From 56af7bee462d70f08d0442254c632f39e50ec96f Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Thu, 29 Jul 2021 09:03:47 +0200 Subject: add EHVD WSDL and implement SOAP client --- .../InjectEhvdIdentityInformationQsSystemTest.java | 141 +++++++++++++++++++++ 1 file changed, 141 insertions(+) create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java (limited to 'id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java') diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java new file mode 100644 index 000000000..585083a77 --- /dev/null +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java @@ -0,0 +1,141 @@ +package at.gv.egovernment.moa.id.auth.modules.ehvd.test.tasks; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.fail; +import static org.mockito.ArgumentMatchers.any; +import static org.mockito.Mockito.when; + +import java.net.SocketTimeoutException; +import java.util.Arrays; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; +import java.util.Locale; +import java.util.Map; + +import javax.xml.namespace.QName; +import javax.xml.soap.Detail; +import javax.xml.soap.Name; +import javax.xml.soap.SOAPElement; +import javax.xml.soap.SOAPException; +import javax.xml.soap.SOAPFault; +import javax.xml.ws.soap.SOAPFaultException; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Before; +import org.junit.Rule; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.mock.web.MockHttpServletRequest; +import org.springframework.mock.web.MockHttpServletResponse; +import org.springframework.test.annotation.IfProfileValue; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.util.Assert; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; +import org.w3c.dom.Attr; +import org.w3c.dom.DOMException; +import org.w3c.dom.Document; +import org.w3c.dom.NamedNodeMap; +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; +import org.w3c.dom.TypeInfo; +import org.w3c.dom.UserDataHandler; + +import com.github.skjolber.mockito.soap.Soap12EndpointRule; + +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.IRequestStorage; +import at.gv.egiz.eaaf.core.api.data.EAAFConfigConstants; +import at.gv.egiz.eaaf.core.api.data.EAAFConstants; +import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration; +import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; +import at.gv.egiz.eaaf.core.exceptions.EAAFException; +import at.gv.egiz.eaaf.core.exceptions.EAAFParserException; +import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException; +import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException; +import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration; +import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl; +import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.EHVD; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GDARoles; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GDAStatus; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor; +import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaIndexResponse; +import at.gv.egovernment.moa.id.auth.modules.ehvd.task.InjectEhvdInformationTask; +import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap; +import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.TestUtils; +import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ + "/test_ehvd_qs_service_auth.beans.xml" }) +@IfProfileValue(name = "spring.profiles.active", value = "devEnvironment") +public class InjectEhvdIdentityInformationQsSystemTest { + + @Autowired + InjectEhvdInformationTask task; + @Autowired + DummyAuthConfigMap config; + @Autowired + IRequestStorage storage; + + protected MockHttpServletRequest httpReq; + protected MockHttpServletResponse httpResp; + private ExecutionContext context; + private TestRequestImpl pendingReq; + private Map spConfigMap; + + @Before + public void initialize() throws EAAFParserException { + httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler"); + httpResp = new MockHttpServletResponse(); + RequestContextHolder.resetRequestAttributes(); + RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp)); + + context = new ExecutionContextImpl(); + + spConfigMap = new HashMap<>(); + spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphanumeric(10)); + + final ISPConfiguration spConfig = new DummySPConfiguration(spConfigMap, config); + pendingReq = new TestRequestImpl(); + pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10)); + pendingReq.setSpConfig(spConfig); + + // re-set config + config.putConfigValue("modules.dummyauth.enabled", String.valueOf(true)); + + } + + @Test + public void validateState() throws TaskExecutionException, PendingReqIdValidationException { + // inject identityLink + final AuthenticationSessionWrapper moaSession = pendingReq.getSessionData( + AuthenticationSessionWrapper.class); + moaSession.setIdentityLink(TestUtils.generateDummyIdl( + RandomStringUtils.randomAlphanumeric(10), + EAAFConstants.URN_PREFIX_BASEID)); + + task.execute(pendingReq, context); + + // validate state + final IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId()); + assertNotNull("pendingReq not stored", storedReq); + + final AuthenticationSessionWrapper moaSessionStored = storedReq.getSessionData( + AuthenticationSessionWrapper.class); + + assertFalse("foreign", moaSessionStored.isForeigner()); + assertFalse("mandate", moaSessionStored.isMandateUsed()); + assertEquals("missing attributes", 1, moaSessionStored.getGenericSessionDataStorage().size()); + assertNotNull("no Role attr", moaSessionStored.getGenericDataFromSession(PVPConstants.ROLES_NAME)); + + } +} -- cgit v1.2.3 From 7abe41afdb6f454e02126dbc90fb0352d0d15f74 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 30 Jul 2021 09:16:47 +0200 Subject: throw a specific error in case of a EHVD response that contains no GDA information --- .../ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java') diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java index 585083a77..e77e2db58 100644 --- a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java @@ -120,8 +120,8 @@ public class InjectEhvdIdentityInformationQsSystemTest { final AuthenticationSessionWrapper moaSession = pendingReq.getSessionData( AuthenticationSessionWrapper.class); moaSession.setIdentityLink(TestUtils.generateDummyIdl( - RandomStringUtils.randomAlphanumeric(10), - EAAFConstants.URN_PREFIX_BASEID)); + "SUTFhJ/FXHmLGfTFchYnnWG/e3A=", + EAAFConstants.URN_PREFIX_CDID + "GH")); task.execute(pendingReq, context); -- cgit v1.2.3 From eed64f78c6e0dd37145b373d7218c07c0f4a8a33 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 30 Jul 2021 11:16:49 +0200 Subject: do not forward SOAP exception into MOA-ID exception handling because child objects of SOAP exceptions are not serializable --- .../InjectEhvdIdentityInformationQsSystemTest.java | 30 ++++++++++++++++++++++ 1 file changed, 30 insertions(+) (limited to 'id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java') diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java index e77e2db58..8bccefc8d 100644 --- a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java +++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java @@ -25,6 +25,7 @@ import javax.xml.ws.soap.SOAPFaultException; import org.apache.commons.lang3.RandomStringUtils; import org.junit.Before; +import org.junit.BeforeClass; import org.junit.Rule; import org.junit.Test; import org.junit.runner.RunWith; @@ -92,6 +93,35 @@ public class InjectEhvdIdentityInformationQsSystemTest { private TestRequestImpl pendingReq; private Map spConfigMap; + @BeforeClass + public static void classInitializer() { + System.setProperty( + "https.cipherSuites", + //high secure RSA bases ciphers + "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384" + + ",TLS_DHE_RSA_WITH_AES_128_GCM_SHA256" + + ",TLS_DHE_RSA_WITH_AES_256_CBC_SHA256" + + ",TLS_DHE_RSA_WITH_AES_128_CBC_SHA256" + + + //high secure ECC bases ciphers + ",TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384" + + ",TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384" + + ",TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256" + + ",TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256" + + ",TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384" + + ",TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384" + + ",TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256" + + ",TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256" + + + //secure backup chipers + ",TLS_DHE_RSA_WITH_AES_256_CBC_SHA" + + ",TLS_DHE_RSA_WITH_AES_128_CBC_SHA" + + ",TLS_RSA_WITH_AES_128_CBC_SHA" + + ",TLS_RSA_WITH_AES_256_CBC_SHA" + ); + + } + @Before public void initialize() throws EAAFParserException { httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler"); -- cgit v1.2.3