(); + + suite.addTestSuite(SAMLRequestBuilderTest.class); + suite.addTestSuite(SAMLResponseParserTest.class); + + return suite; + } + + public static void main(String[] args) { + try { + TestRunner.run(AllTests.class); + } catch (Exception e) { + e.printStackTrace(); + } + } +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/proxy/builder/DOMTreeCompare.java b/id.server/src/test/at/gv/egovernment/moa/id/proxy/builder/DOMTreeCompare.java new file mode 100644 index 000000000..aec14ce1c --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/proxy/builder/DOMTreeCompare.java @@ -0,0 +1,462 @@ +package test.at.gv.egovernment.moa.id.proxy.builder; + +import java.io.PrintStream; +import java.util.ArrayList; + +import org.w3c.dom.Element; +import org.w3c.dom.NamedNodeMap; +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; +import org.w3c.dom.Text; + +import at.gv.egovernment.moa.util.Base64Utils; + +/** + * @author Administrator + * + * To change this generated comment edit the template variable "typecomment": + * Window>Preferences>Java>Templates. + * To enable and disable the creation of type comments go to + * Window>Preferences>Java>Code Generation. + */ +public class DOMTreeCompare { + + boolean debug = true; + + private static PrintStream Log = null; + + static + { + Log = System.out; + } + + public boolean compareElements(Element root1, Element root2) + { + //Log.println("----- Compare Elements:"+root1.getNodeName()+" "+root2.getNodeName()); + filterTree(root1); + filterTree(root2); + return compareNodes(root1,root2,0,"root/",false); + } + + private boolean compareNodes(Node n1, Node n2, int level,String path,boolean attribute) + { + /*try { + Log.println(DOMUtils.serializeNode(n1)); + } + catch(Exception e) + { + e.printStackTrace(); + }*/ + boolean equal = false; + //Log.println("----- Compare Node "+level+":"+n1+" "+n2); + //Log.println("----- Compare Node "+level+":"+n1.getNodeName()+" "+n2.getNodeName()); + //Log.println("----- Checking:"+path+getPathString(n1)); + NodeList nl1 = n1.getChildNodes(); + NodeList nl2 = n2.getChildNodes(); + + int size1 = nl1.getLength(); + int size2 = nl2.getLength(); + + if(debug)display_one(n1); + if(debug)display_one(n2); + + + if(debug) + if(n1.getNodeName().equals("Base64Content") && n2.getNodeName().equals("Base64Content")) + { + try { + Log.println("CONT:"+new String(Base64Utils.decode(strip(n1.getChildNodes().item(0).getNodeValue()),false))); + Log.println("CONT:"+new String(Base64Utils.decode(strip(n2.getChildNodes().item(0).getNodeValue()),false))); + } + catch(Exception e) + { + e.printStackTrace(); + } + } + + if(size1 != size2) + { + Log.println("----- Anzahl der Kinder nicht gleich:"+path+getPathString(n1)+":"+getPathString(n2)); + return false; + } + + equal = compareNodeExact(n1,n2,level,path+getPathString(n1)+"/"); + if(!equal) + { + Log.println("----- Knoten sind nicht identisch:"+path+getPathString(n1)); + return false; + } + + if(n1.hasAttributes() || n2.hasAttributes()) + { + equal = compareNodeAttriubtes(n1,n2,level+1,path+getPathString(n1)+"/(a)"); + if(!equal) + { + Log.println("----- Attribute stimmen nicht überein:"+path+getPathString(n1)); + return false; + } + } + if(size1==0) + { + return