From 17f4b996ccdf1b96675fa835c0f51f43d9690b34 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Thu, 14 Jun 2018 07:16:39 +0200 Subject: update SL20 authblock transformation --- .../modules/sl20_auth/EIDDataVerifier_ATrust.java | 22 +++++++++++----- .../sl20_auth/dummydata/DummyAuthConfig.java | 30 +++++++++++++++++++--- .../modules/sl20_auth/eIDDataVerifierTest.java | 27 ++++++++----------- 3 files changed, 54 insertions(+), 25 deletions(-) (limited to 'id/server/modules/moa-id-module-sl20_authentication/src/test/java/at/gv/egovernment') diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/test/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/EIDDataVerifier_ATrust.java b/id/server/modules/moa-id-module-sl20_authentication/src/test/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/EIDDataVerifier_ATrust.java index 6e4df144f..6a989dd47 100644 --- a/id/server/modules/moa-id-module-sl20_authentication/src/test/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/EIDDataVerifier_ATrust.java +++ b/id/server/modules/moa-id-module-sl20_authentication/src/test/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/EIDDataVerifier_ATrust.java @@ -5,27 +5,37 @@ import java.io.InputStreamReader; import org.apache.commons.io.IOUtils; import org.junit.Before; +import org.junit.runner.RunWith; import org.opensaml.xml.ConfigurationException; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import com.google.gson.JsonObject; import com.google.gson.JsonParser; +import at.gv.egovernment.moa.id.auth.modules.sl20_auth.data.VerificationResult; +import at.gv.egovernment.moa.id.auth.modules.sl20_auth.exceptions.SL20Exception; import at.gv.egovernment.moa.id.auth.modules.sl20_auth.exceptions.SLCommandoParserException; +import at.gv.egovernment.moa.id.auth.modules.sl20_auth.sl20.IJOSETools; import at.gv.egovernment.moa.id.auth.modules.sl20_auth.sl20.SL20JSONExtractorUtils; -//@RunWith(SpringJUnit4ClassRunner.class) +@RunWith(SpringJUnit4ClassRunner.class) @ContextConfiguration("/SpringTest-context.xml") public class EIDDataVerifier_ATrust extends eIDDataVerifierTest { - + + @Autowired IJOSETools joseTools; + + @Before - public void init() throws SLCommandoParserException, IOException, ConfigurationException, at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException { + public void init() throws IOException, ConfigurationException, at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException, SL20Exception { String eIDDataString = IOUtils.toString(new InputStreamReader(this.getClass().getResourceAsStream("/tests/eIDdata_atrust.json"))); JsonParser jsonParser = new JsonParser(); JsonObject qualeIDResult = jsonParser.parse(eIDDataString).getAsJsonObject(); - JsonObject payLoad = SL20JSONExtractorUtils.getJSONObjectValue(qualeIDResult, "payload", true); - JsonObject result = SL20JSONExtractorUtils.getJSONObjectValue(payLoad, "result", true); + //JsonObject payLoad = SL20JSONExtractorUtils.getJSONObjectValue(qualeIDResult, "payload", true); + VerificationResult payLoad = SL20JSONExtractorUtils.extractSL20PayLoad(qualeIDResult, joseTools, true); + JsonObject result = SL20JSONExtractorUtils.getJSONObjectValue(payLoad.getPayload(), "result", true); eIDData = SL20JSONExtractorUtils.getMapOfStringElements(result); @@ -36,6 +46,6 @@ public class EIDDataVerifier_ATrust extends eIDDataVerifierTest { @Override protected String getSl20ReqId() { - return "_0ab3d7fd5ff8eb0bb15486ce48464fad"; + return "_63ff9ef67370024c4d2d8b9bfd380578"; } } diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/test/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/dummydata/DummyAuthConfig.java b/id/server/modules/moa-id-module-sl20_authentication/src/test/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/dummydata/DummyAuthConfig.java index af47bc942..31275e492 100644 --- a/id/server/modules/moa-id-module-sl20_authentication/src/test/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/dummydata/DummyAuthConfig.java +++ b/id/server/modules/moa-id-module-sl20_authentication/src/test/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/dummydata/DummyAuthConfig.java @@ -1,5 +1,6 @@ package at.gv.egovernment.moa.id.auth.modules.sl20_auth.dummydata; +import java.io.IOException; import java.util.List; import java.util.Map; import java.util.Properties; @@ -24,8 +25,13 @@ public class DummyAuthConfig implements AuthConfiguration { @Override public String getRootConfigFileDir() { - // TODO Auto-generated method stub - return null; + try { + return new java.io.File( "." ).getCanonicalPath(); + + } catch (IOException e) { + return null; + + } } @Override @@ -85,7 +91,25 @@ public class DummyAuthConfig implements AuthConfiguration { @Override public String getBasicMOAIDConfiguration(String key) { if (at.gv.egovernment.moa.id.auth.modules.sl20_auth.Constants.CONFIG_PROP_VDA_AUTHBLOCK_TRANSFORMATION_ID.equals(key)) - return "SL20Authblock_v1.0"; + return "SL20Authblock_v1.0,SL20Authblock_v1.0_SIC"; + + else if (at.gv.egovernment.moa.id.auth.modules.sl20_auth.Constants.CONFIG_PROP_SECURITY_KEYSTORE_PATH.equals(key)) + return "/src/test/resources/sl20.jks"; + + else if (at.gv.egovernment.moa.id.auth.modules.sl20_auth.Constants.CONFIG_PROP_SECURITY_KEYSTORE_PASSWORD.equals(key)) + return "password"; + + else if (at.gv.egovernment.moa.id.auth.modules.sl20_auth.Constants.CONFIG_PROP_SECURITY_KEYSTORE_KEY_SIGN_ALIAS.equals(key)) + return "pvpIDP"; + + else if (at.gv.egovernment.moa.id.auth.modules.sl20_auth.Constants.CONFIG_PROP_SECURITY_KEYSTORE_KEY_SIGN_PASSWORD.equals(key)) + return "password"; + + else if (at.gv.egovernment.moa.id.auth.modules.sl20_auth.Constants.CONFIG_PROP_SECURITY_KEYSTORE_KEY_ENCRYPTION_ALIAS.equals(key)) + return "pvpIDP"; + + else if (at.gv.egovernment.moa.id.auth.modules.sl20_auth.Constants.CONFIG_PROP_SECURITY_KEYSTORE_KEY_ENCRYPTION_PASSWORD.equals(key)) + return "password"; else return null; diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/test/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/eIDDataVerifierTest.java b/id/server/modules/moa-id-module-sl20_authentication/src/test/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/eIDDataVerifierTest.java index c2784181a..54ea882de 100644 --- a/id/server/modules/moa-id-module-sl20_authentication/src/test/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/eIDDataVerifierTest.java +++ b/id/server/modules/moa-id-module-sl20_authentication/src/test/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/eIDDataVerifierTest.java @@ -8,13 +8,13 @@ import org.junit.BeforeClass; import org.junit.Test; import org.opensaml.DefaultBootstrap; import org.opensaml.saml2.core.Assertion; +import org.springframework.beans.factory.annotation.Autowired; import at.gv.egovernment.moa.id.auth.modules.sl20_auth.dummydata.DummyAuthConfig; import at.gv.egovernment.moa.id.auth.modules.sl20_auth.dummydata.DummyOA; import at.gv.egovernment.moa.id.auth.modules.sl20_auth.sl20.SL20Constants; import at.gv.egovernment.moa.id.auth.modules.sl20_auth.sl20.verifier.QualifiedeIDVerifier; import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; -import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink; import at.gv.egovernment.moa.id.commons.api.data.IVerifiyXMLSignatureResponse; @@ -31,10 +31,10 @@ import iaik.security.ec.provider.ECCelerate; import iaik.security.provider.IAIK; public abstract class eIDDataVerifierTest { - - protected Map eIDData = null; + protected Map eIDData = null; + @Autowired DummyAuthConfig authConfig; @BeforeClass public static void moaSPSSInitialize() throws ConfigurationException, org.opensaml.xml.ConfigurationException, IOException { @@ -94,8 +94,7 @@ public abstract class eIDDataVerifierTest { throw new Exception("IDL parsing FAILED"); IOAAuthParameters dummyOA = new DummyOA(); - AuthConfiguration dummyAuthConfig = new DummyAuthConfig(); - QualifiedeIDVerifier.verifyIdentityLink(idl, dummyOA , dummyAuthConfig); + QualifiedeIDVerifier.verifyIdentityLink(idl, dummyOA , authConfig); } @@ -118,11 +117,11 @@ public abstract class eIDDataVerifierTest { if (MiscUtil.isEmpty(authBlockB64)) throw new Exception("NO AuthBlock found"); - IOAAuthParameters dummyOA = new DummyOA(); - DummyAuthConfig dummyAuthConfig = new DummyAuthConfig(); - dummyAuthConfig.setRequireAuthBlockQC(false); - QualifiedeIDVerifier.verifyAuthBlock(authBlockB64, dummyOA , dummyAuthConfig); - + IOAAuthParameters dummyOA = new DummyOA(); + authConfig.setRequireAuthBlockQC(false); + QualifiedeIDVerifier.verifyAuthBlock(authBlockB64, dummyOA , authConfig); + authConfig.setRequireAuthBlockQC(true); + } @Test @@ -136,12 +135,8 @@ public abstract class eIDDataVerifierTest { IIdentityLink idl = new IdentityLinkAssertionParser(new ByteArrayInputStream(Base64Utils.decode(idlB64, false))).parseIdentityLink(); Assertion authBlock = QualifiedeIDVerifier.parseAuthBlockToSaml2Assertion(authBlockB64); - AssertionAttributeExtractor authBlockExtractor = new AssertionAttributeExtractor(authBlock); - - IOAAuthParameters dummyOA = new DummyOA(); - AuthConfiguration dummyAuthConfig = new DummyAuthConfig(); - - IVerifiyXMLSignatureResponse authBlockVerificationResult = QualifiedeIDVerifier.verifyAuthBlock(authBlockB64, dummyOA , dummyAuthConfig); + AssertionAttributeExtractor authBlockExtractor = new AssertionAttributeExtractor(authBlock); + IVerifiyXMLSignatureResponse authBlockVerificationResult = QualifiedeIDVerifier.verifyAuthBlock(authBlockB64, new DummyOA() , authConfig); QualifiedeIDVerifier.checkConsistencyOfeIDData(getSl20ReqId(), idl, authBlockExtractor, authBlockVerificationResult); -- cgit v1.2.3