true; + } + + for(int counter=0;counter" + + "" + samlArtifact + "" + + ""; + Element request = new SAMLRequestBuilder().build(requestID, samlArtifact); + Element requestShould = DOMUtils.parseDocument(REQUEST_SHOULD, false, ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); + assertTrue(new SAMLRequestCompare().compareElements(requestShould, request)); + } + +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestCompare.java b/id.server/src/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestCompare.java new file mode 100644 index 000000000..5685129a1 --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestCompare.java @@ -0,0 +1,19 @@ +package test.at.gv.egovernment.moa.id.proxy.builder; + +/* + * @author Paul Ivancsics + * @version $Id$ + */ +public class SAMLRequestCompare extends test.at.gv.egovernment.moa.id.proxy.builder.DOMTreeCompare { + + + /* + * @see at.gv.egovernment.moa.util.SAMLRequestCompare#specialAttributes(java.lang.String, java.lang.String) + */ + public boolean specialAttributes(String path,String attr1_name,String value1,String attr2_name,String value2) { + if(attr1_name.equals("IssueInstant")) + return true; + return false; + } + +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParserTest.java b/id.server/src/test/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParserTest.java new file mode 100644 index 000000000..39e7240d1 --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParserTest.java @@ -0,0 +1,180 @@ +package test.at.gv.egovernment.moa.id.proxy.parser; + +import org.w3c.dom.Element; + +import test.at.gv.egovernment.moa.id.UnitTestCase; + +import at.gv.egovernment.moa.id.data.AuthenticationData; +import at.gv.egovernment.moa.id.data.SAMLStatus; +import at.gv.egovernment.moa.id.proxy.parser.SAMLResponseParser; +import at.gv.egovernment.moa.util.Constants; +import at.gv.egovernment.moa.util.DOMUtils; + +/* + * @author Paul Ivancsics + * @version $Id$ + */ +public class SAMLResponseParserTest extends UnitTestCase { + + public SAMLResponseParserTest(String arg0) { + super(arg0); + } + + public void testParse() throws Exception { + String samlResponse = + "" + + "" + + "" + + "" + + "Ollas leiwand" + + "" + +"" + + "" + + "" + + "MTk2OC0xMC0yMmdi" + + "" + + "http://reference.e-government.gv.at/namespace/moa/20020822#cm" + + "" + + "" + + "" + + "" + + "http://localhost:8080/moa-id-auth/" + + "" + + "" + + "gb" + + "" + + "" + + "https://localhost:9443/" + + "" + + "" + + "" + + "" + + "" + + "" + + "" + + "urn:oasis:names:tc:SAML:1.0:cm:sender-vouches" + + "" + + "" + + "" + + "123456789012" + + "http://reference.e-government.gv.at/names/persondata/20020228#zmr-zahl" + + "" + + "" + + "Hermann" + + "Muster" + + "" + + "1968-10-22" + + "" + + "" + + "" + + "" + + "" + + "" + + "" + + "0v1Ftf7WXgoexx0Jo/GrlExHOHnQIEQ5FFSjptLRd5BN1mZYRg2S9KfOMbHSCsiPm8AwjAEwE5EM A6P18Z/YyTIuP7fNGzckbB5PYIgNMHL8/TYJhHA8CjamsBrEfYDXivE8iAvALg5I9RMLZADmzL7a f2daYYuO8dycQw3xg6U=" + + "AQAB" + + "" + + "" + + "" + + "" + + "" + + "" + + "i2qa56X4fpYeXqFLXAcQljGU3+DWnVgNrAxI9gn2bMeFWtLXE2SFa6qvl9EymUl0noBlFn0q9DWp AsyeLnRhzCAXJeSxiwsUEloOvcQCV0DfW2UVq0Y9bVlJ8KifJ2AS+5BxZ21mkc/VYx5Qz6EYjPrn pIpdAwR9sw5xnIvTySc=" + + "AQAB" + + "" + + "" + + "" + + "" + + "" + + "" + + "" + + "" + + "" + + "" + + "" + + "not(ancestor-or-self::pr:Identification)" + + "" + + "" + + "" + + "" + + "s7TfoZrYo36OMdlxGxuIfAw/wr8=" + + "" + + "" + + "" + + "" + + "ancestor-or-self::dsig:Manifest" + + "" + + "" + + "" + + "dO+RSn4xLHT3cuq8uopFtZyUBqo=" + + "" + + "" + + "MFbZ5wA5cq0UezYFDXted5uqXubWFxxRwZawGh73XEAGxAbJsT/IEQmrTQThPRHNWW5RPGxVlPDz 5BmjberdaWlgJlbyKf3b/WpNNJYptQ7ijrXlsQoCzjfiQy37NEfvHEcxHQOA6sa42C+dFKsKIvmP 3mZkRYWJDxxsVzI7E+Y=" + + "" + + "" + + "MIIDaDCCAtWgAwIBAgIBADAJBgUrDgMCHQUAMIGOMQswCQYDVQQGEwJBVDE9MDsG A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx GzAZBgNVBAMTEk1PQSBUZXN0IENBIC0gUm9vdDAeFw0wMzAyMTExNTE5NDRaFw0w MzEyMzEyMjU5MzBaMIGOMQswCQYDVQQGEwJBVDE9MDsGA1UEChQ0QnVuZGVzbWlu aXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5nIHVuZCBTcG9ydDEjMCEG A1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMxGzAZBgNVBAMTEk1PQSBU ZXN0IENBIC0gUm9vdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAjHuFphE3 +UkTe2OcIFWUDLzhPl1j2dH4sMPAhDK09/0i+aWrdtQW9yHktu/7+LTiCiPeevT0 lGMGDcWMSoSm66tYmpxei6YojCFIaVdJFtXZ7x1o7e7jTDVRLMfdZ5lI1sQ7loIY hOE0OmlYOkn4AI6xMtJtsca45rV8wW7qm8kCAwEAAaOB2zCB2DAPBgNVHRMBAf8E BTADAQH/MA4GA1UdDwEB/wQEAwIBBjBdBgNVHSAEVjBUMFIGDCsGAQQBlRIBAnsB ATBCMEAGCCsGAQUFBwICMDQaMkRpZXNlcyBaZXJ0aWZpa2F0IGlzdCBudXIgZvxy IFRlc3R6d2Vja2UgZ2VlaWduZXQuMB0GA1UdDgQWBBRDC612dCgZetTmAKyV6DII NkOoYTAWBgcqKAAKAQEBBAsMCUJNT0xTLUlLVDAfBgNVHSMEGDAWgBRDC612dCgZ etTmAKyV6DIINkOoYTAJBgUrDgMCHQUAA4GBAHj0xBNWGYLijaocjOX1AkL+r+G2 fZsX4z3S/2eEvtUp+EUHaOPMLTS0MIP1nwj5f4ZluAIrDLXihqMdi4xRv0W6QYbN aDxICNz3/QbrzMlFPeC8odesdRlT+GGswX0ZGUtVIZm1HVhxRk5ZEW2pr2afo5c0 Btxup/kgjGMnnS7C" + + "MIIDiTCCAvagAwIBAgIBADAJBgUrDgMCHQUAMIGOMQswCQYDVQQGEwJBVDE9MDsG A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx GzAZBgNVBAMTEk1PQSBUZXN0IENBIC0gUm9vdDAeFw0wMzAyMTExNTI1MTRaFw0w MzEyMzEyMjU5MzBaMIGZMQswCQYDVQQGEwJBVDE9MDsGA1UEChQ0QnVuZGVzbWlu aXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5nIHVuZCBTcG9ydDEjMCEG A1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMxJjAkBgNVBAMTHU1PQSBU ZXN0IENBIC0gU2lnbmF0dXJkaWVuc3RlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB iQKBgQCw7ULOYSNji09Ein7Ar4j3Rjxjq05spBmZDmbSomEZMnGEtVTyIRzKc8ia 2kcXUMz5MEoFaVmvqRim31m20T21uvHFIs86gqzC/prOAz7V7HWok5F+9M/5gR1S BvpdqiEAXYeRXFPiOe8XSmpwhic7+n2jfuoBeYiRBEMGoP1DkwIDAQABo4HxMIHu MBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgHGMBEGCWCGSAGG+EIB AQQEAwIBAjBdBgNVHSAEVjBUMFIGDCsGAQQBlRIBAgMBATBCMEAGCCsGAQUFBwIC MDQaMkRpZXNlcyBaZXJ0aWZpa2F0IGlzdCBudXIgZvxyIFRlc3R6d2Vja2UgZ2Vl aWduZXQuMB0GA1UdDgQWBBSeRWvUfxEjKZSfxImJr/fpBDtMmTAWBgcqKAAKAQEB BAsMCUJNT0xTLUlLVDAfBgNVHSMEGDAWgBRDC612dCgZetTmAKyV6DIINkOoYTAJ BgUrDgMCHQUAA4GBAIMa4C2z3SbkcjEiMNAsHKaKUCJkBbMtNaab6U/cwwYmG6nl ga7xyEmbfY2SKzOqkcIwuv83Tma3rcr1f+OLUeGUaGLHt2Pl1a/s8BZGQZHWvLXv 7hV4RceEUHzVGAfvDD8iBJqBmfq/z/fBPFsgSup4nO1YECkDYfQ+sqCIP4ik" + + "MIIDZzCCAtSgAwIBAgIBADAJBgUrDgMCHQUAMIGZMQswCQYDVQQGEwJBVDE9MDsG A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx JjAkBgNVBAMTHU1PQSBUZXN0IENBIC0gU2lnbmF0dXJkaWVuc3RlMB4XDTAzMDIx MTE1MzI0NVoXDTAzMDgxMTE0MzI0NVowgYUxCzAJBgNVBAYTAkFUMSYwJAYDVQQK FB1CdW5kZXNtaW5pc3Rlcml1bSBm/HIgSW5uZXJlczEgMB4GA1UECxMXWmVudHJh bGVzIE1lbGRlcmVnaXN0ZXIxLDAqBgNVBAMTI1Rlc3QgU2lnbmF0dXJkaWVuc3Qg UGVyc29uZW5iaW5kdW5nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEzkpk QjbGjZwssN1+vMBE/ALMcA8LWFcILI3uxXaTSWGfTiLo9ECfzjuwYJG7FjEaeWrW nPEcp4VfMNocrm3T7Hw/ikpE5/+FsfTzD4MpIwwUPd/CUfA5vDNXK5CiP7qKKR1e vATO2s6lfDul+CS/eEbwzKmUQvZGrJggxg2m5wIDAQABo4HYMIHVMAwGA1UdEwEB /wQCMAAwDgYDVR0PAQH/BAQDAgbAMF0GA1UdIARWMFQwUgYMKwYBBAGVEgECAwEB MEIwQAYIKwYBBQUHAgIwNBoyRGllc2VzIFplcnRpZmlrYXQgaXN0IG51ciBm/HIg VGVzdHp3ZWNrZSBnZWVpZ25ldC4wHQYDVR0OBBYEFIpEyv43H3EtiGr4I7Z34bWj v2z6MBYGByooAAoBAQEECwwJQk1PTFMtSUtUMB8GA1UdIwQYMBaAFJ5Fa9R/ESMp lJ/EiYmv9+kEO0yZMAkGBSsOAwIdBQADgYEAfMBJRy/kp8HQa0lGIBfFrWNpxVPv RsIu+N4IiFrswrsoQoMAh6IqNyzSdq7rJC08xsDkXe5HOwkb+2zGKYoC3aQ/J/zr BGkg6ec4tOaS/VSdEQeTL1L30r2faTffWLUV3GrzL7pM7jN470hB1w8F6Hc3LCI7 kFfp23o/juVtJNw=" + + "" + + "" + + "" + + "" + + "" + + "" + + "" + + "" + + "" + + "BqzfCB7dNg4G3u4YaxpD1tALdKI=" + + "" + + "" + + "" + + "" + + "" + + "" + + "" + + "" + + "" + + "" + + "" + + "" + + "123456789012" + + "http://reference.e-government.gv.at/names/persondata/20020228#zmr-zahl" + + "" + + "" + + "Hermann" + + "Muster" + + "" + + "1968-10-22" + + "" + + "" + + "" + + "" + + "true" + + "" + + "" + +"" + + ""; + + Element samlResponseElem = + DOMUtils.parseDocument(samlResponse, true, Constants.ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); + SAMLResponseParser parser = new SAMLResponseParser(samlResponseElem); + SAMLStatus status = parser.parseStatusCode(); + assertEquals("samlp:Success", status.getStatusCode()); + assertEquals("samlp:Success", status.getSubStatusCode()); + assertEquals("Ollas leiwand", status.getStatusMessage()); + AuthenticationData authData = parser.parseAuthenticationData(); + assertEquals(1, authData.getMajorVersion()); + assertEquals(0, authData.getMinorVersion()); + assertEquals("-4633313027464114584", authData.getAssertionID()); + assertEquals("http://localhost:8080/moa-id-auth/", authData.getIssuer()); + assertEquals("2003-04-02T14:55:42+02:00", authData.getIssueInstant()); + assertEquals("123456789012", authData.getIdentificationValue()); + assertEquals("MTk2OC0xMC0yMmdi", authData.getVPK()); + assertEquals("Hermann", authData.getGivenName()); + assertEquals("Muster", authData.getFamilyName()); + assertEquals("1968-10-22", authData.getDateOfBirth()); + assertTrue(authData.isQualifiedCertificate()); + assertFalse(authData.isPublicAuthority()); + } +} diff --git a/id.server/src/test/at/gv/egovernment/moa/id/util/SSLUtilsTest.java b/id.server/src/test/at/gv/egovernment/moa/id/util/SSLUtilsTest.java new file mode 100644 index 000000000..351ca0bd5 --- /dev/null +++ b/id.server/src/test/at/gv/egovernment/moa/id/util/SSLUtilsTest.java @@ -0,0 +1,92 @@ +package test.at.gv.egovernment.moa.id.util; + +import iaik.pki.jsse.IAIKX509TrustManager; + +import java.net.URL; +import java.security.Security; + +import javax.net.ssl.SSLException; +import javax.net.ssl.SSLSocketFactory; + +import com.sun.net.ssl.HttpsURLConnection; + +import at.gv.egovernment.moa.id.config.ConfigurationProvider; +import at.gv.egovernment.moa.id.config.ConnectionParameter; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.proxy.OAProxyParameter; +import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider; +import at.gv.egovernment.moa.id.iaik.config.LoggerConfigImpl; +import at.gv.egovernment.moa.id.util.SSLUtils; +import test.at.gv.egovernment.moa.id.UnitTestCase; + +/* + * @author Paul Ivancsics + * @version $Id$ + */ +public class SSLUtilsTest extends UnitTestCase { + + public SSLUtilsTest(String name) { + super(name); + } + + protected void setUp() throws Exception { + //System.setProperty("javax.net.debug", "all"); + Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); + System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol"); + IAIKX509TrustManager.initLog(new LoggerConfigImpl("file:" + TESTDATA_ROOT + "conf/log4j.properties")); + System.setProperty("https.cipherSuites", "SSL_DHE_DSS_WITH_DES_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA,SSL_RSA_WITH_DES_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_RSA_EXPORT_WITH_RC4_40_MD5"); + } + + public void testVerisignOK() throws Exception { + doTestOA("conf/ConfigurationTest.xml", "http://verisign.moa.gv.at/", true, null); + } + public void testATrustOK() throws Exception { + doTestOA("conf/ConfigurationTest.xml", "http://a-trust.moa.gv.at/", true, null); + } + public void testBaltimoreOK() throws Exception { + doTestOA("conf/ConfigurationTest.xml", "http://baltimore.moa.gv.at/", true, null); + } + public void testCIOOK() throws Exception { + doTestOA("conf/ConfigurationTest.xml", "http://cio.moa.gv.at/", true, null); + } + public void testMOASPOK() throws Exception { + System.setProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME, + TESTDATA_ROOT + "conf/ConfigurationTest.xml"); + ConnectionParameter connParam = AuthConfigurationProvider.getInstance().getMoaSpConnectionParameter(); + doTest(connParam, true, null); + } + private void doTestOA(String configFile, String publicURLPrefix, boolean shouldOK, String exMessageFragment) throws Exception { + System.setProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME, + TESTDATA_ROOT + configFile); + ProxyConfigurationProvider proxyConf = + ProxyConfigurationProvider.getInstance(); + OAProxyParameter oaParam = proxyConf.getOnlineApplicationParameter(publicURLPrefix); + ConnectionParameter connParam = oaParam.getConnectionParameter(); + doTest(connParam, shouldOK, exMessageFragment); + } + private void doTest(ConnectionParameter connParam, boolean shouldOK, String exMessageFragment) throws Exception { + SSLUtils.initialize(); + AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance(); + SSLSocketFactory ssf = SSLUtils.getSSLSocketFactory(authConf, connParam); + URL url = new URL(connParam.getUrl()); + HttpsURLConnection conn = (HttpsURLConnection)url.openConnection(); + conn.setRequestMethod("GET"); + conn.setDoInput(true); + conn.setDoOutput(true); + conn.setUseCaches(false); + conn.setAllowUserInteraction(false); + conn.setSSLSocketFactory(ssf); + try { + conn.connect(); + assertTrue(shouldOK); + assertEquals(200, conn.getResponseCode()); + conn.disconnect(); + } + catch (SSLException ex) { + ex.printStackTrace(); + assertFalse(shouldOK); + assertTrue(ex.getMessage().indexOf(exMessageFragment) >= 0); + } + } + +} -- cgit v1.2.3